- Remove support for CRT_FORMAT_RSA == NO
- Remove now unused parameter N from function signature; adjust callers
- Rename E to pubExp
- Rename temp to pT
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
- Continue the prime number generation while retVal == TPM_RC_NO_RESULT
- Terminate the loop when BnGeneratePrimeForRSA() returns a failure
The changes should not lead to any different primary keys than before.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
RSA_PRIVATE_SIZE is the correct size to use since this is the size that
TPM2B_PRIVATE_KEY_RSA has been defined with.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
When an object is later marshalled in TPM2_ContextSave, the publicOnly
attribute isn't taken into account and therefore potentially stale
sensitive information can be marshalled, which is a problem if the
buffer sizes it contains have values that are too large - this
triggers assertion failures.
Avoid this by clearing out the sensitive area upon ObjectLoad if not
provided, making the behaviour consistent with when a fresh, unused,
object entry is used.
Signed-off-by: Rob Shearman <rob@graphiant.com>
Fix two locations where s_ccAttr[0].commandIndex is used to access the
commandIndex, which does not work when bitfields are not used. Use
GET_ATTRIBUTE() to access the field so that it works when bitfields are
used and when they are not used. There are several locations in this
file where GET_ATTRIBUTE() is already used to access commandIndex.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Address a false positive issue detect by Coverity (CID 1517797)
about *buflen.
Per this assignment of buflen
cached_blobs[st].buflen = buffer ? buflen : BUFLEN_EMPTY_BUFFER;
the following is true:
If cached_blobs[].buffer is NULL then *buflen = BUFLEN_EMPTY_BUFFER
If cached_blobs[].buffer is not NULL then *buflen != BUFLEN_EMPTY_BUFFER
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Add the implementation for TPM2_ECC_Encrypt/Decrypt. It cannot be
easily enabled due to possible downgrading requirements and also
issues with size-expansion of the PERSISTENT_DATA.auditCommands from
14 to 15 bytes.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Sync with upstream to fix issue in CryptParameterEncryption() from TPM 2
errate v1.4 2.6.1:
"The functions CryptParameterEncryption() and CryptParameterDecryption() in
the reference code in Part 4, 10.2.6.6.5 and 10.2.6.6.6 do not correctly
check the size of the parameter buffer to be encrypted or decrypted. To fix
the issue, the functions should be corrected to check that the parameter
buffer (a TPM2B type field) is at least 2 bytes in length and should use
the function UINT16_Unmarshal() to read the size of the buffer instead of"
BYTE_ARRAY_TO_UINT16().
[...]
The fixed CryptParameterEncryption() function will enter failure mode and
return TPM_RC_FAILURE if the internal response buffer does not contain
enough data for the UINT16 size field."
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Fix the following issue from TPM 2 errata v1.4 2.6.3:
"The function CryptGenerateKeyDes() in the reference code in Part 4,
0.2.9.2.3 does not correctly check the symmetric key size provided in the
sensitive parameter. To fix the issue, the function will check that the
size of the requested TDES key is a multiple of 8 bytes or otherwise the
TPM will return TPM_RC_SYMMETRIC."
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Fix the missing buffer size check that the TPM 2 errata v1.4 mentions in
2.6.2 by adding a buffer size check before reading 2 bytes from a
TPM2B_NAME buffer. There's no known CVE for this.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Check that there are sufficient bytes in the buffer before reading the
cipherSize from it. Also, reduce the bufferSize variable by the number
of bytes that make up the cipherSize to avoid reading and writing bytes
beyond the buffer in subsequent steps that do in-place decryption.
This fixes CVE-2023-1017 & CVE-2023-1018.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Add a caching layer to GetEVPCipher() to avoid having to call evpfn()
mulitple times. Instead, return the 'const EVP_CIPHER *' that a single
call to evpfn() (for a particular algorithm + mode + key size) returned
and cache it for subsequent calls.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Replace usage of deprecated DES_random_key() with EVP_CIPHER API calls.
These newer calls are much more time consuming than the deprecated call.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
When building the tests with `make check` and slibtool the tests will
then all fail to load libtpms.so.0.
$ ./base64decode
/tmp/libtpms/tests/.libs/base64decode: error while loading shared libraries: libtpms.so.0: cannot open shared object file: No such file or directory
This happens because they are linked with -ltpms rather than the
libtpms.la file which has unexpected results with slibtool. GNU libtool
does some magic to make this work while slibtool fails to link the
dependency.
The correct way to link internal dependencies is directly with the
libtool archive (.la) files where the -lfoo linker flags should be only
used with external dependencies. Additionally -no-undefined is added to
the LDFLAGS to ensure there aren't undefined references in the future.
Note:
* This doesn't happen if libtpms is installed to the system and the tests
find the already installs libtpms rather than the newly built library.
* GNU libtool silently ignores -no-undefined, but slibtool will respect
it.
Signed-off-by: orbea <orbea@riseup.net>
