WolfSSL
/
wolfTPM
mirror of https://github.com/wolfSSL/wolfTPM.git
1
0
Fork 0
Code Issues Releases Wiki Activity
1,200 Commits
6 Branches
29 Tags
15 MiB
Commit Graph

32 Commits (7411bc115f333f11f22998135bbe33c6bebdb844)

Author SHA1 Message Date
David Garske 7411bc115f Refactor the TPM2_GetNonce to support a non-locking version for internal use. This avoids all possible recursive mutex calls. 2025-05-27 14:42:43 -07:00
aidan garske 8e03c40fba removed test, only needs to be tested when actually used in wolfTPM 2025-03-28 14:31:00 -07:00
aidan garske f10a27bb47 Add keygen test for AIK and defualt 2025-03-28 13:29:43 -07:00
aidan garske 942bbe7f03 removed testing 2025-03-28 13:22:52 -07:00
aidan garske 50c5f10277 Added keygen optional authentication password -auth=<yourpassword> 2025-03-28 12:50:22 -07:00
David Garske 00749ad551 Fix run_examples.sh run.out location variable. 2025-02-21 16:53:23 -08:00
Eric Blankenhorn 80da56728c
Merge pull request #389 from dgarske/nv_extend 
Fix issue with session binding / add NV extend example
 2024-12-17 17:00:58 -06:00
David Garske 580b3a779e Fix issue with session binding. Add example for NV extend based on the TCG "bus protection guidance". 2024-12-16 11:53:52 -08:00
David Garske 7c48b76548 Support for building wolfTPM against older wolfCrypt (like v4.7.0). 2024-12-13 09:45:52 -08:00
philljj 6020acfe4e
Merge pull request #376 from dgarske/tls_idevid 
Improve the TPM TLS examples for use with `WOLFTPM_MFG_IDENTITY`
 2024-09-11 15:35:10 -04:00
David Garske 460e6003c9 Added tests for policy seal/unseal with multiple PCR's. 2024-09-10 11:53:13 -07:00
David Garske 03070dabd7 Improve the TPM TLS examples for use with `WOLFTPM_MFG_IDENTITY`. Tested with ST33KTPM2X SEMI-CUSTOM DEVICE ID. 2024-09-09 10:35:22 -07:00
David Garske 1603cfdaaf More fixes for no filesystem. 2024-08-30 09:58:04 -07:00
David Garske a6d7ed8695 Added example for `TPM2_Certify`: 
* Added new build option for TPM provisioning (`--enable-provisioning` on by default).
* Added new `wolfTPM2_CreatePrimaryKey_ex` and `WOLFTPM2_PKEY` that supports returning creation ticket/hash.
* Added key templates for initial device (IDevID) and attestation keys (IAK).
* Extended `create_primary` example to support creation or IDevID and IAK.
* Added new policy hash helper API `wolfTPM2_PolicyHash`
* Switch handle/nvIndex string parsing to use `strtoul`.

ZD 18347
 2024-08-22 10:38:01 -07:00
David Garske 070232104e Fixes for keygen with `-sym=`. 2024-08-21 11:55:17 -07:00
David Garske 026c82f799 Fixes and new tests for building wolfCrypt/wolfTPM without ECC or RSA. Fixes ZD 18470. Improved smallstack (eliminated `WOLFTPM2_MAX_BUFFER`). Fixes for building with NO_ASN. 2024-08-19 09:55:15 -07:00
David Garske 57f12df97b Support for getting TPM EK Certificates. Added `wolfTPM2_GetKeyTemplate_EK` and `wolfTPM2_GetKeyTemplate_EK` API's for getting EK public templates for generating the EK primary key. Fix TLS example build issues with wolfSSL not having crypto callback or PK callback enabled. 2024-07-26 13:02:57 -07:00
David Garske 81c837189c Refactor to eliminate confusing cast between TPMS_AUTH_COMMAND and TPM2_AUTH_SESSION. 2024-05-08 15:58:59 -07:00
David Garske a839e8166a Add missing tests for create_primary. 2024-04-25 14:15:13 -07:00
David Garske c34a0c2786 Fixes and improvements for secret sealing/unsealing: 
* Do not set userWithAuth by default when creating sealed objects. That flag allows password auth for the sealed object. Without the flag it only allows policy auth.
* Allow setting policy auth with flags.
* Fix secret_unseal to use policy session and valid sealed name.
* Added expected failure test cases for seal/unseal with policy.
* Improve the run_examples.sh script
 2024-02-02 14:45:44 -08:00
David Garske 0aa01f4f5a Added PKCS7 ECC support to example. Added wrapper function to export TPM public key as DER/ASN.1 or PEM. Fix for crypto callback ECC sign to handle getting keySz for unknown cases (like PKCS7 without privateKey set). 2024-01-17 15:50:30 -08:00
David Garske 310fe7cd5a Fix spelling error. Fix CMake build broken since cryptocb refactor in PR #304. Added CI tests for CMake. 2023-12-29 10:36:42 -08:00
David Garske 93a2493dbf Fixes for attestation with endorsement key. Enable the broken endorsement tests. 2023-12-29 09:32:49 -08:00
David Garske a50e4fee6c Add tests for the TLS PK with TPM. 2023-12-08 11:44:00 -08:00
David Garske e601803f1b Added support for PK callbacks with RSA Sign using PKCSv1.5 and PSS. 
Fixes for building wolfTPM without crypto callbacks.
Fixes for building/running with FIPS.
 2023-12-01 08:25:53 -08:00
David Garske 18531274da Fix TLS bidirectional shutdown socket issue. Just use 11111 for all TLS tests, to avoid real random port collision with SWTPM sockets. Resolves TLS issue with "ERROR: failed to bind! errno 98". 2023-11-29 12:34:06 -08:00
David Garske 4b433f24fb Troubleshooting issues with socket `tcp bind failed: Address already in use`. 2023-11-20 15:42:26 -08:00
David Garske 9cad7f4e24 Fix some of the example TODO's. Fixes for seal/unseal example. Fixes for TLS with param enc. Fix signed_timestamp with ECC. 2023-10-30 12:00:37 -07:00
David Garske 31cd20e645 Added new policy_nv example. 2023-09-11 14:37:12 -07:00
David Garske 8968d89f90 More CI fixes. 2023-08-31 12:29:13 -07:00
David Garske e2d502e773 Peer review fixes and getting CI to pass. 2023-08-31 09:53:39 -07:00
David Garske 97d8845c6f Added CI tests for all examples and additional build tests. 2023-08-30 15:11:24 -07:00