Thanks David,
sorry I missed this snippet in wrap_test.c.
It works fine, but I still don't see how the get the spec version (1.2 or 2.0).

By the way, in the function wolfTPM2_ParseCapabilities, I saw a slight mistake:
In the XMEMCMPs between caps->mfgStr and the const strings, the length parameter seem to be inconsistant...



I'm try to get some readable information about the hardware present (or not) into the PC (under windows).

For instance, when I run tpm.msc in a shell (cmd.exe), I get the manufacturer name ("IFX" for me),
the hardware version (7.62.3126.0 for me) and the API version (2.0).

My question is how to get these info using the wolfTPM API.
I tried the TPM2_GetCapability function with many combination of parameters, but in vain...

Thanks in advance !


(7 replies, posted in wolfTPM)

dimitom, about the crash with a pcrIndex >  23, I found that in the function TPM2_SetupPCRSel, an index-out-of-bound may occur in line … m2.c#L5357
Since pcr->pcrSelections[0].pcrSelect array has only 3 bytes, it will overwrite somewhere in pcr->pcrSelections[1].
After that, pcr->pcrSelections[0].pcrSelect if filled with zeros and since pcr->count == 1, no error is detected.

Then, back to wolfTPM2_ReadPCR, the call to TPM2_PCR_Read raises no error (on my PC) but pcrReadOut.pcrValues.count == 0. So pcrReadOut.pcrValues.digests[0].size should not be used.

Thanks for your attention,


(1 replies, posted in wolfTPM)

I'm trying to play with the TPM inside my own PC (win10), and figure out what I can do with it.
These days I'm trying to authenticate my PC (the client) to a server (which is actually another PC of mine, on which I wrote my own home made http server).

I guess that PCR is the tool I need, but I must admit that I don't understand how to use this feature...

I called wolfTPM2_ReadPCR which returned a buffer of 32 bytes, but what should I do with it ?
If I send it to my server, how is it going to authenticate the client ?
I suppose the server should share some secret with the client's TPM in order to verify some kind of signature...

By the way, on my PC, wolfTPM2_ExtendPCR is disabled.

Thanks in advance...



(7 replies, posted in wolfTPM)

If by any chance, this is relevant, here is what I found while playing with PCR:

If I pass 25 as pcrIndex to wolfTPM2_ReadPCR (which should not be done),
at … ap.c#L2484 :
pcrReadOut.pcrValues.digests[0].size is not initialized and the following XMEMCPY leads to crash...


(3 replies, posted in wolfTPM)

Thank you Dimi,
but, is there something more  in using a simulator than using my former software lib crypto ?



(3 replies, posted in wolfTPM)


I'm trying to cipher using AES with any possible mode, and here is what I get :
For all modes except CFB, wolfTPM2_CreateAndLoadKey returns an error 713 ("Mode of operation not supported").
Not pleasant, but at least, standard.
(I think this is because of my Infineon ship that implements CFB only...)

For CFB, wolfTPM2_CreateAndLoadKey is successful, but then, wolfTPM2_EncryptDecrypt returns an error 0x80280400 which is not even a standard TPM code!
After a while, I found out that it is a pure windows code for "blocked command".

So, if I haven't missed anything, I can't do any symmetric ciphering...
I'm using a code very similar to the bench exemple here : … nch.c#L149.

Any idea ?
Thanks in advance!



(5 replies, posted in wolfTPM)

Thank you dgarske,
so since my primary key can't be exported as a blob (and save on disk) and can't be saved in NV (because of microsoft :-((), I will have to re-create it at each launch.
9 secs on my PC, I could have been worse...


(5 replies, posted in wolfTPM)

Hello dgarske,
thanks for your answer, it gave me back some hope...

So, you say I can store a primary key in such a way only my TPM is able to re-load it.
This is exactly what I need !
It's even better than store it in NV, because it is safe from any kind of reset of the TPM...
(even if I don't know if a TPM may be reset)

But then the question is how to store a fresh primary key:
When I pause the execution just after primary key creation
(here … rap.c#L829)
I get a huge structure CreatePrimary_Out which looks like that (sorry, it's big!) :

        objectHandle                        0x80ffffff
            size                            0x011a
                type                        0x0001
                nameAlg                     0x000b
                objectAttributes            0x00030472
                authPolicy                  {size=0x0000 buffer="" }
                            algorithm       0x0006  
                            keyBits         {aes=0x0080 sym=0x0080 xorr=0x0080 }    
                            mode            {aes=0x0043 sym=0x0043 }    
                            scheme          0x0010  
                            details         {rsassa={hashAlg=0xcccc } rsapss={hashAlg=0xcccc } ...}
                        keyBits             0x0800  
                        exponent            0x00000000 
                        size                0x0100  
                        buffer              "ÈŇ^Ì«\x11ÀÅst¼°6f‚Z‡uÁÐ…gÔºÄÐ5tH‘ïJŸ‚\tFÕ!ÖgK§..."
            size                            0x0037  
                    count                   0x00000000 
                            hash            0xcccc  
                            sizeofSelect    0xcc 'Ì'
                                [0]         0xcc 'Ì'
                                [1]         0xcc 'Ì'
                                [2]         0xcc 'Ì'
                            hash            0xcccc  
                            sizeofSelect    0xcc 'Ì'
                                [0]         0xcc 'Ì'
                                [1]         0xcc 'Ì'
                                [2]         0xcc 'Ì'
                pcrDigest                   {size=0x0020 buffer="ã°ÄB˜ü\x1c\x14šûôÈ™o¹$'®Aäd›“L¤•™\x1bxR¸U" }  
                locality                    0x01 '\x1'  
                parentNameAlg               0x0010  
                parentName                  {size=0x0004 name="@" }  
                parentQualifiedName         {size=0x0004 name="@" }  
                outsideInfo                 {size=0x0000 buffer="..." } 
        creationHash                        {size=0x0020 buffer="] AºÀî15®»\fû¤—Æ¡‡®ƒ-ÓÑø÷¨q¸%èT" }  
            tag                             0x8021  
            hierarchy                       0x40000001  
            digest                          {size=0x0020 buffer="£Ú\nOšBÛÞ\x1d¡\x1a“÷jáÝA«ˆñÈ\x1?:Êÿ¤\x10f5X" }   
        name                                {size=0x0022 name="" }   

What should I store among the whole stuff ?
(I didn't find any API function to export/serialize a primary key into a blob)
Let's assume that I know how to do it, then, how do I re-load it into a primary key ?

Thanks in advance !

PS : by the way, seems almost empty...


(5 replies, posted in wolfTPM)

In order to better handle your lib, I compiled the provided exemples (a great source of inspiration).
But I'm blocking on the key storage in NV.
I this code ( … eys.c#L268) :
I see that the call to wolfTPM2_NVStoreKey is disabled by the define WOLFTPM_WINAPI.
And when I re-enable it, it fails.
I there something I can do ? (I'm forced to re-create my storage key at each execution, which takes a while)

Thanks !


(7 replies, posted in wolfTPM)

Thank you David,
I will have a look on your pull...
But before that, I have another blocking point that I'll describe in another post.
(I'm afraid I have many more questions about the lib...)


(7 replies, posted in wolfTPM)

I am discovering the TPM and I am trying to implement some basic uses.
In my context, the PC hosting the TPM is a "client" discussing with a "server".
The server must be sure that the client actually the good one.
My actual way to perform this is by using an obfuscated crypto lib :
- at the very beginning of the client life, the client generates (& buries) a RSA key pair, and sends its public part to the server.
- during the client life time, when it's identity is to be proven:
    - the server sends some random data to the client
    - the client signs it using its buried private RSA key, and sends the signature to the server
    - the server verifies the signature using the public RSA key it received earlier
    ---> nothing really original...

My question is : how to do the same thing using your TPM lib ?

I read some documentation here : … ification/
and I must admit I don't understand all the subtleties...
I download and compile your lib + examples, but I don't figure out how to proceed for my need.

Maybe it's not a good approach to reproduce what I do with my old school obfuscated crypto lib...
Then what is the proper way, for the client, to prove its own identity ?
Maybe using PCR, but I don't see how to use them...

Thanks in advance