Remove a duplicate MAX_ECC_KEY_BYTES. Add comment for why MAX_RSA_KEY_BYTES uses (times 2). Fix LABEL_MAX_BUFFER. Add better defaults for SLB9672/SLB9673.

dgarske · dgarske · commit b3cdff3d1f67 · 2025-07-18T09:26:24.000-07:00
diff --git a/wolftpm/tpm2.h b/wolftpm/tpm2.h
@@ -72,8 +72,8 @@ typedef UINT32 TPM_GENERATED;
 #define TPM_SPEC_YEAR         2016
 #define TPM_SPEC_DAY_OF_YEAR  273
 
-#define TPM_GENERATED_VALUE   0xff544347
-
+#define TPM_GENERATED_VALUE   0xff544347U
+#define TPM_MAX_DERIVATION_BITS 8192U
 
 typedef enum {
     TPM_ALG_ERROR           = 0x0000,
diff --git a/wolftpm/tpm2_types.h b/wolftpm/tpm2_types.h
@@ -376,6 +376,18 @@ typedef int64_t  INT64;
     #define WOLFTPM_PERFORM_SELFTEST
 #endif
 
+/* Chip defaults */
+#if defined(WOLFTPM_SLB9672) || defined(WOLFTPM_SLB9673)
+    #ifndef MAX_RSA_KEY_BITS
+        #define MAX_RSA_KEY_BITS 4096
+    #endif
+    #ifndef MAX_ECC_KEY_BITS
+        #define MAX_ECC_KEY_BITS 384
+    #endif
+    #ifndef HASH_COUNT
+        #define HASH_COUNT 3
+    #endif
+#endif
 
 
 /* ---------------------------------------------------------------------------*/
@@ -388,10 +400,6 @@ typedef int64_t  INT64;
 #define TPM_SHA384_DIGEST_SIZE 48
 #define TPM_SHA512_DIGEST_SIZE 64
 
-#ifndef MAX_ECC_KEY_BYTES
-#define MAX_ECC_KEY_BYTES     66
-#endif
-
 #ifndef TPM_MAX_BLOCK_SIZE
 #define TPM_MAX_BLOCK_SIZE     128
 #endif
@@ -432,12 +440,15 @@ typedef int64_t  INT64;
 #define MAX_SYM_KEY_BYTES 32
 #endif
 #ifndef LABEL_MAX_BUFFER
-#define LABEL_MAX_BUFFER 48
+/* the TCG specification defines a label size not exceed 32 bytes */
+#define LABEL_MAX_BUFFER 32
 #endif
+
 #ifndef MAX_RSA_KEY_BITS
 #define MAX_RSA_KEY_BITS 2048
 #endif
 #ifndef MAX_RSA_KEY_BYTES
+/* the TCG specification defines an RSA key as two max values */
 #define MAX_RSA_KEY_BYTES (((MAX_RSA_KEY_BITS+7)/8)*2)
 #endif
 
