UBSAN complains about the following now:
runtime error: left shift of 129 by 24 places cannot be
represented in type 'int'
Fix this (again) in the affected variables by casting the values to UINT32.
Some of the fixes got lost in the recent re-base, others are new due to
how the values are defined.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Convert ObjectGetPublicParameters to return TPM_RC and have it return
TPM_RC_MEMORY in case of a NULL pointer returned from BN_new() and
TPM_RC_FAILURE for any other error. Adjust the 2 callers.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Convert those TPM_RC_FAILURE return codes to TPM_RC_MEMORY where
it is certain that it is only an issue related to no memory being available
rather than anything else. The following OpenSSL functions qualify for
this:
- BN_CTX_new & BN_CTX_new_ex
- BN_new
The following ones do not qualify:
- RSA_new: could have failure with ENGINE_init() and ENGINE_get_RSA()
- EC_KEY_new: could have failure with ENGINE_init() and ENGINE_get_EC()
- BigInitialized: initializer could be NULL
- BN_bin2bn: length could be 0
Some functions now test for NULL pointers early on to return TPM_RC_MEMORY.
They would previously have failed in BigInitialized() if the BIGNUM had
been a NULL pointer.
Since TPM_RC_FAILURES should never occur, the new TPM_RC_MEMORYs should
never occur, either. So, this is primarily a clean-up.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Fix a possible memory leak that may occur in case of a failure in
ObjectGetPublicParameters. The already allocated dP, dQ, and qInv
need to be freed.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
EC_POINT_set_affine_coordinates_GFp would dereference the EC_POINT if it
was NULL. Check P != NULL before calling this function.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Fix an HMAC signing issue that may causes an out-of-bounds access in a
TPM2B that in turn was running into an assert() in libtpms causing an
abort. The signing issue was due to an inconsistent pairing of the signKey
and signScheme parameters, where the signKey is ALG_KEYEDHASH key and
inScheme is an ECC or RSA scheme.
This fixes CVE-2025-49133.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
In CheckLockedOut replace the return code of TPM_RC_RETRY with
TPM_RC_SUCCESS since it does not seem to be necessary to run the TPM2
command again but the TPM2 can continue executing the current command.
If NVRAM wasn't available then the code in CheckLockedOut would return
with an error already.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
To enable RSA-4096 in the default-v2 profile, set the stateFormatLevel
to STATE_FORMAT_LEVEL_CURRENT (8).
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Fix the following bugs in RuntimeProfileDedupStrItems:
- RuntimeProfileDedupStrItems did not memmove the correct number of bytes,
leading to potential crashes.
- Also, it did not handle deduplicating the last item in the comma-
separated list correctly.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
- Enable RSA_4096
- Add RSA_4096 to s_KeySizesRSA at stateFormatLevel 8
- Increase STATE_FORMAT_LEVEL_CURRENT to 8
- Update tests for larger object size and increased StateFormatLevel
- In NVMarshal.c replace MAX_RSA_KEY_BITS with old value 3072
so that the state is acceptable to older versions of libtpms;
if we wrote 4096, then older versions of libtpms would reject the
state.
- In NVMarshal.c replace RSA_4096 with '0' so it is acceptable to older
versions; if we wrote '1', then older versions of libtpms would reject
the state.
Fixes: #491
Signed-off-by: Dan Streetman <ddstreet@ieee.org>
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
