Merge pull request #321 from dgarske/20231229_cleanups

Added expanded key template and cleanups

ChangeLog.md

@@ -22,7 +22,7 @@ Support for using TLS PK callbacks with TPM for ECC and RSA. Improved the crypto
 * Cleanup KDF function return code checking to avoid scan-build warning. (PR #311)
 * Fixed ECC encrypt secret integrity check failed due to zero pad issue. (PR #311)
 * Fixed `wolfTPM2_GetRng` possibly not returning an initialized WC_RNG. (PR #311)
-* Fixed TLS bidirectional shutdown socket issue to to port collision with SWTPM. (PR #311)
+* Fixed TLS bidirectional shutdown socket issue due to port collision with SWTPM. (PR #311)
 * Fixed `policy_sign` issue when `r` or `s` is less than key size (needs zero padding). (PR #311)
 * Fixed building wolfCrypt without PEM to DER support. (PR #311)
 * Added support for TLS PK callbacks with ECC and RSA Sign using PKCSv1.5 and PSS padding (PR #312)

README.md

@@ -795,6 +795,7 @@ Connection: close
 * Update to v1.59 of specification (adding CertifyX509).
 * Inner wrap support for SensitiveToPrivate.
 * Firmware upgrade support on TPM's.
+* Add support for IRQ (interrupt line)
 
 ## Support
 

examples/tpm_test_keys.c

@@ -44,14 +44,15 @@
 int writeBin(const char* filename, const byte *buf, word32 bufSz)
 {
     int rc = TPM_RC_FAILURE;
+#if !defined(NO_FILESYSTEM) && !defined(NO_WRITE_TEMP_FILES)
+    XFILE fp = NULL;
+    size_t fileSz = 0;
+#endif
 
     if (filename == NULL || buf == NULL)
         return BAD_FUNC_ARG;
 
 #if !defined(NO_FILESYSTEM) && !defined(NO_WRITE_TEMP_FILES)
-    XFILE fp = NULL;
-    size_t fileSz = 0;
-
     fp = XFOPEN(filename, "wb");
     if (fp != XBADFILE) {
         fileSz = XFWRITE(buf, 1, bufSz, fp);
@@ -73,15 +74,16 @@ int writeBin(const char* filename, const byte *buf, word32 bufSz)
 int readBin(const char* filename, byte *buf, word32* bufSz)
 {
     int rc = TPM_RC_FAILURE;
-
-    if (filename == NULL || buf == NULL)
-        return BAD_FUNC_ARG;
-
 #if !defined(NO_FILESYSTEM) && !defined(NO_WRITE_TEMP_FILES)
     XFILE  fp = NULL;
     size_t fileSz = 0;
     size_t bytes_read = 0;
+#endif
 
+    if (filename == NULL || buf == NULL)
+        return BAD_FUNC_ARG;
+
+#if !defined(NO_FILESYSTEM) && !defined(NO_WRITE_TEMP_FILES)
     fp = XFOPEN(filename, "rb");
     if (fp != XBADFILE) {
         XFSEEK(fp, 0, XSEEK_END);

src/tpm2_wrap.c

@@ -5419,6 +5419,14 @@ int GetKeyTemplateECC(TPMT_PUBLIC* publicTemplate,
     return TPM_RC_SUCCESS;
 }
 
+int wolfTPM2_GetKeyTemplate_RSA_ex(TPMT_PUBLIC* publicTemplate,
+    TPM_ALG_ID nameAlg, TPMA_OBJECT objectAttributes, int keyBits, long exponent,
+    TPM_ALG_ID sigScheme, TPM_ALG_ID sigHash)
+{
+    return GetKeyTemplateRSA(publicTemplate, nameAlg,
+        objectAttributes, keyBits, exponent, sigScheme, sigHash);
+}
+
 int wolfTPM2_GetKeyTemplate_RSA(TPMT_PUBLIC* publicTemplate,
     TPMA_OBJECT objectAttributes)
 {
@@ -5427,6 +5435,14 @@ int wolfTPM2_GetKeyTemplate_RSA(TPMT_PUBLIC* publicTemplate,
         TPM_ALG_NULL, WOLFTPM2_WRAP_DIGEST);
 }
 
+int wolfTPM2_GetKeyTemplate_ECC_ex(TPMT_PUBLIC* publicTemplate,
+    TPM_ALG_ID nameAlg, TPMA_OBJECT objectAttributes, TPM_ECC_CURVE curve,
+    TPM_ALG_ID sigScheme, TPM_ALG_ID sigHash)
+{
+    return GetKeyTemplateECC(publicTemplate, nameAlg,
+        objectAttributes, curve, sigScheme, sigHash);
+}
+
 int wolfTPM2_GetKeyTemplate_ECC(TPMT_PUBLIC* publicTemplate,
     TPMA_OBJECT objectAttributes, TPM_ECC_CURVE curve, TPM_ALG_ID sigScheme)
 {

wolftpm/tpm2_wrap.h

@@ -2354,6 +2354,7 @@ WOLFTPM_API int wolfTPM2_UnloadHandles_AllTransient(WOLFTPM2_DEV* dev);
     \param publicTemplate pointer to an empty structure of TPMT_PUBLIC type, to store the new RSA template
     \param objectAttributes integer value of TPMA_OBJECT type, can contain one or more attributes, e.g. TPMA_OBJECT_fixedTPM
 
+    \sa wolfTPM2_GetKeyTemplate_RSA_ex
     \sa wolfTPM2_GetKeyTemplate_ECC
     \sa wolfTPM2_GetKeyTemplate_Symmetric
     \sa wolfTPM2_GetKeyTemplate_KeyedHash
@@ -2362,6 +2363,32 @@ WOLFTPM_API int wolfTPM2_UnloadHandles_AllTransient(WOLFTPM2_DEV* dev);
 WOLFTPM_API int wolfTPM2_GetKeyTemplate_RSA(TPMT_PUBLIC* publicTemplate,
     TPMA_OBJECT objectAttributes);
 
+/*!
+    \ingroup wolfTPM2_Wrappers
+    \brief Prepares a TPM public template for new RSA key based on user selected object attributes
+
+    \return TPM_RC_SUCCESS: successful
+    \return BAD_FUNC_ARG: check the provided arguments
+
+    \param publicTemplate pointer to an empty structure of TPMT_PUBLIC type, to store the new RSA template
+    \param nameAlg integer value of TPM_ALG_ID type, specifying a TPM supported hashing algorithm, typically TPM_ALG_SHA256 for SHA 256
+    \param objectAttributes integer value of TPMA_OBJECT type, can contain one or more attributes, e.g. TPMA_OBJECT_fixedTPM
+    \param keyBits integer value, specifying the size of the symmetric key, typically 128 or 256 bits
+    \param exponent integer value of word32 type, specifying the RSA exponent
+    \param sigScheme integer value of TPM_ALG_ID type, specifying a TPM supported signature scheme
+    \param sigHash integer value of TPM_ALG_ID type, specifying a TPM supported signature hash scheme
+
+    \sa wolfTPM2_GetKeyTemplate_RSA
+    \sa wolfTPM2_GetKeyTemplate_ECC
+    \sa wolfTPM2_GetKeyTemplate_ECC_ex
+    \sa wolfTPM2_GetKeyTemplate_Symmetric
+    \sa wolfTPM2_GetKeyTemplate_KeyedHash
+    \sa wolfTPM2_GetKeyTemplate_KeySeal
+*/
+WOLFTPM_API int wolfTPM2_GetKeyTemplate_RSA_ex(TPMT_PUBLIC* publicTemplate,
+    TPM_ALG_ID nameAlg, TPMA_OBJECT objectAttributes, int keyBits, long exponent,
+    TPM_ALG_ID sigScheme, TPM_ALG_ID sigHash);
+
 /*!
     \ingroup wolfTPM2_Wrappers
     \brief Prepares a TPM public template for new ECC key based on user selected object attributes
@@ -2374,6 +2401,7 @@ WOLFTPM_API int wolfTPM2_GetKeyTemplate_RSA(TPMT_PUBLIC* publicTemplate,
     \param curve integer value of TPM_ECC_CURVE type, specifying a TPM supported ECC curve ID
     \param sigScheme integer value of TPM_ALG_ID type, specifying a TPM supported signature scheme
 
+    \sa wolfTPM2_GetKeyTemplate_ECC_ex
     \sa wolfTPM2_GetKeyTemplate_RSA
     \sa wolfTPM2_GetKeyTemplate_Symmetric
     \sa wolfTPM2_GetKeyTemplate_KeyedHash
@@ -2382,6 +2410,30 @@ WOLFTPM_API int wolfTPM2_GetKeyTemplate_RSA(TPMT_PUBLIC* publicTemplate,
 WOLFTPM_API int wolfTPM2_GetKeyTemplate_ECC(TPMT_PUBLIC* publicTemplate,
     TPMA_OBJECT objectAttributes, TPM_ECC_CURVE curve, TPM_ALG_ID sigScheme);
 
+/*!
+    \ingroup wolfTPM2_Wrappers
+    \brief Prepares a TPM public template for new ECC key based on user selected object attributes
+
+    \return TPM_RC_SUCCESS: successful
+    \return BAD_FUNC_ARG: check the provided arguments
+
+    \param publicTemplate pointer to an empty structure of TPMT_PUBLIC type, to store the new ECC key template
+    \param nameAlg integer value of TPM_ALG_ID type, specifying a TPM supported hashing algorithm, typically TPM_ALG_SHA256 for SHA 256
+    \param objectAttributes integer value of TPMA_OBJECT type, can contain one or more attributes, e.g. TPMA_OBJECT_fixedTPM
+    \param curve integer value of TPM_ECC_CURVE type, specifying a TPM supported ECC curve ID
+    \param sigScheme integer value of TPM_ALG_ID type, specifying a TPM supported signature scheme
+    \param sigHash integer value of TPM_ALG_ID type, specifying a TPM supported signature hash scheme
+
+    \sa wolfTPM2_GetKeyTemplate_ECC
+    \sa wolfTPM2_GetKeyTemplate_RSA
+    \sa wolfTPM2_GetKeyTemplate_Symmetric
+    \sa wolfTPM2_GetKeyTemplate_KeyedHash
+    \sa wolfTPM2_GetKeyTemplate_KeySeal
+*/
+WOLFTPM_API int wolfTPM2_GetKeyTemplate_ECC_ex(TPMT_PUBLIC* publicTemplate,
+    TPM_ALG_ID nameAlg, TPMA_OBJECT objectAttributes, TPM_ECC_CURVE curve,
+    TPM_ALG_ID sigScheme, TPM_ALG_ID sigHash);
+
 /*!
     \ingroup wolfTPM2_Wrappers
     \brief Prepares a TPM public template for new Symmetric key