Deduplicate verbs in Commands, Algorithms, and Attributes strings in a
profile and when a verb with an '=' sign is found, such as
ecc-min-size=224, and there is a duplicate later in the string, such as
ecc-min-size=256, then keep the last one.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Remove the test case and renaming of the reference implementation of
CryptKDFe. Reverting this patch would bring the test case back in case
it was necessary.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
To still be able to run the KDFe test case when the OpenSSL replacement
for the KDFe is to be used, rename the reference implemention to
ReferenceCryptKDFe that coexists with the CryptKDFe function that then
calls OSSLCryptKDFe.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Implement a KDFe replacement using OpenSSL's SSKDF and add a test
case that compares the current implementation against the one based
on the OpenSSL SSKDF.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Prevent SHA1 signature verification like FIPS mode on the host does
by implementing attribute no-sha1-signing.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Prevent SHA1 signature generation like FIPS mode on the host does
for RSA and all ECC (ecdsa, ecdaa, ecschnorr, sm2) signing algorithms
by implementing attribute no-sha1-signing.
Since CryptRSASign and CryptEccSign are called from CryptSign the
check for SHA1 can be done there. The other call locations are
from the algorithm test functions where the default hash is SHA512.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Implement support for RuntimeAttributes which will be provided using
the Attribute key in the map.
Implement a fip-host attribute that at this point does not do much.
Add test case for fips-host attribute.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Use free rather than TPM_Free to avoid the following warning:
tpm2_setprofile.c:377:18: warning: passing 'char *' to parameter \
of type 'unsigned char *' converts between pointers to integer \
types with different sign [-Wpointer-sign]
TPM_Free(profile);
../include/libtpms/tpm_memory.h:57:36: note: passing argument to \
parameter 'buffer' here
void TPM_Free(unsigned char *buffer);
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Implement TPMLIB_WasManufactured API call for a TPM 2 so that callers can
detect whether a TPM 2 instance was newly created and therefore the
profile that was set was also applied.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Add the missing entry to the sieveMarks array. The new entry would only
be used for RSA 3072 keys but due to the following change in
RsaAdjustPrimeLimit it will not be used.
primeLimit = s_LastPrimeInTable - 2; // libtpms: Fix for 3072 bit keys to avoid mark=5
If it was to be used (above change removed) it would occasionally produce
different RSA 3072 prime numbers from the TPM's seeds and therefore any
change to the above will have to depend on the SEED_COMPAT_LEVEL so that
the same keys are always produced.
Use the full sieveMarks array to generate RSA 3072 keys when
SEED_COMPAT_LEVEL > SEED_COMPAT_LEVEL_RSA_PRIME_ADJUST_PREREV169,
otherwise keep the previous adjustment to avoid mark=5.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Since go.preservedSignaled is not available due to __ACT_DISABLED being defined
apply the same conditional code enablement here.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
When decryption fails then return TPM_RC_VALUE rather than TPM_RC_FAILURE.
The old error code could indicate to an application or driver that
something is wrong with the TPM (has possibly gone into failure mode) even
though only the decryption failed, possibly due to a wrong key.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Some time around rev169 a new function to generate RSA prime numbers was
introduced. Add this function but keep it disabled.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
To simplify the code and get rid of the libtpms-specific implementation
of RsaAdjustPrimeCandidate move its code into the case statements in
TpmRsa_GeneratePrimeForRSA.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Revision 1.69 received new code for RsaAdjustPrimeCandidate. Before
adding the new function (while keeping it unused since it does not
add much value) move the existing function.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Add TPmMath_GetRandomBits but disable it since it will remain unused
for now.
Modify the code to properly mask the bits in the first byte of the byte
stream produced as big endian number.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
When ecc-min-size is given use it to disable all curves whose keysize is
too small and that can be disabled.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
If elliptic curve algorithms were enabled with a shortcut the output
may have shown the individual curves as disabled, even though this is
not the case. Remove the enabledEccCurvesPrint bitfield since it
leads to misleading output.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
The list of disabled algorithms may have started with a comma if the first
disabled algorithm was an ec curve. Fix this by passing the 'first'
variable and using it.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Bump up the StateFormatLevel to 6 and use it to introduce a new OBJECT
marshalling format version '4' that slighly changes how an OBJECT is
marshalled:
- only marshal the private exponent for an RSA key
- always marshal the new hierarchy field
The marshalling code can still write previous version '3' when an older
StateFormatLevel is used to support backwards compatibility.
Adjust the test cases marshalling an RSA key OBJECT to check against
expected sizes across a series of StateFormatLevels.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Add new field hierarchy to OBJECT and assign values to it and access it.
Beyond the sync with upstream we need to also set the hierachy when
- an older OBJECT is converted to the current OBJECT
- an OBJECT is unmarshalled
Remove ObjectGetHierarchy since it is not needed anymore.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Move code that determines an OBJECT's hierarchy by its attribute flags
into BackwardsCompatibilityObject.c since it will soon only serve the
purpose of backwards compatibility.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Add handling of the case of wanting to skip a block of code when no data
are in the byte stream. This case has not occurred so far where a block
of unmarshalling code needed to be skipped but also no data were there in
the byte stream - it would have otherwise lead to errors while trying to
unmarshal data that were not there. So far there was simply no code there
that should have been skipped.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Allow completely arbitrary TPM_ECC_CURVE's to be passed to
RuntimeAlgorithmKeySizeCheckEnabled by checking that its value lies within
the bitfield and if it doesn't return a FALSE. Out-of-bounds values passed
to TEST_BIT would have caused a pAssert failure.
Call this function now early from CryptCapGetOneECCCurve that now can pass
any value as a TPM_ECC_CRUVE without causing a failure when filtering
out disabled or runtime unusable curves.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Allow completely arbitrary TPM_ALG_ID's to be passed to
RuntimeAlgorithmCheckEnabled by checking that its value lies withing the
bitfield and if it doesn't return a FALSE. Out-of-bounds values passed
to TEST_BIT would have caused a pAssert failure.
Call this function now early on from AlgorithmCapGetOneImplemented that
now can pass any value as a TPM_ALG_ID without causing a failure.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Test that a user is able to choose a specific StateFormatLevel that is not
required by any of the chosen commands but enables a bugfix in the TPM 2
code for example.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Replace failure code TPM_RC_FAILURE when an invalid interger is encounterd
while parsing the StateFormatLevel from the json and have it return
TPM_RC_VALUE. Also improve the handling of the different error codes
returned from this function by a caller.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Intercept newly added unsupported external and permanent NV indices when
trying to unmarshal and NV index. Add a test case that was using an
unsupported external NV index.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
