Add TPM 2.0 v1.85 PQC (ML-DSA and ML-KEM) Support

[aidangarske]

Description

This PR adds initial support for TPM 2.0 Library Specification v1.85 PQC APIs to wolfTPM.
It implements new ML-DSA (Dilithium) and ML-KEM (Kyber) commands that were not present in the v1.84 RFC.

New TPM v1.85 Features Added

ML-DSA (Dilithium) – Signature & Verification

• TPM2_SignSequenceStart
• TPM2_VerifySequenceStart
• TPM2_SignSequenceComplete
• TPM2_VerifySequenceComplete
• TPM2_SignDigest
• TPM2_VerifyDigestSignature

These commands add context-based and sequence-based signing/verification required for PQ signature schemes.

ML-KEM (Kyber) – Key Encapsulation

• TPM2_Encapsulate (public-key operation)
• TPM2_Decapsulate (private-key operation)

Supports generation and recovery of shared secrets via PQ KEM.

New Types, Enums, and Structures

• New TPM_CC_* command codes for all v1.85 PQ commands

• New structure tags:

  • TPM_ST_MESSAGE_VERIFIED
  • TPM_ST_DIGEST_VERIFIED

• New TPM2B types:

  • TPM2B_SIGNATURE_CTX
  • TPM2B_KEM_CIPHERTEXT
  • TPM2B_SHARED_SECRET

• New input/output command structures added to tpm2.h

Testing

unit.c unit testing

• test_wolfTPM2_MLDSA_*
• test_wolfTPM2_MLKEM_*

TODO:

• Test with actual hardware / TCG spec 185 sim

[tdjCisco]

I assume that turning on v185 is a superset of earlier versions. Meaning once turned on, we can still execute on older TPMs without re-compile.

[aidangarske]

Hi Todd, yes we are still able to execute old commands with this on. Should we perhaps name this just --enable-pq or add a secondary option?

[tdjCisco]

What you have is fine. Just wanted clarification. Any luck testing on simulator yet?

[dgarske]

We do not have a way to test yet, but we should have some hardware soon.

[tdjCisco]

These don't match the v1.85 spec in review.
TPM_CC_SignSequenceStart 0x000001AA same with the ones below

[aidangarske]

Thank you for catching that I will fix it