cmd: SCP03: enable and provision command

Enable and provision the SCP03 keys on a TEE controlled secured elemt from the U-Boot shell. Executing this command will generate and program new SCP03 encryption keys on the secure element NVM. Depending on the TEE implementation, the keys would then be stored in some persistent storage or better derived from some platform secret (so they can't be lost). Signed-off-by: Jorge Ramirez-Ortiz <jorge@foundries.io> Reviewed-by: Simon Glass <sjg@chromium.org> Reviewed-by: Igor Opaniuk <igor.opaniuk@foundries.io>
author: Jorge Ramirez-Ortiz 2021-02-14 16:27:24 +0100
committer: Tom Rini 2021-03-13 13:14:52 -0500
commit: 26839e5ddee369ea68acd8cbc8e24c7180c17e82 (patch)
tree: 00c969a8b64ccbb92d5447ec3bd895acbf6a952a /cmd/Kconfig
parent: 166363f2ed9e72ed3e2bf09d9317d6a5fdafcbea (diff)
1 files changed, 8 insertions, 0 deletions
diff --git a/cmd/Kconfig b/cmd/Kconfig
index 400133f8de9..960080d6d40 100644
--- a/cmd/Kconfig
+++ b/cmd/Kconfig
@@ -2022,6 +2022,14 @@ config HASH_VERIFY
 	help
 	  Add -v option to verify data against a hash.
 
+config CMD_SCP03
+	bool "scp03 - SCP03 enable and rotate/provision operations"
+	depends on SCP03
+	help
+	  This command provides access to a Trusted Application
+	  running in a TEE to request Secure Channel Protocol 03
+	  (SCP03) enablement and/or rotation of its SCP03 keys.
+
 config CMD_TPM_V1
 	bool
author	Jorge Ramirez-Ortiz	2021-02-14 16:27:24 +0100
committer	Tom Rini	2021-03-13 13:14:52 -0500
commit	26839e5ddee369ea68acd8cbc8e24c7180c17e82 (patch)
tree	00c969a8b64ccbb92d5447ec3bd895acbf6a952a /cmd/Kconfig
parent	166363f2ed9e72ed3e2bf09d9317d6a5fdafcbea (diff)