Proxmox-Port/libtpms
1
0
Fork 0
mirror of https://github.com/stefanberger/libtpms synced 2025-08-23 16:01:32 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
1,258 Commits 27 Branches 45 Tags 10 MiB
stefanberger/fips-140-3
Commit Graph

1258 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Stefan Berger
a2bcafe53b rev180: Add BnOssl.h and use it instread of Tpm.h 
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
 2024-01-03 20:23:19 -05:00
Stefan Berger
3e0cf3eb45 rev180: Sync ECC and dependencies with upstream 
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
 2024-01-03 20:23:19 -05:00
Stefan Berger
67820395b9 rev180: Move types of ECC signature functions into type-specific files 
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
 2024-01-03 20:23:19 -05:00
Stefan Berger
f89b536fdd rev180: Reformat (renamed) BnToOsslMath.h 
Remove an unnecessary include of openssl/ecdsa.h.

Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
 2024-01-03 20:23:19 -05:00
Stefan Berger
ccd3fd8f9e rev180: Sync usage of DRBG_Uninstantiate (where missing) 
Add calls to DRBG_Uninstantiate where it was missing.

Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
 2024-01-03 20:23:19 -05:00
Stefan Berger
b10299da26 rev180: Sync VENDOR_PERMANENT_AUTH_ENABLED and it usage with upstream 
VENDOR_PERMANENT was not defined by libtpms and therefore it was not
used. Now libtpms sets VENDOR_PERMANENT_AUTH_ENABLED to NO to replace
the VENDOR_PERMANENT from before.

Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
 2024-01-03 20:23:19 -05:00
Stefan Berger
d0501e06d8 rev180: Replace bn_primt_t with ci_prime_t 
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
 2024-01-03 20:23:19 -05:00
Stefan Berger
56c73983e3 rev180: Sync CryptKDFe with upstream (bugfix) 
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
 2024-01-03 20:23:19 -05:00
Stefan Berger
60ee31d866 rev180: Add BnSupportLibInit() prototype to TpmToOsslSupport_fp.h 
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
 2024-01-03 20:23:19 -05:00
Stefan Berger
1b929f0366 rev180: Remove HASH_ALIGNMENT from TpmToOsslHash.h 
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
 2024-01-03 20:23:19 -05:00
Stefan Berger
dc15065e35 rev180: Sync reformatting of BnToOsslMath.c with upstream 
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
 2024-01-03 20:23:19 -05:00
Stefan Berger
6bfa750639 rev180: Replace LOG_FAILURE + return FALSE with FAIL_BOOL 
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
 2024-01-03 20:23:19 -05:00
Stefan Berger
6241305be4 rev180: Sync CryptPrimeSieve with upstream 
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
 2024-01-03 20:23:19 -05:00
Stefan Berger
f29174361d rev180: Sync unused TpmMath_IsProbablyPrime with upstream 
Since libtpms sets RSA_KEY_SIEVE = YES the TpmMath_IsProbablyPrime is
unused and can be modified in any way without affecting anything.

Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
 2024-01-03 20:23:19 -05:00
Stefan Berger
4fc596a724 rev180: Convert rest of CrytpRsa.c to use Crypt_Int* 
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
 2024-01-03 20:23:19 -05:00
Stefan Berger
e703875190 rev180: Sync LIB_INCLUDE and dependencies and their usages 
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
 2024-01-03 20:23:19 -05:00
Stefan Berger
9bc963aef4 rev180: Use renamed function ExtMath_Debug_CompatibilityCheck() 
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
 2024-01-03 20:23:19 -05:00
Stefan Berger
c62adba500 rev180: Change data type of s_ComposeOfSmallPrimes to const Crypt_Int* 
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
 2024-01-03 20:23:19 -05:00
Stefan Berger
f34500922f rev180: Replace bigNum with Crypt_Int* (part 2) 
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
 2024-01-03 20:23:19 -05:00
Stefan Berger
ae7e37017f rev180: Replace bigNum with Crypt_Int* 
Add new #define's for Crypt_Int* numbers, which are compatible to bigNum
anf bitConst. Only add some functions that support Crypt_Int* in this step.

Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
 2024-01-03 20:23:19 -05:00
Stefan Berger
d7ebbb364b rev180: Sync MinMax.h with upstream 
Remove previously disablement of #define since now it compiles properly.

Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
 2024-01-03 20:23:19 -05:00
Stefan Berger
aa7219cae7 rev180: Add tpm_public.h and VerifyConfiguration.h 
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
 2024-01-03 20:23:19 -05:00
Stefan Berger
54d8572cef rev180: Move some defines from GpMacros.h to TpmCalculatedAttributes.h 
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
 2024-01-03 20:23:19 -05:00
Stefan Berger
6b855d84ab rev180: Move radix-related defines into tpm_radix.h 
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
 2024-01-03 20:23:19 -05:00
Stefan Berger
ed3b62dc38 rev180: Add struct_type param to BN_STRUCT_DEF and adjust all users 
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
 2024-01-03 20:23:19 -05:00
Stefan Berger
be2bb5b00d rev180: Add FAIL_RC & FAIL_NULL & FAIL_IMMEDIATE and use them 
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
 2024-01-03 20:23:19 -05:00
Stefan Berger
3eee74f6d3 rev180: Sync _plat__GetUnique with upstream 
The value returned from a call to this function is written into
g_platformUniqueDetails but not used by libtpms since VENDOR_PERMANENT is
not set.

Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
 2024-01-03 20:23:19 -05:00
Stefan Berger
f61c319275 rev180: Move g_manufactured to Global.c 
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
 2024-01-03 20:23:19 -05:00
Stefan Berger
a0a48464ac rev180: Add (unused) parameter to PublicAttributesValidation 
Add yet unused parameter 'primaryHierarchy to PublicAttributesValidation.

Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
 2024-01-03 20:23:19 -05:00
Stefan Berger
ba195ee8ab rev180: Rename header to BnSupport_interface.h and rename a few functions 
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
 2024-01-03 20:23:19 -05:00
Stefan Berger
1f4ba7dcb1 rev180: Make Msb a static function 
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
 2024-01-03 20:23:19 -05:00
Stefan Berger
f66e894b82 rev180: Make TpmSetFailureMode static 
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
 2024-01-03 20:23:19 -05:00
Stefan Berger
50b135e2b4 rev180: Move TPM2B_STRING definitions into Global.c 
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
 2024-01-03 20:23:19 -05:00
Stefan Berger
2ab5de852e rev180: Replace ERROR_RETURN with ERROR_EXIT 
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
 2024-01-03 20:23:19 -05:00
Stefan Berger
a8fe6dd40d rev180: Move SM2KeyExchange prototype into header file 
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
 2024-01-03 20:23:19 -05:00
Stefan Berger
1832a89202 rev180: Sync X509ProcessExtensions with upstream (bugfix) 
Set badRestricted if keyEncipherment flag is set rather than keyAgreement
bit.

Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
 2024-01-03 20:23:19 -05:00
Stefan Berger
4addb2168d rev180: Sync ASN1EndMarshalContext with upstream 
Remove a part that has disappeared in upstream.

Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
 2024-01-03 20:23:19 -05:00
Stefan Berger
951012e293 rev180: Sync TPM_Manufacture with upstream 
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
 2024-01-03 20:23:19 -05:00
Stefan Berger
67578c8df1 rev180: Sync CryptSecretEncrypt/Decrypt with upstream 
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
 2024-01-03 20:23:19 -05:00
Stefan Berger
b3c0a85995 rev180: Rename TpmAsn1/Asn1_fp.h to TpmASN1/ASN1_fp.h 
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
 2024-01-03 20:23:19 -05:00
Stefan Berger
6dcb416ddf rev180: Add VendorInfo.c and use its functions 
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
 2024-01-03 20:23:19 -05:00
Stefan Berger
26bb7d87d2 rev180: Move some #define's into new VendorInfo.h 
Some of the defines are used in JSON strings and to have them properly
formatted, remove the surrounding '()' from numbers.

Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
 2024-01-03 20:23:19 -05:00
Stefan Berger
ab8e7065ba rev180: Sync PCRBelongsTCBGroup with upstream 
The custom code can be removed since the PCR table now handles the values
appropriately.

Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
 2024-01-03 20:23:19 -05:00
Stefan Berger
36e4f0a9c6 rev180: Sync PCRStartup with upstream 
The function has been tested to show that the PCRs are initialized
with the same values as before.

Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
 2024-01-03 20:23:19 -05:00
Stefan Berger
db5291789d rev180: Sync GetPcrPointer and dependencies with upstream 
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
 2024-01-03 20:23:19 -05:00
Stefan Berger
83288a0230 rev180: Sync PCRManufacture and enable all SHA banks (as before) 
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
 2024-01-03 20:23:19 -05:00
Stefan Berger
2aecb49691 rev180: Make PCRGetProperty a public function 
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
 2024-01-03 20:23:19 -05:00
Stefan Berger
af4fc0e66d rev180: Sync PCRBelongsAuthGroup/PolicyGroup with upstream (bugfix?) 
Since none of the authValuesGroup'd and policyAuthGroup's are != 0,
the two functions will now always return false even though they
returned TRUE before for 20 <= PCR <= 22.

Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
 2024-01-03 20:23:19 -05:00
Stefan Berger
a12cb47243 rev180: Add PCR related headers and sync up on PCR function changes 
Disable some PCR functions that are not needed in this step, use
other ones and adjust call sites.

Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
 2024-01-03 20:23:19 -05:00
Stefan Berger
fa037c9741 rev180: Sync GpMacros.h with upstream 
Remove unused TEST_HASH.
Temporarily disable the #define in MinMax.h to enable compilation.

Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
 2024-01-03 20:23:19 -05:00