From 918094fde55fa0dbfd59a5f88d576efb513a88db Mon Sep 17 00:00:00 2001
From: Yves-Alexis Perez <corsac@debian.org>
Date: Wed, 2 Jan 2019 10:45:36 +0100
Subject: New upstream version 5.7.2

---
 conf/plugins/tpm.conf | 4 ++++
 conf/plugins/tpm.opt  | 4 ++++
 2 files changed, 8 insertions(+)

(limited to 'conf/plugins')

diff --git a/conf/plugins/tpm.conf b/conf/plugins/tpm.conf
index 1be961e89..91d533a1e 100644
--- a/conf/plugins/tpm.conf
+++ b/conf/plugins/tpm.conf
@@ -1,5 +1,9 @@
 tpm {
 
+    # Is the TPM 2.0 FIPS-186-4 compliant, forcing e.g. the use of the default
+    # salt length instead of maximum salt length with RSAPSS padding.
+    # fips_186_4 = no
+
     # Whether to load the plugin. Can also be an integer to increase the
     # priority of this plugin.
     load = yes
diff --git a/conf/plugins/tpm.opt b/conf/plugins/tpm.opt
index df7adb098..06c88861e 100644
--- a/conf/plugins/tpm.opt
+++ b/conf/plugins/tpm.opt
@@ -1,6 +1,10 @@
 charon.plugins.tpm.use_rng = no
 	Whether the TPM should be used as RNG.
 
+charon.plugins.tpm.fips_186_4 = no
+	Is the TPM 2.0 FIPS-186-4 compliant, forcing e.g. the use of the default
+	salt length instead of maximum salt length with RSAPSS padding.
+
 charon.plugins.tpm.tcti.name = device|tabrmd
 	Name of TPM 2.0 TCTI library. Valid values: _tabrmd_, _device_ or _mssim_.
 	Defaults are _device_ if the _/dev/tpmrm0_ in-kernel TPM 2.0 resource manager
-- 
cgit v1.2.3