Get rid of the usage of an sprintf and use snprintf instead. In this
case the buffer is 128, so big enough to not cause problems, though.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Fix a potential buffer overflow bug in the creation of filenames
that were using sprintf() rather than snprintf(). The buffer overflow
could occurr if the buffer is longer than 4096 bytes. The state path
may alone be 4096 bytes and could possibly trigger the overflow.
Swtpm for example is not affected from this since it uses the callbacks
that are invoked before the faulty function is called.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Check the size of the available data before hashing them. A minimum
of 20 bytes needs to be passed into the function so that we can hash
the data 'before' it.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Reported-by: Yi Ren <yunye.ry@alibaba-inc.com>
Fix a Coverity complaint by using iv.t.buffer rather than the
1-byte synonym (due to union) iv.b.buffer.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Some of the functions that OpenSSL uses are #define's for which
we need to check using a new AX_CHECK_DEFINE. We need to check for
them also because they were added at different points in time.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Implement key creation with OpenSSL if rand == NULL, meaning
that we create a non-KDF-derived key, so a purely random key.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Use the CRT (Chinese Remainder Theorem) method for doing the RSA
operations. Unfortunately it is not sufficient to just pass the
precalculated dP, dQ, and qInv parameters to OpenSSL private key
crypto functions but it also needs D, which is a bit more involved
to calculate.
We are not caching D (private exponent) as part of the OBJECT since
the OBJECT lives in size-limited NVRAM and we would need to add
'D' to the privateExponent_t, which would make it bigger and which
would allow less keys to fit into memory, which in turn could be-
come an issue if we wanted to resume a TPM that filled up the NVRAM
with keys and now less keys would fit into the NVRAM.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Implement helper functions to create an RSA public and private
key. Create the latter with the CRT parameters.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Check for RSA functions we need for calling the cryto lib for
doing RSA operations. Set the environment variable
USE_OPENSSL_FUNCTIONS_RSA to '1' if found, to '0' otherwise.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Use OpenSSL function to create TDES keys if rand == NULL,
which indicates that a truely random key needs to be generated
rather than one derived from a KDF.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Use OpenSSL functions to create EC keys only for the case that
rand == NULL in which case no KDF is being used and where we can
create a truly random key. This doesn't break the upgrade path.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Switch the ECDSA signature verification to OpenSSL. Do the signature
creation in the next step so we can verify the creation / verification
against the original TPM 2 code.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
OpenSSL's crypto library does not support all crypto functionality
we need in all versions. Elliptic curve support via EVP seems to
have been added much later than for example symmetric crypto support.
So, we move the USE_OPENSSL_FUNCTIONS out of Implementation.h
into configure.ac and let the build system detect what functionality
is available in the crypto library. In this patch we now also rename
USE_OPENSSL_FUNCTIONS to USE_OPENSSL_FUNCTIONS_SYMMETRIC to indicate
that we can use the symmetric crypto functions of the crypto lib.
Using the OpenSSL crypto support is enabled by default, so one has
to use --disable-use-openssl-functions, which we do for Travis now.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Maintain the build for the case of USE_OPENSSL_FUNCTIONS set to NO
where we build the original TPM 2 code.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Convert functions for symmetric encryption via AES and TDES to
use OpenSSL EVP functions where necessary. Leave the old code around
and use the #if USE_OPENSSL_FUNCTIONS to activate the new parts.
OpenSSL does not provide an implementation for TDES in CTR mode, so
we reuse the original TPM 2 code for this mode.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Implement helper for getting OpenSSL crypto functions from
crytpo algorithm IDs, encryption modes, and key sizes.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Add a script that uses openssl to create the test data we are using
in the TPM 2 code already. Extend this script with TDES 128 and 192 bit
key sizes and tests.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Restrict the number of command line parameters passed to the
fuzz program in order not to overstep command line parameter
size restrictions.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
