WolfSSL
/
wolfTPM
mirror of https://github.com/wolfSSL/wolfTPM.git
1
0
Fork 0
Code Issues Releases Wiki Activity
1,030 Commits
6 Branches
29 Tags
15 MiB
Commit Graph

444 Commits (eede95dcd37ca32e76d17c30e596a7d914d6ec8a)

Author SHA1 Message Date
JacobBarthelmeh eede95dcd3
Merge pull request #342 from dgarske/infineon_fw_recovery 
Add Infineon firmware update recovery support
 2024-04-22 11:00:12 -06:00
David Garske 4a2e2506a4 Add Infineon firmware update recovery support. 2024-04-18 11:02:34 -07:00
Zackery Backman b16a2b133c OPenSSL Coexist 2024-04-05 13:37:06 -06:00
David Garske d9152872d3 Peer review cleanups. 2024-04-02 08:29:04 -07:00
David Garske 892726e6b5 Added support for Infineon SLB9672/SLB9673 Firmware upgrade (see examples/firmware/README.md) 
Added Infineon Modus Toolbox support. See `wolfssl/IDE/Infineon/README.md` for setup instructions.
Added support for Infineon CyHal I2C support.
Added Firmware extraction tool
Added Firmware update example application `examples/firmware/ifx_fw_update`.
Added support for vendor capabilities `TPM_CAP_VENDOR_PROPERTY`.
Added `XSLEEP_MS` macro for firmware update delay.
Added support for getting key group id, operational mode and update counts.
Added support for abandoning an update.
Added support for firmware update done, but not finalized
Fix auto-detect to not define SLB9672/SLB9673.
 2024-04-01 17:21:18 -07:00
philljj 2cde4102b2
Merge pull request #336 from dgarske/st33_getprodinfo 
Added ST33 support for pre-provisioned device identity key and certificate
 2024-04-01 13:42:47 -05:00
David Garske eed7803e96 Fixes for building wolfTPM examples with NO_FILESYSTEM. Tested with `./configure --enable-swtpm CFLAGS="-DNO_FILESYSTEM" && make`. 2024-03-22 14:24:18 -07:00
David Garske 626beaf4d7 Fixes for native_test with ST33 and `TPM2_GetRandom2`. 2024-03-20 15:23:44 -07:00
David Garske 551d7da51d Add example for using TPM pre-provisioned device identity to TLS client example. 2024-03-20 15:11:58 -07:00
David Garske 0b60fae993 Fix for netdb.h. 2024-03-01 11:51:27 -08:00
Eric Blankenhorn 46ef684106
Merge pull request #328 from dgarske/cap_handles 
Added support for getting handles from capabilities
 2024-02-09 09:33:08 -06:00
David Garske ada472113c Fix for two missed files for config.h. Found using `git grep -L "HAVE_CONFIG_H" -- **/*.c`. 2024-02-08 17:11:36 -08:00
David Garske b395b65287 Fix for config.h, which should only be included from .c files, not headers. ZD 17473 2024-02-07 14:28:33 -08:00
David Garske e078e15f56 Added new API `wolfTPM2_GetHandles` to get list of handles from the TPM capabilities. ZD 17328 2024-02-06 10:48:16 -08:00
David Garske c34a0c2786 Fixes and improvements for secret sealing/unsealing: 
* Do not set userWithAuth by default when creating sealed objects. That flag allows password auth for the sealed object. Without the flag it only allows policy auth.
* Allow setting policy auth with flags.
* Fix secret_unseal to use policy session and valid sealed name.
* Added expected failure test cases for seal/unseal with policy.
* Improve the run_examples.sh script
 2024-02-02 14:45:44 -08:00
JacobBarthelmeh 6fcac417ee
Merge pull request #322 from dgarske/pkcs7_ecc 
Added PKCS7 ECC support to example
 2024-01-18 14:22:24 -08:00
David Garske 0aa01f4f5a Added PKCS7 ECC support to example. Added wrapper function to export TPM public key as DER/ASN.1 or PEM. Fix for crypto callback ECC sign to handle getting keySz for unknown cases (like PKCS7 without privateKey set). 2024-01-17 15:50:30 -08:00
David Garske 6a32ed43ed Fix mixed variable declaration. 2024-01-09 13:19:31 -08:00
David Garske 310fe7cd5a Fix spelling error. Fix CMake build broken since cryptocb refactor in PR #304. Added CI tests for CMake. 2023-12-29 10:36:42 -08:00
David Garske 93a2493dbf Fixes for attestation with endorsement key. Enable the broken endorsement tests. 2023-12-29 09:32:49 -08:00
David Garske 4c753683c2 Fix native test `TPM2_PolicyPCR`. 2023-12-29 09:21:44 -08:00
David Garske 6322c91e53 Remove the `WOLFTPM2_KEYBLOB.name` (deprecated) and is in `handle.name` now. 2023-12-29 09:20:45 -08:00
Eric Blankenhorn 88bff510bb
Merge pull request #312 from dgarske/tls_pkcb 
Added support for TLS PK callbacks with ECC and RSA Sign using PKCSv1.5 and PSS padding
 2023-12-08 15:10:32 -06:00
Eric Blankenhorn 233bd33240
Merge pull request #315 from dgarske/keyblob_tests 
Added tests for keyblob buffer export/import and support for getting sizes
 2023-12-08 15:10:04 -06:00
David Garske a50e4fee6c Add tests for the TLS PK with TPM. 2023-12-08 11:44:00 -08:00
David Garske 65e03e15e6 Added Windows Visual Studio project for wolfTPM. 2023-12-06 15:10:44 -08:00
David Garske 53b043dafa Tests for keyblob buffer export/import. Added support for getting the keyblob sizes. 2023-12-06 11:20:18 -08:00
David Garske 53acf0bcbf Use localhost 127.0.0.1 for CSR. Add TLS server option `-self` to use the self signed certs. 2023-12-01 14:37:34 -08:00
David Garske 137a348c14 TLS PK callback RSA PSS Padding cleanups. TLS server/client cleanups. Added server `-i` option to keep running unless failure. 2023-12-01 14:12:57 -08:00
David Garske e601803f1b Added support for PK callbacks with RSA Sign using PKCSv1.5 and PSS. 
Fixes for building wolfTPM without crypto callbacks.
Fixes for building/running with FIPS.
 2023-12-01 08:25:53 -08:00
David Garske 50137547ed Fix for policy_sign issue when r or s is less than key size (needs zero padding). 2023-11-29 13:10:04 -08:00
David Garske 18531274da Fix TLS bidirectional shutdown socket issue. Just use 11111 for all TLS tests, to avoid real random port collision with SWTPM sockets. Resolves TLS issue with "ERROR: failed to bind! errno 98". 2023-11-29 12:34:06 -08:00
David Garske 4b433f24fb Troubleshooting issues with socket `tcp bind failed: Address already in use`. 2023-11-20 15:42:26 -08:00
David Garske 249f9d4942 Fixes for building wolfCrypt without PEM to DER support. 2023-11-15 21:53:50 -08:00
Tesfa Mael df89f497e5 Remove error-ssl.h 2023-11-01 17:17:28 -07:00
David Garske 9cad7f4e24 Fix some of the example TODO's. Fixes for seal/unseal example. Fixes for TLS with param enc. Fix signed_timestamp with ECC. 2023-10-30 12:00:37 -07:00
David Garske 2d14cd2297 Fixes for building wolfCrypt with no RSA (--disable-rsa / NO_RSA). 2023-10-23 14:05:10 -07:00
David Garske 1041898120 Compiler warning files with `NO_FILESYSTEM`. 2023-10-23 14:04:44 -07:00
David Garske 7a11cb2213 Fix support for ECC 384-bit only support. Tested with: `./configure --enable-wolftpm CFLAGS="-DECC_USER_CURVES -DNO_ECC256 -DHAVE_ECC384" --disable-examples --disable-crypttests && make` 2023-10-20 15:08:45 -07:00
David Garske f3e1bbbf3d Refactor of the command authentication. If command does not require auth do not supply it. ZD 16689 2023-10-12 13:48:04 -07:00
David Garske 0c7254d7c0 Fixes for building with C++. 2023-10-11 15:56:04 -07:00
David Garske 49699b08fb Fix for building without public MP. 2023-09-22 11:07:55 -07:00
David Garske 96cd17af1d Improvements/fixes to NV auth and session auth set/unset: 
* Fix bug with NV name after first write (only appears when using HMAC session).
* Add new API `wolfTPM2_UnsetAuthSession` to unset auth index for a session and save off the nonce from the TPM. This allows auth to be unset/set again with the same session.
* Cleanup in the NV API's for unsetting of the auth to be handled by caller, not in API.
 2023-09-15 14:03:11 -07:00
David Garske 31cd20e645 Added new policy_nv example. 2023-09-11 14:37:12 -07:00
David Garske 027ae8a4e9 Make sure PCR extend has the session auth cleared. Added -nvhandle argument to nvram examples. Cleanups for examples. 2023-09-08 08:14:39 -07:00
David Garske 23a5d2595b Fixes for small stack. 2023-08-31 13:37:22 -07:00
David Garske 8e1dce2c76 Take run_examples.sh out of make check and run manually in CI test to avoid parallel builds. 2023-08-31 13:04:33 -07:00
David Garske 8968d89f90 More CI fixes. 2023-08-31 12:29:13 -07:00
David Garske e2d502e773 Peer review fixes and getting CI to pass. 2023-08-31 09:53:39 -07:00
David Garske 97d8845c6f Added CI tests for all examples and additional build tests. 2023-08-30 15:11:24 -07:00