mirror of https://github.com/wolfSSL/wolfTPM.git
Release v3.2.0 prep.
parent
1126c2ebfc
commit
4157ed5689
|
@ -21,7 +21,7 @@
|
|||
|
||||
cmake_minimum_required(VERSION 3.16)
|
||||
|
||||
project(wolfTPM VERSION 3.1.0 LANGUAGES C)
|
||||
project(wolfTPM VERSION 3.2.0 LANGUAGES C)
|
||||
|
||||
set(CMAKE_RUNTIME_OUTPUT_DIRECTORY ${CMAKE_BINARY_DIR}/bin)
|
||||
set(WOLFTPM_DEFINITIONS)
|
||||
|
|
63
ChangeLog.md
63
ChangeLog.md
|
@ -1,5 +1,68 @@
|
|||
# Release Notes
|
||||
|
||||
## wolfTPM Release 3.2.0 (Apr 24, 2024)
|
||||
|
||||
**Summary**
|
||||
|
||||
Added TPM Firmware update support (Infineon SLB9672/SLB9673). Added support for pre-provisioned device identity keys/certificates (STMicro ST33). Fixed issue with sealing secret to prevent `userWithAuth` by default. Expanded the TPM get capabilities support.
|
||||
|
||||
**Detail**
|
||||
|
||||
* Added new API `wolfTPM2_NVCreateAuthPolicy` for allowing NV creation with policy (PR #344)
|
||||
* Added Infineon firmware update recovery support (PR #342)
|
||||
* Added support for Infineon Firmware upgrade (PR #339)
|
||||
- Added support for Infineon SLB9672/SLB9673 Firmware upgrade (see examples/firmware/README.md)
|
||||
- Added Infineon Modus Toolbox support. See `wolfssl/IDE/Infineon/README.md` for setup instructions.
|
||||
- Added support for Infineon CyHal I2C support.
|
||||
- Added Firmware extraction tool
|
||||
- Added Firmware update example application `examples/firmware/ifx_fw_update`.
|
||||
- Added support for vendor capabilities `TPM_CAP_VENDOR_PROPERTY`.
|
||||
- Added `XSLEEP_MS` macro for firmware update delay.
|
||||
- Added support for getting key group id, operational mode and update counts.
|
||||
- Added support for abandoning an update.
|
||||
- Added support for firmware update done, but not finalized
|
||||
- Added Infineon CyHal SPI support.
|
||||
- Fixed auto-detect to not define SLB9672/SLB9673.
|
||||
* Fixed TLS examples to not use openssl compatibility macros (PR #341)
|
||||
* Added ST33 support for pre-provisioned device identity key and certificate (PR #336)
|
||||
- Added support for pre-provisioned TPM using the "TPM 2.0 Keys for Device Identity and Attestation" specification. See build macro: `WOLFTPM_MFG_IDENTITY`.
|
||||
- Added example for using TPM pre-provisioned device identity to TLS client example.
|
||||
- Fixed ST33 vendor command to enable command codes (TPM2_SetCommandSet) (it requires platform auth to be set).
|
||||
- Added benchmarks for new ST33KTPM2XI2C.
|
||||
- Fixed 0x1XX error code parsing.
|
||||
- Fixed ST33 part descriptions.
|
||||
- Updated example certificates.
|
||||
* Fixes for building wolfTPM examples with `NO_FILESYSTEM` (PR #338)
|
||||
* Fixed crypto callback hashing return code initialization (PR #334)
|
||||
* Updated documentation for Infineon SLB9673 (I2C) (PR #337)
|
||||
* Fixed Documentation references for generated user manual (PR #335)
|
||||
* Fixed netdb.h include (PR #333)
|
||||
* Fixes for building with "-Wpedantic" (PR #332)
|
||||
* Added new API `wolfTPM2_GetHandles` to get list of handles from the TPM capabilities. (PR #328)
|
||||
* Fixed config.h, which should only be included from .c files, not headers. (PR #330/#331)
|
||||
* Fixed CMake tests (PR #329)
|
||||
* Fixed and improved secret sealing/unsealing (PR #327)
|
||||
- Do not set userWithAuth by default when creating sealed objects. That flag allows password auth for the sealed object. Without the flag it only allows policy auth.
|
||||
- Allow setting policy auth with flags.
|
||||
- Fix secret_unseal to use policy session and valid sealed name.
|
||||
- Added expected failure test cases for seal/unseal with policy.
|
||||
- Improve the run_examples.sh script
|
||||
* Improved types for htons and byte swap (PR #326)
|
||||
- Match byte swap logic with wolfSSL (use WOLF_ALLOW_BUILTIN).
|
||||
- Remove unused `XHTONS` and `arpa/inet.h`.
|
||||
* Improved STMicro product naming (PR #325)
|
||||
* Improved the STM32Cube template (PR #324)
|
||||
- Setup so next pack can add small stack and transport options: `WOLFTPM_CONF_SMALL_STACK` and `WOLFTPM_CONF_TRANSPORT` (0=SPI, 1=I2C).
|
||||
* Fixed build error with missing `wc_RsaKeyToPublicDer_ex` (PR #323)
|
||||
* Improved the ECC macro checks for `wc_EccPublicKeyToDer` (PR #323)
|
||||
* Added PKCS7 ECC support to example (PR #322)
|
||||
- Added wrapper function to export TPM public key as DER/ASN.1 or PEM.
|
||||
- Fixed for crypto callback ECC sign to handle getting keySz for unknown cases (like PKCS7 without privateKey set).
|
||||
* Added expanded key template and cleanups (PR #321)
|
||||
- Fixed mixed variable declaration.
|
||||
- Added _ex version for GetKeyTemplate RSA/ECC to allow setting all template parameters.
|
||||
|
||||
|
||||
## wolfTPM Release 3.1.0 (Dec 29, 2023)
|
||||
|
||||
**Summary**
|
||||
|
|
15
configure.ac
15
configure.ac
|
@ -3,7 +3,7 @@
|
|||
# All right reserved.
|
||||
|
||||
AC_COPYRIGHT([Copyright (C) 2014-2021 wolfSSL Inc.])
|
||||
AC_INIT([wolftpm],[3.1.0],[https://github.com/wolfssl/wolfTPM/issues],[wolftpm],[http://www.wolfssl.com])
|
||||
AC_INIT([wolftpm],[3.2.0],[https://github.com/wolfssl/wolfTPM/issues],[wolftpm],[http://www.wolfssl.com])
|
||||
|
||||
AC_PREREQ([2.63])
|
||||
AC_CONFIG_AUX_DIR([build-aux])
|
||||
|
@ -28,18 +28,17 @@ AC_ARG_PROGRAM
|
|||
|
||||
AC_CONFIG_HEADERS([src/config.h])
|
||||
|
||||
WOLFTPM_LIBRARY_VERSION=16:1:0
|
||||
WOLFTPM_LIBRARY_VERSION=16:2:0
|
||||
# | | |
|
||||
# +------+ | +---+
|
||||
# | | |
|
||||
# current:revision:age
|
||||
# | | |
|
||||
# | | +- increment if interfaces have been added
|
||||
# | | set to zero if interfaces have been removed
|
||||
# | | or changed
|
||||
# | +- increment if source code has changed
|
||||
# | set to zero if current is incremented
|
||||
# +- increment if interfaces have been added, removed or changed
|
||||
# | | +- increment if source code has changed
|
||||
# | | set to zero if [current] or [revision] is incremented
|
||||
# | +- increment if interfaces have been added
|
||||
# | set to zero if [current] is incremented
|
||||
# +- increment if interfaces have been removed or changed
|
||||
AC_SUBST([WOLFTPM_LIBRARY_VERSION])
|
||||
|
||||
|
||||
|
|
|
@ -57,7 +57,7 @@ static int mStop = 0;
|
|||
* This example server listens on port 11111 by default, but can be set at
|
||||
* build-time using `TLS_PORT`.
|
||||
*
|
||||
* By default this example will loads RSA keys unless RSA is disabled (NO_RSA)
|
||||
* By default this example will load RSA keys unless RSA is disabled (NO_RSA)
|
||||
* or the TLS_USE_ECC build option is used.
|
||||
*
|
||||
* You can validate using the wolfSSL example client this like:
|
||||
|
|
|
@ -34,8 +34,8 @@
|
|||
extern "C" {
|
||||
#endif
|
||||
|
||||
#define LIBWOLFTPM_VERSION_STRING "3.1.0"
|
||||
#define LIBWOLFTPM_VERSION_HEX 0x03001000
|
||||
#define LIBWOLFTPM_VERSION_STRING "3.2.0"
|
||||
#define LIBWOLFTPM_VERSION_HEX 0x03002000
|
||||
|
||||
#ifdef __cplusplus
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue