WolfSSL
/
wolfTPM
mirror of https://github.com/wolfSSL/wolfTPM.git
1
0
Fork 0
Code Issues Releases Wiki Activity
497 Commits
6 Branches
29 Tags
15 MiB
Commit Graph

36 Commits (df0107605ea9ec60856be2e33ad80b7b1fb1138e)

Author SHA1 Message Date
Dimitar Tomov df0107605e Added TPM2_PrintAuth for debugging purposes 
Signed-off-by: Dimitar Tomov <dimi@wolfssl.com>
 2021-02-26 11:18:27 +02:00
David Garske c0fa6423d5 Cleanup of the examples to use the key templates. The PKCS7 example was failing because of a key mismatch between the TPM private key and the public key used in the certificate setup using the CSR and ./certs/certreq/sh`. 2021-01-14 16:41:12 -08:00
David Garske 4c2e8d3f43 Added response HMAC validation. Fixes for nonce and auth count. Fix for AES CFB decrypt set key (requires `AES_ENCRYPTION` on SetKey). Cleanup verbose debugging. PR ready for review. 2020-11-25 16:04:04 -08:00
David Garske 0e4c6672fd TPM Parameter Encryption with AES CFB or XOR is fully working. Tested keygen, keyload, keyimport and PCR quote with parameter encryption using both ciphers. This commit includes a refactor of the auth command structure to adhere to TPM spec. Includes optimization for AES CFB and XOR to do done inline. For for the decryption nonce to use the newer for U in KDFa. 2020-11-25 13:00:42 -08:00
David Garske 66ea1599c9 Fixes for cpHash calculation. Cleanup of the auth command/response processing. 2020-11-23 21:38:16 -08:00
David Garske dbd8e41b47 Refactor of the session authentication. Added "-e" option to some examples to enable parameter encryption and removed the _paramenc.c files. Fixup for the `getPrimaryStoragekey` to allow persisting if not `WOLFTPM_WINAPI`. Improve command line options. Added calculation of command hash and HMAC for sessions. 2020-11-20 16:47:14 -08:00
Dimitar Tomov 72e365329c New nonceTPM solution needed, restoring TPMS_AUTH_COMMAND to its TCG spec form 
Signed-off-by: Dimitar Tomov <dimi@wolfssl.com>
 2020-11-19 15:30:17 +02:00
Dimitar Tomov 24a49de385 Added AES CFB parameter support, salted TPM session, fixed KDFa and examples 
* Added key generation example with parameter encryption
* Fixes and cleanups for KDFa
* Added KDFa unit test (passes)
* Added AES CFB support
* Fix for nonceTPM
* Added support for encrypted RSA salt and salted-unbounded session
* Removed unsalted-unbounded specific code for authValueKDF from KDFa
* Add innerWrap support
* Add missing wolfcrypt header for AES CFB
* Fixes for casting when calling KDFa for AES CFB parameter encryption
* Add outerWrap support

Signed-off-by: Dimitar Tomov <dimi@wolfssl.com>
 2020-11-19 15:08:30 +02:00
Dimitar Tomov a516da4158 Minor fixes based on peer review 
Signed-off-by: Dimitar Tomov <dimi@wolfssl.com>
 2020-11-18 23:59:40 +02:00
Dimitar Tomov 5b757b8b72 New auth session handling for TPM2 command handlers 
Signed-off-by: Dimitar Tomov <dimi@wolfssl.com>
 2020-11-18 23:50:45 +02:00
David Garske 961710de63 Added support for importing external private key to get a key blob for easy re-loading. 2020-11-02 14:23:47 -08:00
Dimitar Tomov 0e2837b60d Add TPM2.0 parameter encryption using XOR obfuscation 
Signed-off-by: Dimitar Tomov <dimi@designfirst.ee>
 2020-10-01 00:36:25 +03:00
Eric Blankenhorn 72464dc621 Release v1.9 preparation 2020-08-24 12:12:11 -05:00
David Garske 104417b2a4 Newer GCC pedantic warning causes issue with missing `break`. 2020-07-31 14:19:34 -07:00
Dimitar Tomov b4f53f1a92 Bugfixes for TPM2_Packet_AppendSymmetric and TPM2_Packet_ParseSymmetric 
Signed-off-by: Dimitar Tomov <dimi@designfirst.ee>
 2020-07-31 22:20:21 +03:00
David Garske 444543f53c Added debug message for magic failure on attestation parsing. 2020-07-10 15:13:11 -07:00
Dimitar Tomov e4e29faef6 Add missing parsing for the TPM time value in TPMS_ATTEST_INFO 
Signed-off-by: Dimitar Tomov <dimi@designfirst.ee>
 2020-07-11 01:05:59 +03:00
Dimitar Tomov 5833b3029f Fix whitespaces in new tpm2_packet functions 
Signed-off-by: Dimitar Tomov <dimi@designfirst.ee>
 2020-07-11 01:04:44 +03:00
David Garske 07594ec30a Fix for attestation parsing. Elements must be parsed to handle endianness swap. Fixes #104. 2020-07-10 13:19:22 -07:00
David Garske 3de776b9e4 TPM RSA sign and verify wrapper support and expanded RSA key loading support: 
* Added RSA support for `wolfTPM2_SignHash` and `wolfTPM2_VerifyHash`.
* Added `wolfTPM2_SignHashScheme` and `wolfTPM2_VerifyHashScheme` support for signature scheme and hash algo.
* Added `wolfTPM2_LoadRsaPrivateKey_ex` and `wolfTPM2_LoadRsaPublicKey_ex` support for signature scheme and hash algo.
* Fix for typo on hashAlg and sigAlg (per spec).
* Added RSA sign/verify examples for PKCSv1.5 (SSA) and PSS padding schemes.
* Fixes for building without ECC key import/export.
 2020-06-18 14:35:59 -07:00
David Garske b60ac6bef2 Sanity check the `authCount`. 2020-05-26 07:30:50 -07:00
David Garske 3154962cd7 Cleanups based on peer review. Use const and auth array dereference. 2020-05-26 07:14:38 -07:00
David Garske 3acb13665c Fix for TPM2 commands with more than one auth session (`TPM2_ActivateCredential`, `TPM2_EventSequenceComplete`, `TPM2_GetSessionAuditDigest`, `TPM2_GetCommandAuditDigest` and `TPM2_GetTime`). 2020-05-25 21:23:55 -07:00
Chris Conlon 91ef0b0e6e update copyright to 2020 2020-01-03 15:31:27 -08:00
David Garske 7887130287 wolfTPM v1.7 Release 2019-12-27 14:43:30 -08:00
David Garske 6f0282430e Fix for issue with public key object attributes. Fix for `TPM2_TIS_SendCommand` rspSz error detection case. Added some additional RSA and ECC key loading examples. General wrapper test cleanup to move some test data into `tpm_test.h`. 2018-11-12 15:55:51 -08:00
David Garske 6ce63ee671 Support for loading an external private key using new API's `wolfTPM2_LoadPrivateKey`, `wolfTPM2_LoadRsaPrivateKey`, and `wolfTPM2_LoadEccPrivateKey`. Cleanup of the packet code to handle determining of size (mark/place). Added support for computing object name `wolfTPM2_ComputeName`. Added support for converting sensitve to private `wolfTPM2_SensitiveToPrivate`. Tested on SLB9670 and ST33. 2018-11-12 11:12:52 -08:00
David Garske 2ea3811e96 Refactor to eliminate the packed TPM2_HEADER. Adds better portability for source code. 2018-11-06 09:04:39 -08:00
David Garske 6ffbe6c5bc Fix to detect improper packing for TPM2_HEADER. Fix for compiler warning about XSTRLEN type conversion warning in wrapper hash test. Made the pack macros overridable. 2018-10-17 08:27:11 -07:00
David Garske c5a4c06dd1 Fixes for building with different wolfCrypt options. Fix for byte swap build error. 2018-08-15 11:53:14 -07:00
David Garske d8174d4ef7 Added build option to disable wolfCrypt dependency using `./configure --disable-wolfcrypt` or `#define WOLFTPM2_NO_WOLFCRYPT`. Moved types and configuration/port specific items into new `tpm2_types.h`. Removed execute bit on serveral files. 2018-08-12 15:25:35 -07:00
Jacob Barthelmeh 68552a6f14 help out static analysis tool 2018-06-04 11:55:02 -06:00
Jacob Barthelmeh 25b5d50b96 unused function warning 2018-06-04 11:44:48 -06:00
David Garske 9cae3e68e7 Fix for g++ build to avoid use of `public` and `private`. 2018-03-09 14:12:17 -08:00
David Garske fca0af99a8 Progress with refactor to support parameter encryption/decryption using both session auth and object auth. Cleanup with the response parsing to reduce code / simplify. 2018-03-03 05:03:14 -08:00
David Garske fa0d94fbb3 Refactor TIS and Packet code into separate files. Updates to README.md. Increased the Raspberry Pi SPI clock to 33Mhz. 2018-02-27 23:45:41 +01:00