* Doxygen configuration and script file under docs
* Added doxygen header to describe the different documentation modules
* Added doxygen comments about TPM2 Proprietary commands in wolfTPM
* Added doxygen comments about wolfTPM2 wrappers
* Added explanatory comments for TPM2 Standard commands and TPM2 IO examples
* Updates from peer feedback
Signed-off-by: Dimitar Tomov <dimi@wolfssl.com>
* Fix for `wolfTPM2_NVCreateAuth` to return `TPM_RC_NV_DEFINED` if already exists (it used to do this, but broke with GPIO changes).
* Fixes for building wolfTPM with wolfCrypt only (no TLS).
* Fix for building without RSA and ECC.
* Fix for `--enable-smallstack` with parameter encryption,
* Fix for nvram/store unused variable.
* Create NV Index for GPIO access right after TPM2_GPIO_Config
* Set and read example to use the NV index created by the config example
* Added instructions about the new gpio examples
* Added vendor check, right now only ST33 supports TPM extra GPIO
* NV Index for GPIO Input requires an extra step, included in gpio/config
* Added sanity check and NV Index delete before new GPIO configuration
* Changes based on peer review
Signed-off-by: Dimitar Tomov <dimi@wolfssl.com>
* Updated copyright
* Fixed minor cast warning.
* Fixed minor scan-build warnings.
* Cleanup print public and fix possible print of uninitialized field.
Before examples were always storing the maximum public key part size,
using sizeof(TPM2B_PUBLIC), with many empty fields. This meant, always
storing 616 bytes of public part, even if the public key part was less.
* writekeyBlob/readKeyBlob use the actual size of public key part
* NVRAM store/read use the actual size of the public key part
* Minor fixes from peer review
* Added comment to nvram/store about Host Endianness, per peer review
* Added public API for appending/parsing TPM2B_PUBLIC to byte streams
Signed-off-by: Dimitar Tomov <dimi@wolfssl.com>
* Make sure hmac buffer space is reserved
* Add name computation for NV handles, modify TPM2_GetName
* Make TPM2_GetName handle multiple TPM Handle types
* Add wolfTPM2_SetNameHandle for passing handle name to parameter encryption
* Compute fresh NV Index Name during NVWrite with updated nvPublic information
* Compute fresh NV Index Name during NVRead, the same way NVWrite needs it
The NV_WRITTEN flag is being set, when there are consequtive reads, which
forces the hash to update. In order for this to take place, we need to
read the current(fresh) nvPublic information using TPM2_NV_ReadPublic.
* Add wolfTPM2_UnsetAuth to clear past authorization sessions when not needed
A way to clear auth sessions that are no longer needed was missing.
For example, after a TPM2_NVRead which uses two auth session slots, there
was no way for the user to clear the second slot afterwards. The only
possibility before was to overwrite with invalid values.
This way a TPM2_NVUndefineSpace would fail right after TPM2_NVRead, just
because there was an auth session not prevously cleared. This can be
handled either by the user manually or the user can use wolfTPM2 wrappers
that handle it now automatically using wolfTPM2_UnsetAuth.
Signed-off-by: Dimitar Tomov <dimi@wolfssl.com>
* Added key generation example with parameter encryption
* Fixes and cleanups for KDFa
* Added KDFa unit test (passes)
* Added AES CFB support
* Fix for nonceTPM
* Added support for encrypted RSA salt and salted-unbounded session
* Removed unsalted-unbounded specific code for authValueKDF from KDFa
* Add innerWrap support
* Add missing wolfcrypt header for AES CFB
* Fixes for casting when calling KDFa for AES CFB parameter encryption
* Add outerWrap support
Signed-off-by: Dimitar Tomov <dimi@wolfssl.com>
Made TPM2_ParamEnc_XOR an internal function(static local).
Made TPM2_ParamEnc_CmdRequest and TPM2_ParamEnc_CmdRespones WOLFTPM_LOCAL.
Fixed one warning from static analyzer in about cmdSz related to debug print.
Signed-off-by: Dimitar Tomov <dimi@designfirst.ee>
Dimitar Tomov
David Garske
Elms
Dimitar Tomov
Eric Blankenhorn