STPM4RasPI HMAC authorization

skim · ‎2025-05-20

Hello, I'm testing HMAC authorizations following TPM 2.0 library specification, and I've confirmed all cases works well except the "unbound and unsalted" session case, which uses null buffer as sessionKey with authValue_entity for HMAC calculation.

I’ve double-checked the code logic and found no errors in the HMAC calculation for the authorization area. Yet only the ‘unbound and unsalted’ session—which uses the uninitialized sessionKey (null buffer) and the provided authValue—still causes an error.

Therefore, I wonder whether TPM module blocks unbound and unsalted HMAC sessions.

Is there any documentation related to HMAC authorization? If so, could you send me any relevant documentation?

Best regards,

S Kim

Peter BENSCH · ‎2025-05-21

Welcome @skim, to the community!

the STPM4RasPI is based on the TPM starting with ST33TPHF2 and is part of the group of high security devices. Their data is strictly confidential and will only be handed over if an NDA is signed. For this reason, nobody in the public community can help, so you should contact your local ST contact.

Hope that helps?

Regards
/Peter

In order to give better visibility on the answered topics, please click on Accept as Solution on the reply which solved your issue or answered your question.

View solution in original post

Peter BENSCH · ‎2025-05-21

Welcome @skim, to the community!

the STPM4RasPI is based on the TPM starting with ST33TPHF2 and is part of the group of high security devices. Their data is strictly confidential and will only be handed over if an NDA is signed. For this reason, nobody in the public community can help, so you should contact your local ST contact.

Hope that helps?

Regards
/Peter

In order to give better visibility on the answered topics, please click on Accept as Solution on the reply which solved your issue or answered your question.