Security & Smart Card Forum Discussions
Browse the Community
OPTIGA™ Trust
High-end easy to use security solutions that provide an anchor of trust for your application, connecting IoT devices to the cloud, giving billons of device its own unique identity, pre-personalized turnkey solutions, zero-touch onboarding, high performance, ... We did not meet your expectations? Let us know!
OPTIGA™ TPM
OPTIGA™ TPM (Trusted Platform Module) offers a broad portfolio of standardized security controllers to protect the integrity and authenticity of embedded devices and systems. With a secured key store and support for a variety of encryption algorithms, OPTIGA™ TPM security chips provide robust protection for critical data and processes through their rich functionality. OPTIGA™ TPM security controllers are ideal for platforms running both Windows and Linux and its derivatives (SLB 9645 product versions for Chrome OS available). Based on Trusted Computing Group (TCG) standards, they support the TPM 1.2 or the latest innovative TPM 2.0 standard.
SECORA™ Blockchain
SECORA™ Blockchain is a fast, easy-to-use Java Card™ solution supporting best-in-class security for block chain system implementations. By providing a safe “vault” for user credentials, SECORA™ Blockchain can reduce the final user’s commercial risk and helps to increase trust in the block chain system.
CIPURSE™
Open, international standards such as CIPURSE™ are the best way to ensure interoperability across secured, cost-effective and flexible multi-applications schemes supporting fare collection. Infineon is the world’s first supplier of a complete CIPURSE™ certified product portfolio.
OPTIGA™ Connect
OPTIGA™ Connect is a family of turnkey eSIM security solutions for easy, flexible and secured cellular connectivity. They are optimized for specific requirements of industrial and IoT applications as well as those of consumer devices.<br> NOTE: We currently support only <b>OPTIGA™ Connect IoT</b> on this forum. For queries on OPTIGA™ Connect Consumer, please create a case at <a href="https://mycases.infineon.com/">https://mycases.infineon.com/</a>.
Featured Discussions
Hello,
I would like to confirm an issue I have with the SLB9670. My research led me to this thread (https://community.infineon.com/t5/OPTIGA-TPM/IMX8MM-SLB9670-TPM2-Self-test-error/td-p/454162), which seems to suggest everything is normal, but it links to the RPI3. I want to make sure the same applies to the RPI4.
During bootup, I see the following Kernel messages:
[ 9.194573] tpm_tis_spi spi0.1: 2.0 TPM (device-id 0x1B, rev-id 22)
[ 9.197032] tpm tpm0: A TPM error (256) occurred attempting the self test
[ 9.197057] tpm tpm0: starting up the TPM manually
This is slightly annoying, but I can see tpm0
and tpmrm0
in the device section:
user@cm4:~/eltt2 $ ls /dev/tpm*
/dev/tpm0 /dev/tpmrm0
sudo tpm2_gettestresult
status: success
0x00000000: 0xCE 0xFB 0xBB 0x85 0xF2 0x29 0x63 0x1F 0x6A 0xC4 0xDD 0x18 0xC6 0x15 0x25 0x94
0x00000010: 0x48 0x06 0x78 0x92
Finally, sudo tpm2_selftest -f returns 0
Is it safe to assume that my TPM is working correctly despite those messages? It seems like it, but I would appreciate some confirmation.
Thank you!
Show LessDears,
SLS32AIA010ML 规格书里面写的I2C基地址是0X30,实际测试是0X24,帮忙确认下,谢谢!
Thanks!
alex.Wang
Hello, I am creating a small example applet with for the Secora ID X. I realized that an empty applet skeleton (i.e. no functionality) used as the default applet; the first APDU call always takes around 20 ms. Is there a way to get rid of this penalty?
Thanks
Show LessHello,
We are currently working on tpm2.0 for SLB9673 with AM5748 soc
We would like to know if there exists a secure boot method that uses the TPM2 commands to verify the kernel integrity at the u-boot stage. Specifically that utilises the TPM2 functionalities to ensure the authenticity and integrity of the kernel image during the boot process.
Also, any resources, documents, or references that provide detailed information on this topic would be helpful.
Thanks and Regards,
Mythreyi
Hi team,
we are using the slb9673 tpm2 chip for hardware security in our embedded project which as AM5748 soc,
We need to implement secure boot for the same, can you please give us a detailed procedure and software requirements to implement secure boot.
regards,
Yashwanth T L
Show LessHi,
I get this error when trying to interface SLB9670 with BeagleBone Balck over SPI1, bus with CS1:
tpm_tis_spi: probe of spi1.1 failed with error -110
This is my overlay:
/dts-v1/;
/plugin/;
/ {
compatible = "ti,beaglebone","ti,am335x-boneblack", "ti,beaglebone-black";
part-number = "BB-SPI1-SLB9670";
version = "00A0";
fragment@0 {
target = <&am33xx_pinmux>;
__overlay__ {
pinmux_spi1_pins: pinmux_spi1_pins {
pinctrl-single,pins = <
0x190 0x33 /* spi1_sclk,MODE3 */
0x194 0x33 /* spi1_d0, MODE3 */
0x198 0x33 /* spi1_d1, MODE3 */
0x164 0x32 /* spi1_cs1, MODE2 */
>;
};
};
};
fragment@1 {
target = <&spi1>;
__overlay__ {
pinctrl-0 = <&pinmux_spi1_pins>;
status = "okay";
};
};
fragment@2 {
target = <&spi1>;
__overlay__ {
#address-cells = <1>;
#size-cells = <0>;
slb9670: slb9670@1 {
compatible = "infineon,slb9670";
reg = <1>;
#address-cells = <1>;
#size-cells = <0>;
spi-max-frequency = <32000000>;
};
};
};
};
Reset has pull-up.
This is what I have included and compiled in my kernel image:
CONFIG_TCG_TPM=y
CONFIG_TCG_TIS_CORE=y
CONFIG_TCG_TIS=y
CONFIG_TCG_TIS_SPI=y
I can see that tis-spi driver for tpm2.0 is loaded under /sys/bus/spi/drivers (I compiled it with kernel).
There is also SPI1.1 device visible under /sys/bus/spi/devices
In short, SPI1 is working because I use it for ENC28J60 ethernet PHY with CS0.
For SLB9670 I use P9_42 pin in mode 2 as CS1, but without any luck to establish connection with SLB.
Can somone tell me more about error -110 and how to fix it amd get things working.
Thanks
Show Less
How does one field firmware upgrade / OTA the SLB9762 FW16.12?
We need to upgrade the SLB9762 FW16.12 to the latest (FW16.13??) in an ARM-based Linux environment.
Any pointers, sample code, examples, white papers, etc appreciated.
Show Less