David Garske
026c82f799
Fixes and new tests for building wolfCrypt/wolfTPM without ECC or RSA. Fixes ZD 18470. Improved smallstack (eliminated `WOLFTPM2_MAX_BUFFER`). Fixes for building with NO_ASN.
2024-08-19 09:55:15 -07:00
David Garske
c98ee9a71e
Update copyright date.
2024-04-24 10:42:27 -07:00
David Garske
892726e6b5
Added support for Infineon SLB9672/SLB9673 Firmware upgrade (see examples/firmware/README.md)
...
Added Infineon Modus Toolbox support. See `wolfssl/IDE/Infineon/README.md` for setup instructions.
Added support for Infineon CyHal I2C support.
Added Firmware extraction tool
Added Firmware update example application `examples/firmware/ifx_fw_update`.
Added support for vendor capabilities `TPM_CAP_VENDOR_PROPERTY`.
Added `XSLEEP_MS` macro for firmware update delay.
Added support for getting key group id, operational mode and update counts.
Added support for abandoning an update.
Added support for firmware update done, but not finalized
Fix auto-detect to not define SLB9672/SLB9673.
2024-04-01 17:21:18 -07:00
Eric Blankenhorn
46ef684106
Merge pull request #328 from dgarske/cap_handles
...
Added support for getting handles from capabilities
2024-02-09 09:33:08 -06:00
David Garske
b395b65287
Fix for config.h, which should only be included from .c files, not headers. ZD 17473
2024-02-07 14:28:33 -08:00
David Garske
e078e15f56
Added new API `wolfTPM2_GetHandles` to get list of handles from the TPM capabilities. ZD 17328
2024-02-06 10:48:16 -08:00
David Garske
e601803f1b
Added support for PK callbacks with RSA Sign using PKCSv1.5 and PSS.
...
Fixes for building wolfTPM without crypto callbacks.
Fixes for building/running with FIPS.
2023-12-01 08:25:53 -08:00
David Garske
96cd17af1d
Improvements/fixes to NV auth and session auth set/unset:
...
* Fix bug with NV name after first write (only appears when using HMAC session).
* Add new API `wolfTPM2_UnsetAuthSession` to unset auth index for a session and save off the nonce from the TPM. This allows auth to be unset/set again with the same session.
* Cleanup in the NV API's for unsetting of the auth to be handled by caller, not in API.
2023-09-15 14:03:11 -07:00
David Garske
3f29c59e87
Add support for encrypting secret using ECC key. Allows using ECC for parameter encryption and importing ECC keys with custom seed. Requires https://github.com/wolfSSL/wolfssl/pull/6683
2023-08-08 16:15:18 -07:00
David Garske
bb18c4c550
Added `wolfTPM2_ChangePlatformAuth` wrapper to help set the platform auth. This is useful from the bootloader to make sure no one can use the platform hierarchy from application.
2023-08-07 11:08:02 -07:00
John Bland
d1cd4eff52
use correct session index for wrap test so parameter encryption works
2023-05-03 19:29:45 -04:00
David Garske
382ff91eb3
Support for disabling ASN.1 (--disable-asn) and still provide parameter encryption support.
2023-05-02 18:11:15 -07:00
David Garske
4242f2f6cf
Fixes for building without ASN. Fix for ECC disabled with `WOLFSSL_PUBLIC_MP` set.
2023-05-02 17:27:48 -07:00
David Garske
0ceeebeaf7
Fix for building with no PEM to DER. Fix for building with static library and no debug, due to missing stdio in examples. Fix for TLS examples missing WOLFCRYPT_ONLY check. Fix for building with WC_NO_RNG. Fix for RSA salt with RNG using crypto cb.
2023-05-02 16:18:21 -07:00
John Bland
ae280a7e71
fix casting and unused variable problems on windows ( #255 )
2023-01-27 14:34:02 -08:00
David Garske
c05bf659c2
Fix broken paths with HAL refactor. Update TLS examples to use latest TLS version (allowing downgrade).
2023-01-20 08:29:53 -08:00
David Garske
1ea4a591a8
HAL refactor and documentation improvements. Move example HAL implementations into new `hal` directory. Include the example HAL in the library when building. Updated HAL IO documentation.
2023-01-18 12:38:04 -08:00
David Garske
41e5750ff2
Peer review fixes. Cleanups for return code checking, stdlib functions, unknown args and coding standards.
2022-10-04 13:19:51 -07:00
David Garske
d491437e08
Use `strcmp` since `argv` is guaranteed to be NULL terminated. Fix keygen example whitespace alignment.
2022-10-04 11:44:16 -07:00
David Garske
3f84b2efbc
wolfTPM v2.5.0 release prep
2022-07-22 09:32:57 -07:00
David Garske
9d2483d327
New CSR wrappers to assist with TPM based CSR/Self-Signed-Cert generation including CSharp wrappers. This includes support for subject, key usage, custom request extensions and output as PEM or DER. New structure `WOLFTPM2_CSR`. New API's `wolfTPM2_CSR_*`. New CSharp class `Csr`.
2022-07-12 13:53:04 -07:00
Elms
a787dab931
Fix tests and wrapper example with no wolfcrypt
2022-05-06 21:43:15 -07:00
Elms
084ef170b7
cmake: windows fixes and spell fixes
...
* Examples working on Windows and SWTPM
* Check command availability (including for windows blocking it).
* update unseal to work without persistent NV storage
* cleanup cmake from review
* fix a few spelling mistakes
2022-04-07 10:55:11 -07:00
Elms
ede184c735
configure: keep example directory strcuture during install
2021-11-18 12:04:41 -08:00
elms
5af1360f3d
Merge pull request #195 from dgarske/rel_v2.3.0
2021-11-09 11:18:21 -08:00
David Garske
0f9e8b5768
wolfTPM Release v2.3.0
2021-11-08 15:49:00 -08:00
David Garske
4adbbc560a
Improve the printing of the capabilities vendor firmware number. Spelling fixes.
2021-11-08 11:59:11 -08:00
Elms
91174287b3
RSA_Encrypt: Fix for RSAES padding
2021-09-16 08:42:23 -07:00
Elms
02b8834244
test: Allow `CreateLoaded` to pass on unsupported systems
...
Some hardware may not support these, but allow native and wrap tests to pass with comment
2021-07-26 11:18:33 -07:00
Dimitar Tomov
8528a326be
Added fixes and unit tests for wolfTPM2_CreateLoadedKey and TPM2_CreateLoaded
...
* Added new units tests and fixed missing XMEMSET
* Renamed and modified PemToTpm to PubPemToTpm, works only with Pub keys
* Fixes from peer feedback
Signed-off-by: Dimitar Tomov <dimi@wolfssl.com>
2021-07-12 15:09:28 -07:00
David Garske
ed1ec8c52d
Support for QNX with wolfTPM:
...
* Fix for `wolfTPM2_NVCreateAuth` to return `TPM_RC_NV_DEFINED` if already exists (it used to do this, but broke with GPIO changes).
* Fixes for building wolfTPM with wolfCrypt only (no TLS).
* Fix for building without RSA and ECC.
* Fix for `--enable-smallstack` with parameter encryption,
* Fix for nvram/store unused variable.
2021-06-01 10:34:28 -07:00
David Garske
2b8cfb8692
wolfTPM Release v2.1.0 preparation.
...
* Updated copyright
* Fixed minor cast warning.
* Fixed minor scan-build warnings.
* Cleanup print public and fix possible print of uninitialized field.
2021-03-17 10:13:50 -07:00
David Garske
523a9f905c
Fixes for properly setting auth (needs to include name for HMAC cpHash/rpHash calculation). Fix for sessionAttributes when command / response doesn't support it. Fixes for the TLS client / server examples. Added back the useful param enc / hmac debugging enabled with `--enable-debug=verbose`.
2020-12-02 16:47:46 -08:00
David Garske
d044360e38
Fixes for scan-build and g++ warnings.
2020-12-01 10:38:39 -08:00
David Garske
4b0b70861c
Added parameter encryption support to more examples. Fix to not set "encrypt" or "decrypt" if command doesn't allow it. Updated documentation.
2020-11-30 12:00:54 -08:00
David Garske
4c2e8d3f43
Added response HMAC validation. Fixes for nonce and auth count. Fix for AES CFB decrypt set key (requires `AES_ENCRYPTION` on SetKey). Cleanup verbose debugging. PR ready for review.
2020-11-25 16:04:04 -08:00
David Garske
409fd96502
Fixes for response decryption. Nonce from TPM captured correctly now. Added support for args to all examples.
2020-11-24 16:44:20 -08:00
Elms
4cc41ffa01
examples: Add test vectors for AES CFB and make it the default for tests
2020-09-30 13:22:29 -07:00
Eric Blankenhorn
72464dc621
Release v1.9 preparation
2020-08-24 12:12:11 -05:00
Eric Blankenhorn
11beec190b
Merge pull request #108 from dgarske/signed_timestamp
...
Improvements to the signed timestamp example
2020-07-23 17:40:27 -05:00
David Garske
8eb67b5bcf
Improvements to the signed timestamp example. Cleanup of the key template API's.
2020-07-21 15:24:10 -07:00
Dimitar Tomov
0ad05b9554
Fix whitespaces and tabs in include.am files
...
Signed-off-by: Dimitar Tomov <dimi@designfirst.ee>
2020-07-17 18:09:52 +03:00
David Garske
6d46b26bde
Added dynamic module detection at run-time when using internal TIS.
2020-07-13 09:55:36 -07:00
David Garske
3de776b9e4
TPM RSA sign and verify wrapper support and expanded RSA key loading support:
...
* Added RSA support for `wolfTPM2_SignHash` and `wolfTPM2_VerifyHash`.
* Added `wolfTPM2_SignHashScheme` and `wolfTPM2_VerifyHashScheme` support for signature scheme and hash algo.
* Added `wolfTPM2_LoadRsaPrivateKey_ex` and `wolfTPM2_LoadRsaPublicKey_ex` support for signature scheme and hash algo.
* Fix for typo on hashAlg and sigAlg (per spec).
* Added RSA sign/verify examples for PKCSv1.5 (SSA) and PSS padding schemes.
* Fixes for building without ECC key import/export.
2020-06-18 14:35:59 -07:00
David Garske
5de30b8fe6
Fixes for minor scan-build warnings.
2020-04-30 12:56:37 -07:00
David Garske
025f9ff049
Example for using an ECC primary storage key (root owner).
2020-02-21 09:39:16 -08:00
Chris Conlon
91ef0b0e6e
update copyright to 2020
2020-01-03 15:31:27 -08:00
David Garske
7887130287
wolfTPM v1.7 Release
2019-12-27 14:43:30 -08:00
David Garske
9ebc039edb
Added new wrappers for shutdown and handle cleanup.
2019-10-22 12:23:06 -07:00
Eric Blankenhorn
0e4788bebd
Merge pull request #79 from dgarske/nvauth
...
Added support for using authentication with NV
2019-08-15 15:34:06 -05:00