sim-tpm-seal.config

ARCH=sim
TARGET=sim
SIGN?=ECC256
HASH?=SHA256
SPI_FLASH=0
DEBUG=1
WOLFTPM=1

# sizes should be multiple of system page size
WOLFBOOT_PARTITION_SIZE=0x40000
WOLFBOOT_SECTOR_SIZE=0x1000
WOLFBOOT_PARTITION_BOOT_ADDRESS=0x80000
# if on external flash, it should be multiple of system page size
WOLFBOOT_PARTITION_UPDATE_ADDRESS=0x100000
WOLFBOOT_PARTITION_SWAP_ADDRESS=0x180000

# required for keytools
WOLFBOOT_FIXED_PARTITIONS=1

# Use NV for TPM based Root of Trust
WOLFBOOT_TPM_KEYSTORE?=1
WOLFBOOT_TPM_KEYSTORE_NV_BASE?=0x01400200
#WOLFBOOT_TPM_KEYSTORE_AUTH?=TestAuth

# Measured boot at test PCR index 16
MEASURED_BOOT?=1
MEASURED_PCR_A?=16

# Sealing a secret into TPM based on external PCR policy signed by the sign tool
WOLFBOOT_TPM_SEAL?=1
WOLFBOOT_TPM_SEAL_NV_BASE=0x01400300
#WOLFBOOT_TPM_SEAL_AUTH?=SealAuth

# TPM Logging
#CFLAGS_EXTRA+=-DDEBUG_WOLFTPM
#CFLAGS_EXTRA+=-DWOLFTPM_DEBUG_VERBOSE