1*4882a593Smuzhiyunconfig BR2_PACKAGE_TPM2_TOTP 2*4882a593Smuzhiyun bool "tpm2-totp" 3*4882a593Smuzhiyun depends on !BR2_STATIC_LIBS # tpm2-tss 4*4882a593Smuzhiyun depends on !BR2_TOOLCHAIN_EXTERNAL_CODESOURCERY_ARM # glibc < 2.20 5*4882a593Smuzhiyun select BR2_PACKAGE_LIBQRENCODE 6*4882a593Smuzhiyun select BR2_PACKAGE_TPM2_TSS 7*4882a593Smuzhiyun help 8*4882a593Smuzhiyun This is a reimplementation of Matthew Garrett's tpmtotp 9*4882a593Smuzhiyun software for TPM 2.0 using the tpm2-tss software stack. Its 10*4882a593Smuzhiyun purpose is to attest the trustworthiness of a device against 11*4882a593Smuzhiyun a human using time-based one-time passwords (TOTP), 12*4882a593Smuzhiyun facilitating the Trusted Platform Module (TPM) to bind the 13*4882a593Smuzhiyun TOTP secret to the known trustworthy system state. In 14*4882a593Smuzhiyun addition to the original tpmtotp, given the new capabilities 15*4882a593Smuzhiyun of in-TPM hmac calculation, the tpm2-totp's secret HMAC keys 16*4882a593Smuzhiyun do not have to be exported from the TPM to the CPU's RAM on 17*4882a593Smuzhiyun boot anymore. 18*4882a593Smuzhiyun 19*4882a593Smuzhiyun https://github.com/tpm2-software/tpm2-totp 20*4882a593Smuzhiyun 21*4882a593Smuzhiyuncomment "tpm2-totp needs a toolchain w/ dynamic library" 22*4882a593Smuzhiyun depends on BR2_STATIC_LIBS 23*4882a593Smuzhiyun depends on !BR2_TOOLCHAIN_EXTERNAL_CODESOURCERY_ARM 24