wolfSSL
diff --git a/‎ChangeLog.md‎
Lines changed: 28 additions & 0 deletions b/‎ChangeLog.md‎
Lines changed: 28 additions & 0 deletions
diff --git a/‎README.md‎
Lines changed: 3 additions & 3 deletions b/‎README.md‎
Lines changed: 3 additions & 3 deletions
diff --git a/‎autogen.sh‎
Lines changed: 1 addition & 1 deletion b/‎autogen.sh‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎configure.ac‎
Lines changed: 3 additions & 3 deletions b/‎configure.ac‎
Lines changed: 3 additions & 3 deletions
diff --git a/‎examples/README.md‎
Lines changed: 1 addition & 1 deletion b/‎examples/README.md‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎examples/bench/bench.c‎
Lines changed: 5 additions & 2 deletions b/‎examples/bench/bench.c‎
Lines changed: 5 additions & 2 deletions
diff --git a/‎examples/csr/csr.c‎
Lines changed: 1 addition & 1 deletion b/‎examples/csr/csr.c‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎examples/keygen/keygen.c‎
Lines changed: 12 additions & 5 deletions b/‎examples/keygen/keygen.c‎
Lines changed: 12 additions & 5 deletions
diff --git a/‎examples/keygen/keyimport.c‎
Lines changed: 13 additions & 4 deletions b/‎examples/keygen/keyimport.c‎
Lines changed: 13 additions & 4 deletions
diff --git a/‎examples/keygen/keyload.c‎
Lines changed: 11 additions & 4 deletions b/‎examples/keygen/keyload.c‎
Lines changed: 11 additions & 4 deletions
@@ -1,5 +1,33 @@
 ## Release Notes
 
+### wolfTPM Release 2.0 (12/07/2020)
+
+**Summary**
+
+Added AES CFB parameter encryption, HMAC sessions, TPM simulator, Windows TPM (TBSI) support and more examples for time/keys.
+
+**Detail**
+
+* Refactor of the session authentication. New struct `TPM2_AUTH_SESSION`  and `wolfTPM2_SetAuth_*` API's. (PR #129 and #133)
+* Added Windows TPM TBSI support (PR #127)
+* Added TPM simulator support using TPM TCP protocol (PR #121)
+* Added minGW support (PR #127)
+* Added AES CFB parameter encryption support (PR #129)
+* Added XOR parameter encryption support (PR #122)
+* Added "-aes" or "-xor" option to some examples to enable parameter encryption. (PR #129)
+* Added HMAC session support (PR #129)
+* Added support for encrypted RSA salt for salted-unbounded session (PR #129)
+* Added innerWrap and outerWrap support for sensitive to private. (PR #129)
+* Improvements to the KDFa (PR #129)
+* Improved the param encryption to use buffers inline (PR #129)
+* Added Key generation and loading examples using disk to store the key (PR #131)
+* Added support for importing external private key to get a key blob for easy re-loading. (PR #132)
+* Add TPM clock increment example (PR #117)
+* Add test vectors for AES CFB and make it the default for tests (PR #125)
+* Improved documentation and code comments (PR #126)
+* Add script to run unit tests with software TPM (PR #124)
+
+
 ### wolfTPM Release 1.9 (08/24/2020)
 
 **Summary**
 
@@ -91,7 +91,7 @@ TPM2: Caps 0x1a7e2882, Did 0x0000, Vid 0x104a, Rid 0x4e
 Mfg STM  (2), Vendor , Fw 74.9 (1151341959), FIPS 140-2 1, CC-EAL4 0
 
 Microchip ATTPM20
-TPM2: Caps 0x30000695, Did 0x3205, Vid 0x1114, Rid 0x 1 
+TPM2: Caps 0x30000695, Did 0x3205, Vid 0x1114, Rid 0x 1
 Mfg MCHP (3), Vendor , Fw 512.20481 (0), FIPS 140-2 0, CC-EAL4 0
 
 Nations Technologies Inc. TPM 2.0 module
@@ -432,7 +432,7 @@ ECDHE    256 agree         35 ops took 1.029 sec, avg 29.402 ms, 34.011 ops/sec
 ```
 ./examples/native/native_test
 TPM2 Demo using Native API's
-TPM2: Caps 0x30000495, Did 0x0000, Vid 0x104a, Rid 0x4e 
+TPM2: Caps 0x30000495, Did 0x0000, Vid 0x104a, Rid 0x4e
 TPM2_Startup pass
 TPM2_SelfTest pass
 TPM2_GetTestResult: Size 12, Rc 0x0
@@ -578,7 +578,7 @@ CCqGSM49BAMCA0gAMEUCIQCR9cbyRt3cbEZUIOBa4GNSRTlgFdB3X1EOwm+cA5/k
 ### TPM2 PKCS 7 Example
 
 ```
-./examples/pkcs7/pkcs7 
+./examples/pkcs7/pkcs7
 TPM2 PKCS7 Example
 PKCS7 Signed Container 1625
 PKCS7 Container Verified (using TPM)
 
@@ -42,4 +42,4 @@ else
   WARNINGS="all"
 fi
 
-autoreconf --install --force --verbose 
+autoreconf --install --force --verbose
@@ -3,7 +3,7 @@
 # All right reserved.
 
 AC_COPYRIGHT([Copyright (C) 2014-2020 wolfSSL Inc.])
-AC_INIT([wolftpm],[1.9.0],[https://github.com/wolfssl/wolfTPM/issues],[wolftpm],[http://www.wolfssl.com])
+AC_INIT([wolftpm],[2.0.0],[https://github.com/wolfssl/wolfTPM/issues],[wolftpm],[http://www.wolfssl.com])
 
 AC_PREREQ([2.63])
 AC_CONFIG_AUX_DIR([build-aux])
@@ -23,7 +23,7 @@ AC_ARG_PROGRAM
 AC_CONFIG_MACRO_DIR([m4])
 AC_CONFIG_HEADERS([src/config.h])
 
-WOLFTPM_LIBRARY_VERSION=9:0:0
+WOLFTPM_LIBRARY_VERSION=10:0:0
 #                        | | |
 #                 +------+ | +---+
 #                 |        |     |
@@ -328,7 +328,7 @@ fi
 
 # TIS / SPI Check Wait State support
 # Required for all but Infineon only
-if test "x$ENABLED_CHECKWAITSTATE" = "xyes" || test "x$ENABLED_AUTODETECT" = "xyes" || test "x$ENABLED_INFINEON" = "xno" 
+if test "x$ENABLED_CHECKWAITSTATE" = "xyes" || test "x$ENABLED_AUTODETECT" = "xyes" || test "x$ENABLED_INFINEON" = "xno"
 then
     ENABLED_CHECKWAITSTATE=yes
     AM_CFLAGS="$AM_CFLAGS -DWOLFTPM_CHECK_WAIT_STATE"
 
@@ -129,7 +129,7 @@ This example client connects to localhost on on port 11111 by default. These can
 
 You can validate using the wolfSSL example server this like:
 `./examples/server/server -b -p 11111 -g -d -i -V`
- 
+
 To validate client certificate use the following wolfSSL example server command:
 `./examples/server/server -b -p 11111 -g -A ./certs/tpm-ca-rsa-cert.pem -i -V`
 or
 
@@ -129,6 +129,7 @@ static int bench_sym_hash(WOLFTPM2_DEV* dev, const char* desc, int algo,
     double start;
     WOLFTPM2_HASH hash;
 
+    XMEMSET(&hash, 0, sizeof(hash));
     bench_stats_start(&count, &start);
     do {
         rc = wolfTPM2_HashStart(dev, &hash, algo,
@@ -185,7 +186,7 @@ static void usage(void)
 {
     printf("Expected usage:\n");
     printf("./examples/bench/bench [-aes/xor]\n");
-    printf("* -aes/xor: Use Parameter Encryption\n");   
+    printf("* -aes/xor: Use Parameter Encryption\n");
 }
 
 /******************************************************************************/
@@ -257,7 +258,7 @@ int TPM2_Wrapper_BenchArgs(void* userCtx, int argc, char *argv[])
             (word32)tpmSession.handle.hndl);
 
         /* set session for authorization of the storage key */
-        rc = wolfTPM2_SetAuthSession(&dev, 1, &tpmSession, 
+        rc = wolfTPM2_SetAuthSession(&dev, 1, &tpmSession,
             (TPMA_SESSION_decrypt | TPMA_SESSION_encrypt | TPMA_SESSION_continueSession));
         if (rc != 0) goto exit;
     }
@@ -494,6 +495,8 @@ int main(int argc, char *argv[])
     rc = TPM2_Wrapper_BenchArgs(NULL, argc, argv);
 #else
     printf("Wrapper code not compiled in\n");
+    (void)argc;
+    (void)argv;
 #endif
 
     return rc;
 
@@ -202,7 +202,7 @@ int TPM2_CSR_ExampleArgs(void* userCtx, int argc, char *argv[])
                     &storageKey,
                     &eccKey,
                     &wolfEccKey,
-                    tpmDevId, 
+                    tpmDevId,
                     (byte*)gKeyAuth, sizeof(gKeyAuth)-1);
     if (rc != 0) goto exit;
 
 
@@ -30,6 +30,7 @@
 
 #include <stdio.h>
 
+#ifndef WOLFTPM2_NO_WRAPPER
 
 /******************************************************************************/
 /* --- BEGIN TPM Keygen Example -- */
@@ -117,7 +118,7 @@ int TPM2_Keygen_Example(void* userCtx, int argc, char *argv[])
             (word32)tpmSession.handle.hndl);
 
         /* set session for authorization of the storage key */
-        rc = wolfTPM2_SetAuthSession(&dev, 1, &tpmSession, 
+        rc = wolfTPM2_SetAuthSession(&dev, 1, &tpmSession,
             (TPMA_SESSION_decrypt | TPMA_SESSION_encrypt | TPMA_SESSION_continueSession));
         if (rc != 0) goto exit;
     }
@@ -139,7 +140,7 @@ int TPM2_Keygen_Example(void* userCtx, int argc, char *argv[])
         /* set session for authorization key */
         auth.size = (int)sizeof(gAiKeyAuth)-1;
         XMEMCPY(auth.buffer, gAiKeyAuth, auth.size);
-        
+
     }
     else {
         if (alg == TPM_ALG_RSA) {
@@ -208,16 +209,22 @@ int TPM2_Keygen_Example(void* userCtx, int argc, char *argv[])
 }
 
 /******************************************************************************/
-/* --- END TPM Timestamp Test -- */
+/* --- END TPM Keygen Example -- */
 /******************************************************************************/
-
+#endif /* !WOLFTPM2_NO_WRAPPER */
 
 #ifndef NO_MAIN_DRIVER
 int main(int argc, char *argv[])
 {
-    int rc;
+    int rc = NOT_COMPILED_IN;
 
+#ifndef WOLFTPM2_NO_WRAPPER
     rc = TPM2_Keygen_Example(NULL, argc, argv);
+#else
+    printf("KeyGen code not compiled in\n");
+    (void)argc;
+    (void)argv;
+#endif
 
     return rc;
 }
 
@@ -31,6 +31,8 @@
 #include <stdio.h>
 
 
+#ifndef WOLFTPM2_NO_WRAPPER
+
 /******************************************************************************/
 /* --- BEGIN TPM Key Import / Blob Example -- */
 /******************************************************************************/
@@ -57,7 +59,7 @@ int TPM2_Keyimport_Example(void* userCtx, int argc, char *argv[])
     size_t fileSz = 0;
 #endif
     const char* outputFile = "keyblob.bin";
-    
+
     if (argc >= 2) {
         if (XSTRNCMP(argv[1], "-?", 2) == 0 ||
             XSTRNCMP(argv[1], "-h", 2) == 0 ||
@@ -110,7 +112,7 @@ int TPM2_Keyimport_Example(void* userCtx, int argc, char *argv[])
             (word32)tpmSession.handle.hndl);
 
         /* set session for authorization of the storage key */
-        rc = wolfTPM2_SetAuthSession(&dev, 1, &tpmSession, 
+        rc = wolfTPM2_SetAuthSession(&dev, 1, &tpmSession,
             (TPMA_SESSION_decrypt | TPMA_SESSION_encrypt | TPMA_SESSION_continueSession));
         if (rc != 0) goto exit;
     }
@@ -173,16 +175,23 @@ int TPM2_Keyimport_Example(void* userCtx, int argc, char *argv[])
 }
 
 /******************************************************************************/
-/* --- END TPM Timestamp Test -- */
+/* --- END TPM Key Import / Blob Example -- */
 /******************************************************************************/
+#endif /* !WOLFTPM2_NO_WRAPPER */
 
 
 #ifndef NO_MAIN_DRIVER
 int main(int argc, char *argv[])
 {
-    int rc;
+    int rc = NOT_COMPILED_IN;
 
+#ifndef WOLFTPM2_NO_WRAPPER
     rc = TPM2_Keyimport_Example(NULL, argc, argv);
+#else
+    printf("KeyImport code not compiled in\n");
+    (void)argc;
+    (void)argv;
+#endif
 
     return rc;
 }
 
@@ -39,6 +39,7 @@
 #include <stdio.h>
 
 
+#ifndef WOLFTPM2_NO_WRAPPER
 /******************************************************************************/
 /* --- BEGIN TPM Key Load Example -- */
 /******************************************************************************/
@@ -111,7 +112,7 @@ int TPM2_Keyload_Example(void* userCtx, int argc, char *argv[])
             (word32)tpmSession.handle.hndl);
 
         /* set session for authorization of the storage key */
-        rc = wolfTPM2_SetAuthSession(&dev, 1, &tpmSession, 
+        rc = wolfTPM2_SetAuthSession(&dev, 1, &tpmSession,
             (TPMA_SESSION_decrypt | TPMA_SESSION_encrypt | TPMA_SESSION_continueSession));
         if (rc != 0) goto exit;
     }
@@ -191,16 +192,22 @@ int TPM2_Keyload_Example(void* userCtx, int argc, char *argv[])
 }
 
 /******************************************************************************/
-/* --- END TPM Timestamp Test -- */
+/* --- END TPM Key Load Example -- */
 /******************************************************************************/
-
+#endif /* !WOLFTPM2_NO_WRAPPER */
 
 #ifndef NO_MAIN_DRIVER
 int main(int argc, char *argv[])
 {
-    int rc;
+    int rc = NOT_COMPILED_IN;
 
+#ifndef WOLFTPM2_NO_WRAPPER
     rc = TPM2_Keyload_Example(NULL, argc, argv);
+#else
+    printf("KeyImport code not compiled in\n");
+    (void)argc;
+    (void)argv;
+#endif
 
     return rc;
 }