Initialize the empty array authpolicy[0] to quiet a static analyzer.
This array only serves the purpose of providing a non-NULL pointer
when passed to memconcat.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Return TPM_FAIL in case of an invalid header version number to avoid a
potential segmentation fault when accessing an unavailable buffer due to
the header parser not returning an error code.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Enable reading a profile from a file. Pass it as open file descriptor to
swtpm.
Adjust one test case to read a profile from a file.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Enable reading a profile from a file.
If setting a profile fails, display the profile in the error message.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
An empty input string will for example cause json_parser_get_root to return
NULL. Return early in this case to avoid glib error messages.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Initialize seccomp_action with a default value that it will also
get assigned when handle_seccomp_options is called. This is done
to silence a static analyzer even though it's not necessary.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Implement concat_varrays that takes gchar ** as input and returns gchar **.
The concat_arrays has the identical implementation but takes const gchar **
as parameters and returns const gchar **. Use concat_arrays from
concat_varrays. Adjust all callers to cast arrays with constant strings to
const gchar *[] when calling concat_arrays. Modify some callers to call
concat_varrays now.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Implement warpper for g_spawn_sync and g_spawn_async that that take argv
and envp arguments as 'const gchar **' since they will be called like
this from swtpm_localca and swtpm_setup. Internally glib also uses the
parameters like this when calling fork_exec() for example.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Initialize key_description with a default string rather than using it
possibly uninitialized. In practice it would never be used uninitialized
since if a platform certificate is to be created, then the ek certificate
would have also been created and therefore swtpm2->ops->create_ek()
would have been called and set key_description.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Avoid shadowing global msg through local variables with the same name
by renaming the global msg to g_msg.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Avoid this type of complaint from static analyzer:
src/swtpm/tpmlib.c:392:37: note: Result of 'malloc' is converted to a
pointer of type 'unsigned char', which is incompatible with sizeof
operand type 'struct tpm_resp_header'
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
OSSL_PARAM_construct_utf8_string takes a char * as parameter.
The OpenSSL code base casts constant strings to char *, so we can do this
also.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
serverdata will be assiged a const char * later on, therefore make it a
const char *. This can then also be passed into options_parse.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Some function pass a const char * into the options parse function.
Therefore, convert it to accept a const char * now.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Extend the list of SWTPM_INFO flags with recently added flags for
TPMLIB_GetInfo. Use the CMD_GET_INFO control channel command to get
the currently active profile for a TPM 2 from swtpm and display it in
the log unless it is reconfigured.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Ignore the remove-disabled parameter on non-'custom' profile identified
by return value '1'. Switch to negative return values in the called function.
Extend a test case to ensure that the --profile-remove-disabled option
on swtpm_setup, which is passed through to swtpm, has no effect on 'null'
and 'default-v1' profiles.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Very old OpenSSL versions (e.g., 1.1.0i) are using /dev/urandom to get
entropy while newer ones are using the getrandom syscall that does not
need the device file. In some environments access to the created
/dev/urandom device file may not work (EACCESS; chroot test case) and
then OpenSSL will start failing operations that depend on good entropy.
Therefore, check the status of the random number generator after chroot.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
HMAC+sha1 may be restricted next, so test for it but do not support
forced removal of support for it.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
CentOS 9 and RHEL >= 9.4 (maybe earlier also) are expected to log the
setting of OPENSSL_ENABLE_SHA1_SIGNATURES when a libtpms v0.9 state is
used where signing a SHA1 was allowed and needs to be enable with this
environment variable.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Implement the --profile-remove-fips-disabled option that is used to tell
swtpm to remove algorithms that are disabled by FIPS mode on the host.
Internally, this option passes the remove-fips-disabled option parameter
with the --profile option to swtpm.
Add a test cases passing this option and check that the resulting profiles
have key sizes adjusted and relevant attributes set.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Implement a function that checks whether a crypto algorithm identified by
TPM algorithm identifiers is disabled.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
strv_remove: Remove matches from a 2nd array in a 1st array
strv_dedup: Remove duplicates in an array
strv_extend: Append elements of a 2nd array to a 1st array
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Convert check_rsaes to check_rsa_encryption that can also be used for
testing of unpadded RSA encryption.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Do not ignore the padding parameter passed to swtpm_rsasign but use
it as parameter to the OpenSSL function.
Change "rsapss" to "tsassa" in one case where it was wrong.
Also rename swtpm_rsasign to swtpm_rsa_sign.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Consoldiate some test cases related to the custom profile and add
additional checks for various StateFormatLevels.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Convert the TPM 1.2 test case test_samples_create_tpmca to be able to run
installed. It also needs to have the test_config file installed.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
