From 2b233c8a6401ec7911177079aa89bbbf30feeefb Mon Sep 17 00:00:00 2001
From: Andreas Steffen <andreas.steffen@strongswan.org>
Date: Sat, 18 Mar 2017 14:51:30 +0100
Subject: The tpm plugin offers random number generation

The tpm plugin can be used to derive true random numbers from a
TPM 2.0 device. The get_random method must be explicitly enabled
in strongswan.conf with the plugin.tpm.use_rng = yes option.
---
 conf/Makefile.am     | 1 +
 conf/plugins/tpm.opt | 2 ++
 2 files changed, 3 insertions(+)
 create mode 100644 conf/plugins/tpm.opt

(limited to 'conf')

diff --git a/conf/Makefile.am b/conf/Makefile.am
index 41912c43a..731446a3e 100644
--- a/conf/Makefile.am
+++ b/conf/Makefile.am
@@ -93,6 +93,7 @@ plugins = \
 	plugins/tnc-pdp.opt \
 	plugins/tnccs-11.opt \
 	plugins/tnccs-20.opt \
+	plugins/tpm.opt \
 	plugins/unbound.opt \
 	plugins/updown.opt \
 	plugins/vici.opt \
diff --git a/conf/plugins/tpm.opt b/conf/plugins/tpm.opt
new file mode 100644
index 000000000..cd666dde8
--- /dev/null
+++ b/conf/plugins/tpm.opt
@@ -0,0 +1,2 @@
+charon.plugins.tpm.use_rng = no
+	Whether the TPM should be used as RNG.
-- 
cgit v1.2.3