Implement a KDFa replacement using OpenSSL's KBKDF function. The resulting
implementation has a few restrictions compared to the original one.
For example, it cannot accept a counter value to be passed in to resume
the KDFa as the reference implementation could -- OSSL does not support
providing the counter in this becomes problematic with DRBG_Generate
where it seems to want to resume with a counter over the long-term.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
To still be able to run the KDFe test case when the OpenSSL replacement
for the KDFe is to be used, rename the reference implemention to
ReferenceCryptKDFe that coexists with the CryptKDFe function that then
calls OSSLCryptKDFe.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Implement a KDFe replacement using OpenSSL's SSKDF and add a test
case that compares the current implementation against the one based
on the OpenSSL SSKDF.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Enable Camellia-192 and AES-192 and bump up the stateFormatLevel to '4'.
This now prevents using this state with previous stateFormatLevels (< 4)
because there Camellia-192 or AES-192 was not enabled and the user would
otherwise not be able to decrypt data with either one if it was usable.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Enable new commands ECC_Decrypt and ECC_Encrypt in the TPmProfile.h
and also in the 'default' profile. Since the additional commands extend
the ppList and auditCommands array, bump up the version of the stateLevel
to '2' and use the new marshalling functions by using the PERSISTENT_DATA
blob_version '5'.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Switch the implementation to uncompressed lists (from now on it must
remain uncompressed lists forever) and adapt functions who marshal
and unmarshal arrays that are affected by this switch:
- PERSISTENT_DATA.ppList
- PERSISTENT_DATA.auditCommands
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Introduce the #define MAX_MARSHALLED_OBJECT_SIZE to be used for a size of
a byte buffer that is supposed to hold a marshalled OBJECT. The number
is not exact but provides for a 'safe' size of a buffer.
Add a test case to check that MAX_MARSHALLED_OBJECT_SIZE is sufficient.
The test case needs access to ANY_OBJECT_Marshal, which is only available
when -static can be used for linking since otherwise the function is
private to the library. Static linking the test case does not work when
test-coverage is enabled, therefore disable statically linked test cases
in when test-coverage is enabled and give control to the user to disable
statically linked test cases in other cases as well.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
After adding BOOL allowNull parameter to TPMI_ECC_CURVE_Unmarshal rearrange
the order in which this command is listed in the unmarshalArray so that the
caller passes an addtional parameter to this function now.
Also add a fuzzer test case.
Fixes: 44f0cb0535 ("rev180: Sync TPMI_ECC_CURVE_Unmarshal")
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
The new TPM 2 code casts bigNum's to Crypt_Int, which has an array 'd' of
type 'crypt_uword_t[2]' which then leads to the following types of errors
that we haven't found another solution for so far.
Running: /mnt/scratch0/clusterfuzz/bot/inputs/fuzzer-testcases/crash-2675de6341d4e056d04ab49179b8e5b8bd456589
/src/libtpms/src/tpm2/crypto/openssl/CryptPrime.c:377:20: runtime error: index 23 out of bounds for type 'crypt_uword_t[2]' (aka 'unsigned long[2]')
#0 0x5b4196 in RsaAdjustPrimeCandidate_New libtpms/src/tpm2/crypto/openssl/CryptPrime.c:377:20
#1 0x5b4196 in RsaAdjustPrimeCandidate libtpms/src/tpm2/crypto/openssl/CryptPrime.c:405:9
#2 0x5b4366 in TpmRsa_GeneratePrimeForRSA libtpms/src/tpm2/crypto/openssl/CryptPrime.c:454:6
#3 0x590953 in CryptRsaGenerateKey libtpms/src/tpm2/crypto/openssl/CryptRsa.c:1433:9
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
When building the tests with `make check` and slibtool the tests will
then all fail to load libtpms.so.0.
$ ./base64decode
/tmp/libtpms/tests/.libs/base64decode: error while loading shared libraries: libtpms.so.0: cannot open shared object file: No such file or directory
This happens because they are linked with -ltpms rather than the
libtpms.la file which has unexpected results with slibtool. GNU libtool
does some magic to make this work while slibtool fails to link the
dependency.
The correct way to link internal dependencies is directly with the
libtool archive (.la) files where the -lfoo linker flags should be only
used with external dependencies. Additionally -no-undefined is added to
the LDFLAGS to ensure there aren't undefined references in the future.
Note:
* This doesn't happen if libtpms is installed to the system and the tests
find the already installs libtpms rather than the newly built library.
* GNU libtool silently ignores -no-undefined, but slibtool will respect
it.
Signed-off-by: orbea <orbea@riseup.net>
We have to store the permall state blob once it has been initialized since
otherwise some fields are not having proper values in the internal state.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Have the TPM 2's state suspended and resumed at every step to
ensure that we can marshal and unmarshal it.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Call die() causing as assert() to be triggered if an API call
returned an unexpected failure result.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
When testing downgrading from libtpms 0.8 to 0.7 (which is not
possible), the error message which is reported is:
libtpms/tpm2: Unexpect value for MAX_RSA_KEY_BITS; its value 3072 is
not = 2048; (version: 2).
codespell (https://github.com/codespell-project/codespell) reports a
misspelling for "Unexpect", which should be "Unexpected". As the project
contains many more misspellings in comments, error messages and
documentation, fix all misspellings reported by codespell.
Signed-off-by: Nicolas Iooss <nicolas.iooss@ledger.fr>
Fix PCRBelongsTCBGroup by adjusting the set of PCRs that belong to the TCB
Group. The effect of this is that PCR changes to PCR 16 (for example) do
not change the pcrUpdateCounter anymore. The effect *should not* have any
negative side effects when using the TPM.
We also need to update the test cases that now show a different
pcrUpdateCounter in the responses. Also 'swtpm' test cases need
to be fixed to expect the changed result.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Start supporting RSA 3072 keys.
NVMarshal.c: We now accept state that was written by libtpms when RSA keys
sizes were 2048 or are 3072, basically less-or-equal than 3072.
Also increase the NVRAM memory size by ~45 kb to accommodate the worst
case where the USER NVRAM is full of 65 2048 bit persisted keys whose 65
OBJECTs are now expanding and need to again fit into the NVRAM. We have
to add exactly 45760 bytes to accomodate this case. See swtpm test
case test_tpm2_save_load_state_2. 65 * 704 = 45760.
NOTE: BETTER TO NOT BACKPORT!!! MAY NEGATIVELY AFFECT UPGRADE PATH!
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
- Introduce Platform.h and replace usage of PlatformData.h and
Platform_fp.h
- Drop Implementation.h since we now use TpmProfile.h (which we
prepared previously); many #defines were moved to TpmTypes.h
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Add 2 more tests checking the size of arrays in the PERSISTENT_DATA
structure which expand with new commands.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Restrict the number of command line parameters passed to the
fuzz program in order not to overstep command line parameter
size restrictions.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
There were a few issues with the oss-fuzz integration from commit
8373f09854 ("build-sys: add oss-fuzz
support").
When building on OSS-Fuzz, the projects should use the provided CFLAGS
and CXXFLAGS and don't append any extra sanitization / fuzzing flags.
$LIB_FUZZING_ENGINE is defined to set the library to link to, and it
is a c++ library, so we should build fuzzer with c++...
Now --enable-fuzzer is only used for -fsanitize=fuzzer.
Add a tests/fuzz-main.c as fallback, to run the corpus on other builds.
Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
This script will permit integration with Google OSS-FUZZ
https://github.com/google/oss-fuzz
Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Extend the existing test case with extending PCR 10 and reading back
the result, then storing the state blobs and setting them and checking
the value of PCR 10 again.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Add support for --enable-test-coverage that sets additional CFLAGS
and LDFLAGS.
gcov creates files with suffixes .gcov, .gcno, and .gcda that we
need clean up in a few directories.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Do not fail the entire test run in case of a failure but display an
error message instead and continue running tests.
Errors may happen in very rare cases and we just continue then while
assuming the output is logged.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Add a simple test case to make sure that reading the PCRs
works as expected and that the state file is written
as expected. This state file (NVChip) is only written because
libtpms doesn't have any callbacks registered.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Wrap the fuzzer test in a script to we can set up a per fuzzer
temporary directory where the NvChip file is written into.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
On some systems /bin/bash does not exists but is somewhere else and can
be invoked with /usr/bin/env.
Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
Make sure that the NVRAM offsets and structure sizes are the same
on all architectures so that we can fill up the NVRAM on one system
and migrate the state to another architecture and it will fit into
the NVRAM space there.
We leave some space for the first few data structures in the NVRAM to
grow. We do this by rounding up the NV_INDEX_RAM_DATA location to the
next kb boundary. This moves it from offset 4356 to 5120 on x86_64 and
from offset 4332 to 5120 on i386. This now leaves us with the same
amount of space for user dynamic NVRAM, which starts beyond offset 5120.
We also pad the OBJECT structure with 4 bytes so that it is the same
size on 32 and 64 bit architectures. This is a data structure that
is used in user dynamic NVRAM and should be the same size on all
architectures so that a full NVRAM always fits.
Also test the size of the NV_INDEX structure, which already has the
same size on all tested architectures (x86_64, i386, arm32, ppc64).
Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
This is taken directly from chromiumos TPM2 repository:
commit 172eec5ea9b46ddfe720c854fa719fdf8613b4ed
Author: nagendra modadugu <ngm@google.com>
Date: Fri Sep 16 14:07:13 2016 -0700
Add an initial fuzz test corpus for execute-command
This commit introduces a minimized corpus for
the test in fuzz/execute-command.cc.
The corpus was generated by parsing the TCG test
suite log for messages sent to the TPM. The corpus
includes test cases that produced crashes reported
in chrome-os-partner:56767 and chrome-os-partner:56825.
Future work includes defining a dictionary for the
protocol so that mutations can be more effective,
and also generating test-cases that improve coverage
(e.g. create & store primary key, followed by test case).
BUG=chrome-os-partner:50646
BRANCH=none
TEST=follow instructions in fuzz/README
Change-Id: I24332c0f58996626de9a08e2780595b0b2d76350
Signed-off-by: nagendra modadugu <ngm@google.com>
Reviewed-on: https://chromium-review.googlesource.com/386443
Commit-Ready: Nagendra Modadugu <ngm@google.com>
Tested-by: Nagendra Modadugu <ngm@google.com>
Reviewed-by: Kostya Serebryany <kcc@chromium.org>
Reviewed-by: Mike Aizitsky <aizatsky@chromium.org>
Reviewed-by: Bill Richardson <wfrichar@chromium.org>
Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Fix support for ARM64 by testing for whether __aarch64__ is defined.
Also see http://sourceforge.net/p/predef/wiki/Architectures for the
gcc preprocessor defines.
Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
Remove unnecessary files in the repository and add boostrap.sh to create the
configure file and other files we are removing here. Users have to run
bootstrap.sh to have those files created in their build environment.
Update the INSTALL instructions.
Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
Acked-by: Corey Bryant <coreyb@linux.vnet.ibm.com>
Add a test case testing the TPMLIB_DecodeBlob function.
Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
Acked-by: Corey Bryant <coreyb@linux.vnet.ibm.com>
