WolfSSL
/
wolfTPM
mirror of https://github.com/wolfSSL/wolfTPM.git
1
0
Fork 0
Code Issues Releases Wiki Activity
1,213 Commits
6 Branches
29 Tags
15 MiB
Commit Graph

14 Commits (8b2e4271d3d7e092cd3b8e20da74e5f5cf1fc2bc)

Author SHA1 Message Date
David Garske 6fbb49a94f wolfTPM Release v3.9.0. Updated copyright and version. 2025-05-14 15:31:07 -07:00
David Garske a6d7ed8695 Added example for `TPM2_Certify`: 
* Added new build option for TPM provisioning (`--enable-provisioning` on by default).
* Added new `wolfTPM2_CreatePrimaryKey_ex` and `WOLFTPM2_PKEY` that supports returning creation ticket/hash.
* Added key templates for initial device (IDevID) and attestation keys (IAK).
* Extended `create_primary` example to support creation or IDevID and IAK.
* Added new policy hash helper API `wolfTPM2_PolicyHash`
* Switch handle/nvIndex string parsing to use `strtoul`.

ZD 18347
 2024-08-22 10:38:01 -07:00
David Garske 026c82f799 Fixes and new tests for building wolfCrypt/wolfTPM without ECC or RSA. Fixes ZD 18470. Improved smallstack (eliminated `WOLFTPM2_MAX_BUFFER`). Fixes for building with NO_ASN. 2024-08-19 09:55:15 -07:00
David Garske c98ee9a71e Update copyright date. 2024-04-24 10:42:27 -07:00
David Garske b395b65287 Fix for config.h, which should only be included from .c files, not headers. ZD 17473 2024-02-07 14:28:33 -08:00
David Garske 96cd17af1d Improvements/fixes to NV auth and session auth set/unset: 
* Fix bug with NV name after first write (only appears when using HMAC session).
* Add new API `wolfTPM2_UnsetAuthSession` to unset auth index for a session and save off the nonce from the TPM. This allows auth to be unset/set again with the same session.
* Cleanup in the NV API's for unsetting of the auth to be handled by caller, not in API.
 2023-09-15 14:03:11 -07:00
David Garske 027ae8a4e9 Make sure PCR extend has the session auth cleared. Added -nvhandle argument to nvram examples. Cleanups for examples. 2023-09-08 08:14:39 -07:00
David Garske 78cd7190be Cleanups from testing. 2023-08-30 11:21:43 -07:00
David Garske a15260342f wolfTPM Support for sealing/unsealing based on a PCR that is signed externally. Use an external key to sign a PCR digest. Allows a new signed policy to be sent with updates to continue allowing a sealed secret to be unsealed when PCR's change. This resolves the issue with PCR brittleness. 2023-08-29 18:47:18 -07:00
David Garske d508180ee3 Fix custom -nvIndex= argument. 2023-08-16 08:08:10 -07:00
David Garske 5b6c7c0368 Improvements to the secure_rot example. Add support for manually placing hash. 2023-08-15 14:41:09 -07:00
David Garske 5a20647313 Minor cleanups. Update wolfSSL test certs. Added TPM_TIS_MAX_WAIT. Fix build with WOLFTPM_DEBUG_VERBOSE only. 2023-08-07 11:08:02 -07:00
David Garske c35b532724 Add support for NV lock. 2023-08-07 11:08:02 -07:00
David Garske 14a331d648 Example for secure boot solution to store root of trust in NV. Provides authentication and tamper protection. Fixed uses of arg= in examples. 2023-08-07 11:08:02 -07:00