WolfSSL
/
wolfTPM
mirror of https://github.com/wolfSSL/wolfTPM.git
1
0
Fork 0
Code Issues Releases Wiki Activity
1,152 Commits
6 Branches
29 Tags
15 MiB
Commit Graph

483 Commits (c96ffb9ad1910106bb52af1c74d814dcf5a4d31e)

Author SHA1 Message Date
David Garske 2069ed7976 Fixes for scan-build and g++ warnings. 2025-01-07 10:47:26 -08:00
Eric Blankenhorn 80da56728c
Merge pull request #389 from dgarske/nv_extend 
Fix issue with session binding / add NV extend example
 2024-12-17 17:00:58 -06:00
Eric Blankenhorn cb645d3a21
Merge pull request #390 from dgarske/oldcrypt 
Support for building wolfTPM against older wolfCrypt (like v4.7.0)
 2024-12-17 17:00:50 -06:00
David Garske 15add23dcf Add code for calculating NV extend policies. Fixed issue with `wolfTPM2_PolicyHash` where input digest could be too large. 2024-12-17 11:30:47 -08:00
David Garske 671b702786 Allow extend with RSA or ECC. 2024-12-16 14:17:15 -08:00
David Garske 580b3a779e Fix issue with session binding. Add example for NV extend based on the TCG "bus protection guidance". 2024-12-16 11:53:52 -08:00
David Garske 8177ba8c1d Create separate tool for performing the TPM2_Clear (don't use args to wrap_test). 2024-12-13 14:52:38 -08:00
David Garske 7c48b76548 Support for building wolfTPM against older wolfCrypt (like v4.7.0). 2024-12-13 09:45:52 -08:00
JacobBarthelmeh d0618adaf3
Merge pull request #388 from dgarske/various_20241206 
Various cleanups
 2024-12-09 10:58:45 -07:00
David Garske 87edf3d840 Cleanup the `SensitiveToPrivate` function stack variables. Switch `wolfTPM2_LoadSymmetricKey` to default to the `WOLFTPM2_WRAP_DIGEST` for hash algorithm and not try to use SHA1. Cleanup comments on EK/SRK. Tab and formatting. 2024-12-06 16:56:03 -08:00
msi-debian 599998d827 Fixing PKCS7 Type delclaration 2024-11-18 10:18:05 -07:00
David Garske 6cb101da14 Remove execute bit on code/header files. 2024-11-11 06:59:10 -08:00
David Garske 3617abca97 Fix warning: `cannot convert argument of incomplete type 'void *' to 'WOLFTPM2_KEY *'`. Fix `extend.c:158:9: warning: Value stored to 'rc' is never read`. Fix `src/tpm2_wrap.c:2193:5: warning: Value stored to 'sensSz' is never read`. 2024-11-05 11:34:54 -08:00
David Garske 53feb3fb96 Add support for TPM2_GetCapability for TPM_CAP_PCRS. ZD 18881 
Improve PCR extend to support -alg option.
 2024-10-30 12:57:08 -07:00
David Garske 78457bebb7 Tested support for Nations NS350. Added simple capabilities example. 2024-10-04 08:35:35 -07:00
David Garske 034306a49c Fix macros to match. Resolves `error: unused variable 'pubKeySz'` and `examples/pcr/quote.c:336:9: error: use of undeclared identifier 'pubKey'`. 2024-09-20 17:15:08 -07:00
JacobBarthelmeh 388e32912e use XMALLOC/XFREE and update macro guards 2024-09-20 10:02:45 -07:00
JacobBarthelmeh a3beae82ee re-create correct hash before verify attempt 2024-09-13 14:53:56 -06:00
JacobBarthelmeh 4115da0b96 add example manual verification of quote signature with ecc 2024-09-13 12:09:53 -06:00
philljj 6020acfe4e
Merge pull request #376 from dgarske/tls_idevid 
Improve the TPM TLS examples for use with `WOLFTPM_MFG_IDENTITY`
 2024-09-11 15:35:10 -04:00
David Garske 8b5c5fe897 Peer review feedback. Cleanups for code comments, logging and white-space. 2024-09-11 12:12:15 -07:00
David Garske 460e6003c9 Added tests for policy seal/unseal with multiple PCR's. 2024-09-10 11:53:13 -07:00
David Garske 03070dabd7 Improve the TPM TLS examples for use with `WOLFTPM_MFG_IDENTITY`. Tested with ST33KTPM2X SEMI-CUSTOM DEVICE ID. 2024-09-09 10:35:22 -07:00
David Garske 1603cfdaaf More fixes for no filesystem. 2024-08-30 09:58:04 -07:00
David Garske 2a5e74113b Fix and test for no filesystem. 2024-08-30 08:02:39 -07:00
David Garske a6d7ed8695 Added example for `TPM2_Certify`: 
* Added new build option for TPM provisioning (`--enable-provisioning` on by default).
* Added new `wolfTPM2_CreatePrimaryKey_ex` and `WOLFTPM2_PKEY` that supports returning creation ticket/hash.
* Added key templates for initial device (IDevID) and attestation keys (IAK).
* Extended `create_primary` example to support creation or IDevID and IAK.
* Added new policy hash helper API `wolfTPM2_PolicyHash`
* Switch handle/nvIndex string parsing to use `strtoul`.

ZD 18347
 2024-08-22 10:38:01 -07:00
David Garske 070232104e Fixes for keygen with `-sym=`. 2024-08-21 11:55:17 -07:00
David Garske 026c82f799 Fixes and new tests for building wolfCrypt/wolfTPM without ECC or RSA. Fixes ZD 18470. Improved smallstack (eliminated `WOLFTPM2_MAX_BUFFER`). Fixes for building with NO_ASN. 2024-08-19 09:55:15 -07:00
David Garske 6951b8d307 Fix for /dev/tpm0 file descriptor check (fixes #365). Added documentation for /dev/tpm0 permissions (fixes #358). Various spelling and documentation cleanups. 2024-07-31 11:21:53 -07:00
David Garske a441646682 Fixes for wolfTPM documentation generation. 2024-07-30 14:52:34 -07:00
David Garske 95ae2f7459 wolfTPM v3.4.0 release. 
* Fixes for building without wolfCrypt or heap.
* Fix for building wolfTPM DLL (was missing tbs.lib).
* Fix for `wolfTPM2_New` to provide default TPM2 HAL IO callback.
 2024-07-30 09:09:24 -07:00
David Garske 65d0e6aa76 Documentation and minor fixes. Tested with older SLB9670 and ST33TPH. 2024-07-26 14:38:29 -07:00
David Garske 57f12df97b Support for getting TPM EK Certificates. Added `wolfTPM2_GetKeyTemplate_EK` and `wolfTPM2_GetKeyTemplate_EK` API's for getting EK public templates for generating the EK primary key. Fix TLS example build issues with wolfSSL not having crypto callback or PK callback enabled. 2024-07-26 13:02:57 -07:00
Eric Blankenhorn 61abbc1073
Merge pull request #350 from dgarske/policyauth 
Improvements in auth handling to support Policy Password and Policy Auth Value
 2024-05-24 09:37:37 -05:00
gojimmypi fb19d7a0e1 Initial Infineon I2C TPM support for Espressif ESP32 2024-05-10 14:16:39 -07:00
David Garske 81c837189c Refactor to eliminate confusing cast between TPMS_AUTH_COMMAND and TPM2_AUTH_SESSION. 2024-05-08 15:58:59 -07:00
David Garske a839e8166a Add missing tests for create_primary. 2024-04-25 14:15:13 -07:00
David Garske c98ee9a71e Update copyright date. 2024-04-24 10:42:27 -07:00
David Garske 4157ed5689 Release v3.2.0 prep. 2024-04-24 10:42:25 -07:00
JacobBarthelmeh eede95dcd3
Merge pull request #342 from dgarske/infineon_fw_recovery 
Add Infineon firmware update recovery support
 2024-04-22 11:00:12 -06:00
David Garske 4a2e2506a4 Add Infineon firmware update recovery support. 2024-04-18 11:02:34 -07:00
Zackery Backman b16a2b133c OPenSSL Coexist 2024-04-05 13:37:06 -06:00
David Garske d9152872d3 Peer review cleanups. 2024-04-02 08:29:04 -07:00
David Garske 892726e6b5 Added support for Infineon SLB9672/SLB9673 Firmware upgrade (see examples/firmware/README.md) 
Added Infineon Modus Toolbox support. See `wolfssl/IDE/Infineon/README.md` for setup instructions.
Added support for Infineon CyHal I2C support.
Added Firmware extraction tool
Added Firmware update example application `examples/firmware/ifx_fw_update`.
Added support for vendor capabilities `TPM_CAP_VENDOR_PROPERTY`.
Added `XSLEEP_MS` macro for firmware update delay.
Added support for getting key group id, operational mode and update counts.
Added support for abandoning an update.
Added support for firmware update done, but not finalized
Fix auto-detect to not define SLB9672/SLB9673.
 2024-04-01 17:21:18 -07:00
philljj 2cde4102b2
Merge pull request #336 from dgarske/st33_getprodinfo 
Added ST33 support for pre-provisioned device identity key and certificate
 2024-04-01 13:42:47 -05:00
David Garske eed7803e96 Fixes for building wolfTPM examples with NO_FILESYSTEM. Tested with `./configure --enable-swtpm CFLAGS="-DNO_FILESYSTEM" && make`. 2024-03-22 14:24:18 -07:00
David Garske 626beaf4d7 Fixes for native_test with ST33 and `TPM2_GetRandom2`. 2024-03-20 15:23:44 -07:00
David Garske 551d7da51d Add example for using TPM pre-provisioned device identity to TLS client example. 2024-03-20 15:11:58 -07:00
David Garske 0b60fae993 Fix for netdb.h. 2024-03-01 11:51:27 -08:00
Eric Blankenhorn 46ef684106
Merge pull request #328 from dgarske/cap_handles 
Added support for getting handles from capabilities
 2024-02-09 09:33:08 -06:00