swtpm

mirror of https://github.com/stefanberger/swtpm.git synced 2026-01-11 16:41:56 +00:00

Libtpms-based TPM emulator with socket, character device, and Linux CUSE interface.

crypto qemu security swtpm tpm tpm2 vtpm

Go to file

Stefan Berger 8a42a2f7e8 swtpm: Use custom profile's Algorithms when removing FIPS-disabled ones Use the custom profile's Algorithms when adjusting them for FIPS mode, rather than the list of all implemented Algorithms. The list of implemented Algorithms contains for example elliptic curve identifiers, such as ecc-nist-p192, ecc-nist-p224, ecc-nist-p256, ecc-nist-p384, ecc-nist-p521, ecc-bn-p256, ecc-bn-p638, that are not part of the custom profile but are enabled with the ecc-min-size=192, ecc-nist, and ecc-bn shortcuts there. Using the algorithms of the custom profile avoids confusion since otherwise the additional ecc-nist-* and ecc-bn-* algorithm identifiers appear in the modified custom profile even though the were not part of the original one. Test: swtpm_setup --tpm2 --tpmstate . --overwrite \ --profile-name custom --profile-remove-disabled fips-host before: ...,ecc,ecc-min-size=224,ecc-nist,ecc-bn,ecc-nist-p224,ecc-nist-p256, ecc-nist-p384,ecc-nist-p521,ecc-bn-p256,ecc-bn-p638,ecc-sm2-p256,... now: ...,ecc,ecc-min-size=224,ecc-nist,ecc-bn,ecc-sm2-p256,... Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>		2025-04-04 12:21:27 -04:00
.github	ci: Run apt-get update	2025-02-24 09:21:18 -05:00
debian	debian/rpm: Adjust changelog for 0.10.0 release	2024-11-15 14:19:43 -05:00
include	swtpm: Define a structure to return PTM_GET_CAPABILITY result	2024-10-11 17:34:36 -04:00
man	samples: Support different key algorithms for created TPM 2 CA	2025-03-30 19:17:25 -04:00
samples	sample: Enable passing usual curve names secp256r1 or secp384r1	2025-04-01 12:50:34 -04:00
src	swtpm: Use custom profile's Algorithms when removing FIPS-disabled ones	2025-04-04 12:21:27 -04:00
tests	sample: Enable passing usual curve names secp256r1 or secp384r1	2025-04-01 12:50:34 -04:00
.gitignore	selinux: Redevelop SELinux policy for Fedora 40 (ditch old rules)	2024-05-27 20:06:17 -04:00
.travis.yml	Travis: Downgrade to setuptools 59.6.0 to avoid error in 71.x	2024-12-02 15:24:57 -05:00
autogen.sh	build-sys: Create m4 directory on older systems	2018-12-15 10:06:03 -05:00
CHANGES	CHANGES: Add documentation for changes in 0.10.0	2024-11-15 14:19:43 -05:00
configure.ac	build-sys: Bump up version to 0.11.0 at beginning of dev cycle	2024-12-02 15:24:57 -05:00
COPYING	initial check-in	2014-12-05 11:16:03 -05:00
DCO1.1.txt	Replace the CLA with the DCO, simply requiring a Signed-off-by:	2016-12-21 11:11:48 -05:00
docker-compose.yml	ci: add testing via docker compose	2024-07-18 16:48:21 -04:00
Dockerfile	Dockerfile: Fix casing of 'as'	2024-09-25 07:20:37 -04:00
INSTALL	docs: Update INSTALL document	2021-07-21 09:04:24 -04:00
LICENSE	swtpm: Replace the CUSE TPM with the new implementation	2015-12-07 15:01:57 -05:00
Makefile.am	samples: swtpm-create-tpmca: Fix shellcheck issues and add to syntax-check target	2023-02-22 17:27:05 -05:00
README	docu: Cut down the README to its minimum	2018-09-24 17:48:41 -04:00
run_tests	tests: Run all tests again in run_test	2020-04-07 17:14:10 -04:00
swtpm.spec	build-sys: Bump up version to 0.11.0 at beginning of dev cycle	2024-12-02 15:24:57 -05:00
swtpm.spec.in	debian/rpm: Adjust changelog for 0.10.0 release	2024-11-15 14:19:43 -05:00
TODO	Adding RHEL/Centos status info	2016-06-26 20:03:43 -04:00

README

SWTPM - Software TPM Emulator
      David Safford safford@us.ibm.com
      Stefan Berger stefanb@us.ibm.com

The SWTPM package provides TPM emulators with different front-end interfaces
to libtpms. TPM emulators provide socket interfaces (TCP/IP and Unix) and
the Linux CUSE interface for the creation of multiple native /dev/vtpm* devices.

The SWTPM package also provides several tools for using the TPM emulator,
creating certificates for a TPM, and simulating the manufacturing of
a TPM by creating a TPM's EK and platform certificates etc. Please read 
the READMEs in the individual tool's directory under src/.

Please consult the Wiki for information about swtpm:

   https://github.com/stefanberger/swtpm/wiki