diff --git a/ChangeLog.md b/ChangeLog.md index eef7069..6329077 100644 --- a/ChangeLog.md +++ b/ChangeLog.md @@ -1,5 +1,30 @@ ## Release Notes +### wolfTPM Release 1.9 (02/21/2020) + +**Summary** + +Added NPCT75x Nuvoton support, dynamic module detection, and attestation key wrappers. + +**Detail** + +* Fix when building wolfSSL with old names `NO_OLD_WC_NAMES`. (PR #113) +* Fix for TPM2 commands with more than one auth session. (PR #95) +* Bugfixes for TPM2_Packet_AppendSymmetric and TPM2_Packet_ParseSymmetric. (PR #111) +* TPM attestation fixes. (PR #103) +* If creating an NV and it already exists, set auth and handle anyways. (PR #99) +* Cleanups, removed unused code from the PCR examples. (PR #112) +* Improvements to the signed timestamp example. (PR #108) +* Add example of a TPM2.0 Quote using wolfTPM. (PR #107) +* Added NPCT75x Nuvoton support and dynamic module detection support. (PR #102) +* Added RSA sign/verify support and expanded RSA key loading API's. (PR #101) +* Attestation key wrappers. (PR #100) +* Add missing xor overload to TPMU_SYM_KEY_BITS. (PR #97) +* Signed timestamp example (AIK and Attestation). (PR #96) +* Adding more testing. (PR #93) +* Add TPM benchmarking results for Nuvoton NPCT650 TPM2.0 module. (PR #92) + + ### wolfTPM Release 1.8 (04/28/2020) **Summary** diff --git a/configure.ac b/configure.ac index 8c1724d..f83b0ab 100644 --- a/configure.ac +++ b/configure.ac @@ -3,7 +3,7 @@ # All right reserved. AC_COPYRIGHT([Copyright (C) 2014-2020 wolfSSL Inc.]) -AC_INIT([wolftpm],[1.8.0],[https://github.com/wolfssl/wolfTPM/issues],[wolftpm],[http://www.wolfssl.com]) +AC_INIT([wolftpm],[1.9.0],[https://github.com/wolfssl/wolfTPM/issues],[wolftpm],[http://www.wolfssl.com]) AC_PREREQ([2.63]) AC_CONFIG_AUX_DIR([build-aux]) @@ -23,7 +23,7 @@ AC_ARG_PROGRAM AC_CONFIG_MACRO_DIR([m4]) AC_CONFIG_HEADERS([src/config.h]) -WOLFTPM_LIBRARY_VERSION=8:0:0 +WOLFTPM_LIBRARY_VERSION=9:0:0 # | | | # +------+ | +---+ # | | | diff --git a/examples/pcr/extend.c b/examples/pcr/extend.c index 4f4f305..29db41f 100755 --- a/examples/pcr/extend.c +++ b/examples/pcr/extend.c @@ -23,6 +23,8 @@ #include +#ifndef WOLFTPM2_NO_WRAPPER + #ifndef WOLFTPM2_NO_WOLFCRYPT #include #endif @@ -198,13 +200,20 @@ exit_badargs: /* --- END TPM2.0 PCR Extend example tool -- */ /******************************************************************************/ +#endif /* !WOLFTPM2_NO_WRAPPER */ #ifndef NO_MAIN_DRIVER int main(int argc, char *argv[]) { - int rc; + int rc = -1; +#ifndef WOLFTPM2_NO_WRAPPER rc = TPM2_Extend_Test(NULL, argc, argv); +#else + printf("Wrapper code not compiled in\n"); + (void)argc; + (void)argv; +#endif /* !WOLFTPM2_NO_WRAPPER */ return rc; } diff --git a/examples/pcr/quote.c b/examples/pcr/quote.c index aa54a26..93a7989 100755 --- a/examples/pcr/quote.c +++ b/examples/pcr/quote.c @@ -25,6 +25,7 @@ #include +#ifndef WOLFTPM2_NO_WRAPPER #include #include #include @@ -149,6 +150,7 @@ int TPM2_Quote_Test(void* userCtx, int argc, char *argv[]) /* Create primary storage key (RSA) */ rc = wolfTPM2_CreateSRK(&dev, &storage, TPM_ALG_RSA, (byte*)gStorageKeyAuth, sizeof(gStorageKeyAuth)-1); + if (rc != 0) goto exit; /* Move storage key into persistent NV */ rc = wolfTPM2_NVStoreKey(&dev, TPM_RH_OWNER, &storage, @@ -269,14 +271,20 @@ exit_badargs: /* --- END TPM2.0 Quote Test -- */ /******************************************************************************/ +#endif /* !WOLFTPM2_NO_WRAPPER */ #ifndef NO_MAIN_DRIVER int main(int argc, char *argv[]) { - int rc; + int rc = -1; +#ifndef WOLFTPM2_NO_WRAPPER rc = TPM2_Quote_Test(NULL, argc, argv); - +#else + printf("Wrapper code not compiled in\n"); + (void)argc; + (void)argv; +#endif /* !WOLFTPM2_NO_WRAPPER */ return rc; } #endif diff --git a/examples/pcr/reset.c b/examples/pcr/reset.c index 8018140..7b97347 100755 --- a/examples/pcr/reset.c +++ b/examples/pcr/reset.c @@ -23,6 +23,8 @@ #include +#ifndef WOLFTPM2_NO_WRAPPER + #include #include #include @@ -134,14 +136,20 @@ exit_badargs: /******************************************************************************/ /* --- END TPM2.0 PCR Reset example tool -- */ /******************************************************************************/ - +#endif /* !WOLFTPM2_NO_WRAPPER */ #ifndef NO_MAIN_DRIVER int main(int argc, char *argv[]) { - int rc; + int rc = -1; +#ifndef WOLFTPM2_NO_WRAPPER rc = TPM2_Reset_Test(NULL, argc, argv); +#else + printf("Wrapper code not compiled in\n"); + (void)argc; + (void)argv; +#endif /* !WOLFTPM2_NO_WRAPPER */ return rc; } diff --git a/examples/timestamp/signed_timestamp.c b/examples/timestamp/signed_timestamp.c index f586985..8aca12e 100644 --- a/examples/timestamp/signed_timestamp.c +++ b/examples/timestamp/signed_timestamp.c @@ -25,6 +25,8 @@ #include +#ifndef WOLFTPM2_NO_WRAPPER + #include #include #include @@ -124,6 +126,7 @@ int TPM2_Timestamp_Test(void* userCtx) /* Create primary storage key (RSA) */ rc = wolfTPM2_CreateSRK(&dev, &storage, TPM_ALG_RSA, (byte*)gStorageKeyAuth, sizeof(gStorageKeyAuth)-1); + if (rc != 0) goto exit; /* Move storage key into persistent NV */ rc = wolfTPM2_NVStoreKey(&dev, TPM_RH_OWNER, &storage, @@ -290,13 +293,19 @@ exit: /* --- END TPM Timestamp Test -- */ /******************************************************************************/ +#endif /* !WOLFTPM2_NO_WRAPPER */ + #ifndef NO_MAIN_DRIVER int main(void) { - int rc; + int rc = -1; +#ifndef WOLFTPM2_NO_WRAPPER rc = TPM2_Timestamp_Test(NULL); +#else + printf("Wrapper code not compiled in\n"); +#endif /* !WOLFTPM2_NO_WRAPPER */ return rc; } diff --git a/examples/tls/tls_client.c b/examples/tls/tls_client.c index 6d5cebf..bccbd45 100644 --- a/examples/tls/tls_client.c +++ b/examples/tls/tls_client.c @@ -495,8 +495,8 @@ int main(void) (defined(WOLF_CRYPTO_DEV) || defined(WOLF_CRYPTO_CB)) rc = TPM2_TLS_Client(NULL); #else - printf("Wrapper/CryptoDev code not compiled in\n"); - printf("Build wolfssl with ./configure --enable-cryptodev\n"); + printf("Wrapper/Crypto callback code not compiled in\n"); + printf("Build wolfssl with ./configure --enable-cryptocb\n"); #endif return rc; diff --git a/examples/tls/tls_server.c b/examples/tls/tls_server.c index a245946..885df18 100644 --- a/examples/tls/tls_server.c +++ b/examples/tls/tls_server.c @@ -485,8 +485,8 @@ int main(void) (defined(WOLF_CRYPTO_DEV) || defined(WOLF_CRYPTO_CB)) rc = TPM2_TLS_Server(NULL); #else - printf("Wrapper/CryptoDev code not compiled in\n"); - printf("Build wolfssl with ./configure --enable-cryptodev\n"); + printf("Wrapper/Crypto callback code not compiled in\n"); + printf("Build wolfssl with ./configure --enable-cryptocb\n"); #endif return rc; diff --git a/examples/wrap/wrap_test.c b/examples/wrap/wrap_test.c index b74c064..f7d7a16 100644 --- a/examples/wrap/wrap_test.c +++ b/examples/wrap/wrap_test.c @@ -184,6 +184,7 @@ int TPM2_Wrapper_Test(void* userCtx) /* Create primary storage key (RSA) */ rc = wolfTPM2_CreateSRK(&dev, &storageKey, TPM_ALG_RSA, (byte*)gStorageKeyAuth, sizeof(gStorageKeyAuth)-1); + if (rc != 0) goto exit; /* Move this key into persistent storage */ rc = wolfTPM2_NVStoreKey(&dev, TPM_RH_OWNER, &storageKey, diff --git a/src/tpm2_packet.c b/src/tpm2_packet.c index 3120ae6..54493b1 100644 --- a/src/tpm2_packet.c +++ b/src/tpm2_packet.c @@ -357,7 +357,7 @@ void TPM2_Packet_AppendSymmetric(TPM2_Packet* packet, TPMT_SYM_DEF* symmetric) TPM2_Packet_AppendU16(packet, symmetric->algorithm); switch (symmetric->algorithm) { case TPM_ALG_XOR: - TPM2_Packet_AppendU16(packet, symmetric->keyBits.xor); + TPM2_Packet_AppendU16(packet, symmetric->keyBits.xorr); break; case TPM_ALG_AES: TPM2_Packet_AppendU16(packet, symmetric->keyBits.aes); @@ -376,7 +376,7 @@ void TPM2_Packet_ParseSymmetric(TPM2_Packet* packet, TPMT_SYM_DEF* symmetric) TPM2_Packet_ParseU16(packet, &symmetric->algorithm); switch (symmetric->algorithm) { case TPM_ALG_XOR: - TPM2_Packet_ParseU16(packet, &symmetric->keyBits.xor); + TPM2_Packet_ParseU16(packet, &symmetric->keyBits.xorr); break; case TPM_ALG_AES: TPM2_Packet_ParseU16(packet, &symmetric->keyBits.aes); diff --git a/src/tpm2_wrap.c b/src/tpm2_wrap.c index f065090..9006546 100644 --- a/src/tpm2_wrap.c +++ b/src/tpm2_wrap.c @@ -458,8 +458,9 @@ int wolfTPM2_StartSession(WOLFTPM2_DEV* dev, WOLFTPM2_SESSION* session, return BAD_FUNC_ARG; XMEMSET(&authSesIn, 0, sizeof(authSesIn)); - authSesIn.tpmKey = tpmKey ? tpmKey->handle.hndl : TPM_RH_NULL; - authSesIn.bind = bind ? bind->hndl : TPM_RH_NULL; + authSesIn.tpmKey = tpmKey ? tpmKey->handle.hndl : + (TPMI_DH_OBJECT)TPM_RH_NULL; + authSesIn.bind = bind ? bind->hndl : (TPMI_DH_ENTITY)TPM_RH_NULL; authSesIn.sessionType = sesType; if (useEncryptDecrypt) { authSesIn.symmetric.algorithm = TPM_ALG_AES; diff --git a/wolftpm/tpm2.h b/wolftpm/tpm2.h index b29bc84..b28c370 100644 --- a/wolftpm/tpm2.h +++ b/wolftpm/tpm2.h @@ -1080,7 +1080,7 @@ typedef TPM_KEY_BITS TPMI_AES_KEY_BITS; typedef union TPMU_SYM_KEY_BITS { TPMI_AES_KEY_BITS aes; TPM_KEY_BITS sym; - TPMI_ALG_HASH xor; + TPMI_ALG_HASH xorr; } TPMU_SYM_KEY_BITS; typedef union TPMU_SYM_MODE { diff --git a/wolftpm/version.h b/wolftpm/version.h index 10e3fe4..40307af 100644 --- a/wolftpm/version.h +++ b/wolftpm/version.h @@ -34,8 +34,8 @@ extern "C" { #endif -#define LIBWOLFTPM_VERSION_STRING "1.8.0" -#define LIBWOLFTPM_VERSION_HEX 0x01008000 +#define LIBWOLFTPM_VERSION_STRING "1.9.0" +#define LIBWOLFTPM_VERSION_HEX 0x01009000 #ifdef __cplusplus }