# cli-optiga-trust-m **Repository Path**: forai/cli-optiga-trust-m ## Basic Information - **Project Name**: cli-optiga-trust-m - **Description**: No description available - **Primary Language**: Unknown - **License**: MIT - **Default Branch**: master - **Homepage**: None - **GVP Project**: No ## Statistics - **Stars**: 0 - **Forks**: 0 - **Created**: 2020-10-23 - **Last Updated**: 2020-12-19 ## Categories & Tags **Categories**: Uncategorized **Tags**: None ## README # Command Line Interface (CLI) & OpenSSL Engine for OPTIGA™ Trust M1 security solution 1. [About](#about) * [Prerequisites](#prerequisites) * [Contents of the package](#contents_of_package) 2. [Getting Started](#getting_started) * [Getting the Code from Github](#getting_code) * [First time building the library](#build_lib) 3. [CLI Tools Usage](#cli_usage) * [trustm_cert](#trustm_cert) * [trustm_chipinfo](#trustm_chipinfo) * [trustm_data](#trustm_data) * [trustm_ecc_keygen](#trustm_ecc_keygen) * [trustm_ecc_sign](#trustm_ecc_sign) * [trustm_ecc_verify](#trustm_ecc_verify) * [trustm_errorcode](#trustm_errorcode) * [trustm_metadata](#trustm_metadata) * [trustm_monotonic_counter](#trustm_monotonic_counter) * [trustm_readmetadata_data](#trustm_readmetadata_data) * [trustm_readmetadata_private](#trustm_readmetadata_private) * [trustm_readmetadata_status](#trustm_readmetadata_status) * [trustm_read_status](#trustm_read_status) * [trustm_rsa_dec](#trustm_rsa_dec) * [trustm_rsa_enc](#trustm_rsa_enc) * [trustm_rsa_keygen](#trustm_rsa_keygen) * [trustm_rsa_sign](#trustm_rsa_sign) * [trustm_rsa_verify](#trustm_rsa_verify) 4. [Trust M1 OpenSSL Engine usage](#engine_usage) * [rand](#rand) * [req](#req) * [pkey](#pkey) * [dgst](#dgst) * [Testing TLS connection with ECC key](#test_tls_ecc) * [Testing TLS connection with RSA key](#test_tls_rsa) * [Using Trust M OpenSSL engine to sign and issue certificate](#issue_cert) * [Simple Example on OpenSSL using C language](#opensslc) 5. [Known issues](#known_issues) ## About This is a command line tools tools and OpenSSL Engine for OPTIGA Trust M1 on Linux platform. ### Prerequisites Following is the software component to build the tools : * GCC * OpenSSL development library (libssl-dev) * OpenSSL 1.1.1d * OPTIGA Trust M1 library (source code) * pthread * rt Tested platforms: * Raspberry PI 3 on Linux kernel 4.19 ### Contents of Package This tools consists of the following files & directory: ```formated . ├── bin /* all executable and .so file is store here */ ├── LICENSE // MIT license file ├── linux_example /* Source code for executable file */ │ ├── trustm_cert.c // read and store x.509 certificate in OPTIGA™ Trust M │ └── trustm_chipinfo.c // list chip info │ ├── trustm_data.c // read and store raw data in OPTIGA™ Trust M │ ├── trustm_ecc_keygen.c // ECC Key generation │ ├── trustm_ecc_sign.c // example of OPTIGA™ Trust M ECC sign function │ ├── trustm_ecc_verify.c // example of OPTIGA™ Trust M ECC verify function │ ├── trustm_errorcode.c // List all known OPTIGA™ Trust M error code │ ├── trustm_metadata.c // read and modify metadata of selected OID │ ├── trustm_monotonic_counter.c // example of OPTIGA™ Trust M monotonic counter function │ ├── trustm_read_data.c // read all app1 data │ ├── trustm_readmetadata_data.c // read all metadata of data objects │ ├── trustm_readmetadata_private.c // read all metadata of keys OID │ ├── trustm_readmetadata_status.c // read all metadata of status OID │ ├── trustm_read_status.c // read all status data │ ├── trustm_rsa_dec.c // example of OPTIGA™ Trust M RSA Decode function │ ├── trustm_rsa_enc.c // example of OPTIGA™ Trust M RSA Encode function │ ├── trustm_rsa_keygen.c // RSA Key generation │ ├── trustm_rsa_sign.c // example of OPTIGA™ Trust M RSA sign function │ └── trustm_rsa_verify.c // example of OPTIGA™ Trust M RSA verify function ├── Makefile // this project Makefile ├── README.md // this read me file in Markdown format ├── trustm_engine /* all trust M1 OpenSSL Engine source code */ │   ├── trustm_engine.c // entry point for Trust M1 OpenSSL Engine │   ├── trustm_engine_common.h // header file for Trust M1 OpenSSL Engine │   ├── trustm_engine_rand.c // Random number generator source │   └── trustm_engine_rsa.c // RSA source ├── trustm_helper /* Helper rountine for Trust M library */ │   ├── include /* Helper include directory │   │   └── trustm_helper.h // Helper header file │   └── trustm_helper.c // Helper source └── trustm_lib /* Directory for trust M library */ ``` ## Getting Started ### Getting the Code from Github Getting the initial code from Github with submodules ```console foo@bar:~$ git clone --recurse-submodules https://github.com/Infineon/cli-optiga-trust-m.git ``` Applying patch to workaround the known pal_os_event.c issue ```console foo@bar:~/cli-optiga-trust-m$ make workaround_patch Applying workaround patch for pal_os_event.c Original file backup to trustm_lib/pal/linux/pal_os_event.org Applying workaround patch for pal_os_datastore.c Original file backup to trustm_lib/pal/linux/pal_os_datastore.org ``` ### First time building the library ```console foo@bar:~$ make ``` to install *Note : In case install fail try performing the uninstall and redo make.* ```console foo@bar:~$ sudo make install ``` to uninstall ```console foo@bar:~$ sudo make uninstall ``` ## CLI Tools Usage ### trustm_cert Read/Write/Clear certificate from/to certificate data object. Output and input certificate in PEM format. ```console foo@bar:~$ ./bin/trustm_cert Help menu: trustm_cert