wolfTPM (TPM 2.0)

Portable TPM 2.0 project designed for embedded use.

Project Features

• This implementation provides all TPM 2.0 API's in compliance with the specification.
• Wrappers provided to simplify Key Generation/Loading, RSA encrypt/decrypt, ECC sign/verify, ECDH, NV, Hashing/HACM, AES, Sealing/Unsealing, Attestation, PCR Extend/Quote and Secure Root of Trust.
• Testing done using TPM 2.0 modules from STMicro ST33 (SPI/I2C), Infineon OPTIGA SLB9670/SLB9672/SLB9673, Microchip ATTPM20, Nations Tech Z32H330TC/NS350 and Nuvoton NPCT650/NPCT750.
• wolfTPM uses the TPM Interface Specification (TIS) to communicate either over SPI, or using a memory mapped I/O range.
• On Linux, wolfTPM auto-detects between the kernel TPM driver (/dev/tpmX) and direct SPI access at runtime — a simple ./configure && make works with either interface.
• wolfTPM can also use the Linux TPM kernel interface (/dev/tpmX) to talk with any physical TPM on SPI, I2C and even LPC bus.
• Platform support for Raspberry Pi (Linux), MMIO, STM32 with CubeMX, Atmel ASF, Xilinx, QNX Infineon TriCore and Barebox.
• The design allows for easy portability to different platforms:
  • Native C code designed for embedded use.
  • Single IO callback for hardware SPI interface.
  • No external dependencies.
  • Compact code size and minimal memory use.
• Includes example code for:
  • Most TPM2 native API's
  • All TPM2 wrapper API's
  • PKCS 7
  • Certificate Signing Request (CSR)
  • TLS Client
  • TLS Server
  • Use of the TPM's Non-volatile memory
  • Attestation (activate and make credential)
  • Benchmarking TPM algorithms and TLS
  • Key Generation (primary, RSA/ECC and symmetric), loading and storing to flash (NV memory)
  • Sealing and Unsealing data with an RSA key or externally signed policy.
  • Time signed or set
  • PCR read/reset
  • GPIO configure, read and write.
  • Endorsement Key/Cert retrieval and validation.
• Parameter encryption support using AES-CFB or XOR.
• Support for salted unbound authenticated sessions.
• Support for HMAC Sessions.
• Support for reading Endorsement certificates (EK Credential Profile).

Note: See examples/README.md for details on using the examples.

TPM 2.0 Overview

Hierarchies

Platform    TPM_RH_PLATFORM
Owner       TPM_RH_OWNER
Endorsement TPM_RH_ENDORSEMENT

Each hierarchy has their own manufacture generated seed.

The arguments used on TPM2_Create or TPM2_CreatePrimary create a template, which is fed into a KDF to produce the same key based hierarchy used. The key generated is the same each time; even after reboot. The generation of a new RSA 2048 bit key takes about 15 seconds. Typically these are created and then stored in NV using TPM2_EvictControl. Each TPM generates their own keys uniquely based on the seed.

There is also an Ephemeral hierarchy (TPM_RH_NULL), which can be used to create ephemeral keys.

Platform Configuration Registers (PCRs)

Contains hash digests for SHA-1 and SHA-256 with an index 0-23. These hash digests can be extended to prove the integrity of a boot sequence (secure boot).

Terminology

This project uses the terms append vs. marshall and parse vs. unmarshall.

Acronyms:

• HAL: Hardware Abstraction Layer.
• NV: Non-Volatile memory.
• TPM: Trusted Platform Module.

Platform

The examples in this library are written for use on a Raspberry Pi and use the spi_dev interface.

IO Callback (HAL)

See the HAL manual in hal/README.md.

For interfacing to your hardware interface (SPI/I2C) a single HAL callback is used and configuration on initialization when calling TPM2_Init or wolfTPM2_Init.

There are HAL examples in hal directory for:

• Atmel ASF
• BareBox
• Espressif ESP-IDF
• Infineon TriCore
• Linux
• STM32 CubeMX
• Xilinx

We also support an advanced IO option (--enable-advio/WOLFTPM_ADV_IO), which adds the register and read/write flag as parameter to the IO callback. This is required for I2C support.

Hardware

Tested with:

• Infineon OPTIGA (TM) Trusted Platform Module 2.0 SLB9670, SLB9672 and SLB9673 (I2C).
  • LetsTrust: Vendor for TPM development boards http://letstrust.de.
• STMicro STSAFE-TPM, ST33TPHF2XSPI/2XI2C and ST33KTPM2X (SPI and I2C)
• Microchip ATTPM20 module
• Nuvoton NPCT65X or NPCT75x TPM2.0 modules
• Nations Technologies Z32H330 or NS350 TPM 2.0 modules

Device Identification

Infineon SLB9670: TPM2: Caps 0x30000697, Did 0x001b, Vid 0x15d1, Rid 0x10 Mfg IFX (1), Vendor SLB9670, Fw 7.85 (4555), FIPS 140-2 1, CC-EAL4 1

Infineon SLB9672: TPM2: Caps 0x30000697, Did 0x001d, Vid 0x15d1, Rid 0x36 Mfg IFX (1), Vendor SLB9672, Fw 16.10 (0x4068), FIPS 140-2 1, CC-EAL4 1

Infineon SLB9673: TPM2: Caps 0x1ae00082, Did 0x001c, Vid 0x15d1, Rid 0x16 Mfg IFX (1), Vendor SLB9673, Fw 26.13 (0x456a), FIPS 140-2 1, CC-EAL4 1

STMicro ST33KTPM2XSPI TPM2: Caps 0x30000415, Did 0x0003, Vid 0x104a, Rid 0x 0 Mfg STM (2), Vendor ST33KTPM2XSPI, Fw 9.256 (0x0), FIPS 140-2 1, CC-EAL4 0

STMicro ST33TPHF2XSPI TPM2: Caps 0x1a7e2882, Did 0x0000, Vid 0x104a, Rid 0x4e Mfg STM (2), Vendor , Fw 74.8 (1151341959), FIPS 140-2 1, CC-EAL4 0

STMicro ST33TPHF2XI2C TPM2: Caps 0x1a7e2882, Did 0x0000, Vid 0x104a, Rid 0x4e Mfg STM (2), Vendor , Fw 74.9 (1151341959), FIPS 140-2 1, CC-EAL4 0

Microchip ATTPM20 TPM2: Caps 0x30000695, Did 0x3205, Vid 0x1114, Rid 0x 1 Mfg MCHP (3), Vendor , Fw 512.20481 (0), FIPS 140-2 0, CC-EAL4 0

Nations Technologies Inc. Z32H330 TPM 2.0 module Mfg NTZ (0), Vendor Z32H330, Fw 7.51 (419631892), FIPS 140-2 0, CC-EAL4 0

Nations Technologies Inc. NS350 TPM 2.0 module TPM2: Caps 0x30000615, Did 0x0701, Vid 0x9999, Rid 0x 1 Mfg NSG (0), Vendor NS350, Fw 30.30 (0x24042510), FIPS 140-2 1, CC-EAL4 0

Nuvoton NPCT650 TPM2.0 Mfg NTC (0), Vendor rlsNPCT , Fw 1.3 (65536), FIPS 140-2 0, CC-EAL4 0

Nuvoton NPCT750 TPM2.0 TPM2: Caps 0x30000697, Did 0x00fc, Vid 0x1050, Rid 0x 1 Mfg NTC (0), Vendor NPCT75x"!!4rls, Fw 7.2 (131072), FIPS 140-2 1, CC-EAL4 0

Building

Building wolfSSL

git clone https://github.com/wolfSSL/wolfssl.git
cd wolfssl
./autogen.sh
./configure --enable-wolftpm
make
sudo make install
sudo ldconfig

autogen.sh requires: automake and libtool: sudo apt-get install automake libtool

Building wolfSSL with an alternate directory

# cd /your-wolfssl-repo
./autogen.h # as necessary
./configure --prefix=~/workspace/my_wolfssl_bin --enable-all
make install

# then for some other library such as wolfTPM:

# cd /your-wolftpm-repo
./configure --enable-swtpm --with-wolfcrypt=~/workspace/my_wolfssl_bin

Build options and defines

--enable-debug          Add debug code/turns off optimizations (yes|no|verbose|io) - DEBUG_WOLFTPM, WOLFTPM_DEBUG_VERBOSE, WOLFTPM_DEBUG_IO
--enable-examples       Enable Examples (default: enabled)
--enable-wrapper        Enable wrapper code (default: enabled) - WOLFTPM2_NO_WRAPPER
--enable-wolfcrypt      Enable wolfCrypt hooks for RNG, Auth Sessions and Parameter encryption (default: enabled) - WOLFTPM2_NO_WOLFCRYPT
--enable-advio          Enable Advanced IO (default: disabled) - WOLFTPM_ADV_IO
--enable-i2c            Enable I2C TPM Support (default: disabled, requires advio) - WOLFTPM_I2C
--enable-checkwaitstate Enable TIS / SPI Check Wait State support (default: depends on chip) - WOLFTPM_CHECK_WAIT_STATE
--enable-smallstack     Enable options to reduce stack usage
--enable-tislock        Enable Linux Named Semaphore for locking access to SPI device for concurrent access between processes - WOLFTPM_TIS_LOCK
--enable-firmware       Enable firmware upgrade support for Infineon SLB9672/SLB9673 and ST ST33 (default: disabled) - WOLFTPM_FIRMWARE_UPGRADE

--enable-autodetect     Enable Runtime Module Detection (default: enable - when no module specified) - WOLFTPM_AUTODETECT
                        On Linux this also auto-detects /dev/tpmrm0 or /dev/tpm0 at runtime,
                        falling back to SPI if the kernel driver is not available.
--enable-infineon       Enable Infineon SLB9670/SLB9672/SLB9673 TPM Support (default: disabled) - WOLFTPM_SLB9670 / WOLFTPM_SLB9672
--enable-st             Enable ST ST33 Support (default: disabled) - WOLFTPM_ST33
--enable-microchip      Enable Microchip ATTPM20 Support (default: disabled) - WOLFTPM_MICROCHIP
--enable-nuvoton        Enable Nuvoton NPCT65x/NPCT75x Support (default: disabled) - WOLFTPM_NUVOTON

--enable-devtpm         Enable using Linux kernel driver for /dev/tpmX (default: disabled) - WOLFTPM_LINUX_DEV
                        Note: With autodetect (default) this is no longer required on Linux;
                        the kernel driver is tried automatically before SPI.
--enable-swtpm          Enable using SWTPM TCP protocol. For use with simulator. (default: disabled) - WOLFTPM_SWTPM
--enable-winapi         Use Windows TBS API. (default: disabled) - WOLFTPM_WINAPI

WOLFTPM_USE_SYMMETRIC   Enables symmetric AES/Hashing/HMAC support for TLS examples.
WOLFTPM2_USE_SW_ECDHE   Disables use of TPM for ECC ephemeral key generation and shared secret for TLS examples.
TLS_BENCH_MODE          Enables TLS benchmarking mode.
NO_TPM_BENCH            Disables the TPM benchmarking example.

Note: For the I2C support on Raspberry Pi you may need to enable I2C. Here are the steps:

1. Edit sudo vim /boot/config.txt
2. Uncomment dtparam=i2c_arm=on
3. Reboot sudo reboot

Building Infineon

Support for SLB9670 or SLB9672 (SPI) / SLB9673 (I2C)

Build wolfTPM:

git clone https://github.com/wolfSSL/wolfTPM.git
cd wolfTPM
./autogen.sh
./configure --enable-infineon [--enable-i2c]
make

The default is SLB9672/SLB9673 (if I2C). To specify SLB9670 use --enable-infineon=slb9670.

Building ST ST33

Build wolfTPM:

./autogen.sh
./configure --enable-st33 [--enable-i2c] [--enable-firmware]
make

Note: The --enable-firmware option enables firmware upgrad