Leave a note in the TPMLIB_RegisterCallbacks() function about
the effects of leaving the store- and loaddata functions in the
interface unset.
Leave another not in TPMLIB_MainInit() to not use the library without
calling TPMLIB_RegiserCallbacks().
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Extend the existing test case with extending PCR 10 and reading back
the result, then storing the state blobs and setting them and checking
the value of PCR 10 again.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
When no callbacks are set and the plain NVChip file is used it wasn't
possible to save the state of the TPM 2 after a TPMLIB_Terminate()
TPMLIB_MainInit() sequence with a cached state (TPMLIB_SetState) since
in this case the NVRAM was not initialized. We now initialize the NV
in case no callback for restoring the state is set.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Split off the part that was handling the NVChip file in _plat__NVEnable
and call this new function _plat__NVEnable_ChipFile so we can call it
separately in case the caller works with the plain NVChip file.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Some OpenSSL EC API calls are deprecated starting in OpenSSL 1.2
and may fail the build due to the #warning they produce.
The affected functions have been renamed and consolidated with
other functions inside OpenSSL:
- EC_POINT_set_affine_coorindates_GFp
https://github.com/openssl/openssl/blob/OpenSSL_1_1_1-stable/crypto/ec/ec_lib.c#L730
- EC_POINT_get_affine_coordinates_GFp
https://github.com/openssl/openssl/blob/OpenSSL_1_1_1-stable/crypto/ec/ec_lib.c#L768
On both functions the suffix _GFp has been removed by the renaming.
We need to call the new functions if OPENSSL_API_COMPAT is defined
and is >= 0x10200000L.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Some man pages were not installed due to a typo in the name of
the variable. This patch fixes the issue.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Set the version to 0.6.0-1 for a release. Cheat a bit on the previous
version by changing the suffix to ~dev from -dev.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Fix Architecture and Depends entries of libtpms-dev in control file.
Thanks to alex@strugee.net for pointing this out in PR#22.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Fix the lintian complaint about wrong package name for the shared library.
Thanks to alex@strugee.net for pointing this out in PR#22.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Also test-compile on OS X. The 'distcheck' target cannot be used
since it results in deplicate symbol errors while linking (no idea
why it happens only with distcheck).
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Build libtpms with code coverage enabled and run the swtpm test
suite on it.
Unfortunately cpp-coveralls has a problem creating correct file paths when
collecting the results so that the coverage results are not correctly sub-
mitted to coveralls.io. The issue may stem from the fact that the
Makefile.am in src/ contains rules for source files in subdirs src/tmp12/
and src/tpm2/ etc. I hope that this issue can be fixed at some point.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Allow the user to pass in the CFLAGS. Previously they were overwritten
with -O2 -g, which are the default CFLAGS if none are passed.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Add support for --enable-test-coverage that sets additional CFLAGS
and LDFLAGS.
gcov creates files with suffixes .gcov, .gcno, and .gcda that we
need clean up in a few directories.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Add a matrix: part so we can test on multiple systems concurrently and
make the script use environment variables.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Do not fail the entire test run in case of a failure but display an
error message instead and continue running tests.
Errors may happen in very rare cases and we just continue then while
assuming the output is logged.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
CryptRandStartup() did not propagate initialization errors to the caller
but always returned TRUE. We now return the initialization errors and
display an error message and some state variables.
This error should almost never occur, but the fuzzer was able to trigger
it with rev 146 when the random number generated returned 32 bit numbers only
and the same 32 bit number was returned as the one before it. With rev 150
the random number generating function now returns as many random numbers as
the caller requested and this error is not getting triggered anymore.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
The first functions in UnmarshalArray before HANDLE_FIRST_FLAG_TYPE
must not have an additional flag and so we remove it.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
CryptHashCopyState is not called from anywhere and the useless
call to CryptGetHashDef() it does obviously doesn't matter. Deactivate
the whole function using #if 0.
NvClearPersistent() and NvUpdatePersistent() are not used, either,
so we can also deactivate them and suppress a pointer related issue
that Coverity is complaining about.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Bn2bin was used during the conversion of the code for supporting OSSL 1.1
and testing the math results of < OSSL 1.1 against those produced by
the bignum code in the TPM 2. It's not needed anymore since the upstream
code has support for any OSSL version now.
Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
The test code for marshalling and unmarshalling the NVRAM hasn't
been used anymore, so remove it.
Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
Mark all libtpms changes with comments for easy identification
when diff'ing with the original TPM code.
Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
