Welcome to the wolfSSL Forums!

2021-06-11 11:08:59

Hi JA,

Typically the operation is synchronous where the write and read and happening at the same time. I believe you can get the separate write and read working, but you will have to assert the chip select between the entire transaction.

1) Assert CS
2) Write 4 byte header (ignore read)
3) Read 1 byte and check for MSB 0x80 set
4) Read or Write remainder
5) De-assert CS.

It sounds like the issue is with the SPI driver. I have not tested wolfTPM with the i.MX8Q, but we do have customers using that platform. If this is a commercial effort you might considering using our consulting services to help port. Feel free to send an email to support@wolfssl.com and mention this ticket along with your project and contact details.

Thanks,
David Garske, wolfSSL

2021-06-07 10:55:48

Hi Hadrien,

This code will only work with a TPM 2.0 module. With a TPM 1.2 module it will fail. Sorry I don't have any example of how that failure would look.

Thanks,
David Garske, wolfSSL

2021-06-07 10:54:43

Hi JA,

The Infineon SLB9670 does not require SPI wait states. In fact it is the only TPM module that doesn't require the SPI wait states.

Some things to try:
1) Lowering or increasing the SPI bus speed.
2) Give additional time for the SPI CS and first clock
3) Make sure your SPI mode is 0 (CPOL=0, CPHA=0).

For reference: To use a SPI wait state:
1) Assert chip select (low)
2) Send 4 byte header
3) Read a single byte and checks for the MSB (0x80) is set (read single byte until set) Typically 1-2 times.
4) Read remainder
5) De-assert chip select (high)

Here is a simple get capabilities for an Infineon SLB9670 on my Raspberry Pi:

PI4:pi@raspberrypi:~/wolftpm $ ./examples/wrap/wrap_test
TPM2 Demo for Wrapper API's
Found TPM @ /dev/spidev0.0
TPM2_IoCb: Ret 0, Sz 5
    80 d4 00 00 00                                  | .....
    00 00 00 01 a1                                  | .....
TPM2_IoCb: Ret 0, Sz 5
    80 d4 00 00 00                                  | .....
    40 00 00 01 a1                                  | @....
TPM2_IoCb: Ret 0, Sz 8
    83 d4 00 14 00 00 00 00                         | ........
    40 00 00 01 97 06 00 30                         | @......0
TPM2_IoCb: Ret 0, Sz 8
    83 d4 0f 00 00 00 00 00                         | ........
    00 00 00 01 d1 15 1b 00                         | ........
TPM2_IoCb: Ret 0, Sz 5
    80 d4 0f 04 00                                  | .....
    00 00 00 01 16                                  | .....
TPM2: Caps 0x30000697, Did 0x001b, Vid 0x15d1, Rid 0x16
Command: 12
    80 01 00 00 00 0c 00 00 01 44 00 00             | .........D..
TPM2_IoCb: Ret 0, Sz 5
    80 d4 00 18 00                                  | .....
    40 00 00 01 44                                  | @...D
TPM2_IoCb: Ret 0, Sz 6
    81 d4 00 19 00 00                               | ......
    40 00 00 01 ff 00                               | @.....
TPM2_IoCb: Ret 0, Sz 16
    0b d4 00 24 80 01 00 00 00 0c 00 00 01 44 00 00 | ...$.........D..
    00 00 00 01 00 00 00 00 00 00 00 00 00 00 00 00 | ................
TPM2_IoCb: Ret 0, Sz 5
    80 d4 00 18 00                                  | .....
    00 00 00 01 0c                                  | .....
TPM2_IoCb: Ret 0, Sz 5
    80 d4 00 18 00                                  | .....
    40 00 00 01 84                                  | @....
TPM2_IoCb: Ret 0, Sz 5
    00 d4 00 18 20                                  | ....
    40 00 00 01 00                                  | @....
TPM2_IoCb: Ret 0, Sz 5
    80 d4 00 18 00                                  | .....
    00 00 00 01 84                                  | .....
TPM2_IoCb: Ret 0, Sz 5
    80 d4 00 18 00                                  | .....
    40 00 00 01 94                                  | @....
TPM2_IoCb: Ret 0, Sz 6
    81 d4 00 19 00 00                               | ......
    00 00 00 01 0a 00                               | ......
TPM2_IoCb: Ret 0, Sz 14
    89 d4 00 24 00 00 00 00 00 00 00 00 00 00       | ...$..........
    00 00 00 01 80 01 00 00 00 0a 00 00 01 00       | ..............
Response: 10
    80 01 00 00 00 0a 00 00 01 00                   | ..........
TPM2_IoCb: Ret 0, Sz 5
    00 d4 00 18 40                                  | ....@
    00 00 00 01 00                                  | .....
TPM2_Startup pass
Command: 11
    80 01 00 00 00 0b 00 00 01 43 01                | .........C.
TPM2_IoCb: Ret 0, Sz 5
    80 d4 00 18 00                                  | .....
    00 00 00 01 44                                  | ....D
TPM2_IoCb: Ret 0, Sz 6
    81 d4 00 19 00 00                               | ......
    40 00 00 01 ff 00                               | @.....
TPM2_IoCb: Ret 0, Sz 15
    0a d4 00 24 80 01 00 00 00 0b 00 00 01 43 01    | ...$.........C.
    00 00 00 01 00 00 00 00 00 00 00 00 00 00 00    | ...............
TPM2_IoCb: Ret 0, Sz 5
    80 d4 00 18 00                                  | .....
    00 00 00 01 0c                                  | .....
TPM2_IoCb: Ret 0, Sz 5
    80 d4 00 18 00                                  | .....
    40 00 00 01 84                                  | @....
TPM2_IoCb: Ret 0, Sz 5
    00 d4 00 18 20                                  | ....
    40 00 00 01 00                                  | @....
TPM2_IoCb: Ret 0, Sz 5
    80 d4 00 18 00                                  | .....
    00 00 00 01 84                                  | .....
TPM2_IoCb: Ret 0, Sz 5
    80 d4 00 18 00                                  | .....
    40 00 00 01 84                                  | @....
TPM2_IoCb: Ret 0, Sz 5
    80 d4 00 18 00                                  | .....
    40 00 00 01 84                                  | @....
TPM2_IoCb: Ret 0, Sz 5
    80 d4 00 18 00                                  | .....
    40 00 00 01 84                                  | @....
TPM2_IoCb: Ret 0, Sz 5
    80 d4 00 18 00                                  | .....
    40 00 00 01 80                                  | @....

...

TPM2_IoCb: Ret 0, Sz 5
    80 d4 00 18 00                                  | .....
    40 00 00 01 80                                  | @....
TPM2_IoCb: Ret 0, Sz 5
    80 d4 00 18 00                                  | .....
    40 00 00 01 84                                  | @....
TPM2_IoCb: Ret 0, Sz 5
    80 d4 00 18 00                                  | .....
    40 00 00 01 94                                  | @....
TPM2_IoCb: Ret 0, Sz 6
    81 d4 00 19 00 00                               | ......
    00 00 00 01 0a 00                               | ......
TPM2_IoCb: Ret 0, Sz 14
    89 d4 00 24 00 00 00 00 00 00 00 00 00 00       | ...$..........
    00 00 00 01 80 01 00 00 00 0a 00 00 00 00       | ..............
Response: 10
    80 01 00 00 00 0a 00 00 00 00                   | ..........
TPM2_IoCb: Ret 0, Sz 5
    00 d4 00 18 40                                  | ....@
    00 00 00 01 00                                  | .....
TPM2_SelfTest pass
Command: 22
    80 01 00 00 00 16 00 00 01 7a 00 00 00 06 00 00 | .........z......
    01 05 00 00 00 08                               | ......
TPM2_IoCb: Ret 0, Sz 5
    80 d4 00 18 00                                  | .....
    00 00 00 01 44                                  | ....D
TPM2_IoCb: Ret 0, Sz 6
    81 d4 00 19 00 00                               | ......
    40 00 00 01 ff 00                               | @.....
TPM2_IoCb: Ret 0, Sz 26
    15 d4 00 24 80 01 00 00 00 16 00 00 01 7a 00 00 | ...$.........z..
    00 06 00 00 01 05 00 00 00 08                   | ..........
    00 00 00 01 00 00 00 00 00 00 00 00 00 00 00 00 | ................
    00 00 00 00 00 00 00 00 00 00                   | ..........
TPM2_IoCb: Ret 0, Sz 5
    80 d4 00 18 00                                  | .....
    00 00 00 01 0c                                  | .....
TPM2_IoCb: Ret 0, Sz 5
    80 d4 00 18 00                                  | .....
    40 00 00 01 84                                  | @....
TPM2_IoCb: Ret 0, Sz 5
    00 d4 00 18 20                                  | ....
    40 00 00 01 00                                  | @....
TPM2_IoCb: Ret 0, Sz 5
    80 d4 00 18 00                                  | .....
    00 00 00 01 84                                  | .....
TPM2_IoCb: Ret 0, Sz 5
    80 d4 00 18 00                                  | .....
    40 00 00 01 84                                  | @....
TPM2_IoCb: Ret 0, Sz 5
    80 d4 00 18 00                                  | .....
    40 00 00 01 94                                  | @....
TPM2_IoCb: Ret 0, Sz 6
    81 d4 00 19 00 00                               | ......
    40 00 00 01 53 00                               | @...S.
TPM2_IoCb: Ret 0, Sz 14
    89 d4 00 24 00 00 00 00 00 00 00 00 00 00       | ...$..........
    00 00 00 01 80 01 00 00 00 53 00 00 00 00       | .........S....
TPM2_IoCb: Ret 0, Sz 5
    80 d4 00 18 00                                  | .....
    00 00 00 01 94                                  | .....
TPM2_IoCb: Ret 0, Sz 6
    81 d4 00 19 00 00                               | ......
    40 00 00 01 49 00                               | @...I.
TPM2_IoCb: Ret 0, Sz 68
    bf d4 00 24 00 00 00 00 00 00 00 00 00 00 00 00 | ...$............
    00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | ................
    00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | ................
    00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | ................
    00 00 00 00                                     | ....
    00 00 00 01 01 00 00 00 06 00 00 00 08 00 00 01 | ................
    05 49 46 58 00 00 00 01 06 53 4c 42 39 00 00 01 | .IFX.....SLB9...
    07 36 37 30 00 00 00 01 08 00 00 00 00 00 00 01 | .670............
    09 00 00 00 00 00 00 01 0a 00 00 00 00 00 00 01 | ................
    0b 00 07 00                                     | ....
TPM2_IoCb: Ret 0, Sz 5
    80 d4 00 18 00                                  | .....
    00 00 00 01 94                                  | .....
TPM2_IoCb: Ret 0, Sz 6
    81 d4 00 19 00 00                               | ......
    00 00 00 01 09 00                               | ......
TPM2_IoCb: Ret 0, Sz 13
    88 d4 00 24 00 00 00 00 00 00 00 00 00          | ...$.........
    00 00 00 01 55 00 00 01 0c 00 11 cb 00          | ....U........
Response: 83
    80 01 00 00 00 53 00 00 00 00 01 00 00 00 06 00 | .....S..........
    00 00 08 00 00 01 05 49 46 58 00 00 00 01 06 53 | .......IFX.....S
    4c 42 39 00 00 01 07 36 37 30 00 00 00 01 08 00 | LB9....670......
    00 00 00 00 00 01 09 00 00 00 00 00 00 01 0a 00 | ................
    00 00 00 00 00 01 0b 00 07 00 55 00 00 01 0c 00 | ..........U.....
    11 cb 00                                        | ...
TPM2_IoCb: Ret 0, Sz 5
    00 d4 00 18 40                                  | ....@
    00 00 00 01 00                                  | .....
Command: 22
    80 01 00 00 00 16 00 00 01 7a 00 00 00 06 00 00 | .........z......
    01 2d 00 00 00 01                               | .-....
TPM2_IoCb: Ret 0, Sz 5
    80 d4 00 18 00                                  | .....
    00 00 00 01 44                                  | ....D
TPM2_IoCb: Ret 0, Sz 6
    81 d4 00 19 00 00                               | ......
    40 00 00 01 ff 00                               | @.....
TPM2_IoCb: Ret 0, Sz 26
    15 d4 00 24 80 01 00 00 00 16 00 00 01 7a 00 00 | ...$.........z..
    00 06 00 00 01 2d 00 00 00 01                   | .....-....
    00 00 00 01 00 00 00 00 00 00 00 00 00 00 00 00 | ................
    00 00 00 00 00 00 00 00 00 00                   | ..........
TPM2_IoCb: Ret 0, Sz 5
    80 d4 00 18 00                                  | .....
    00 00 00 01 84                                  | .....
TPM2_IoCb: Ret 0, Sz 5
    00 d4 00 18 20                                  | ....
    40 00 00 01 00                                  | @....
TPM2_IoCb: Ret 0, Sz 5
    80 d4 00 18 00                                  | .....
    00 00 00 01 84                                  | .....
TPM2_IoCb: Ret 0, Sz 5
    80 d4 00 18 00                                  | .....
    40 00 00 01 94                                  | @....
TPM2_IoCb: Ret 0, Sz 6
    81 d4 00 19 00 00                               | ......
    00 00 00 01 1b 00                               | ......
TPM2_IoCb: Ret 0, Sz 14
    89 d4 00 24 00 00 00 00 00 00 00 00 00 00       | ...$..........
    00 00 00 01 80 01 00 00 00 1b 00 00 00 00       | ..............
TPM2_IoCb: Ret 0, Sz 5
    80 d4 00 18 00                                  | .....
    00 00 00 01 94                                  | .....
TPM2_IoCb: Ret 0, Sz 6
    81 d4 00 19 00 00                               | ......
    00 00 00 01 11 00                               | ......
TPM2_IoCb: Ret 0, Sz 21
    90 d4 00 24 00 00 00 00 00 00 00 00 00 00 00 00 | ...$............
    00 00 00 00 00                                  | .....
    00 00 00 01 01 00 00 00 06 00 00 00 01 00 00 01 | ................
    2d 00 00 00 01                                  | -....
Response: 27
    80 01 00 00 00 1b 00 00 00 00 01 00 00 00 06 00 | ................
    00 00 01 00 00 01 2d 00 00 00 01                | ......-....
TPM2_IoCb: Ret 0, Sz 5
    00 d4 00 18 40                                  | ....@
    00 00 00 01 00                                  | .....
Mfg IFX (1), Vendor SLB9670, Fw 7.85 (4555), FIPS 140-2 1, CC-EAL4 1

Thanks,
David Garske, wolfSSL

2021-06-07 09:52:51

Hi Scott,

Did you see this example?
https://github.com/wolfSSL/wolfssl-exam … mes.c#L145

I will have another engineer provide some additional examples. For reference the test case I was using for Scott is posted here:
https://drive.google.com/file/d/15QOGFB … sp=sharing

Thanks,
David Garske, wolfSSL

2021-06-04 10:44:00

Hi Scott,

Thanks for your feedback on Doxygen quality and will bring up with the team. We strive to keep things well documented, provide timely support and quality examples.

David Garske, wolfSSL

2021-06-04 10:40:17

Hi Scott,

I found a couple bugs in your code:
1) The wc_SignCert needs to pass the existing dercert that was used on wc_MakeCert.
2) The output size from wc_SignCert was not being captured and used.

Here is the fully working example, which can be used from the wolfSSL root:

#include <stdio.h>

#include "wolfssl/options.h"
#include "wolfssl/wolfcrypt/settings.h"
#include "wolfssl/wolfcrypt/asn_public.h"    /*  Used for cert generation */
#include "wolfssl/wolfcrypt/random.h"
#include "wolfssl/wolfcrypt/rsa.h"        /*  Used for RNG and RSA Key */

/*
./configure CFLAGS="-DKEEP_PEER_CERT -DWOLFSSL_ALT_NAMES" --enable-keygen --enable-certgen --enable-sni --enable-debug && make
sudo make install
gcc -Wall -g -o certgen_sign -lwolfssl certgen_sign.c 
 */

#define MAX_BUF_SZ 4096

int main() {
    int res;
    word32 idx = 0;
    RsaKey genKey;
    RsaKey cakey;
    WC_RNG rng;
    FILE *fp;

    int cacertbufsize;
    byte cacertbuf[MAX_BUF_SZ*2];

    byte cacertder[MAX_BUF_SZ];    

    int cakeybufsize;
    byte cakeybuf[MAX_BUF_SZ];
    
    byte pemcert[MAX_BUF_SZ];

    byte dercert[MAX_BUF_SZ];
    int certsize;
    int certpemsize;
    
    byte caderkey[MAX_BUF_SZ];

    int keysize;
    byte keyDer[MAX_BUF_SZ];

    int keypemsize;
    byte keypem[MAX_BUF_SZ];

    Cert testcert;

    memset(&rng, 0, sizeof(rng));
    memset(&cakey, 0, sizeof(cakey));
    memset(&genKey, 0, sizeof(genKey));
    memset(&testcert, 0, sizeof(testcert));

    res = wc_InitRng(&rng);
    if (res != 0) goto exit;

    res = wc_InitRsaKey(&genKey,0);
    if (res != 0) goto exit;

    res = wc_MakeRsaKey(&genKey, 2048, 65537, &rng);
    if (res != 0) goto exit;

    /*  Save off the private key we are going to use  */
    res = wc_RsaKeyToDer(&genKey, keyDer, sizeof(keyDer));
    if (res < 0) goto exit;
    keysize = res;

    res = wc_DerToPem(keyDer, keysize, keypem, sizeof(keypem), PRIVATEKEY_TYPE);
    if (res < 0) goto exit;
    keypemsize = res;

    /*  Save the new private key */
    fp = fopen("TestprivateKey.pem", "w+");
    if (fp == NULL) { res = -1; goto exit; }
    fwrite(keypem, 1, keypemsize, fp);
    fclose(fp);

    /*  Create a CERT */
    wc_InitCert(&testcert);
    testcert.sigType = CTC_SHA256wRSA;
    testcert.isCA = 0;
    strcpy(testcert.subject.country, "US");
    strcpy(testcert.subject.state, "ZZ");
    strcpy(testcert.subject.locality, "This City");
    strcpy(testcert.subject.org, "Yada");
    strcpy(testcert.subject.unit, "Dev");
    strcpy(testcert.subject.commonName, "www.whatever.com");
    strcpy(testcert.subject.email, "Info@whatever.com");
    
    /*  Use for SELF SIGNED */
    //certsize = wc_MakeSelfCert(&testcert, dercert, sizeof(dercert), &genKey, &rng);

    /*  Use to sign it */
    /*  Load the CA cert to use */
    fp = fopen("./certs/ca-cert.pem", "r");
    if (fp == NULL) { res = -1; goto exit; }
    cacertbufsize = fread(cacertbuf, 1, sizeof(cacertbuf), fp);
    fclose(fp);

    /*  Need to convert it to DER  */
    res = wc_CertPemToDer(cacertbuf, cacertbufsize, cacertder, sizeof(cacertder), CERT_TYPE);
    if (res < 0) goto exit;
    cacertbufsize = res;
    res = wc_SetIssuerBuffer(&testcert, cacertder, cacertbufsize);
    if (res != 0) goto exit;

    /*  Now we can make the certificate */
    res = wc_MakeCert_ex(&testcert, dercert, sizeof(dercert), RSA_TYPE, &genKey, &rng);
    if (res < 0) goto exit;
    certsize = res;

    /*  Now load the CA key  */
    fp = fopen("./certs/ca-key.pem", "r");
    if (fp == NULL) { res = -1; goto exit; }
    cakeybufsize = fread(cakeybuf, 1, sizeof(cakeybuf), fp);
    fclose(fp);
    
    /*  Need to conver it to DER  */
    wc_InitRsaKey(&cakey, 0);
    res = wc_KeyPemToDer(cakeybuf, cakeybufsize, caderkey, sizeof(caderkey), NULL /* no password */);
    if (res < 0) goto exit;
    cakeybufsize = res;

    res = wc_RsaPrivateKeyDecode((const byte *)caderkey, &idx, &cakey, cakeybufsize);
    if (res < 0) goto exit;

    /*  Now we sign the certificate  */
    res = wc_SignCert(testcert.bodySz, testcert.sigType, dercert, sizeof(dercert), &cakey, NULL, &rng);
    if (res < 0) goto exit;
    certsize = res;

    /*  Save the signed signed cert (DER) */
    fp = fopen("TestprivateCert.der", "w+");
    if (fp == NULL) { res = -1; goto exit; }
    fwrite(dercert, 1, certsize, fp);
    fclose(fp);

    /* Convert the DER to PEM */
    res = wc_DerToPem(dercert, certsize, pemcert, sizeof(pemcert), CERT_TYPE);
    if (res < 0) goto exit;
    certpemsize = res;
    res = 0; /* success */

    /*  Save the signed signed cert (PEM) */
    fp = fopen("TestprivateCert.pem", "w+");
    if (fp == NULL) { res = -1; goto exit; }
    fwrite(pemcert, 1, certpemsize, fp);
    fclose(fp);

exit:

    printf("Result %d\n", res);

    wc_FreeRsaKey(&cakey);
    wc_FreeRsaKey(&genKey);
    wc_FreeRng(&rng);
    return res;
}

Thanks,
David Garske, wolfSSL

2021-06-04 10:01:36

Hi Hadrien,

It looks like you have an Infineon TPM 2.0 module, which is fully supported. You've probably already seen this documentation? https://github.com/wolfSSL/wolfTPM/blob … ndowTBS.md

cd wolftpm/
./autogen.sh
./configure --prefix="$PREFIX" --enable-winapi
make
./examples/wrap/wrap_test

There are two interfaces available to use. 1) The "TPM2_" standard API and 2) The "wolfTPM2_" wrappers.

The easiest will be the wrappers and the code looks like this:

WOLFTPM2_DEV dev;
WOLFTPM2_CAPS caps;

/* Init the TPM2 device */
rc = wolfTPM2_Init(&dev, TPM2_IoCb, userCtx);
if (rc != 0) return rc;

rc = wolfTPM2_GetCapabilities(&dev, &caps);
if (rc != 0) goto exit;

printf("Mfg %s (%d), Vendor %s, Fw %u.%u (%u), "
    "FIPS 140-2 %d, CC-EAL4 %d\n",
    caps.mfgStr, caps.mfg, caps.vendorStr, caps.fwVerMajor,
    caps.fwVerMinor, caps.fwVerVendor, caps.fips140_2, caps.cc_eal4);

Thanks,
David Garske, wolfSSL

2021-06-04 09:50:28

Hi Scott,

I will load up your test and see if I can spot the issue. I do have some other cert gen/sign examples that are not public.

Note: The API `wc_KeyPemToDer` used to be named `wolfSSL_KeyPemToDer`, which you will find docs for.

Thanks,
David Garske, wolfSSL

2021-06-04 09:25:29

Hi Scott,

Have you see our wolfssl-examples repo? Specifically these examples for CSR generation and signing?
https://github.com/wolfSSL/wolfssl-exam … er/certgen

We also have a good one in wolfTPM here:
https://github.com/wolfSSL/wolfTPM/blob … /csr/csr.c

I also saw your note about Doxygen quality and will bring up with the team.

Thanks,
David Garske, wolfSSL

2021-06-01 12:47:42

Hi Celioaragaof48,

Our wolfSSL library does support CMake, but the Visual Studio projects were created manually. The wolfTPM support for the TBS (Windows TPM) currently uses MSYS to build (see https://github.com/wolfSSL/wolfTPM/blob … owTBS.md).

Can you tell me a bit more about your project by sending us a direct email to support@wolfssl.com and reference this forum post. I think it would be useful to add a Visual Studio wolfTPM TBS project.

Thanks,
David Garske, wolfSSL

2021-05-25 16:07:29

Hi Keeperp,

I located the issue. Fixes have been pushed here:
https://github.com/wolfSSL/wolfssl/pull/4066

The ecc_map_ex should not be used with PKA, since it is handled in hardware. The tests are all passing now.

Thanks,
David Garske, wolfSSL

2021-05-25 13:50:14

Hi Keeperp,

At first I ran this test on my STM32WB55 and it worked, but realized you were using math = 1 (fast math) and I was using SP math.

#include <wolfssl/wolfcrypt/settings.h>
#include <wolfssl/wolfcrypt/ecc.h>
#include <wolfssl/wolfcrypt/random.h>
#include <wolfssl/wolfcrypt/sha256.h>
#include <wolfssl/wolfcrypt/hash.h>
void custom_test(void)
{
    void* _wcHeapHint = NULL;
    int wc_ret;
    ecc_key key;
    uint32_t keysize = wc_ecc_get_curve_size_from_id(ECC_SECP256R1);
    WC_RNG rng;
    byte test[] = "sunny days!", sig[72];
    memset(sig, 0, sizeof(sig));
    uint32_t sigLen = sizeof(sig);
    uint8_t hash[WC_SHA256_DIGEST_SIZE];
    memset(hash, 0, sizeof(hash));
    uint32_t hash_len = WC_SHA256_DIGEST_SIZE;
    int32_t isVerified = 0;
    //HAL_PKA_Init(&hpka);
    wc_ret =  wc_InitRng_ex(&rng, _wcHeapHint, INVALID_DEVID);
    wc_ret |= wc_ecc_init_ex(&key, _wcHeapHint, INVALID_DEVID);
    wc_ret |= wc_ecc_make_key_ex(&rng, keysize, &key, ECC_SECP256R1);
    printf("Make Key %d\n", wc_ret);

    // Produce a hash of the input data
    wc_ret = wc_Hash(WC_HASH_TYPE_SHA256, test, sizeof(test), hash, hash_len);
    printf("HASH %d\n", wc_ret);
    wc_ret = wc_ecc_sign_hash(hash, hash_len, sig, (word32*)&sigLen, &rng, &key);
    printf("SIGN %d\n", wc_ret);
    wc_ret = wc_ecc_verify_hash(sig, sigLen, hash, hash_len, (int*)&isVerified, &key);
    printf("VERIFY %d, %d\n", wc_ret, isVerified);
}

Results:

Make Key 0
HASH 0
SIGN 0
VERIFY 0, 1

I am debugging the fast math case and should have a fix shortly.

Thanks,
David Garske, wolfSSL

2021-05-24 13:17:58

Hi Keeperp,

Thanks for your question and interest in using the STM32WB55 PKA. I have the same STM32 hardware here to try this on.

At first glance this example should work. However you are using the private key to verify, so that could be why the hardware is confused.

If you exported the public key and imported it into a new ecc_key struct it might work better. Something like `wc_ecc_export_x963` and `wc_ecc_import_x963` would do the job.

Thanks,
David Garske, wolfSSL

2021-05-17 11:46:24

Hi Scott,

See here for a list of SP math build options:
https://github.com/wolfSSL/wolfssl/blob … _int.c#L42

For the assembly an you try using `WOLFSSL_SP_ARM32_ASM`

Try disabling DH (NO_DH) and only use RSA and ECC. For SP related build options try just these:

#define WOLFSSL_SP_MATH
#define WOLFSSL_HAVE_SP_RSA
#define WOLFSSL_HAVE_SP_ECC
#define WOLFSSL_SP_4096
#define WOLFSSL_SP_ARM32_ASM
#define NO_DH
#define HAVE_ECC

Thanks,
David Garske, wolfSSL

2021-05-17 11:10:27

Hi Scott,

Make sure you set `WOLFSSL_SP_4096` to enable 4096-bit support for SP math. Also set `WOLFSSL_HAVE_SP_RSA` and `WOLFSSL_HAVE_SP_DH` to speedup RSA/DH with SP math.

For this A8 you can also enable SP assembly speedups for RSA/DH and ECC using `WOLFSSL_SP_ARM_THUMB_ASM`. If the code size grows too large you can use `WOLFSSL_SP_SMALL`. You might also consider disabling DH and use just ECDHE for the key share using `NO_DH`.

Thanks,
David Garske, wolfSSL

2021-05-12 10:20:24

Hi miennaco,

The AES GCM IV is normally 12-bytes, but it supports any length. An IV size not equal to 12-byte will first be GHASH'd then used.

See the code here:
https://github.com/wolfSSL/wolfssl/blob … es.c#L7180

Thanks,
David Garske, wolfSSL

2021-05-10 16:36:39

Hi Scotty2541,

Sorry about the documentation issue on `wolfSSL_CTX_load_verify_buffer_ex`. I added that API a few releases back for supporting loading of trusted certificates with some additional options to allow date override and forceful load.

The API definition is:

int wolfSSL_CTX_load_verify_buffer_ex(WOLFSSL_CTX* ctx,
                                         const unsigned char* in,
                                         long sz, int format, int userChain,
                                         word32 flags)

Additional two arguments:
* userChain: If using format WOLFSSL_FILETYPE_ASN1 this set to non-zero indicates a chain of DER's is being presented.
* flags: See ssl.h around WOLFSSL_LOAD_VERIFY_DEFAULT_FLAGS.

#define WOLFSSL_LOAD_FLAG_NONE          0x00000000
#define WOLFSSL_LOAD_FLAG_IGNORE_ERR    0x00000001
#define WOLFSSL_LOAD_FLAG_DATE_ERR_OKAY 0x00000002
#define WOLFSSL_LOAD_FLAG_PEM_CA_ONLY   0x00000004

#ifndef WOLFSSL_LOAD_VERIFY_DEFAULT_FLAGS
#define WOLFSSL_LOAD_VERIFY_DEFAULT_FLAGS WOLFSSL_LOAD_FLAG_NONE
#endif

I've made note to add this to our doxygen in doc/dox_comments/header_files/ssl.h.

Thanks,
David Garske, wolfSSL

2021-05-06 10:20:07

Hi Hadrien,

For primary keys you get back a handle. There is no encrypted private data returned. That handle will remain loaded until TPM2_FlushContext is called.

For normal key creation using `TPM2_Create` you get back a `TPM2B_PRIVATE outPrivate` which is the encrypted blob that you can store and load anytime using TPM2_Load.

For the key blob storage see this example:
https://github.com/wolfSSL/wolfTPM/blob … gen.c#L273

I've put up a PR with some additions and fixes in WindowsTBS.md here.
https://github.com/wolfSSL/wolfTPM/pull/163

Thanks,
David Garske, wolfSSL

2021-05-05 09:39:50

Hi cxenof03,

The encryption algorithm is initialized with the call to keys.c:SetKeysSide(). Actually the internal function SetKeys() is making the calls to wc_AesInit() and wc_AesGcmSetKey().

WritePSKBinders sets the keys for early data on the client. DoPreSharedKeys sets the keys on the server.

* The PSK establishes a master secret. See SetupPskKey() and DoPreSharedKeys().
* DeriveEarlySecret() derives the secret for creating the keys. See "Early Secret" in diagram in TLS 1.3 spec, page 93.
* DeriveTls13Keys() calls DeriveEarlySecret() and then derives the key that is placed in the 'Key data' that is used in SetKeysSide. See "client_early_secret_traffic_secret" in TLS 1.3 spec, page 93.
* SetKeysSide takes the 'Key data' and extracts out the key to use.

Thanks,
David Garske, wolfSSL

2021-05-05 09:30:47

Hi Hadrian,

Thank you for your interest in using wolfTPM! I am happy it has inspired you!

For Windows using their TBS interface the NV access is not permitted. I believe this is either because the TPM is started under a locality that does not allow it or the TBS blocks it. The NV storage on TPM's is very limited, which might be the reason.

The TPM is designed to return an encrypted blob on key creation that you can safely store on the disk and when needed load. The key used to encrypt the blob is only known by the TPM. When you load a key you get a transient handle to it, which can be used for signing and even encryption/decryption.

I believe this is documented in the WindowsTBS.md file here:
https://github.com/wolfSSL/wolfTPM/blob … ndowTBS.md

Thanks,
David Garske, wolfSSL

2021-05-03 11:25:20

Hi Hadrien,

Have you seen our recent PR adding attestation support?
https://github.com/wolfSSL/wolfTPM/pull/161

We are also working on another example that uses TLS v1.3 between peers that should be posted in a few weeks.

If you are not familiar with it the tpm.dev website has some great discussions on this topic.

Thanks,
David Garske, wolfSSL

2021-04-23 07:42:17

Hi m.gadroy,

This was fixed back in Sept 2020 in this PR:
https://github.com/wolfSSL/wolfssl/pull/3280

You can find it in v4.6.0 or later.

Thanks,
David Garske, wolfSSL

2021-04-14 13:20:33

Hi keeperp,

Thank you for the report. I believe the `WOLF_CONF_MATH == 4` option will work if you comment out `WOLFSSL_SP_MATH` in the generated `wolfSSL.I-CUBE-wolfSSL_conf.h`. The `WOLFSSL_SP_MATH` define reduces code size and disables some areas of the code.

For example if building this on Linux "./configure --enable-srp --enable-sp --enable-sp-math && make" it will report "configure: error: Cannot use single precision math and SRP".
If I build without `--enable-sp-math` or `WOLFSSL_SP_MATH` it works fine.

Thanks,
David Garske, wolfSSL

2021-04-12 10:09:17

Hi cxenof03,

As we've discussed offline you might consider using the TLS v1.3 early data feature to send the public key. Otherwise you would need to make some very specific changes inside the wolfSSL code to inject an additional extension.

Thanks,
David Garske, wolfSSL

2021-04-05 13:42:09

Hi cxenof03,

1) Good point. I put up a PR with API's for getting the static ephemeral here:
https://github.com/wolfSSL/wolfssl/pull/3942

2) Those are pointers to DerBuffer (ASN.1) with members `buffer` and `length`. The above PR should solve this for you.

3) Yes the KeyShare public keys will map to the static ephemeral keys.

Thanks,
David Garske, wolfSSL

Welcome to the wolfSSL Forums!

Search options (Page 6 of 18)

Posts found: 126 to 150 of 426

126 Reply by dgarske 2021-06-11 11:08:59

Re: WolfTPM_SPI_Genode_integration (3 replies, posted in wolfTPM)

127 Reply by dgarske 2021-06-07 10:55:48

Re: Getting info about the TPM hardware using wolfTPM API (4 replies, posted in wolfTPM)

128 Reply by dgarske 2021-06-07 10:54:43

Re: WolfTPM_SPI_Genode_integration (3 replies, posted in wolfTPM)

129 Reply by dgarske 2021-06-07 09:52:51

Re: SetAlternateNames ..? HowTo (2 replies, posted in wolfSSL)

130 Reply by dgarske 2021-06-04 10:44:00

Re: Bad Doc (3 replies, posted in wolfSSL)

131 Reply by dgarske 2021-06-04 10:40:17

Re: Cannot sign a cert... (4 replies, posted in wolfSSL)

132 Reply by dgarske 2021-06-04 10:01:36

Re: Getting info about the TPM hardware using wolfTPM API (4 replies, posted in wolfTPM)

133 Reply by dgarske 2021-06-04 09:50:28

Re: Cannot sign a cert... (4 replies, posted in wolfSSL)

134 Reply by dgarske 2021-06-04 09:25:29

Re: Cannot sign a cert... (4 replies, posted in wolfSSL)

135 Reply by dgarske 2021-06-01 12:47:42

Re: Building on Windows (1 replies, posted in wolfTPM)

136 Reply by dgarske 2021-05-25 16:07:29

Re: ECDSA using STM32WB55's PKA (3 replies, posted in wolfCrypt)

137 Reply by dgarske 2021-05-25 13:50:14

Re: ECDSA using STM32WB55's PKA (3 replies, posted in wolfCrypt)

138 Reply by dgarske 2021-05-24 13:17:58

Re: ECDSA using STM32WB55's PKA (3 replies, posted in wolfCrypt)

139 Reply by dgarske 2021-05-17 11:46:24

Re: 18 seconds to Key Exchange...? (3 replies, posted in wolfSSL)

140 Reply by dgarske 2021-05-17 11:10:27

Re: 18 seconds to Key Exchange...? (3 replies, posted in wolfSSL)

141 Reply by dgarske 2021-05-12 10:20:24

Re: wc_AesGcmEncrypt/Decrypt nonce/iv size (1 replies, posted in wolfCrypt)

142 Reply by dgarske 2021-05-10 16:36:39

Re: Where is the doc?? (4 replies, posted in wolfSSL)

143 Reply by dgarske 2021-05-06 10:20:07

Re: To store a key in NV on windows (5 replies, posted in wolfTPM)

144 Reply by dgarske 2021-05-05 09:39:50

Re: Where and when does the wc_AesGcmEncrypt_ex key gets initialized ? (2 replies, posted in wolfCrypt)

145 Reply by dgarske 2021-05-05 09:30:47

Re: To store a key in NV on windows (5 replies, posted in wolfTPM)

146 Reply by dgarske 2021-05-03 11:25:20

Re: Identity attestation (7 replies, posted in wolfTPM)

147 Reply by dgarske 2021-04-23 07:42:17

Re: What is the reason behind #sslpro? (2 replies, posted in wolfSSL)

148 Reply by dgarske 2021-04-14 13:20:33

Re: SRP with WOLF_CONF_MATH set to SP Cortex-M (2 replies, posted in wolfCrypt)

149 Reply by dgarske 2021-04-12 10:09:17

Re: How to add new Key Share extension into New Session Ticket packet? (1 replies, posted in wolfSSL)

150 Reply by dgarske 2021-04-05 13:42:09

Re: Where to get the private keys from DH in the client/server example ? (2 replies, posted in wolfSSL)

Posts found: 126 to 150 of 426