proxmox-mirrors/libtpms
1
0
Fork 0
mirror of https://git.proxmox.com/git/libtpms synced 2025-08-18 02:59:24 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
900 Commits 1 Branch 7 Tags 4.4 MiB
proxmox/stable-0.9
Commit Graph

900 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Stefan Berger
d41dedca4d build-sys: Use AC_LINK_IFELSE to check for understood linker flags 
Use AC_LINK_IFELSE to check whether linker flags like 'now' and
'relro' are understood or remain unused (= useless), and only add them
to the set of HARDENING_LDFLAGS, if they are used by the linker. clang
for example does not seem to use them and Cygwin's linker does not
understand them.

Note: This patch merely improves on the handling of these flags but does
not solve a compilation issue when clang is used, unlike swtpm where
this created issues.

Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
 2020-09-11 12:23:26 -04:00
Stefan Berger
c3e6bb971d Travis: Add python3 dependencies for swtpm test 
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
 2020-08-28 20:33:09 -04:00
Stefan Berger
781f97a68f tpm2: Fix the returned number in the JSON 
The JSON returned by TPM2_GetInfo contains a leading zero in the level.

$> swtpm_ioctl --tcp :10000 --info 1
{"TPMSpecification":{"family":"2.0","level":00,"revision":162+0}}

This patch fixes this to:

$> swtpm_ioctl --tcp :10000 --info 1
{"TPMSpecification":{"family":"2.0","level":0,"revision":162+0}}
 2020-08-24 20:47:33 -04:00
Stefan Berger
5d2ae35cfc tpm2: Fix compilation error in TPM2B_CREATION_DATA_Marshal (Fedora 32/s390x) 
This patch fixes the following compilation error on Fedora 32 / s390x:

tpm2/Marshal.c: In function 'TPM2B_CREATION_DATA_Marshal':
tpm2/Marshal.c:95:19: error: 'sizePtr' may be used uninitialized in this function [-Werror=maybe-uninitialized]
   95 |      (*buffer)[0] = (BYTE)((*source >> 8) & 0xff);
      |      ~~~~~~~~~~~~~^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
tpm2/Marshal.c:2201:11: note: 'sizePtr' was declared here
 2201 |     BYTE *sizePtr;
      |           ^~~~~~~

The error is a false positive since sizePtr will have been initialized if
UINT16_Marshal() is called.

Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
 2020-08-17 15:20:11 -04:00
Stefan Berger
dd8c4f7522 tpm12: Fix compilation error for Fedora 32 / s390x 
tpm12/tpm_nvram.c: In function 'TPM_Process_NVWriteValue':

tpm12/tpm_nvram.c:2313:45: error: 'd1NvdataSensitive' may be used uninitialized in this function [-Werror=maybe-uninitialized]

 2313 |   if ((d1NvdataSensitive->pubInfo.permission.attributes & TPM_NV_PER_WRITEALL) &&
      |        ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~^~~~~~~~~~~

This compiler error is a false positive since the above statement is inside
this if clause:

   if ((returnCode == TPM_SUCCESS) && !done && !dir) {

However, if d1NvdataSensitive was not set then returnCode is
either != TPM_SUCCESS    OR
- case index0 = FALSE             : dir = TRUE per line 2106    OR
- case index0 = TRUE (nvIndex = 0): done = TRUE per line 2215.

Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
 2020-08-17 15:20:11 -04:00
Stefan Berger
0f5d791a7d rev162: fix PCRBelongsTCBGroup for PCClient (bugfix) 
Fix PCRBelongsTCBGroup by adjusting the set of PCRs that belong to the TCB
Group. The effect of this is that PCR changes to PCR 16 (for example) do
not change the pcrUpdateCounter anymore. The effect *should not* have any
negative side effects when using the TPM.

We also need to update the test cases that now show a different
pcrUpdateCounter in the responses. Also 'swtpm' test cases need
to be fixed to expect the changed result.

Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
 2020-06-29 08:42:37 -04:00
Stefan Berger
bc60d19203 rev162: Add marshal functions related to ACT 
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
 2020-06-29 08:42:37 -04:00
Stefan Berger
cafda2e88e rev162: Handle TPM_CAP_ACT in TPM_CAP_Unmarshal 
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
 2020-06-29 08:42:37 -04:00
Stefan Berger
09bf3ed589 rev162: make union tpmCryptKeySchedule_t a typedef union 
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
 2020-06-29 08:42:37 -04:00
Stefan Berger
f49621ff3a rev162: Comment fixes and changes to unused code 
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
 2020-06-29 08:42:37 -04:00
Stefan Berger
4f8f6e7259 rev162: Fix typoe in SHA384_OID #define (unused) 
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
 2020-06-29 08:42:37 -04:00
Stefan Berger
0ee6eb18d4 rev162: Fix data type for signaledACT (unused) 
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
 2020-06-29 08:42:37 -04:00
Stefan Berger
082d9b4af8 rev162: Fix order of commands in s_CommandDataArray 
This does not affect the proper functioning of the code since all
of the commands at the end of the array are currently disabled.

Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
 2020-06-29 08:42:37 -04:00
Stefan Berger
6b65a6bd97 build-sys: Enable automake silent rules 
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
 2020-06-18 14:04:59 -04:00
Stefan Berger
d5e419ea34 rpm/debian: Add 0.8.0-1 entry to changelog 
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
 2020-06-15 11:55:41 -04:00
Stefan Berger
c762ca4aa6 CHANGES: Update CHANGES file for 0.8.0 
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
 2020-06-02 09:00:46 -04:00
Stefan Berger
5d7a04c624 [build-sys] Add -Wmissing-prototypes to CFLAGS and clean up 
Add -Wmissing-prototypes to CFLAGS and make functions static add #include
where necessary.

Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
 2020-06-01 18:23:07 -04:00
Stefan Berger
cb956cfdeb tpm2: Restrict setting the PSS salt length to the digest length 
In corner cases where the size of the salt and the size of the hash
to sign + 2 exceed the signature size we cannot use the salt length =
hash length but have to resort to using the maximum possible salt
length.

Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
 2020-05-27 15:53:54 -04:00
Stefan Berger
06eff9ee55 tpm2: rev162: Have TPM2 show spec revision 162 
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
 2020-05-27 07:45:29 -04:00
Stefan Berger
8ce417c647 tpm2: rev162: Sync up on HASH_ALIGNMENT 
Sync up on the #define's for HASH_ALIGNMENT, which does not have much
relevance for the OpenSSL implementation.

The affected 32 or 64 bit align field in the ANY_HASH_STATE doesn't carry
any significance. It can be commented without side effects.

Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
 2020-05-27 07:45:29 -04:00
Stefan Berger
b10772dbd0 tpm2: rev162: Add (unused) macros for ECC curves 
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
 2020-05-27 07:45:29 -04:00
Stefan Berger
40f7362401 tpm2: rev162: Remove CURVE_NAME_DEF from ECC_CURVE (trivial) 
Remove CURVE_NAME_DEF field from ECC_CURVE structure and add
  #define CURVE_NAME(N)
so that nothing misses the removed field, which wasn't used
before, either.

Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
 2020-05-27 07:45:29 -04:00
Stefan Berger
e9c1c15fbd tpm2: rev162: Sync code related to NVChip file size 
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
 2020-05-27 07:45:29 -04:00
Stefan Berger
deef829344 tpm2: rev162: Removed unused CryptDataEcc.c file 
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
 2020-05-27 07:45:29 -04:00
Stefan Berger
f0e2424a38 tpm2: rev162: Add (unused) macros for bignums 2020-05-27 07:45:29 -04:00
Stefan Berger
77222e4314 tpm2: rev162: Add support for new (unsed) ECC decrypt/encrypt functions 2020-05-27 07:45:29 -04:00
Stefan Berger
1a28680af7 tpm2: rev162: Add unused field anyKdf to union TPMU_KDF_SCHEME 
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
 2020-05-27 07:45:29 -04:00
Stefan Berger
1f7202decd tpm2: rev162: Cast values produced by initializer to proper type 
Cast the values produced by the #define'd initializers to the proper
type.

Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
 2020-05-27 07:45:29 -04:00
Stefan Berger
e4e403d4c3 tpm2: rev162: Rename (unused) '#if ALG_SM3' to '#if ALG_SM3_256' 
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
 2020-05-27 07:45:29 -04:00
Stefan Berger
5003daf7a6 tpm2: rev162: Add (unused) SM4 related data structures and prototypes 
Add SM4 related data structures and prototypes. We are not using SM4,
so this change is harmless.

Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
 2020-05-27 07:45:29 -04:00
Stefan Berger
07eb437319 tpm2: rev162: Add #define SYMMETRIC_ALIGNMENT 
Add the #define SYMMETRIC_ALIGNMENT that aligns the tpmCryptKeySchedule_t
size. Since this tpmCryptKeySchedule_t only seems to be used as a stack
variable and the alignment field is never accessed nor the size of the
structre taken, it shouldn't affect anything.

Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
 2020-05-27 07:45:29 -04:00
Stefan Berger
0f553bafb2 tpm2: rev162: Add (unused) RSA_16384 
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
 2020-05-27 07:45:29 -04:00
Stefan Berger
133a119892 tpm2: rev162: Reorder functions in Marshal.c to match rev162 
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
 2020-05-27 07:45:29 -04:00
Stefan Berger
5819ba69c5 tpm2: rev162: Rename ALG_<xyz>_VALUE to synonymous TPM_ALG_<xyz> 
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
 2020-05-27 07:45:29 -04:00
Stefan Berger
a4ba69caaa tpm2: rev162: Sync largely unused ACT_spt.c 
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
 2020-05-27 07:45:29 -04:00
Stefan Berger
232b00cef4 tpm2: rev162: Rename MAX_DERIVATION_BITS to TPM_MAX_DERIVATION_BITS 
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
 2020-05-27 07:45:29 -04:00
Stefan Berger
198c723f0b tpm2: rev162: Remove inactive block of RADIX_BITS defines 
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
 2020-05-27 07:45:29 -04:00
Stefan Berger
d2b31d8140 tpm2: Add missing 'libtpms added' comments 2020-05-27 07:45:29 -04:00
Stefan Berger
01cc2d07b4 tpm2: rev162: Rename TPM_SYM_MODE_FIRST/LAST to SYM_MODE_FIRST/LAST 
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
 2020-05-27 07:45:29 -04:00
Stefan Berger
b8883ba55e tpm2: rev162: Use TPM_ALG_LAST rather than synonymous ALG_LAST_VALUE 
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
 2020-05-27 07:45:29 -04:00
Stefan Berger
9c757607ce tpm2: rev162: Use TPM_ALG_<asym> rather than synonymous TPM_<asym>_VALUE 
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
 2020-05-27 07:45:29 -04:00
Stefan Berger
e9f48a8bd7 tpm2: rev162: Use TPM_ALG_<SYM> rather than synonymous ALG_<SYM>_VALUE 2020-05-27 07:45:29 -04:00
Stefan Berger
44325fb94b tpm2: rev162: Use TPM_ALG_NULL rather than synonymous ALG_NULL_VALUE 
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
 2020-05-27 07:45:29 -04:00
Stefan Berger
58fc790f6d tpm2: rev162: Add TPMT_KDF_SCHEME_P_UNMARSHAL to CommandDispatchData.h 
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
 2020-05-27 07:45:29 -04:00
Stefan Berger
b51bd9efdf tpm2: rev162: Refactor CryptMGF1 and rename to CryptMGF_KDF 
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
 2020-05-27 07:45:29 -04:00
Stefan Berger
ed6a8d8cbf tpm2: rev162: Sync unused TpmSizeChecks.c 
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
 2020-05-27 07:45:29 -04:00
Stefan Berger
a2f0265879 tpm2: rev162: Surround #include's with #if ALG_XYZ to make conditional 
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
 2020-05-27 07:45:29 -04:00
Stefan Berger
1ae74993cf tpm2: rev162: Fix algorithm cap initialize for ECDSA (bugfix?) 
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
 2020-05-27 07:45:29 -04:00
Stefan Berger
9420f06753 tpm2: rev162: Fix typos related to (unused) SHA3 constants 
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
 2020-05-27 07:45:29 -04:00
Stefan Berger
99607d5426 tpm2: rev162: Give anonymous struct the type KDF_STRUCT 
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
 2020-05-27 07:45:29 -04:00