Closed dgarske closed 7 months ago
It should be documented that
WOLFSSL_PUBLIC_MP
is required for all the examples inexamples/run_examples.sh
to succeed. Any reason not to add it to the recommended wolfSSL config in the readme?Also seeing a failure in the csr test:
:~/git/wolfTPM $ ./examples/csr/csr -cert TPM2 CSR Example Trying TPM @ /dev/spidev0.0 (33 MHz) Trying TPM @ /dev/spidev0.1 (33 MHz) Found TPM @ /dev/spidev0.1 TPM2: Caps 0x30000697, Did 0x001b, Vid 0x15d1, Rid 0x16 TPM2_Startup pass TPM2_SelfTest pass TPM2_ReadPublic Handle 0x81000200: pub 282, name 34, qualifiedName 34 Loading SRK: Storage 0x81000200 (282 bytes) Reading 506 bytes from rsa_test_blob.raw Public Area (size 278): Type: RSA (0x1), name: SHA256 (0xB), objAttr: 0x60460, authPolicy sz: 0 RSA: sym algorithm: NULL (0x10), sym keyBits: 0, sym mode: Unknown (0x0) scheme: NULL (0x10), scheme hash: Unknown (0x0) keyBits: 2048, exponent: 0x10001, unique size 256 Reading the private part of the key TPM2_Load Key Handle 0x80000001 Loaded key to 0x80000001 TPM2_FlushContext: Closed handle 0x80000001 Failure 0xffffff39: Random Number Generator failed
That is correct. The ECC encrypt scheme requires direct mp_ math functions. It has already been added to wolfSSL's --enable-wolftpm
. See PR https://github.com/wolfSSL/wolfssl/pull/6683
Required for https://github.com/wolfSSL/wolfPKCS11/pull/23
ECC_PRIVATEKEY_ONLY
).