6fbb49a94f
wolfTPM Release v3.9.0. Updated copyright and version.
2025-05-14 15:31:07 -07:00
8b8bd479a4
wolfTPM Zephyr Project Port #395 - Work by @aidangarske, @night1rider, and @dgarske
2025-05-14 13:56:08 -07:00
688ce722d3
Fix typo - default is used..
2025-03-28 13:57:21 -07:00
50c5f10277
Added keygen optional authentication password -auth=<yourpassword>
2025-03-28 12:50:22 -07:00
87edf3d840
Cleanup the `SensitiveToPrivate` function stack variables. Switch `wolfTPM2_LoadSymmetricKey` to default to the `WOLFTPM2_WRAP_DIGEST` for hash algorithm and not try to use SHA1. Cleanup comments on EK/SRK. Tab and formatting.
2024-12-06 16:56:03 -08:00
3617abca97
Fix warning: `cannot convert argument of incomplete type 'void *' to 'WOLFTPM2_KEY *'`. Fix `extend.c:158:9: warning: Value stored to 'rc' is never read`. Fix `src/tpm2_wrap.c:2193:5: warning: Value stored to 'sensSz' is never read`.
2024-11-05 11:34:54 -08:00
070232104e
Fixes for keygen with `-sym=`.
2024-08-21 11:55:17 -07:00
026c82f799
Fixes and new tests for building wolfCrypt/wolfTPM without ECC or RSA. Fixes ZD 18470. Improved smallstack (eliminated `WOLFTPM2_MAX_BUFFER`). Fixes for building with NO_ASN.
2024-08-19 09:55:15 -07:00
c98ee9a71e
Update copyright date.
2024-04-24 10:42:27 -07:00
b395b65287
Fix for config.h, which should only be included from .c files, not headers. ZD 17473
2024-02-07 14:28:33 -08:00
0aa01f4f5a
Added PKCS7 ECC support to example. Added wrapper function to export TPM public key as DER/ASN.1 or PEM. Fix for crypto callback ECC sign to handle getting keySz for unknown cases (like PKCS7 without privateKey set).
2024-01-17 15:50:30 -08:00
93a2493dbf
Fixes for attestation with endorsement key. Enable the broken endorsement tests.
2023-12-29 09:32:49 -08:00
6322c91e53
Remove the `WOLFTPM2_KEYBLOB.name` (deprecated) and is in `handle.name` now.
2023-12-29 09:20:45 -08:00
027ae8a4e9
Make sure PCR extend has the session auth cleared. Added -nvhandle argument to nvram examples. Cleanups for examples.
2023-09-08 08:14:39 -07:00
8968d89f90
More CI fixes.
2023-08-31 12:29:13 -07:00
a15260342f
wolfTPM Support for sealing/unsealing based on a PCR that is signed externally. Use an external key to sign a PCR digest. Allows a new signed policy to be sent with updates to continue allowing a sealed secret to be unsealed when PCR's change. This resolves the issue with PCR brittleness.
2023-08-29 18:47:18 -07:00
14a331d648
Example for secure boot solution to store root of trust in NV. Provides authentication and tamper protection. Fixed uses of arg= in examples.
2023-08-07 11:08:02 -07:00
7fcbcab634
Fixes for edge case builds !HAVE_ECC or NO_RSA.
2023-07-20 09:29:45 -07:00
0ceeebeaf7
Fix for building with no PEM to DER. Fix for building with static library and no debug, due to missing stdio in examples. Fix for TLS examples missing WOLFCRYPT_ONLY check. Fix for building with WC_NO_RNG. Fix for RSA salt with RNG using crypto cb.
2023-05-02 16:18:21 -07:00
c05bf659c2
Fix broken paths with HAL refactor. Update TLS examples to use latest TLS version (allowing downgrade).
2023-01-20 08:29:53 -08:00
032f10d120
Fix for keyed hash with HMAC.
2022-10-04 13:27:43 -07:00
41e5750ff2
Peer review fixes. Cleanups for return code checking, stdlib functions, unknown args and coding standards.
2022-10-04 13:19:51 -07:00
d491437e08
Use `strcmp` since `argv` is guaranteed to be NULL terminated. Fix keygen example whitespace alignment.
2022-10-04 11:44:16 -07:00
14a4b00873
Key generation example for Keyed Hash. ZD 14876.
2022-09-28 11:55:05 -05:00
3f84b2efbc
wolfTPM v2.5.0 release prep
2022-07-22 09:32:57 -07:00
b41a14689f
Add create primary key example. Add support for using a unique template with create and create primary.
2022-06-28 16:40:46 -07:00
084ef170b7
cmake: windows fixes and spell fixes
...
* Examples working on Windows and SWTPM
* Check command availability (including for windows blocking it).
* update unseal to work without persistent NV storage
* cleanup cmake from review
* fix a few spelling mistakes
2022-04-07 10:55:11 -07:00
d035cd239c
Fix for a few spelling errors. Whitespace cleanup.
2021-12-07 11:10:50 -08:00
4931ea0e51
Fix unused variables `--disable-wolfcrypt`
2021-07-21 16:30:22 -07:00
6ddcdb0763
Fixes for building with `--disable-wolfcrypt`.
2021-07-13 11:58:17 -07:00
d17a182c30
Fix scan-build warnings.
2021-07-13 11:53:43 -07:00
8455beaae4
Fixes for Public PEM functions. Cleanups.
2021-07-12 17:12:22 -07:00
3e217cc497
Made keygen and attestation examples work with EH keys
...
* Added option in keygen example to create and use keys under the EK
- Added PolicySecret to provide EK auth
* Fix wrong total auth area size when multiple auth sessions are used
* Workaround policy Session for EK auth
* Added flag in WOLFTPM2_HANDLE to specify when policyAuth is used
* Added three macros to check TPM2.0 Policy session type
* Added option to use keys under Endorsement Hierarchy in attestation examples
- MakeCredential modified to work without auth as TCG spec defines
- MakeCredential can now use EK pub to encrypt challenge
- AcivateCredential can now work with EK pub to decrypt challenge
* Added new wolfTPM2 wrapper for TPM2_CreateLoaded
- Added missing TPM2_CreateLoaded command in tpm2.c
- Create and load a key in single TPM 2.0 operation
* Added new wolfTPM2 wrappers to use PEM format in keygen
- wolfTPM2_RsaKey_TpmToPem
- wolfTPM2_RsaKey_PemToTpm
* Improved keygen, output in PEM format and saving EK's TPM2B_PUBLIC
- Added keygen option to output PEM files for TPM public keys
- Added saving of EK's TPM2B_PUBLIC for attestation purposes
* Modified keygen
- Uses new wolfTPM2_CreateLoaded wrapper to acquire correct AK name
- Stores AK name for attestation purposes
* Modified keyload to be able to load keys created under the EK/EH
- Uses new wrapper
- Can load keys created under EK/EH, non-AK and AK
* Added new wrapper for satisfying EK policy
* Applied fixes from peer review
Signed-off-by: Dimitar Tomov <dimi@wolfssl.com>
2021-07-12 15:09:28 -07:00
009a5df963
Added examples to create a remote attestation credential
...
Signed-off-by: Dimitar Tomov <dimi@wolfssl.com>
2021-04-29 23:26:24 +03:00
2b8cfb8692
wolfTPM Release v2.1.0 preparation.
...
* Updated copyright
* Fixed minor cast warning.
* Fixed minor scan-build warnings.
* Cleanup print public and fix possible print of uninitialized field.
2021-03-17 10:13:50 -07:00
1769a3a264
Fixes for build error without wolfCrpyt (`--disable-wolfcrypt`). Fixes to better propagate errors when features are not compiled in. Add wolf error code descriptions when wolfCrypt is disabled.
2021-03-12 15:10:58 -08:00
f0540d688e
Make NVRAM and Keygen examples store the encoded public key part to save space
...
Before examples were always storing the maximum public key part size,
using sizeof(TPM2B_PUBLIC), with many empty fields. This meant, always
storing 616 bytes of public part, even if the public key part was less.
* writekeyBlob/readKeyBlob use the actual size of public key part
* NVRAM store/read use the actual size of the public key part
* Minor fixes from peer review
* Added comment to nvram/store about Host Endianness, per peer review
* Added public API for appending/parsing TPM2B_PUBLIC to byte streams
Signed-off-by: Dimitar Tomov <dimi@wolfssl.com>
2021-03-12 15:10:58 -08:00
daa690293d
Add symmetric AES option to the keygen example
...
Signed-off-by: Dimitar Tomov <dimi@wolfssl.com>
2021-03-12 15:10:58 -08:00
c0fa6423d5
Cleanup of the examples to use the key templates. The PKCS7 example was failing because of a key mismatch between the TPM private key and the public key used in the certificate setup using the CSR and ./certs/certreq/sh`.
2021-01-14 16:41:12 -08:00
845b3d1da2
Release fixes and cleanups. Fixes for init of `WOLFTPM2_HASH` in `wolfTPM2_HashStart`. Fix for for various build configurations (--disable-wrapper). Fix for Microchip "sign" bit on symmetric keys. Fix for scan-build warnings. Cleanup whitespace.
2020-12-07 11:01:02 -08:00
4b0b70861c
Added parameter encryption support to more examples. Fix to not set "encrypt" or "decrypt" if command doesn't allow it. Updated documentation.
2020-11-30 12:00:54 -08:00
dbd8e41b47
Refactor of the session authentication. Added "-e" option to some examples to enable parameter encryption and removed the _paramenc.c files. Fixup for the `getPrimaryStoragekey` to allow persisting if not `WOLFTPM_WINAPI`. Improve command line options. Added calculation of command hash and HMAC for sessions.
2020-11-20 16:47:14 -08:00
675f7deb22
Fixes for a couple minor build errors and warnings. Found using scan-build, CC=g++ and `NO_FILESYSTEM`.
2020-11-13 15:57:03 -08:00
3ce0a6871c
Rebase and leverage new API with KEYBLOB
2020-11-12 14:08:13 -08:00
a3baa279a9
Fix for `set but not used` with `--disable-wolfcrypt`.
2020-11-12 13:38:22 -08:00
fdc149854e
Fix build issues with `--disable-wolfcrypt`.
2020-11-12 13:28:50 -08:00
1a24bab50f
Minor fixes for keyload usage, examples README and whitespaces
...
Signed-off-by: Dimitar Tomov <dimi@designfirst.ee>
2020-11-12 16:18:03 +02:00
4ce00ecb26
Added usage and fixed key import API name
2020-11-06 16:08:19 -08:00
961710de63
Added support for importing external private key to get a key blob for easy re-loading.
2020-11-02 14:23:47 -08:00
6b61e85496
Improved the key blob storage. Added ECC support to keygen example.
2020-10-27 10:16:33 -07:00
David Garske
Aidan Garske
aidan garske
Elms
Dimitar Tomov
Dimitar Tomov