search

wolfSSL / wolfTPM

wolfTPM is a highly portable TPM 2.0 library, designed for embedded use.
https://www.wolfssl.com
GNU General Public License v2.0
244 stars 60 forks source link

enhacements for the signed_timestamp example #105

Closed tomoveu closed 3 years ago

tomoveu commented 4 years ago

Talking with @dgarske about further improvements on the signed_timestamp example, I will summarize here, (1.) is the main focus, 2-5 are for the future.

  1. Be able to persist the EK & SRK using a parameter to speed up the example

    • Check on launch without parameter, if persistent EK & SRK exists - evict and create new ones, do not persist

  2. would be nice to have in general evict tool from wolfTPM

    • probably this should be another enhancement issue as it is not related only to the signed_timestamp example

  3. Look into using makeCredential to link AIKs to CA

    • this also is probably separate enhancement issue

  4. Save the generated signed timestamp?

  5. would be nice to have in general tool from wolfTPM to verify the output produced in (4.) , i.e versifier of signed timestamp.

@dgarske please make sure to mark this issue with the enhancement label, i dont have the permissions to put labels

tomoveu commented 3 years ago
  1. already a fact
  2. redundant, covered by the helper getPrimaryStoragekey in examples
  3. MakeCredential could be a separate effort.
  4. without verifier, does not make much sense to save the file
  5. would be nice to have a signature verifier example

@dgarske From the list, I think only 4 & 5 are still valid. It is like a day effort.

tomoveu commented 3 years ago

Remaining enhancements will be address by #153