WolfSSL
/
wolfTPM
mirror of https://github.com/wolfSSL/wolfTPM.git
1
0
Fork 0
Code Issues Releases Wiki Activity
wolfTPM/README.md

803 lines
32 KiB
Markdown
Raw Blame History

This file contains ambiguous Unicode characters!

This file contains ambiguous Unicode characters that may be confused with others in your current locale. If your use case is intentional and legitimate, you can safely ignore this warning. Use the Escape button to highlight these characters.

# wolfTPM (TPM 2.0)
Portable TPM 2.0 project designed for embedded use.
## Project Features
* This implementation provides all TPM 2.0 APIs in compliance with the specification.
* Wrappers provided to simplify Key Generation/Loading, RSA encrypt/decrypt, ECC sign/verify, ECDH, NV, Hashing/Hmac and AES.
* Testing done using the following TPM 2.0 modules: STM ST33TP* SPI/I2C, Infineon OPTIGA SLB9670/SLB9672, Microchip ATTPM20, Nations Tech Z32H330TC and Nuvoton NPCT650/NPCT750.
* wolfTPM uses the TPM Interface Specification (TIS) to communicate either over SPI, or using a memory mapped I/O range.
* wolfTPM can also use the Linux TPM kernel interface (/dev/tpmX) to talk with any physical TPM on SPI, I2C and even LPC bus.
* Platform support for Raspberry Pi, STM32 with CubeMX, Atmel ASF, Xilinx, Infineon TriCore and Barebox.
* The design allows for easy portability to different platforms:
* Native C code designed for embedded use.
* Single IO callback for hardware SPI interface.
* No external dependencies.
* Compact code size and minimal memory use.
* Includes example code for:
* Most TPM2 native APIs
* All TPM2 wrapper API's
* PKCS 7
* Certificate Signing Request (CSR)
* TLS Client
* TLS Server
* Use of the TPM's Non-volatile memory
* Attestation (activate and make credential)
* Benchmarking TPM algorithms and TLS
* Key Generation (primary, RSA/ECC and symmetric), loading and storing to flash (NV memory)
* Sealing and Unsealing data with an RSA key
* Time signed or set
* PCR read/reset
* GPIO configure, read and write.
* Parameter encryption support using AES-CFB or XOR.
* Support for salted unbound authenticated sessions.
* Support for HMAC Sessions.
Note: See [examples/README.md](examples/README.md) for details on using the examples.
## TPM 2.0 Overview
### Hierarchies
```
Platform TPM_RH_PLATFORM
Owner TPM_RH_OWNER
Endorsement TPM_RH_ENDORSEMENT
```
Each hierarchy has their own manufacture generated seed.
The arguments used on `TPM2_Create` or `TPM2_CreatePrimary` create a template, which is fed into a KDF to produce the same key based hierarchy used. The key generated is the same each time; even after reboot. The generation of a new RSA 2048 bit key takes about 15 seconds. Typically these are created and then stored in NV using `TPM2_EvictControl`. Each TPM generates their own keys uniquely based on the seed.
There is also an Ephemeral hierarchy (`TPM_RH_NULL`), which can be used to create ephemeral keys.
### Platform Configuration Registers (PCRs)
Contains hash digests for SHA-1 and SHA-256 with an index 0-23. These hash digests can be extended to prove the integrity of a boot sequence (secure boot).
### Terminology
This project uses the terms append vs. marshall and parse vs. unmarshall.
Acronyms:
* NV: Non-Volatile memory.
## Platform
The examples in this library are written for use on a Raspberry Pi and use the `spi_dev` interface.
### IO Callback (HAL)
See the HAL manual in [`hal/README.md] (hal/README.md).
For interfacing to your hardware interface (SPI/I2C) a single HAL callback is used and configuration on initialization when calling `TPM2_Init` or `wolfTPM2_Init`.
There are HAL examples in `hal` directory for Linux, STM32 CubeMX, Atmel ASF, Xilinx, Infineon TriCore and BareBox.
We also support an advanced IO option (`--enable-advio`/`WOLFTPM_ADV_IO`), which adds the register and read/write flag as parameter to the IO callback. This is required for I2C support.
### Hardware
Tested with:
* Infineon OPTIGA (TM) Trusted Platform Module 2.0 SLB 9670 and SLB9672.
- LetsTrust: [http://letstrust.de] (<https://buyzero.de/collections/andere-platinen/products/letstrust-hardware-tpm-trusted-platform-module).> Compact Raspberry Pi TPM 2.0 board based on Infineon SLB 9670.
* ST ST33TP* TPM 2.0 module (SPI and I2C)
* Microchip ATTPM20 module
* Nuvoton NPCT65X or NPCT75x TPM2.0 module
#### Device Identification
Infineon SLB9670:
TPM2: Caps 0x30000697, Did 0x001b, Vid 0x15d1, Rid 0x10
Mfg IFX (1), Vendor SLB9670, Fw 7.85 (4555), FIPS 140-2 1, CC-EAL4 1
Infineon SLB9672:
TPM2: Caps 0x30000697, Did 0x001d, Vid 0x15d1, Rid 0x36
Mfg IFX (1), Vendor SLB9672, Fw 16.10 (0x4068), FIPS 140-2 1, CC-EAL4 1
ST ST33TP SPI
TPM2: Caps 0x1a7e2882, Did 0x0000, Vid 0x104a, Rid 0x4e
Mfg STM (2), Vendor , Fw 74.8 (1151341959), FIPS 140-2 1, CC-EAL4 0
ST ST33TP I2C
TPM2: Caps 0x1a7e2882, Did 0x0000, Vid 0x104a, Rid 0x4e
Mfg STM (2), Vendor , Fw 74.9 (1151341959), FIPS 140-2 1, CC-EAL4 0
Microchip ATTPM20
TPM2: Caps 0x30000695, Did 0x3205, Vid 0x1114, Rid 0x 1
Mfg MCHP (3), Vendor , Fw 512.20481 (0), FIPS 140-2 0, CC-EAL4 0
Nations Technologies Inc. TPM 2.0 module
Mfg NTZ (0), Vendor Z32H330, Fw 7.51 (419631892), FIPS 140-2 0, CC-EAL4 0
Nuvoton NPCT650 TPM2.0
Mfg NTC (0), Vendor rlsNPCT , Fw 1.3 (65536), FIPS 140-2 0, CC-EAL4 0
Nuvoton NPCT750 TPM2.0
TPM2: Caps 0x30000697, Did 0x00fc, Vid 0x1050, Rid 0x 1
Mfg NTC (0), Vendor NPCT75x"!!4rls, Fw 7.2 (131072), FIPS 140-2 1, CC-EAL4 0
## Building
### Building wolfSSL
```
git clone https://github.com/wolfSSL/wolfssl.git
cd wolfssl
./autogen.sh
./configure --enable-certgen --enable-certreq --enable-certext --enable-pkcs7 --enable-cryptocb --enable-aescfb
make
sudo make install
sudo ldconfig
```
autogen.sh requires: automake and libtool: `sudo apt-get install automake libtool`
### Build options and defines
```
--enable-debug Add debug code/turns off optimizations (yes|no|verbose|io) - DEBUG_WOLFTPM, WOLFTPM_DEBUG_VERBOSE, WOLFTPM_DEBUG_IO
--enable-examples Enable Examples (default: enabled)
--enable-wrapper Enable wrapper code (default: enabled) - WOLFTPM2_NO_WRAPPER
--enable-wolfcrypt Enable wolfCrypt hooks for RNG, Auth Sessions and Parameter encryption (default: enabled) - WOLFTPM2_NO_WOLFCRYPT
--enable-advio Enable Advanced IO (default: disabled) - WOLFTPM_ADV_IO
--enable-i2c Enable I2C TPM Support (default: disabled, requires advio) - WOLFTPM_I2C
--enable-checkwaitstate Enable TIS / SPI Check Wait State support (default: depends on chip) - WOLFTPM_CHECK_WAIT_STATE
--enable-smallstack Enable options to reduce stack usage
--enable-tislock Enable Linux Named Semaphore for locking access to SPI device for concurrent access between processes - WOLFTPM_TIS_LOCK
--enable-autodetect Enable Runtime Module Detection (default: enable - when no module specified) - WOLFTPM_AUTODETECT
--enable-infineon Enable Infineon SLB9670/SLB9672 TPM Support (default: disabled)
--enable-st Enable ST ST33TPM Support (default: disabled) - WOLFTPM_ST33
--enable-microchip Enable Microchip ATTPM20 Support (default: disabled) - WOLFTPM_MICROCHIP
--enable-nuvoton Enable Nuvoton NPCT65x/NPCT75x Support (default: disabled) - WOLFTPM_NUVOTON
--enable-devtpm Enable using Linux kernel driver for /dev/tpmX (default: disabled) - WOLFTPM_LINUX_DEV
--enable-swtpm Enable using SWTPM TCP protocol. For use with simulator. (default: disabled) - WOLFTPM_SWTPM
--enable-winapi Use Windows TBS API. (default: disabled) - WOLFTPM_WINAPI
WOLFTPM_USE_SYMMETRIC Enables symmetric AES/Hashing/HMAC support for TLS examples.
WOLFTPM2_USE_SW_ECDHE Disables use of TPM for ECC ephemeral key generation and shared secret for TLS examples.
TLS_BENCH_MODE Enables TLS benchmarking mode.
NO_TPM_BENCH Disables the TPM benchmarking example.
```
### Building Infineon SLB9670/SLB9672
Build wolfTPM:
```
git clone https://github.com/wolfSSL/wolfTPM.git
cd wolfTPM
./autogen.sh
./configure --enable-infineon
make
```
### Building ST ST33TP*
Build wolfTPM:
```
./autogen.sh
./configure --enable-st33 [--enable-i2c]
make
```
For the I2C support on Raspberry Pi you may need to enable I2C. Here are the steps:
1. Edit `sudo vim /boot/config.txt`
2. Uncomment `dtparam=i2c_arm=on`
3. Reboot `sudo reboot`
### Building Microchip ATTPM20
Build wolfTPM:
```
./autogen.sh
./configure --enable-microchip
make
```
### Building Nuvoton
Build wolfTPM:
```
./autogen.sh
./configure --enable-nuvoton
make
```
### Building for "/dev/tpmX"
This build option allows you to talk to any TPM vendor supported by the Linux TIS kernel driver
Build wolfTPM:
```
./autogen.sh
./configure --enable-devtpm
make
```
Note: When using a TPM device through the Linux kernel driver make sure sufficient permissions are given to the application that uses wolfTPM, because the "/dev/tpmX" typically has read-write permissions only for the "tss" user group. Either run wolfTPM examples and your application using sudo or add your user to the "tss" group like this:
```
sudo adduser yourusername tss
```
#### With QEMU and swtpm
This demonstrates using wolfTPM in QEMU to communicate using the linux
kernel device "/dev/tpmX". You will need to install or build
[swtpm](https://github.com/stefanberger/swtpm). Below are a short
method to build. You may need to consult the instructions for
[libtpms](https://github.com/stefanberger/libtpms/wiki#compile-and-install-on-linux)
and
[swtpm](https://github.com/stefanberger/swtpm/wiki#compile-and-install-on-linux)
```
PREFIX=$PWD/inst
git clone git@github.com:stefanberger/libtpms.git
cd libtpms/
./autogen.sh --with-openssl --with-tpm2 --prefix=$PREFIX && make install
cd ..
git clone git@github.com:stefanberger/swtpm.git
cd swtpm
PKG_CONFIG_PATH=$PREFIX/lib/pkgconfig/ ./autogen.sh --with-openssl --with-tpm2 \
--prefix=$PREFIX && \
make install
cd ..
```
You can setup a basic linux installation. Other installation bases can
be used. This step will take some time to install the base linux
system.
```
# download mini install image
curl -O http://archive.ubuntu.com/ubuntu/dists/bionic-updates/main/installer-amd64/current/images/netboot/mini.iso
# create qemu image file
qemu-img create -f qcow2 lubuntu.qcow2 5G
# create directory for tpm state and socket
mkdir $PREFIX/mytpm
# start swtpm
$PREFIX/bin/swtpm socket --tpm2 --tpmstate dir=$PREFIX/mytpm \
--ctrl type=unixio,path=$PREFIX/mytpm/swtpm-sock --log level=20 &
# start qemu for installation
qemu-system-x86_64 -m 1024 -boot d -bios bios-256k.bin -boot menu=on \
-chardev socket,id=chrtpm,path=$PREFIX/mytpm/swtpm-sock \
-tpmdev emulator,id=tpm0,chardev=chrtpm \
-device tpm-tis,tpmdev=tpm0 -hda lubuntu.qcow2 -cdrom mini.iso
```
Once a base system is installed it's ready to start the qemu and build
wolfSSL and wolfTPM in the qemu instance.
```
# start swtpm again
$PREFIX/bin/swtpm socket --tpm2 --tpmstate dir=$PREFIX/mytpm \
--ctrl type=unixio,path=$PREFIX/mytpm/swtpm-sock --log level=20 &
# start qemu system to install and run wolfTPM
qemu-system-x86_64 -m 1024 -boot d -bios bios-256k.bin -boot menu=on \
-chardev socket,id=chrtpm,path=$PREFIX/mytpm/swtpm-sock \
-tpmdev emulator,id=tpm0,chardev=chrtpm \
-device tpm-tis,tpmdev=tpm0 -hda lubuntu.qcow2
```
To build checkout and build wolfTPM, in the QEMU terminal
```
sudo apt install automake libtool gcc git make
# get and build wolfSSL
git clone https://github.com/wolfssl/wolfssl.git
pushd wolfssl
./autogen.sh && \
./configure --enable-wolftpm --disable-examples --prefix=$PWD/../inst && \
make install
popd
# get and build wolfTPM
git clone https://github.com/wolfssl/wolftpm.git
pushd wolftpm
./autogen.sh && \
./configure --enable-devtpm --prefix=$PWD/../inst --enable-debug && \
make install
sudo make check
popd
```
You can now run the examples such as `sudo ./examples/wrap/wrap`
within QEMU. Using `sudo` maybe required for access to `/dev/tpm0`.
### Building for SWTPM
See `docs/SWTPM.md`
### Building for Windows TBS API
See `docs/WindowTBS.md`
## Building using CMake
CMake supports compiling in many environments including Visual Studio
if CMake support is installed. The commands below can be run in
`Developer Command Prompt`.
```
mkdir build
cd build
# to use installed wolfSSL location (library and headers)
cmake .. -DWITH_WOLFSSL=/prefix/to/wolfssl/install/
# OR to use a wolfSSL source tree
cmake .. -DWITH_WOLFSSL_TREE=/path/to/wolfssl/
# build
cmake --build .
```
## Running Examples
These examples demonstrate features of a TPM 2.0 module. The examples create RSA and ECC keys in NV for testing using handles defined in `./hal/tpm_io.h`. The PKCS #7 and TLS examples require generating CSR's and signing them using a test script. See `examples/README.md` for details on using the examples. To run the TLS sever and client on same machine you must build with `WOLFTPM_TIS_LOCK` to enable concurrent access protection.
### TPM2 Wrapper Tests
```
./examples/wrap/wrap_test
TPM2 Demo for Wrapper API's
Mfg STM (2), Vendor , Fw 74.8 (1151341959), FIPS 140-2 1, CC-EAL4 0
RSA Encrypt/Decrypt Test Passed
RSA Encrypt/Decrypt OAEP Test Passed
RSA Key 0x80000000 Exported to wolf RsaKey
wolf RsaKey loaded into TPM: Handle 0x80000000
RSA Private Key Loaded into TPM: Handle 0x80000000
ECC Sign/Verify Passed
ECC DH Test Passed
ECC Verify Test Passed
ECC Key 0x80000000 Exported to wolf ecc_key
wolf ecc_key loaded into TPM: Handle 0x80000000
ECC Private Key Loaded into TPM: Handle 0x80000000
NV Test on index 0x1800200 with 1024 bytes passed
Hash SHA256 test success
HMAC SHA256 test success
Encrypt/Decrypt (known key) test success
Encrypt/Decrypt test success
```
### TPM2 Benchmarks
Note: Key Generation is using existing template from hierarchy seed.
Run on Infineon OPTIGA SLB9670 at 43MHz:
```
./examples/bench/bench
TPM2 Benchmark using Wrapper API's
RNG 16 KB took 1.140 seconds, 14.033 KB/s
Benchmark symmetric AES-128-CBC-enc not supported!
Benchmark symmetric AES-128-CBC-dec not supported!
Benchmark symmetric AES-256-CBC-enc not supported!
Benchmark symmetric AES-256-CBC-dec not supported!
Benchmark symmetric AES-128-CTR-enc not supported!
Benchmark symmetric AES-128-CTR-dec not supported!
Benchmark symmetric AES-256-CTR-enc not supported!
Benchmark symmetric AES-256-CTR-dec not supported!
Benchmark symmetric AES-256-CFB-enc not supported!
Benchmark symmetric AES-256-CFB-dec not supported!
SHA1 138 KB took 1.009 seconds, 136.783 KB/s
SHA256 138 KB took 1.009 seconds, 136.763 KB/s
RSA 2048 key gen 5 ops took 10.981 sec, avg 2196.230 ms, 0.455 ops/sec
RSA 2048 Public 113 ops took 1.005 sec, avg 8.893 ms, 112.449 ops/sec
RSA 2048 Private 7 ops took 1.142 sec, avg 163.207 ms, 6.127 ops/sec
RSA 2048 Pub OAEP 73 ops took 1.011 sec, avg 13.848 ms, 72.211 ops/sec
RSA 2048 Priv OAEP 6 ops took 1.004 sec, avg 167.399 ms, 5.974 ops/sec
ECC 256 key gen 5 ops took 1.157 sec, avg 231.350 ms, 4.322 ops/sec
ECDSA 256 sign 15 ops took 1.033 sec, avg 68.865 ms, 14.521 ops/sec
ECDSA 256 verify 9 ops took 1.022 sec, avg 113.539 ms, 8.808 ops/sec
ECDHE 256 agree 5 ops took 1.161 sec, avg 232.144 ms, 4.308 ops/sec
```
Run on Infineon OPTIGA SLB9672 at 43MHz:
```
./examples/bench/bench
TPM2 Benchmark using Wrapper API's
Use Parameter Encryption: NULL
Loading SRK: Storage 0x81000200 (282 bytes)
RNG 24 KB took 1.070 seconds, 22.429 KB/s
Benchmark symmetric AES-128-CBC-enc not supported!
Benchmark symmetric AES-128-CBC-dec not supported!
Benchmark symmetric AES-256-CBC-enc not supported!
Benchmark symmetric AES-256-CBC-dec not supported!
Benchmark symmetric AES-128-CTR-enc not supported!
Benchmark symmetric AES-128-CTR-dec not supported!
Benchmark symmetric AES-256-CTR-enc not supported!
Benchmark symmetric AES-256-CTR-dec not supported!
AES-128-CFB-enc 86 KB took 1.001 seconds, 85.890 KB/s
AES-128-CFB-dec 88 KB took 1.020 seconds, 86.267 KB/s
AES-256-CFB-enc 86 KB took 1.023 seconds, 84.073 KB/s
AES-256-CFB-dec 86 KB took 1.019 seconds, 84.370 KB/s
SHA1 88 KB took 1.021 seconds, 86.155 KB/s
SHA256 86 KB took 1.015 seconds, 84.717 KB/s
SHA384 90 KB took 1.007 seconds, 89.405 KB/s
RSA 2048 key gen 10 ops took 15.677 sec, avg 1567.678 ms, 0.638 ops/sec
RSA 2048 Public 110 ops took 1.000 sec, avg 9.095 ms, 109.951 ops/sec
RSA 2048 Private 14 ops took 1.078 sec, avg 76.996 ms, 12.988 ops/sec
RSA 2048 Pub OAEP 51 ops took 1.012 sec, avg 19.838 ms, 50.408 ops/sec
RSA 2048 Priv OAEP 12 ops took 1.053 sec, avg 87.738 ms, 11.398 ops/sec
ECC 256 key gen 8 ops took 1.088 sec, avg 135.956 ms, 7.355 ops/sec
ECDSA 256 sign 29 ops took 1.033 sec, avg 35.621 ms, 28.073 ops/sec
ECDSA 256 verify 42 ops took 1.013 sec, avg 24.114 ms, 41.470 ops/sec
ECDHE 256 agree 16 ops took 1.055 sec, avg 65.948 ms, 15.164 ops/sec
```
Run on ST ST33TP SPI at 33MHz:
```
./examples/bench/bench
TPM2 Benchmark using Wrapper API's
RNG 14 KB took 1.017 seconds, 13.763 KB/s
AES-128-CBC-enc 40 KB took 1.008 seconds, 39.666 KB/s
AES-128-CBC-dec 42 KB took 1.032 seconds, 40.711 KB/s
AES-256-CBC-enc 40 KB took 1.013 seconds, 39.496 KB/s
AES-256-CBC-dec 40 KB took 1.011 seconds, 39.563 KB/s
AES-128-CTR-enc 26 KB took 1.055 seconds, 24.646 KB/s
AES-128-CTR-dec 26 KB took 1.035 seconds, 25.117 KB/s
AES-256-CTR-enc 26 KB took 1.028 seconds, 25.302 KB/s
AES-256-CTR-dec 26 KB took 1.030 seconds, 25.252 KB/s
AES-128-CFB-enc 42 KB took 1.045 seconds, 40.201 KB/s
AES-128-CFB-dec 40 KB took 1.008 seconds, 39.699 KB/s
AES-256-CFB-enc 40 KB took 1.022 seconds, 39.151 KB/s
AES-256-CFB-dec 42 KB took 1.041 seconds, 40.362 KB/s
SHA1 86 KB took 1.005 seconds, 85.559 KB/s
SHA256 84 KB took 1.019 seconds, 82.467 KB/s
RSA 2048 key gen 1 ops took 7.455 sec, avg 7455.036 ms, 0.134 ops/sec
RSA 2048 Public 110 ops took 1.003 sec, avg 9.122 ms, 109.624 ops/sec
RSA 2048 Private 5 ops took 1.239 sec, avg 247.752 ms, 4.036 ops/sec
RSA 2048 Pub OAEP 81 ops took 1.001 sec, avg 12.364 ms, 80.880 ops/sec
RSA 2048 Priv OAEP 4 ops took 1.007 sec, avg 251.780 ms, 3.972 ops/sec
ECC 256 key gen 5 ops took 1.099 sec, avg 219.770 ms, 4.550 ops/sec
ECDSA 256 sign 24 ops took 1.016 sec, avg 42.338 ms, 23.619 ops/sec
ECDSA 256 verify 14 ops took 1.036 sec, avg 74.026 ms, 13.509 ops/sec
ECDHE 256 agree 5 ops took 1.235 sec, avg 247.085 ms, 4.047 ops/sec
```
Run on Microchip ATTPM20 at 33MHz:
```
./examples/bench/bench
TPM2 Benchmark using Wrapper API's
RNG 2 KB took 1.867 seconds, 1.071 KB/s
Benchmark symmetric AES-128-CBC-enc not supported!
Benchmark symmetric AES-128-CBC-dec not supported!
Benchmark symmetric AES-256-CBC-enc not supported!
Benchmark symmetric AES-256-CBC-dec not supported!
Benchmark symmetric AES-128-CTR-enc not supported!
Benchmark symmetric AES-128-CTR-dec not supported!
Benchmark symmetric AES-256-CTR-enc not supported!
Benchmark symmetric AES-256-CTR-dec not supported!
AES-128-CFB-enc 16 KB took 1.112 seconds, 14.383 KB/s
AES-128-CFB-dec 16 KB took 1.129 seconds, 14.166 KB/s
AES-256-CFB-enc 12 KB took 1.013 seconds, 11.845 KB/s
AES-256-CFB-dec 12 KB took 1.008 seconds, 11.909 KB/s
SHA1 22 KB took 1.009 seconds, 21.797 KB/s
SHA256 22 KB took 1.034 seconds, 21.270 KB/s
RSA 2048 key gen 3 ops took 15.828 sec, avg 5275.861 ms, 0.190 ops/sec
RSA 2048 Public 22 ops took 1.034 sec, avg 47.021 ms, 21.267 ops/sec
RSA 2048 Private 9 ops took 1.059 sec, avg 117.677 ms, 8.498 ops/sec
RSA 2048 Pub OAEP 21 ops took 1.007 sec, avg 47.959 ms, 20.851 ops/sec
RSA 2048 Priv OAEP 9 ops took 1.066 sec, avg 118.423 ms, 8.444 ops/sec
ECC 256 key gen 7 ops took 1.072 sec, avg 153.140 ms, 6.530 ops/sec
ECDSA 256 sign 18 ops took 1.056 sec, avg 58.674 ms, 17.043 ops/sec
ECDSA 256 verify 24 ops took 1.031 sec, avg 42.970 ms, 23.272 ops/sec
ECDHE 256 agree 16 ops took 1.023 sec, avg 63.934 ms, 15.641 ops/sec
```
Run on Nations Technologies Inc. TPM 2.0 module at 33MHz:
```
./examples/bench/bench
TPM2 Benchmark using Wrapper API's
RNG 12 KB took 1.065 seconds, 11.270 KB/s
AES-128-CBC-enc 48 KB took 1.026 seconds, 46.780 KB/s
AES-128-CBC-dec 48 KB took 1.039 seconds, 46.212 KB/s
AES-256-CBC-enc 48 KB took 1.035 seconds, 46.370 KB/s
AES-256-CBC-dec 48 KB took 1.025 seconds, 46.852 KB/s
Benchmark symmetric AES-128-CTR-enc not supported!
Benchmark symmetric AES-128-CTR-dec not supported!
Benchmark symmetric AES-256-CTR-enc not supported!
Benchmark symmetric AES-256-CTR-dec not supported!
AES-128-CFB-enc 50 KB took 1.029 seconds, 48.591 KB/s
AES-128-CFB-dec 50 KB took 1.035 seconds, 48.294 KB/s
AES-256-CFB-enc 48 KB took 1.000 seconds, 47.982 KB/s
AES-256-CFB-dec 48 KB took 1.003 seconds, 47.855 KB/s
SHA1 80 KB took 1.009 seconds, 79.248 KB/s
SHA256 80 KB took 1.004 seconds, 79.702 KB/s
SHA384 78 KB took 1.018 seconds, 76.639 KB/s
RSA 2048 key gen 8 ops took 17.471 sec, avg 2183.823 ms, 0.458 ops/sec
RSA 2048 Public 52 ops took 1.004 sec, avg 19.303 ms, 51.805 ops/sec
RSA 2048 Private 8 ops took 1.066 sec, avg 133.243 ms, 7.505 ops/sec
RSA 2048 Pub OAEP 51 ops took 1.001 sec, avg 19.621 ms, 50.966 ops/sec
RSA 2048 Priv OAEP 8 ops took 1.073 sec, avg 134.182 ms, 7.453 ops/sec
ECC 256 key gen 20 ops took 1.037 sec, avg 51.871 ms, 19.279 ops/sec
ECDSA 256 sign 43 ops took 1.006 sec, avg 23.399 ms, 42.736 ops/sec
ECDSA 256 verify 28 ops took 1.030 sec, avg 36.785 ms, 27.185 ops/sec
ECDHE 256 agree 26 ops took 1.010 sec, avg 38.847 ms, 25.742 ops/sec
```
Run on Nuvoton NPCT650:
```
./examples/bench/bench
TPM2 Benchmark using Wrapper API's
RNG 8 KB took 1.291 seconds, 6.197 KB/s
Benchmark symmetric AES-128-CBC-enc not supported!
Benchmark symmetric AES-128-CBC-dec not supported!
Benchmark symmetric AES-256-CBC-enc not supported!
Benchmark symmetric AES-256-CBC-dec not supported!
Benchmark symmetric AES-256-CTR-enc not supported!
Benchmark symmetric AES-256-CTR-dec not supported!
Benchmark symmetric AES-256-CFB-enc not supported!
Benchmark symmetric AES-256-CFB-dec not supported!
SHA1 90 KB took 1.005 seconds, 89.530 KB/s
SHA256 90 KB took 1.010 seconds, 89.139 KB/s
RSA 2048 key gen 8 ops took 35.833 sec, avg 4479.152 ms, 0.223 ops/sec
RSA 2048 Public 77 ops took 1.007 sec, avg 13.078 ms, 76.463 ops/sec
RSA 2048 Private 2 ops took 1.082 sec, avg 540.926 ms, 1.849 ops/sec
RSA 2048 Pub OAEP 53 ops took 1.005 sec, avg 18.961 ms, 52.739 ops/sec
RSA 2048 Priv OAEP 2 ops took 1.088 sec, avg 544.075 ms, 1.838 ops/sec
ECC 256 key gen 7 ops took 1.033 sec, avg 147.608 ms, 6.775 ops/sec
ECDSA 256 sign 6 ops took 1.141 sec, avg 190.149 ms, 5.259 ops/sec
ECDSA 256 verify 4 ops took 1.061 sec, avg 265.216 ms, 3.771 ops/sec
ECDHE 256 agree 6 ops took 1.055 sec, avg 175.915 ms, 5.685 ops/sec
```
Run on Nuvoton NPCT750 at 43MHz:
```
RNG 16 KB took 1.114 seconds, 14.368 KB/s
Benchmark symmetric AES-128-CBC-enc not supported!
Benchmark symmetric AES-128-CBC-dec not supported!
Benchmark symmetric AES-256-CBC-enc not supported!
Benchmark symmetric AES-256-CBC-dec not supported!
SHA1 120 KB took 1.012 seconds, 118.618 KB/s
SHA256 122 KB took 1.012 seconds, 120.551 KB/s
SHA384 120 KB took 1.003 seconds, 119.608 KB/s
RSA 2048 key gen 5 ops took 17.043 sec, avg 3408.678 ms, 0.293 ops/sec
RSA 2048 Public 134 ops took 1.004 sec, avg 7.490 ms, 133.517 ops/sec
RSA 2048 Private 15 ops took 1.054 sec, avg 70.261 ms, 14.233 ops/sec
RSA 2048 Pub OAEP 116 ops took 1.002 sec, avg 8.636 ms, 115.797 ops/sec
RSA 2048 Priv OAEP 15 ops took 1.061 sec, avg 70.716 ms, 14.141 ops/sec
ECC 256 key gen 12 ops took 1.008 sec, avg 84.020 ms, 11.902 ops/sec
ECDSA 256 sign 18 ops took 1.015 sec, avg 56.399 ms, 17.731 ops/sec
ECDSA 256 verify 26 ops took 1.018 sec, avg 39.164 ms, 25.533 ops/sec
ECDHE 256 agree 35 ops took 1.029 sec, avg 29.402 ms, 34.011 ops/sec
```
### TPM2 Native Tests
```
./examples/native/native_test
TPM2 Demo using Native API's
TPM2: Caps 0x30000495, Did 0x0000, Vid 0x104a, Rid 0x4e
TPM2_Startup pass
TPM2_SelfTest pass
TPM2_GetTestResult: Size 12, Rc 0x0
TPM2_IncrementalSelfTest: Rc 0x0, Alg 0x1 (Todo 0)
TPM2_GetCapability: Property FamilyIndicator 0x322e3000
TPM2_GetCapability: Property PCR Count 24
TPM2_GetCapability: Property FIRMWARE_VERSION_1 0x004a0008
TPM2_GetCapability: Property FIRMWARE_VERSION_2 0x44a01587
TPM2_GetRandom: Got 32 bytes
TPM2_StirRandom: success
TPM2_PCR_Read: Index 0, Count 1
TPM2_PCR_Read: Index 0, Digest Sz 32, Update Counter 20
TPM2_PCR_Read: Index 1, Count 1
TPM2_PCR_Read: Index 1, Digest Sz 32, Update Counter 20
TPM2_PCR_Read: Index 2, Count 1
TPM2_PCR_Read: Index 2, Digest Sz 32, Update Counter 20
TPM2_PCR_Read: Index 3, Count 1
TPM2_PCR_Read: Index 3, Digest Sz 32, Update Counter 20
TPM2_PCR_Read: Index 4, Count 1
TPM2_PCR_Read: Index 4, Digest Sz 32, Update Counter 20
TPM2_PCR_Read: Index 5, Count 1
TPM2_PCR_Read: Index 5, Digest Sz 32, Update Counter 20
TPM2_PCR_Read: Index 6, Count 1
TPM2_PCR_Read: Index 6, Digest Sz 32, Update Counter 20
TPM2_PCR_Read: Index 7, Count 1
TPM2_PCR_Read: Index 7, Digest Sz 32, Update Counter 20
TPM2_PCR_Read: Index 8, Count 1
TPM2_PCR_Read: Index 8, Digest Sz 32, Update Counter 20
TPM2_PCR_Read: Index 9, Count 1
TPM2_PCR_Read: Index 9, Digest Sz 32, Update Counter 20
TPM2_PCR_Read: Index 10, Count 1
TPM2_PCR_Read: Index 10, Digest Sz 32, Update Counter 20
TPM2_PCR_Read: Index 11, Count 1
TPM2_PCR_Read: Index 11, Digest Sz 32, Update Counter 20
TPM2_PCR_Read: Index 12, Count 1
TPM2_PCR_Read: Index 12, Digest Sz 32, Update Counter 20
TPM2_PCR_Read: Index 13, Count 1
TPM2_PCR_Read: Index 13, Digest Sz 32, Update Counter 20
TPM2_PCR_Read: Index 14, Count 1
TPM2_PCR_Read: Index 14, Digest Sz 32, Update Counter 20
TPM2_PCR_Read: Index 15, Count 1
TPM2_PCR_Read: Index 15, Digest Sz 32, Update Counter 20
TPM2_PCR_Read: Index 16, Count 1
TPM2_PCR_Read: Index 16, Digest Sz 32, Update Counter 20
TPM2_PCR_Read: Index 17, Count 1
TPM2_PCR_Read: Index 17, Digest Sz 32, Update Counter 20
TPM2_PCR_Read: Index 18, Count 1
TPM2_PCR_Read: Index 18, Digest Sz 32, Update Counter 20
TPM2_PCR_Read: Index 19, Count 1
TPM2_PCR_Read: Index 19, Digest Sz 32, Update Counter 20
TPM2_PCR_Read: Index 20, Count 1
TPM2_PCR_Read: Index 20, Digest Sz 32, Update Counter 20
TPM2_PCR_Read: Index 21, Count 1
TPM2_PCR_Read: Index 21, Digest Sz 32, Update Counter 20
TPM2_PCR_Read: Index 22, Count 1
TPM2_PCR_Read: Index 22, Digest Sz 32, Update Counter 20
TPM2_PCR_Read: Index 23, Count 1
TPM2_PCR_Read: Index 23, Digest Sz 32, Update Counter 20
TPM2_PCR_Extend success
TPM2_PCR_Read: Index 0, Count 1
TPM2_PCR_Read: Index 0, Digest Sz 32, Update Counter 21
TPM2_StartAuthSession: sessionHandle 0x3000000
TPM2_PolicyGetDigest: size 32
TPM2_PCR_Read: Index 0, Digest Sz 20, Update Counter 21
wc_Hash of PCR[0]: size 32
TPM2_PolicyPCR failed 0x1c4: TPM_RC_AUTHSIZE
TPM2_PolicyRestart: Done
TPM2_HashSequenceStart: sequenceHandle 0x80000000
Hash SHA256 test success
TPM2_CreatePrimary: Endorsement 0x80000000 (314 bytes)
TPM2_CreatePrimary: Storage 0x80000002 (282 bytes)
TPM2_LoadExternal: 0x80000004
TPM2_MakeCredential: credentialBlob 68, secret 256
TPM2_ReadPublic Handle 0x80000004: pub 314, name 34, qualifiedName 34
Create HMAC-SHA256 Key success, public 48, Private 137
TPM2_Load New HMAC Key Handle 0x80000004
TPM2_PolicyCommandCode: success
TPM2_ObjectChangeAuth: private 137
TPM2_ECC_Parameters: CurveID 3, sz 256, p 32, a 32, b 32, gX 32, gY 32, n 32, h 1
TPM2_Create: New ECDSA Key: pub 88, priv 126
TPM2_Load ECDSA Key Handle 0x80000004
TPM2_Sign: ECC S 32, R 32
TPM2_VerifySignature: Tag 32802
TPM2_Create: New ECDH Key: pub 88, priv 126
TPM2_Load ECDH Key Handle 0x80000004
TPM2_ECDH_KeyGen: zPt 68, pubPt 68
TPM2_ECDH_ZGen: zPt 68
TPM2 ECC Shared Secret Pass
TPM2_Create: New RSA Key: pub 278, priv 222
TPM2_Load RSA Key Handle 0x80000004
TPM2_RSA_Encrypt: 256
TPM2_RSA_Decrypt: 68
RSA Encrypt/Decrypt test passed
TPM2_NV_DefineSpace: 0x1bfffff
TPM2_NV_ReadPublic: Sz 14, Idx 0x1bfffff, nameAlg 11, Attr 0x2020002, authPol 0, dataSz 32, name 34
Create AES128 CFB Key success, public 50, Private 142
TPM2_Load New AES Key Handle 0x80000004
Encrypt/Decrypt test success
```
### TPM2 CSR Example
```
./examples/csr/csr
TPM2 CSR Example
Generated/Signed Cert (DER 860, PEM 1236)
-----BEGIN CERTIFICATE REQUEST-----
MIIDWDCCAkACAQIwgZsxCzAJBgNVBAYTAlVTMQ8wDQYDVQQIDAZPcmVnb24xETAP
BgNVBAcMCFBvcnRsYW5kMQ0wCwYDVQQEDARUZXN0MRAwDgYDVQQKDAd3b2xmU1NM
MQwwCgYDVQQLDANSU0ExGDAWBgNVBAMMD3d3dy53b2xmc3NsLmNvbTEfMB0GCSqG
SIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBANtFRTX9CIW489vdmfy0qoffKtXBIfEGo07XgbvHPqk/KLx9NpK4
fDLRdh5Kh7mDIGQI0hKDQMQ4GRTzRlE+wXlTqGQaQohac1LRxe21RCCKn0ZXvbCJ
Wd1cIAGQyDyOb8WYCquQB79r2pIAKnVbedu+G1jx3tVrwB8ZCosKF86au7cEDxvD
sdmt2vcEIlMcgfWQNo8TkWEKW33qu/rOOfJAUkVOUKENvj8zz/Iw4pX9nImiclMC
/pMcgjpnFUlG5a0Jwg2PR7pXyRYUCciMq20UF5LDZG3NmFirVqigOmBIFsrpVCjt
wf/Ep6DxFgmy7KNJ/0kzQByySvjKrIOqynsCAwEAAaB3MHUGCSqGSIb3DQEJDjFo
MGYwHQYDVR0OBBYEFBHIhJ44Ide+SKGpL2neKuusXBZxMEUGA1UdJQQ+MDwGCCsG
AQUFBwMBBggrBgEFBQcDAgYIKwYBBQUHAwMGCCsGAQUFBwMEBggrBgEFBQcDCAYI
KwYBBQUHAwkwDQYJKoZIhvcNAQELBQADggEBACGHTZE5BVonf9OM3bYZvl2SiKdj
fo+f8a5COgBgCiNK8DPXCr+RMfp7jy8+3NP0bUPppi46F6Eq80YIZuQJgoyd0l8l
F+0KXq/FuoHtTLH7joHCKcYta1yPpnvKAG9195aIruAHesXwDxklqTvlVx3/e9No
YtmWUMdrLvTZrI1L1/0OuHbPgCGmdyHOXEh0xY0VTE1I0ff0b8UC3dQCsf8uROhO
fXXYwZz9LLSdO/QuDSxXThEe4m1/AUJkiaQ/T2zNEiR5Imk+jluXLz8bVM7w+HMt
l/076ekjTI+7PwzBZIG2F3nOIDUmHwe0lAWdU8h9IoAlM6kS22fh6gZZqQg=
-----END CERTIFICATE REQUEST-----
Generated/Signed Cert (DER 467, PEM 704)
-----BEGIN CERTIFICATE REQUEST-----
MIIBzzCCAXUCAQIwgZsxCzAJBgNVBAYTAlVTMQ8wDQYDVQQIDAZPcmVnb24xETAP
BgNVBAcMCFBvcnRsYW5kMQ0wCwYDVQQEDARUZXN0MRAwDgYDVQQKDAd3b2xmU1NM
MQwwCgYDVQQLDANFQ0MxGDAWBgNVBAMMD3d3dy53b2xmc3NsLmNvbTEfMB0GCSqG
SIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbTBZMBMGByqGSM49AgEGCCqGSM49AwEH
A0IABIokJgsrMSW8f6si4S1saUXABXbqWKWVQn+D6z9LQe/wkPqozP/hV/3qTtpE
I/E3HjcHqRY+nsosjlEz36mzrRagdzB1BgkqhkiG9w0BCQ4xaDBmMB0GA1UdDgQW
BBRyZJhX+sHZEE117OKL0/CPVGbAKzBFBgNVHSUEPjA8BggrBgEFBQcDAQYIKwYB
BQUHAwIGCCsGAQUFBwMDBggrBgEFBQcDBAYIKwYBBQUHAwgGCCsGAQUFBwMJMAoG
CCqGSM49BAMCA0gAMEUCIQCR9cbyRt3cbEZUIOBa4GNSRTlgFdB3X1EOwm+cA5/k
6AIgBm+EU6m5SDsk7BYmxTQAhgJFrelwymOa7m16kAXnFuU=
-----END CERTIFICATE REQUEST-----
```
### TPM2 PKCS 7 Example
```
./examples/pkcs7/pkcs7
TPM2 PKCS7 Example
PKCS7 Signed Container 1625
PKCS7 Container Verified (using TPM)
PKCS7 Container Verified (using software)
```
### TPM TLS Client Example
The wolfSSL TLS client requires loading a public key to indicate mutual authentication is used. The crypto callback uses the TPM for the private key signing.
```
./examples/tls/tls_client
TPM2 TLS Client Example
Write (29): GET /index.html HTTP/1.0
Read (193): HTTP/1.1 200 OK
Content-Type: text/html
Connection: close
<html>
<head>
<title>Welcome to wolfSSL!</title>
</head>
<body>
<p>wolfSSL has successfully performed handshake!</p>
</body>
</html>
```
### TPM TLS Server Example
The wolfSSL TLS server loads the TPM public key and the crypto callback uses the TPM for the private key signing.
```
./examples/tls/tls_server
TPM2 TLS Server Example
Loading RSA certificate and public key
Read (29): GET /index.html HTTP/1.0
Write (193): HTTP/1.1 200 OK
Content-Type: text/html
Connection: close
<html>
<head>
<title>Welcome to wolfSSL!</title>
</head>
<body>
<p>wolfSSL has successfully performed handshake!</p>
</body>
</html>
```
## Todo
* Update to v1.59 of specification.
* Add HMAC support for "authValue".
* Add ECC encrypted salt.
* Add bound auth session support.
* Add multiple auth session (nonceTPMDecrypt and nonceTPMEncrypt) support.
## Support
Email us at [support@wolfssl.com](mailto:support@wolfssl.com).
Reference in New Issue View Git Blame Copy Permalink