Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Added expanded key template and cleanups #321

Merged
merged 4 commits into from
Jan 18, 2024
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion ChangeLog.md
Original file line number Diff line number Diff line change
Expand Up @@ -22,7 +22,7 @@ Support for using TLS PK callbacks with TPM for ECC and RSA. Improved the crypto
* Cleanup KDF function return code checking to avoid scan-build warning. (PR #311)
* Fixed ECC encrypt secret integrity check failed due to zero pad issue. (PR #311)
* Fixed `wolfTPM2_GetRng` possibly not returning an initialized WC_RNG. (PR #311)
* Fixed TLS bidirectional shutdown socket issue to to port collision with SWTPM. (PR #311)
* Fixed TLS bidirectional shutdown socket issue due to port collision with SWTPM. (PR #311)
* Fixed `policy_sign` issue when `r` or `s` is less than key size (needs zero padding). (PR #311)
* Fixed building wolfCrypt without PEM to DER support. (PR #311)
* Added support for TLS PK callbacks with ECC and RSA Sign using PKCSv1.5 and PSS padding (PR #312)
Expand Down
1 change: 1 addition & 0 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -795,6 +795,7 @@ Connection: close
* Update to v1.59 of specification (adding CertifyX509).
* Inner wrap support for SensitiveToPrivate.
* Firmware upgrade support on TPM's.
* Add support for IRQ (interrupt line)

## Support

Expand Down
16 changes: 9 additions & 7 deletions examples/tpm_test_keys.c
Original file line number Diff line number Diff line change
Expand Up @@ -44,14 +44,15 @@
int writeBin(const char* filename, const byte *buf, word32 bufSz)
{
int rc = TPM_RC_FAILURE;
#if !defined(NO_FILESYSTEM) && !defined(NO_WRITE_TEMP_FILES)
XFILE fp = NULL;
size_t fileSz = 0;
#endif

if (filename == NULL || buf == NULL)
return BAD_FUNC_ARG;

#if !defined(NO_FILESYSTEM) && !defined(NO_WRITE_TEMP_FILES)
XFILE fp = NULL;
size_t fileSz = 0;

fp = XFOPEN(filename, "wb");
if (fp != XBADFILE) {
fileSz = XFWRITE(buf, 1, bufSz, fp);
Expand All @@ -73,15 +74,16 @@ int writeBin(const char* filename, const byte *buf, word32 bufSz)
int readBin(const char* filename, byte *buf, word32* bufSz)
{
int rc = TPM_RC_FAILURE;

if (filename == NULL || buf == NULL)
return BAD_FUNC_ARG;

#if !defined(NO_FILESYSTEM) && !defined(NO_WRITE_TEMP_FILES)
XFILE fp = NULL;
size_t fileSz = 0;
size_t bytes_read = 0;
#endif

if (filename == NULL || buf == NULL)
return BAD_FUNC_ARG;

#if !defined(NO_FILESYSTEM) && !defined(NO_WRITE_TEMP_FILES)
fp = XFOPEN(filename, "rb");
if (fp != XBADFILE) {
XFSEEK(fp, 0, XSEEK_END);
Expand Down
16 changes: 16 additions & 0 deletions src/tpm2_wrap.c
Original file line number Diff line number Diff line change
Expand Up @@ -5419,6 +5419,14 @@ int GetKeyTemplateECC(TPMT_PUBLIC* publicTemplate,
return TPM_RC_SUCCESS;
}

int wolfTPM2_GetKeyTemplate_RSA_ex(TPMT_PUBLIC* publicTemplate,
TPM_ALG_ID nameAlg, TPMA_OBJECT objectAttributes, int keyBits, long exponent,
TPM_ALG_ID sigScheme, TPM_ALG_ID sigHash)
{
return GetKeyTemplateRSA(publicTemplate, nameAlg,
objectAttributes, keyBits, exponent, sigScheme, sigHash);
}

int wolfTPM2_GetKeyTemplate_RSA(TPMT_PUBLIC* publicTemplate,
TPMA_OBJECT objectAttributes)
{
Expand All @@ -5427,6 +5435,14 @@ int wolfTPM2_GetKeyTemplate_RSA(TPMT_PUBLIC* publicTemplate,
TPM_ALG_NULL, WOLFTPM2_WRAP_DIGEST);
}

int wolfTPM2_GetKeyTemplate_ECC_ex(TPMT_PUBLIC* publicTemplate,
TPM_ALG_ID nameAlg, TPMA_OBJECT objectAttributes, TPM_ECC_CURVE curve,
TPM_ALG_ID sigScheme, TPM_ALG_ID sigHash)
{
return GetKeyTemplateECC(publicTemplate, nameAlg,
objectAttributes, curve, sigScheme, sigHash);
}

int wolfTPM2_GetKeyTemplate_ECC(TPMT_PUBLIC* publicTemplate,
TPMA_OBJECT objectAttributes, TPM_ECC_CURVE curve, TPM_ALG_ID sigScheme)
{
Expand Down
52 changes: 52 additions & 0 deletions wolftpm/tpm2_wrap.h
Original file line number Diff line number Diff line change
Expand Up @@ -2354,6 +2354,7 @@ WOLFTPM_API int wolfTPM2_UnloadHandles_AllTransient(WOLFTPM2_DEV* dev);
\param publicTemplate pointer to an empty structure of TPMT_PUBLIC type, to store the new RSA template
\param objectAttributes integer value of TPMA_OBJECT type, can contain one or more attributes, e.g. TPMA_OBJECT_fixedTPM

\sa wolfTPM2_GetKeyTemplate_RSA_ex
\sa wolfTPM2_GetKeyTemplate_ECC
\sa wolfTPM2_GetKeyTemplate_Symmetric
\sa wolfTPM2_GetKeyTemplate_KeyedHash
Expand All @@ -2362,6 +2363,32 @@ WOLFTPM_API int wolfTPM2_UnloadHandles_AllTransient(WOLFTPM2_DEV* dev);
WOLFTPM_API int wolfTPM2_GetKeyTemplate_RSA(TPMT_PUBLIC* publicTemplate,
TPMA_OBJECT objectAttributes);

/*!
\ingroup wolfTPM2_Wrappers
\brief Prepares a TPM public template for new RSA key based on user selected object attributes

\return TPM_RC_SUCCESS: successful
\return BAD_FUNC_ARG: check the provided arguments

\param publicTemplate pointer to an empty structure of TPMT_PUBLIC type, to store the new RSA template
\param nameAlg integer value of TPM_ALG_ID type, specifying a TPM supported hashing algorithm, typically TPM_ALG_SHA256 for SHA 256
\param objectAttributes integer value of TPMA_OBJECT type, can contain one or more attributes, e.g. TPMA_OBJECT_fixedTPM
\param keyBits integer value, specifying the size of the symmetric key, typically 128 or 256 bits
\param exponent integer value of word32 type, specifying the RSA exponent
\param sigScheme integer value of TPM_ALG_ID type, specifying a TPM supported signature scheme
\param sigHash integer value of TPM_ALG_ID type, specifying a TPM supported signature hash scheme

\sa wolfTPM2_GetKeyTemplate_RSA
\sa wolfTPM2_GetKeyTemplate_ECC
\sa wolfTPM2_GetKeyTemplate_ECC_ex
\sa wolfTPM2_GetKeyTemplate_Symmetric
\sa wolfTPM2_GetKeyTemplate_KeyedHash
\sa wolfTPM2_GetKeyTemplate_KeySeal
*/
WOLFTPM_API int wolfTPM2_GetKeyTemplate_RSA_ex(TPMT_PUBLIC* publicTemplate,
TPM_ALG_ID nameAlg, TPMA_OBJECT objectAttributes, int keyBits, long exponent,
TPM_ALG_ID sigScheme, TPM_ALG_ID sigHash);

/*!
\ingroup wolfTPM2_Wrappers
\brief Prepares a TPM public template for new ECC key based on user selected object attributes
Expand All @@ -2374,6 +2401,7 @@ WOLFTPM_API int wolfTPM2_GetKeyTemplate_RSA(TPMT_PUBLIC* publicTemplate,
\param curve integer value of TPM_ECC_CURVE type, specifying a TPM supported ECC curve ID
\param sigScheme integer value of TPM_ALG_ID type, specifying a TPM supported signature scheme

\sa wolfTPM2_GetKeyTemplate_ECC_ex
\sa wolfTPM2_GetKeyTemplate_RSA
\sa wolfTPM2_GetKeyTemplate_Symmetric
\sa wolfTPM2_GetKeyTemplate_KeyedHash
Expand All @@ -2382,6 +2410,30 @@ WOLFTPM_API int wolfTPM2_GetKeyTemplate_RSA(TPMT_PUBLIC* publicTemplate,
WOLFTPM_API int wolfTPM2_GetKeyTemplate_ECC(TPMT_PUBLIC* publicTemplate,
TPMA_OBJECT objectAttributes, TPM_ECC_CURVE curve, TPM_ALG_ID sigScheme);

/*!
\ingroup wolfTPM2_Wrappers
\brief Prepares a TPM public template for new ECC key based on user selected object attributes

\return TPM_RC_SUCCESS: successful
\return BAD_FUNC_ARG: check the provided arguments

\param publicTemplate pointer to an empty structure of TPMT_PUBLIC type, to store the new ECC key template
\param nameAlg integer value of TPM_ALG_ID type, specifying a TPM supported hashing algorithm, typically TPM_ALG_SHA256 for SHA 256
\param objectAttributes integer value of TPMA_OBJECT type, can contain one or more attributes, e.g. TPMA_OBJECT_fixedTPM
\param curve integer value of TPM_ECC_CURVE type, specifying a TPM supported ECC curve ID
\param sigScheme integer value of TPM_ALG_ID type, specifying a TPM supported signature scheme
\param sigHash integer value of TPM_ALG_ID type, specifying a TPM supported signature hash scheme

\sa wolfTPM2_GetKeyTemplate_ECC
\sa wolfTPM2_GetKeyTemplate_RSA
\sa wolfTPM2_GetKeyTemplate_Symmetric
\sa wolfTPM2_GetKeyTemplate_KeyedHash
\sa wolfTPM2_GetKeyTemplate_KeySeal
*/
WOLFTPM_API int wolfTPM2_GetKeyTemplate_ECC_ex(TPMT_PUBLIC* publicTemplate,
TPM_ALG_ID nameAlg, TPMA_OBJECT objectAttributes, TPM_ECC_CURVE curve,
TPM_ALG_ID sigScheme, TPM_ALG_ID sigHash);

/*!
\ingroup wolfTPM2_Wrappers
\brief Prepares a TPM public template for new Symmetric key
Expand Down