search

randombit / botan

Cryptography Toolkit
https://botan.randombit.net
BSD 2-Clause "Simplified" License
2.6k stars 570 forks source link

TPM2: Basic bindings in FFI & Python #4361

Closed reneme closed 1 month ago

reneme commented 1 month ago

Exposes basic TPM 2.0 functionality via the FFI and the Python bindings.

Currently, this allows creating a TPM context object, enabling the usage of the Botan-based crypto backend, setting up an unauthenticated session for parameter encryption and instantiating a TPM-based RNG object.

Additional functionality (particularly to interface with TPM-hosted key material) may be added later.

Here's an example how the above would look in Python:

import botan3 as b

ctx = b.TPM2Context()
if ctx.supports_botan_crypto_backend():
    tpm2_ctx.enable_botan_crypto_backend(botan.RandomNumberGenerator("user"))
session = b.TPM2UnauthenticatedSession(ctx)

rng = b.RandomNumberGenerator("tpm2", tpm2_context=ctx, tpm2_sessions=session)

print("Randomness from TPM:", rng.get(32))
coveralls commented 1 month ago

Coverage Status

coverage: 90.975% (-0.02%) from 90.994% when pulling 4cb6970008da2268c227a3f036dfb7f8a5e48258 on Rohde-Schwarz:feature/tpm2_rng_in_python into c2a759b8ce51203ffe07cd016aa718176f54fc75 on randombit:master.

reneme commented 1 month ago

Thanks for the reviews. I addressed Jack's suggestion and rebased to master (after #4325 caused a merge conflict).