WOLFTPM CHANGELOG

Below you will find the wolfTPM ChangeLog documenting the changes that took place with each release of wolfTPM since the project’s beginning in 2018.

wolfTPM 1.5.0

(02/21/2019)

  • Fixed issue with cleanup not unregistering the crypto callback.
  • Added support for Microchip ATTPM20 part.
  • Added support for Barebox (experimental).
  • Added TLS benchmarking for CPS and KB/Sec. Enabled with TLS_BENCH_MODE.
  • Added TLS client/server support for symmetric AES/HMAC/RNG. Enabled with WOLFTPM_USE_SYMMETRIC.
  • Added TLS client/server support for mutual authentication.
  • Added TIS locking protection for concurrent process access. Enabled using WOLFTPM_TIS_LOCK.
  • Added symmetric AES encrypt and decrypt wrappers and examples.
  • Added HMAC wrappers and examples.
  • Added wrappers and examples for loading external HMAC and AES keys.
  • Added delete key wrapper and example.
  • Added ECDH support for ephemeral key generation and shared secret.
  • Added benchmark support for RNG, AES (CTR, CBC, CFB) 128/256 and SHA-1, SHA-256, SHA-384 and SHA-512.
  • Added new wolfTPM2_GetCapabilities wrapper API for getting chip info.
  • Added command and response logging using ./configure --enable-debug=verbose or #define WOLFTPM_DEBUG_VERBOSE.
  • Added option to enable raw IO logging using WOLFTPM_DEBUG_IO.
  • Added option to disable TPM Benchmark code using NO_TPM_BENCH.
  • Added examples/README.md for setup instructions.
  • Tuned max SPI clock and performance for supported TPM 2.0 chips.
  • Cleanup to move common test parameters into examples/tpm_test.h.
  • Updated benchmarks and console output for examples in README.md.

wolfTPM 1.4.0

(11/16/2018)

  • Fixed cryptodev ECC callback to use R and S for the signature verify.
  • Fixed printf type warnings with DEBUG_WOLFTPM defined.
  • Fixed detection of correct hash algorithm in wolfTPM2_VerifyHash.
  • Fix bug with native example where TPM2_Shutdown failure would loop.
  • Fix to decoupled the fixed TPM algorithms/sizes from wolfCrypt build options.
  • Fix for building with different wolfCrypt options.
  • Fix for byte swap build error.
  • Fix CSR example CertName to use designated initializers to resolve use against different wolfSSL versions.
  • Improved portability by eliminating the packed TPM2_HEADER.
  • Improved stack reduction by eliminating the private section from WOLFTPM2_KEY struct.
  • Added TLS server example for wolfTPM.
  • Added more RSA and ECC key loading examples.
  • Added support for loading an external private keys using new API's wolfTPM2_LoadPrivateKey, wolfTPM2_LoadRsaPrivateKey, and wolfTPM2_LoadEccPrivateKey.
  • Added example for reading the firmware version using TPM2_GetCapability with TPM_PT_FIRMWARE_VERSION_1.
  • Added hashing wrappers and tests using new API's: wolfTPM2_HashStart, wolfTPM2_HashUpdate and wolfTPM2_HashFinish.
  • Added PKCS7 7 sign/verify example demonstrating large data case using chunked buffer and new _ex functions.
  • Added Key Generation to benchmark.
  • Added ST33TP I2C TPM 2.0 support (./configure --enable-st33 --enable-i2c).
  • Added ST33TP SPI TPM 2.0 support (--enable-st33 or #define WOLFTPM_ST33).
  • Added support for Atmel ASF SPI.
  • Added example for IAR EWARM.
  • Added ECC verify test using public key and NIST test vectors.
  • Added new RNG wrapper API wolfTPM2_GetRandom.
  • Added macro for hardware RNG max request as MAX_RNG_REQ_SIZE.
  • Added instructions for enabling SPI and I2C on the Raspberry Pi.
  • Added support for symmetric AES encrypt/decrypt.
  • Added wrapper to help with creation of symmetric keys.
  • Added advanced IO callback support (enabled using --enable-advio or #define WOLFTPM_ADV_IO).
  • Added overridable define WOLFTPM_LOCALITY_DEFAULT for the locality used.
  • Added XTPM_WAIT() macro to enable custom wait between polling.
  • Added build option to disable wolfCrypt dependency using ./configure --disable-wolfcrypt or #define WOLFTPM2_NO_WOLFCRYPT.
  • Removed unused SET, CLEAR, TRUE, FALSE macros.
  • Cleanup DEBUG_WOLFTPM ifdef's around all printfs in library proper.
  • Cleanup of line lengths.
  • Cleanup of wrapper test to move test data into tpm_test.h.
  • Cleanup of the packet code to handle determining of size (mark/place).
  • Cleanup of the IO callback examples.
  • Cleanup of TIS layer improve return code and timeout handling.
  • Cleanup to move types and configuration/port specific items into new tpm2_types.h.

wolfTPM 1.3.0

(07/20/2018)

  • Fixed the TIS TPM_BASE_ADDRESS to conform to specification.
  • Fixed static analysis warnings.
  • Fixed minor build warnings with different compilers.
  • Fixed TPM failure for RSA exponents less than 7 by using software based RSA.
  • Added TPM bechmarking support.
  • Added functions to import/export public keys as wolf format.
  • Added PKCS7 example to show sign/verify with TPM.
  • Added CSR example to generate certificate request based on TPM key.
  • Added CSR signing script ./certs/certreq.sh to create certificate using self-signed CA.
  • Added TLS Client example that uses TPM based key for client certificate.
  • Added support for wolfSSL WOLF_CRYPT_DEV callbacks to enable TPM based ECC and RSA private keys.
  • Added ability to clear/reset TPM using ./examples/wrap/wrap_test 1
  • Moved some of the example configuration into ./examples/tpm_io.h

wolfTPM 1.1.0

(06/21/2018)

  • Added TPM2 wrapper layer to simplify key creation, RSA encrypt/decrypt, ECC sign/verify and ECDH.
  • Added TPM2 wrapper example code.
  • Added Linux SPI support for running on Raspberry Pi.
  • Fixes for TPM2 command and response assembly and parsing.
  • Fixes to support authentication for command and response.
  • Progress on supporting parameter encryption/decryption.
  • Refactor of TIS and Packet layers into new files.
  • Fixes/improvements to wolfTPM2_GetRCString for error code and string reporting.
  • Added new TPM2_Cleanup function.
  • New tests for TPM2 native API's (test coverage is about 75%).

wolfTPM 1.0

(2/06/2018)

  • Support for all TPM2 native API's using TIS and SPI IO callback.
  • Helper for getting TPM return code string TPM2_GetRCString.
  • TPM 2.0 demo code in examples/tpm/tpm2_demo.c with support for STM32 CubeMX SPI as reference.