v2.2.0 - TPM Dual-Mode Hardware Fingerprinting

Device Fingerprinting Pro v2.2.0

Release Date

December 21, 2025

Overview

Major feature release introducing TPM (Trusted Platform Module) hardware fingerprinting with dual-mode enforcement architecture.

What's New

TPM/Secure Hardware Fingerprinting

Added hardware-backed device identification using platform-specific secure hardware:

Dual-Mode Architecture

• Mode A - Software (Default): Optional TPM usage with graceful fallback, works on all platforms
• Mode B - TPM-Strict: Mandatory TPM requirement with explicit failure, for high-security deployments

Cross-Platform TPM Detection

• Windows: TPM 2.0 via PowerShell Get-Tpm cmdlet and WMI fallback
• macOS: Secure Enclave detection (T2 chip, Apple Silicon)
• Linux: TPM 2.0 via /sys/class/tpm filesystem interface

Privacy-Preserving Obfuscation

• SHA-256 hashing of hardware IDs
• No raw TPM data exposed in fingerprints

New API Functions

import device_fingerprinting as df

# Enable TPM fingerprinting
df.enable_tpm_fingerprinting(enabled=True)

# Check if TPM is enabled
df.is_tpm_enabled()

# Get detailed TPM status
status = df.get_tpm_status()

# Generate fingerprint with mode selection
fingerprint = df.generate_fingerprint(method="stable", mode="software")  # or "tpm_strict"

New Files

• src/device_fingerprinting/tpm_hardware.py - TPM detection and fingerprinting module (505 lines)
• examples/tpm_example.py - Basic TPM usage examples
• examples/dual_mode_enforcement.py - Comprehensive dual-mode demonstration
• test_tpm_simple.py - TPM integration tests
• test_dual_mode.py - Dual-mode architecture tests
• TPM_INTEGRATION.md - Technical documentation
• DUAL_MODE_ARCHITECTURE.md - Architecture specification

Installation

pip install device-fingerprinting-pro==2.2.0

Usage Examples

Software Mode (Graceful Fallback)

import device_fingerprinting as df

# Enable TPM if available
df.enable_tpm_fingerprinting(enabled=True)

# Generate fingerprint - uses TPM if available, falls back otherwise
fingerprint = df.generate_fingerprint(method="stable", mode="software")

TPM-Strict Mode (Mandatory)

import device_fingerprinting as df

# Enforce TPM requirement
try:
    fingerprint = df.generate_fingerprint(method="stable", mode="tpm_strict")
    # Success: TPM hardware attestation included
except RuntimeError as e:
    # TPM not available - deployment should be restricted
    print(f"TPM required but not available: {e}")

Adaptive Deployment

import device_fingerprinting as df

# Check TPM availability
status = df.get_tpm_status()

# Use strict mode if TPM available, fallback to software mode
mode = "tpm_strict" if status['tpm_hardware_available'] else "software"
fingerprint = df.generate_fingerprint(method="stable", mode=mode)

Technical Details

TPM Detection Implementation

• Windows: PowerShell Get-Tpm | ConvertTo-Json with WMI fallback
• macOS: system_profiler SPiBridgeDataType for T2/Apple Silicon detection
• Linux: /sys/class/tpm/tpm0/device/description parsing

Security Features

• Hardware-backed device identity
• Cryptographic attestation via TPM
• SHA-256 obfuscation of hardware IDs
• No plaintext TPM data storage

Backward Compatibility

• Default mode remains "software" for existing deployments
• No breaking changes to existing API
• TPM features are opt-in

Full Changelog

v2.2.0 (2025-12-21)

• Added TPM/Secure Hardware fingerprinting support
• Implemented dual-mode architecture (software/tpm_strict)
• Cross-platform TPM detection (Windows TPM 2.0, macOS Secure Enclave, Linux TPM)
• Hardware attestation with privacy-preserving obfuscation
• Enhanced security for deployments requiring hardware-backed identity
• Added comprehensive test suite for TPM functionality (7/7 tests passing)
• Updated README with TPM sections and architectural diagrams

Links

• PyPI Package: https://pypi.org/project/device-fingerprinting-pro/2.2.0/
• GitHub Repository: https://github.com/Johnsonajibi/DeviceFingerprinting
• Documentation: https://github.com/Johnsonajibi/DeviceFingerprinting/blob/main/README.md
• TPM Integration Guide: https://github.com/Johnsonajibi/DeviceFingerprinting/blob/main/TPM_INTEGRATION.md
• Issue Tracker: https://github.com/Johnsonajibi/DeviceFingerprinting/issues

Contributors

@Johnsonajibi

License

MIT License