libtpms

mirror of https://github.com/stefanberger/libtpms synced 2025-08-27 15:36:53 +00:00

Author	SHA1	Message	Date
Stefan Berger	e180ef05f7	tpm2: Add unused BnNewVariable() to TpmtoOsslMath.c Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>	2020-04-14 16:03:45 -04:00
Stefan Berger	22208e47cf	tpm2: Have OsslToTpmBn return TRUE on success, FALSE on failure Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>	2020-04-14 16:03:45 -04:00
Stefan Berger	d273c4424c	tpm2: Reorder things in TpmToOsslMath.h Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>	2020-04-14 16:03:45 -04:00
Stefan Berger	eb1c8d6b5d	tpm2: Fix definition of LIBRARY_COMPATIBILITY_CHECK in TpmBuildSwitches Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>	2020-04-14 16:03:45 -04:00
Stefan Berger	4f30e41379	tpm2: Sync unused TpcserverPosix_fp.h Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>	2020-04-14 16:03:45 -04:00
Stefan Berger	d56fad94e2	tpm2: Move CERTIFYX509_DEBUG into TpmBuildSwitches.h Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>	2020-04-14 16:03:45 -04:00
Stefan Berger	2e3fafb013	tpm2: Fix unsigned comparison to use == 0 rather than <= 0 Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>	2020-04-14 16:03:45 -04:00
Stefan Berger	a5c10693c8	tpm2: Refactor X509_spt.c a bit and capitalize global variables Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>	2020-04-14 16:03:45 -04:00
Stefan Berger	0c18e09b81	tpm2: Sync unused TpmSizeChecks function Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>	2020-04-14 16:03:45 -04:00
Stefan Berger	f7c1c7785e	tpm2: Remove a #if guarding a typedef in TpmTypes.h Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>	2020-04-14 16:03:45 -04:00
Stefan Berger	359a61eafd	tpm2: OIDs.h: Fix SM2_256 to be SM3_256 Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>	2020-04-14 16:03:45 -04:00
Stefan Berger	bb84bfbf36	tpm2: Move CLOCK #defines into PlatformClock.h Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>	2020-04-14 16:03:45 -04:00
Stefan Berger	2b8ce8d8c1	tpm2: Move variables from PlatformData.c to PlatformData.h Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>	2020-04-14 16:03:45 -04:00
Stefan Berger	77fc62a7da	tpm2: Change #if that makes functions visible Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>	2020-04-14 16:03:45 -04:00
Stefan Berger	c2893ed157	tpm2: Add comment regarding ubsan issue solved with casting (TPM2B *)name Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>	2020-04-14 16:03:45 -04:00
Stefan Berger	cd2daec6b0	tpm2: Addition input validation in TPM2_CertifyX509 Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>	2020-04-14 16:03:45 -04:00
Stefan Berger	53294e8efa	tpm2: Add LIB_EXPORT to _plat__RealTime Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>	2020-04-14 16:03:45 -04:00
Stefan Berger	2685d2b8fd	tpm2: replace & in some #defines with && Camellia is not enabled at this point, so nothing changes. Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>	2020-04-14 16:03:45 -04:00
Stefan Berger	0b0b2f1d08	tpm2: Remove PCR_SELECT_{MAX,MIN} from TpmProfile.h since in GpMacros.h Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>	2020-04-14 16:03:45 -04:00
Stefan Berger	3948401c55	tpm2: check for TPM_RS_PW rather than session == NULL Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>	2020-04-14 16:03:45 -04:00
Stefan Berger	ec85717048	tpm2: Get rid of a variable	2020-04-14 16:03:45 -04:00
Stefan Berger	8265f6e8bd	tpm2: x509 certify: rename field qualifyinData to reserved Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>	2020-04-14 16:03:45 -04:00
Stefan Berger	e821b4e849	tpm2: Sync unused DebugHelpers Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>	2020-04-14 16:03:45 -04:00
Stefan Berger	d2eee38cd1	tpm2: Include X509.h if CC_Ceritfyx509 is defined Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>	2020-04-14 16:03:45 -04:00
Stefan Berger	ff6ea3b2bd	tpm2: Add missing #define and rename crlSign bit to cRLSign Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>	2020-04-14 16:03:45 -04:00
Stefan Berger	da68840e17	tpm2: Surround parameters in define with () Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>	2020-04-14 16:03:45 -04:00
Stefan Berger	0569a67bc5	tpm2: Introduce TPMA_ZERO_INITIALIZER() and use it Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>	2020-04-14 16:03:45 -04:00
Stefan Berger	530e2e14fd	tpm2: Add commented tpmCryptKeySchedule to tpmCryptKeySchedule_t Add tpmCryptKeySchedule to union tpmCryptKeySchedule_t. Since this is causing linker problems on OSX and is not used anywhere at this point, comment it. Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>	2020-04-14 16:03:45 -04:00
Stefan Berger	b19e728bb3	tpm2: Code reformatting and comment changes only Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>	2020-04-14 16:03:45 -04:00
Stefan Berger	c310987975	tpm2: Remove dead functions and their prototypes Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>	2020-04-14 16:03:45 -04:00
Stefan Berger	c7e53749ed	tpm2: Remove a couple of unused #defines Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>	2020-04-14 16:03:45 -04:00
Stefan Berger	5148fe63d3	tpm2: Rename OIDS.h to OIDs.h Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>	2020-04-14 16:03:45 -04:00
Stefan Berger	6847901cfa	tpm2: Remove dead functions and their prototypes Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>	2020-04-14 16:03:45 -04:00
Stefan Berger	52b7c83927	tpm2: rev155: Set spec version to 155 With some x509 related issues fixed, advertise revision 155 now so that IBM TSS 2 test suite passes the X509 tests. Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>	2020-04-14 16:03:45 -04:00
Stefan Berger	db1d01526a	tpm2: Some x509 related fixes Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>	2020-04-14 16:03:45 -04:00
Stefan Berger	baa5b3995d	tpm2: Fix bit ordering related to TPMA_X509_KEY_USAGE Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>	2020-04-14 16:03:45 -04:00
Stefan Berger	9cc5f38c96	tpm2: Add parameter to (unused) TPMA_OBJECT_INITIALIZER Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>	2020-04-14 16:03:45 -04:00
Stefan Berger	521d5948f6	tpm2: Added (not used) #defines Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>	2020-04-14 16:03:45 -04:00
Stefan Berger	1cbee17a16	tpm2: Fix some ASN.1 related code Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>	2020-04-14 16:03:45 -04:00
Stefan Berger	b822e395c3	tpm2: Whitespace changes only Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>	2020-04-14 16:03:45 -04:00
Stefan Berger	f5e6f48ff7	tpm2: Move some #defines into GpMacros and include headers Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>	2020-04-14 16:03:45 -04:00
Stefan Berger	5ca051d272	tpm2: Update DebugHelpers but deactivate code since not needed Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>	2020-04-14 16:03:45 -04:00
Stefan Berger	b546847a17	tpm2: sync svn 1490; whitespace and comment changes only Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>	2020-04-14 16:03:45 -04:00
Stefan Berger	4903a423ea	tpm2: Pass SEED_COMPAT_LEVEL to Object for use when deriving keys When a child key is derived from an Object, we need to know what SEED_COMPAT_LEVEL the Object was created under (or what the its seed is) so that we can later on derive child with the appropriate SEED_COMPAT_LEVEL. When an external object is loaded we set the SEED_COMPAT_LEVEL to SEED_COMPAT_LEVEL_ORIGINAL so that any RSA key that could possibly be derived from it will always create the same RSA key independent of the SEED_COMPAT_LEVEL of the hierarchy it is loaded under. This way any key derivation that could happen on an external key remains the same before and after this code change. Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>	2020-04-14 16:03:45 -04:00
Stefan Berger	480d42bb9f	tpm2: rev155: Fix a bug in the RSAES decoder checking bounds Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>	2020-04-14 16:03:45 -04:00
Stefan Berger	c1f7bf5509	tpm2: Activate SEED_COMPAT_LEVEL_RSA_PRIME_ADJUST_FIX Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>	2020-04-14 16:03:45 -04:00
Stefan Berger	5b8200d7f5	tpm2: Pass SEED_COMPAT_LEVEL to CryptAdjustPrimeCandidate function Pass the SEED_COMPAT_LEVEL, originating from the seed that's being used, to the CryptAdjustPrimeCandidate function and use it to determine whether the old code should be used or the new one. Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>	2020-04-14 16:03:45 -04:00
Stefan Berger	b0ca810347	tpm2: Introduce SEED_COMPAT_LEVEL_RSA_PRIME_ADJUST_FIX but do not use yet Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>	2020-04-14 16:03:45 -04:00
Stefan Berger	625171be0c	tpm2: rev155: Add new RsaAdjustPrimeCandidate code but do not use Add in the new RsaAdjustPrimeCandidate() function but do not use it so far since it creates slightly different primes than the previous code and we would get different derived keys if we were to use it with 'old' seeds. Adjust the code to return the same results for 64 bit and 32 bit machines. Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>	2020-04-14 16:03:45 -04:00
Stefan Berger	c97d016d27	tpm2: Add SEED_COMPAT_LEVEL to DRBG state Add a SEED_COMPAT_LEVEL to the DRBG state that is associated with the seed and indicates the seed compatibility level we need to maintain when deriving RSA keys from seeds. We only need to be able to handle RSA keys derived via the DRBG state. Other keys, such as symmetric keys, are not affected. Also RSA keys cannot be derived from a KDR, so the KDF does not need to carry the SEED_COMPAT_LEVEL. All functions that need to pass a value set SEED_COMPAT_LEVEL to SEED_COMPAT_LEVEL_ORIGINAL (0) for now. Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>	2020-04-14 16:03:45 -04:00

... 13 14 15 16 17 ...

1331 Commits