tpm: add dictionary attack mitigation commands support
Add support for the TPM2_DictionaryAttackParameters and
TPM2_DictionaryAttackLockReset commands.
Change the command file and the help accordingly.
Signed-off-by: Miquel Raynal <miquel.raynal@bootlin.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Tom Rini <trini@konsulko.com>
diff --git a/include/tpm-v2.h b/include/tpm-v2.h
index 7c2f6e9..ab8f113 100644
--- a/include/tpm-v2.h
+++ b/include/tpm-v2.h
@@ -191,4 +191,29 @@
u32 tpm2_get_capability(u32 capability, u32 property, void *buf,
size_t prop_count);
+/**
+ * Issue a TPM2_DictionaryAttackLockReset command.
+ *
+ * @pw Password
+ * @pw_sz Length of the password
+ *
+ * @return code of the operation
+ */
+u32 tpm2_dam_reset(const char *pw, const ssize_t pw_sz);
+
+/**
+ * Issue a TPM2_DictionaryAttackParameters command.
+ *
+ * @pw Password
+ * @pw_sz Length of the password
+ * @max_tries Count of authorizations before lockout
+ * @recovery_time Time before decrementation of the failure count
+ * @lockout_recovery Time to wait after a lockout
+ *
+ * @return code of the operation
+ */
+u32 tpm2_dam_parameters(const char *pw, const ssize_t pw_sz,
+ unsigned int max_tries, unsigned int recovery_time,
+ unsigned int lockout_recovery);
+
#endif /* __TPM_V2_H */