Proxmox-Port/libtpms
1
0
Fork 0
mirror of https://github.com/stefanberger/libtpms synced 2025-08-23 16:01:32 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
1,258 Commits 27 Branches 45 Tags 10 MiB
stefanberger/fips-140-3
Commit Graph

1258 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Stefan Berger
bb4dafb1e7 tpm2: NVMarshal: Introduce MAX_MARSHALLED_OBJECT_SIZE 
Introduce the #define MAX_MARSHALLED_OBJECT_SIZE to be used for a size of
a byte buffer that is supposed to hold a marshalled OBJECT. The number
is not exact but provides for a 'safe' size of a buffer.

Add a test case to check that MAX_MARSHALLED_OBJECT_SIZE is sufficient.
The test case needs access to ANY_OBJECT_Marshal, which is only available
when -static can be used for linking since otherwise the function is
private to the library. Static linking the test case does not work when
test-coverage is enabled, therefore disable statically linked test cases
in when test-coverage is enabled and give control to the user to disable
statically linked test cases in other cases as well.

Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
 2024-03-05 21:13:57 -05:00
Stefan Berger
37f8e2f2c8 tpm2: Introduce RSA3072_OBJECT and implement conversion functions 
Take a snapshot of the current OBJECT and call this RSA3072_OBJECT that
gets its own set of dependent datatypes that represent the current
OBJECT's dependent datatypes and only fit an RSA 3072 object (or smaller).

This allows for extension to RSA 4096 or possibly later on to
quantum-safe crypto keys that may also be stored in an OBJECT.

Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
 2024-03-05 21:13:57 -05:00
Stefan Berger
eea4fd7bab tpm2: Clean up RSA2048_OBJECT_To_OBJECT 
Only convert the private exponent for an RSA key and initialize
the privateExponent with zeros otherwise.

Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
 2024-03-05 21:13:57 -05:00
Stefan Berger
c4390d0d66 build-sys: Display whether test coverage is enabled 
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
 2024-03-05 21:13:57 -05:00
Stefan Berger
5679903b34 rev180: Rearrange order of TPMI_ECC_CURVE_P_UNMARSHAL in unmarshalArray 
After adding BOOL allowNull parameter to TPMI_ECC_CURVE_Unmarshal rearrange
the order in which this command is listed in the unmarshalArray so that the
caller passes an addtional parameter to this function now.

Also add a fuzzer test case.

Fixes: 44f0cb0535 ("rev180: Sync TPMI_ECC_CURVE_Unmarshal")
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
 2024-02-28 11:04:12 -05:00
Stefan Berger
5cefa0a117 tpm2: Sync EntityGetLoadStatus with upstream 
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
 2024-02-27 13:28:24 -05:00
Stefan Berger
f9e52bd044 rev180: Replace handle with HierarchyNormalizeHandle(handle) 
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
 2024-02-27 12:18:03 -05:00
Stefan Berger
44f0cb0535 rev180: Sync TPMI_ECC_CURVE_Unmarshal 
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
 2024-02-27 12:18:03 -05:00
Stefan Berger
5ad0256d1a rev180: Sync comment and whitespace changes 
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
 2024-02-27 12:18:03 -05:00
Stefan Berger
23ab02a1c2 tests: oss-fuzz.sh: Append -fno-sanitize=bounds to CFLAGS 
The new TPM 2 code casts bigNum's to Crypt_Int, which has an array 'd' of
type 'crypt_uword_t[2]' which then leads to the following types of errors
that we haven't found another solution for so far.

Running: /mnt/scratch0/clusterfuzz/bot/inputs/fuzzer-testcases/crash-2675de6341d4e056d04ab49179b8e5b8bd456589
	/src/libtpms/src/tpm2/crypto/openssl/CryptPrime.c:377:20: runtime error: index 23 out of bounds for type 'crypt_uword_t[2]' (aka 'unsigned long[2]')
 #0 0x5b4196 in RsaAdjustPrimeCandidate_New libtpms/src/tpm2/crypto/openssl/CryptPrime.c:377:20
 #1 0x5b4196 in RsaAdjustPrimeCandidate libtpms/src/tpm2/crypto/openssl/CryptPrime.c:405:9
 #2 0x5b4366 in TpmRsa_GeneratePrimeForRSA libtpms/src/tpm2/crypto/openssl/CryptPrime.c:454:6
 #3 0x590953 in CryptRsaGenerateKey libtpms/src/tpm2/crypto/openssl/CryptRsa.c:1433:9

Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
 2024-01-15 14:53:19 -05:00
Stefan Berger
a5dfd26d45 tpm2: NVMarshal: To read an OBJECT from NVRAM use NvReadObject not NvRead 
NvReadObject knows how to read an OBJECT from NVRAM, so use it instead
of the low-level NvRead(). This prepares the code for possibly larger
OBJECTs in NVRAM in the future that may have been marshalled before
they were written into NVRAM (such as RSA 4096 keys or possibly keys
from QC if they will be stored in OBJECTs).

The call to NvReadObject() requires that the ref in NvReadObject points
to the handle of an NV_ENTRY_HEADER. An NV_ENTRY_HEADER looks like this:

  typedef struct {
      UINT32      size;
      TPM_HANDLE  handle;
  } NV_ENTRY_HEADER;

Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
 2024-01-13 14:22:41 -05:00
Stefan Berger
fd7e5d76a2 tpm2: NVMarshal: Indent some break statements 
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
 2024-01-13 14:22:41 -05:00
Stefan Berger
6fb287ce22 tpm2: Rename OLD_OBJECT to RSA2048_OBJECT and rename function 
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
 2024-01-11 13:38:29 -05:00
Stefan Berger
9718874672 tpm2: Move OLD_OBJECT to OBJECT conversion into own function 
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
 2024-01-11 13:38:29 -05:00
Stefan Berger
abcd127b29 tpm2: Leave a FIXME in OBJECT_Marshal 
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
 2024-01-11 13:38:29 -05:00
Stefan Berger
6063c0fbb2 tpm2: Add MUST_BE to ensure unions' largest TPM2Bs are marshalled 
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
 2024-01-11 13:38:29 -05:00
Stefan Berger
1375b8a53b tpm2: Use MUST_BE in BackwardsCompatibilityObject.c 
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
 2024-01-10 16:28:09 -05:00
Stefan Berger
134b33df38 rev180: Enable COMPILER_CHECKS (static asserts) 
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
 2024-01-09 15:23:07 -05:00
Stefan Berger
6af38cf79e tpm2: Re-add include of openssl/ecdsa.h for LibreSSL 
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
 2024-01-09 10:43:49 -05:00
Stefan Berger
e955d926df tpm2: Check libcrypto for EC_POINT_get_affine_coordinates availability 
Check -lcrypto for availability of the more recent
EC_POINT_get_affine_coordinates function and use a #define to call it
instead of the older EC_POINT_get_affine_coordinates_GFp. Make the
same change to EC_POINT_set_affine_coordinates_GFp.

Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
 2024-01-09 08:36:35 -05:00
Stefan Berger
4f2a8de359 rev180: Use CRYPT_CURVE_FREE to free CTX and G 
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
 2024-01-04 20:27:25 -05:00
Stefan Berger
31fda0cd51 rev180: Fix a memory leak in CryptEccIsPointOnCurve 
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
 2024-01-04 15:04:05 -05:00
Stefan Berger
db997a843b rev180: Fix possible NULL-pointer derefernces (Coverity) 
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
 2024-01-03 20:23:19 -05:00
Stefan Berger
86faea6504 rev180: Sync header used by TPMCmdp.c 
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
 2024-01-03 20:23:19 -05:00
Stefan Berger
3f106044aa rev180: Append 0-sized padding to state_reset_data 
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
 2024-01-03 20:23:19 -05:00
Stefan Berger
db28927d48 rev180: Sync SM4 related compile-time checks with upstream 
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
 2024-01-03 20:23:19 -05:00
Stefan Berger
6c96a8e0d1 rev180: Sync SM3-related compile-time checks upstream 
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
 2024-01-03 20:23:19 -05:00
Stefan Berger
0ee8b4e34e rev180: Remove unused defines from TpmBuildSwitches.h 
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
 2024-01-03 20:23:19 -05:00
Stefan Berger
f1764ace4c rev180: Sync externaly visible impl. alt. options in TpmBuildSwitches.h 
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
 2024-01-03 20:23:19 -05:00
Stefan Berger
f09c116313 rev180: Sync implementation alternatives options in TpmBuildSwitches.h 
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
 2024-01-03 20:23:19 -05:00
Stefan Berger
4e8fa4dcda rev180: Sync compliance options in TpmBuildSwitches.h 
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
 2024-01-03 20:23:19 -05:00
Stefan Berger
c8ee281eaa rev180: Sync internal checks in TpmBuildSwitches.h 
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
 2024-01-03 20:23:19 -05:00
Stefan Berger
411eaa1ee8 rev180: Sync debug options in TpmBuildSwitches.h 
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
 2024-01-03 20:23:19 -05:00
Stefan Berger
36d2a9d657 rev180: Sync prototypes in Simulator_fp.h (not used by libtpms) 
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
 2024-01-03 20:23:19 -05:00
Stefan Berger
16310e1d1f rev180: Initialize platformReserved but do not write out in state 
Set the size of the array to 0 by setting PERSISTENT_DATA_PLATFORM_SPACE
to 0.

Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
 2024-01-03 20:23:19 -05:00
Stefan Berger
404c39cf0b rev180: Reformat libtpms functions in CryptRsa.h 
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
 2024-01-03 20:23:19 -05:00
Stefan Berger
5b55e9d9a2 rev180: Sync other #defines in GpMacros.h 
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
 2024-01-03 20:23:19 -05:00
Stefan Berger
1e22e15bdd rev180: Sync #defines and #includes in GpMacros.h with upstream 
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
 2024-01-03 20:23:19 -05:00
Stefan Berger
23704dcfbe rev180: Sync _TPM_Init with upstream 
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
 2024-01-03 20:23:19 -05:00
Stefan Berger
2e74c49c41 rev180: Add _plat__ACT_GetPending/Tick prototypes 
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
 2024-01-03 20:23:19 -05:00
Stefan Berger
a750cfe419 rev180: Sync a pAssert in SessionCapGetSaved 
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
 2024-01-03 20:23:19 -05:00
Stefan Berger
3fbcdbcd06 rev180: Sync PCR related headers 
Since GLOBAL_C is now set in Platform.h it is necessary to adjust the usage
of this #define in NVMarshal.c.

Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
 2024-01-03 20:23:19 -05:00
Stefan Berger
bfbd6fd078 rev180: Rename and sync random number generating functions 
Rename the functions and adjust callers everywhere:
- BnGetRandomBits to TpmMath_GetRandomInteger
- BnGenerateRandomInRange to TpmMath_GetRandomInRange

Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
 2024-01-03 20:23:19 -05:00
Stefan Berger
a9b810a401 rev180: Move some random number functions to TpmMath_Util.c 
This is a straight move of 2 random number generating functions
into TpmMath_Util.c

Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
 2024-01-03 20:23:19 -05:00
Stefan Berger
5728a16848 rev180: Sync TpmFailureMode with upstream 
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
 2024-01-03 20:23:19 -05:00
Stefan Berger
d7b2ff804f rev180: Add ALLOW_FORCE_FAILURE_MODE with 'NO' and use it 
Set ALLOW_FORCE_FAILURE_MODE to 'NO' and used it in some places where
SIMULATION was used, which is also set to 'NO'.

Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
 2024-01-03 20:23:19 -05:00
Stefan Berger
831a9410ad rev180: Sync unused TPM/__plat_TearDown functions 
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
 2024-01-03 20:23:19 -05:00
Stefan Berger
c161176bcd rev180: Sync bignum related headers 
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
 2024-01-03 20:23:19 -05:00
Stefan Berger
05fe5a20c2 rev180: Sync BnToOsslMath.h with upstream 
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
 2024-01-03 20:23:19 -05:00
Stefan Berger
ab548892a7 rev180: Merge unused prototypes into CryptPrimeSieve_fp.h 
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
 2024-01-03 20:23:19 -05:00