Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package libtpms for openSUSE:Factory checked
in at 2021-03-24 16:09:49
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/libtpms (Old)
and /work/SRC/openSUSE:Factory/.libtpms.new.2401 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "libtpms"
Wed Mar 24 16:09:49 2021 rev:9 rq:880046 version:0.7.7
Changes:
--------
--- /work/SRC/openSUSE:Factory/libtpms/libtpms.changes 2020-11-23
18:50:05.149343418 +0100
+++ /work/SRC/openSUSE:Factory/.libtpms.new.2401/libtpms.changes
2021-03-24 16:09:50.763743425 +0100
@@ -1,0 +2,13 @@
+Fri Mar 19 02:03:20 UTC 2021 - Gary Ching-Pang Lin <g...@suse.com>
+
+- Update to version 0.7.7
+ * CryptSym: fix AES output IV (bsc#1183729, CVE-2021-3446)
+ * tpm2: Fix public key context save due to ANY_OBJECT_Marshal usage
+ * tpm2: Address some Coverity issues (false positives)
+ * tpm1.2: Backported ASAN/UBSAN related fixes
+ * tpm2: Return properly sized array for b parameter for NIST P521
+ (HLK)
+ * tpm2: Addressed issues detected by UBSAN
+ * tpm2: Addressed issues detected by cppcheck (false positives)
+
+-------------------------------------------------------------------
Old:
----
v0.7.4.tar.gz
New:
----
v0.7.7.tar.gz
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ libtpms.spec ++++++
--- /var/tmp/diff_new_pack.QiL4Er/_old 2021-03-24 16:09:51.915744634 +0100
+++ /var/tmp/diff_new_pack.QiL4Er/_new 2021-03-24 16:09:51.919744639 +0100
@@ -1,7 +1,7 @@
#
# spec file for package libtpms
#
-# Copyright (c) 2020 SUSE LLC
+# Copyright (c) 2021 SUSE LLC
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -18,7 +18,7 @@
%define lname libtpms0
Name: libtpms
-Version: 0.7.4
+Version: 0.7.7
Release: 0
Summary: Library providing Trusted Platform Module (TPM) functionality
License: BSD-3-Clause
++++++ v0.7.4.tar.gz -> v0.7.7.tar.gz ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/libtpms-0.7.4/CHANGES new/libtpms-0.7.7/CHANGES
--- old/libtpms-0.7.4/CHANGES 2020-10-30 20:24:40.000000000 +0100
+++ new/libtpms-0.7.7/CHANGES 2021-03-01 19:17:11.000000000 +0100
@@ -1,5 +1,26 @@
CHANGES - changes for libtpms
+version 0.7.7
+ - CryptSym: fix AES output IV
+ A CVE has been filed for this bugfix. Unfortunately multi-step encrypted
+ data won't decrypt anymore but are now compatible with other TPM 2 devices.
+
+version 0.7.6
+ - tpm2: Fix public key context save due to ANY_OBJECT_Marshal usage
+ This fixes a suspend/resume problem when public keys are
+ loaded
+ - tpm2: Address some Coverity issues (false positives)
+ - tpm1.2: Backported ASAN/UBSAN related fixes
+
+version 0.7.5
+ - Note: The TPM 2 implementation returns 2048 bit keys with ~1984 bit
+ strength due to a bug in the TPM 2 key creation algo that cannot
+ easily be fixed. The bug is in RsaAjustPrimeCandidate, which is
+ called before the prime number check.
+ - tpm2: Return properly sized array for b parameter for NIST P521 (HLK)
+ - tpm2: Addressed issues detected by UBSAN
+ - tpm2: Addressed issues detected by cppcheck (false positives)
+
version 0.7.4
- Addressed potential constant-time related issues in TPM 1.2 and TPM 2 code
TPM 1.2: RSA decryption
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/libtpms-0.7.4/configure.ac
new/libtpms-0.7.7/configure.ac
--- old/libtpms-0.7.4/configure.ac 2020-10-30 20:24:40.000000000 +0100
+++ new/libtpms-0.7.7/configure.ac 2021-03-01 19:17:11.000000000 +0100
@@ -3,7 +3,7 @@
#
# See the LICENSE file for the license associated with this file.
-AC_INIT([libtpms], [0.7.4])
+AC_INIT([libtpms], [0.7.7])
AC_PREREQ(2.12)
AC_CONFIG_SRCDIR(Makefile.am)
AC_CONFIG_AUX_DIR([.])
@@ -165,6 +165,7 @@
AC_CHECK_LIB([crypto], [EVP_aes_128_cbc],, not_found=1)
AC_CHECK_LIB([crypto], [EVP_des_ede3_cbc],, not_found=1)
AC_CHECK_LIB([crypto], [DES_random_key],, not_found=1)
+ AC_CHECK_LIB([crypto], [EVP_CIPHER_CTX_iv],, not_found=1)
if test "x$not_found" = "x0"; then
use_openssl_functions_symmetric=1
use_openssl_functions_for="symmetric (AES, TDES) "
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/libtpms-0.7.4/debian/changelog
new/libtpms-0.7.7/debian/changelog
--- old/libtpms-0.7.4/debian/changelog 2020-10-30 20:24:40.000000000 +0100
+++ new/libtpms-0.7.7/debian/changelog 2021-03-01 19:17:11.000000000 +0100
@@ -1,7 +1,29 @@
-litpmss (0.7.4) RELEASED; urgency=medium
+libtpms (0.7.7) RELEASED; urgency=high
+
+ * tpm2: CryptSym: fix AES output IV; a CVE has been filed for this issue
+
+ -- Stefan Berger <stef...@linux.ibm.com> Mon, 01 Mar 2021 11:31:00 -0500
+
+libtpms (0.7.6) RELEASED; urgency=medium
+
+ * Fixed a suspend/resume problem when public keys are loaded
+ * Addressed Coverity issues
+
+ -- Stefan Berger <stef...@linux.ibm.com> Fri, 26 Feb 2021 21:46:00 -0500
+
+libtpms (0.7.5) RELEASED; urgency=medium
+
+ * Addressed UBSAN and cppcheck detected issues
+ * Return proper size of ECC Parameters to pass HLK tests
+
+ -- Stefan Berger <stef...@linux.ibm.com> Thu, 17 Feb 2021 09:38:00 -0500
+
+libtpms (0.7.4) RELEASED; urgency=medium
* Addressed potential constant-time issues in TPM 1.2 and TPM 2 code
+ -- Stefan Berger <stef...@linux.ibm.com> Fri, 30 Oct 2020 12:01:00 -0500
+
libtpms (0.7.3-1) RELEASED; urgency=medium
* Fixed set of PCRs belonging to TCB group
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/libtpms-0.7.4/dist/libtpms.spec
new/libtpms-0.7.7/dist/libtpms.spec
--- old/libtpms-0.7.4/dist/libtpms.spec 2020-10-30 20:24:40.000000000 +0100
+++ new/libtpms-0.7.7/dist/libtpms.spec 2021-03-01 19:17:11.000000000 +0100
@@ -1,7 +1,7 @@
# --- libtpm rpm-spec ---
%define name libtpms
-%define version 0.7.4
+%define version 0.7.7
%define release 0
# Valid crypto subsystems are 'freebl' and 'openssl'
@@ -112,7 +112,18 @@
%postun -p /sbin/ldconfig
%changelog
-* Mon Oct 25 2020 Stefan Berger - 0.7.4-1
+* Mon Mar 01 2021 Stefan Berger - 0.7.7-1
+- tpm2: CryptSym: fix AES output IV; a CVE has been filed for this issue
+
+* Fri Deb 26 2021 Stefan Berger - 0.7.6-1
+- Fixed a suspend/resume problem when public keys are loaded
+- Addressed Coverity issues
+
+* Thu Feb 18 2021 Stefan Berger - 0.7.5-1
+- Addressed UBSAN and cppcheck detected issues
+- Return proper size of ECC Parameters to pass HLK tests
+
+* Mon Oct 26 2020 Stefan Berger - 0.7.4-1
- Addressed potential constant-time issues in TPM 1.2 and TPM 2 code
* Fri Jul 10 2020 Stefan Berger - 0.7.3-1
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/libtpms-0.7.4/dist/libtpms.spec.in
new/libtpms-0.7.7/dist/libtpms.spec.in
--- old/libtpms-0.7.4/dist/libtpms.spec.in 2020-10-30 20:24:40.000000000
+0100
+++ new/libtpms-0.7.7/dist/libtpms.spec.in 2021-03-01 19:17:11.000000000
+0100
@@ -112,7 +112,18 @@
%postun -p /sbin/ldconfig
%changelog
-* Mon Oct 25 2020 Stefan Berger - 0.7.4-1
+* Mon Mar 01 2021 Stefan Berger - 0.7.7-1
+- tpm2: CryptSym: fix AES output IV; a CVE has been filed for this issue
+
+* Fri Deb 26 2021 Stefan Berger - 0.7.6-1
+- Fixed a suspend/resume problem when public keys are loaded
+- Addressed Coverity issues
+
+* Thu Feb 18 2021 Stefan Berger - 0.7.5-1
+- Addressed UBSAN and cppcheck detected issues
+- Return proper size of ECC Parameters to pass HLK tests
+
+* Mon Oct 26 2020 Stefan Berger - 0.7.4-1
- Addressed potential constant-time issues in TPM 1.2 and TPM 2 code
* Fri Jul 10 2020 Stefan Berger - 0.7.3-1
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/libtpms-0.7.4/include/libtpms/tpm_library.h
new/libtpms-0.7.7/include/libtpms/tpm_library.h
--- old/libtpms-0.7.4/include/libtpms/tpm_library.h 2020-10-30
20:24:40.000000000 +0100
+++ new/libtpms-0.7.7/include/libtpms/tpm_library.h 2021-03-01
19:17:11.000000000 +0100
@@ -50,7 +50,7 @@
#define TPM_LIBRARY_VER_MAJOR 0
#define TPM_LIBRARY_VER_MINOR 7
-#define TPM_LIBRARY_VER_MICRO 4
+#define TPM_LIBRARY_VER_MICRO 7
#define TPM_LIBRARY_VERSION_GEN(MAJ, MIN, MICRO) \
(( MAJ << 16 ) | ( MIN << 8 ) | ( MICRO ))
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/libtpms-0.7.4/src/tpm12/tpm_crypto.c
new/libtpms-0.7.7/src/tpm12/tpm_crypto.c
--- old/libtpms-0.7.4/src/tpm12/tpm_crypto.c 2020-10-30 20:24:40.000000000
+0100
+++ new/libtpms-0.7.7/src/tpm12/tpm_crypto.c 2021-03-01 19:17:11.000000000
+0100
@@ -652,7 +652,7 @@
if (rc == 0) {
*decrypt_data_length = irc;
printf(" TPM_RSAPrivateDecrypt: RSA_padding_check_PKCS1_OAEP()
recovered %d bytes\n", irc);
- TPM_PrintFour(" TPM_RSAPrivateDecrypt: Decrypt data", decrypt_data);
+ TPM_PrintFourLimit(" TPM_RSAPrivateDecrypt: Decrypt data",
decrypt_data, *decrypt_data_length);
}
if (rsa_pri_key != NULL) {
RSA_free(rsa_pri_key); /* @1 */
@@ -1037,7 +1037,7 @@
if (rc == 0) {
TPM_PrintFour(" TPM_RSAPublicEncryptRaw: Public modulus", narr);
TPM_PrintAll(" TPM_RSAPublicEncryptRaw: Public exponent", earr,
ebytes);
- TPM_PrintFour(" TPM_RSAPublicEncryptRaw: Decrypt data", decrypt_data);
+ TPM_PrintFourLimit(" TPM_RSAPublicEncryptRaw: Decrypt data",
decrypt_data, decrypt_data_size);
/* encrypt the decrypt_data */
irc = RSA_public_encrypt(decrypt_data_size, /* from length
*/
decrypt_data, /* from - the clear
text data */
@@ -1229,7 +1229,7 @@
if (rc == 0) {
printf(" TPM_RSASignDER: Applying PKCS1 type 1 padding, size from %lu
to %u\n",
(unsigned long)message_size, key_size);
- TPM_PrintFour(" TPM_RSASignDER: Input message", message);
+ TPM_PrintFourLimit(" TPM_RSASignDER: Input message", message,
message_size);
/* This call checks that the message will fit with the padding */
irc = RSA_padding_add_PKCS1_type_1(message_pad, /* to */
key_size,
@@ -2572,7 +2572,7 @@
}
/* initialize initial chaining vector */
if (rc == 0) {
- TPM_PrintFour(" TPM_SymmetricKeyData_Crypt: Input", data_in);
+ TPM_PrintFourLimit(" TPM_SymmetricKeyData_Crypt: Input", data_in,
length);
/* encrypt operation */
memset(&ivec, 0, sizeof(DES_cblock));
DES_ede3_cbc_encrypt(data_in,
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/libtpms-0.7.4/src/tpm12/tpm_crypto_freebl.c
new/libtpms-0.7.7/src/tpm12/tpm_crypto_freebl.c
--- old/libtpms-0.7.4/src/tpm12/tpm_crypto_freebl.c 2020-10-30
20:24:40.000000000 +0100
+++ new/libtpms-0.7.7/src/tpm12/tpm_crypto_freebl.c 2021-03-01
19:17:11.000000000 +0100
@@ -654,7 +654,7 @@
if (rc == 0) {
printf(" TPM_RSAPrivateDecrypt: RSA_padding_check_PKCS1 recovered %d
bytes\n",
*decrypt_data_length);
- TPM_PrintFour(" TPM_RSAPrivateDecrypt: Decrypt data", decrypt_data);
+ TPM_PrintFourLimit(" TPM_RSAPrivateDecrypt: Decrypt data",
decrypt_data, decrypt_data_size);
}
PORT_FreeArena(rsa_pri_key.arena, PR_TRUE); /* @1 */
free(padded_data); /* @2 */
@@ -772,7 +772,7 @@
if (rc == 0) {
TPM_PrintFour(" TPM_RSAPublicEncryptRaw: Public modulus", narr);
TPM_PrintAll(" TPM_RSAPublicEncryptRaw: Public exponent", earr,
ebytes);
- TPM_PrintFour(" TPM_RSAPublicEncryptRaw: Decrypt data", decrypt_data);
+ TPM_PrintFourLimit(" TPM_RSAPublicEncryptRaw: Decrypt data",
decrypt_data, decrypt_data_size);
/* raw public key operation, encrypt the decrypt_data */
rv = RSA_PublicKeyOp(&rsa_pub_key, /* freebl public key token */
encrypt_data, /* output - the encrypted data
*/
@@ -941,7 +941,7 @@
if (rc == 0) {
printf(" TPM_RSASignDER: Applying PKCS1 type 1 padding, size from %lu
to %u\n",
(unsigned long)message_size, rsa_pri_key->modulus.len);
- TPM_PrintFour(" TPM_RSASignDER: Input message", message);
+ TPM_PrintFourLimit(" TPM_RSASignDER: Input message", message,
message_size);
/* This call checks that the message will fit with the padding */
rc = TPM_PKCS1_PaddingType1Add(message_pad, /* to */
rsa_pri_key->modulus.len, /* to
length */
@@ -1028,8 +1028,8 @@
irc = memcmp(message, padded_data + padLength, message_size);
if (irc != 0) {
printf("TPM_RSAVerifySHA1: Error, message mismatch\n");
- TPM_PrintFour(" TPM_RSAVerifySHA1: message", message);
- TPM_PrintFour(" TPM_RSAVerifySHA1: message from signature",
padded_data + padLength);
+ TPM_PrintFourLimit(" TPM_RSAVerifySHA1: message", message,
message_size);
+ TPM_PrintFourLimit(" TPM_RSAVerifySHA1: message from signature",
padded_data + padLength, message_size);
rc = TPM_BAD_SIGNATURE;
}
}
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/libtpms-0.7.4/src/tpm12/tpm_cryptoh.c
new/libtpms-0.7.7/src/tpm12/tpm_cryptoh.c
--- old/libtpms-0.7.4/src/tpm12/tpm_cryptoh.c 2020-10-30 20:24:40.000000000
+0100
+++ new/libtpms-0.7.7/src/tpm12/tpm_cryptoh.c 2021-03-01 19:17:11.000000000
+0100
@@ -1597,7 +1597,7 @@
uint32_t dbytes;
printf(" TPM_RSAPrivateDecryptH: Data size %u bytes\n", encrypt_data_size);
- TPM_PrintFour(" TPM_RSAPrivateDecryptH: Encrypt data", encrypt_data);
+ TPM_PrintFourLimit(" TPM_RSAPrivateDecryptH: Encrypt data", encrypt_data,
encrypt_data_size);
if (rc == 0) {
if (tpm_key == NULL) {
printf("TPM_RSAPrivateDecryptH: Error, NULL key\n");
@@ -1646,7 +1646,7 @@
dbytes);
}
if (rc == 0) {
- TPM_PrintFour(" TPM_RSAPrivateDecryptH: Decrypt data", decrypt_data);
+ TPM_PrintFourLimit(" TPM_RSAPrivateDecryptH: Decrypt data",
decrypt_data, *decrypt_data_length);
}
return rc;
}
@@ -1779,7 +1779,7 @@
unsigned char *encrypt_data = NULL;
printf(" TPM_RSAPublicEncrypt_Common: Data size %lu bytes\n", (unsigned
long)decrypt_data_size);
- TPM_PrintFour(" TPM_RSAPublicEncrypt_Common: Decrypt data", decrypt_data);
+ TPM_PrintFourLimit(" TPM_RSAPublicEncrypt_Common: Decrypt data",
decrypt_data, decrypt_data_size);
/* check the key size vs the data size */
if (rc == 0) {
if (decrypt_data_size > nbytes) {
@@ -1901,7 +1901,7 @@
uint32_t dbytes;
printf(" TPM_RSASignH: Message size %lu bytes\n", (unsigned
long)message_size);
- TPM_PrintFour(" TPM_RSASignH: Message", message);
+ TPM_PrintFourLimit(" TPM_RSASignH: Message", message, message_size);
/* extract the public key from TPM_KEY */
if (rc == 0) {
rc = TPM_Key_GetPublicKey(&nbytes, &narr, tpm_key);
@@ -2070,7 +2070,7 @@
unsigned char *maskedSeed;
printf(" TPM_RSA_padding_add_PKCS1_OAEP: fLen %d emLen %d\n", fLen, emLen);
- TPM_PrintFour(" TPM_RSA_padding_add_PKCS1_OAEP: from", from);
+ TPM_PrintFourLimit(" TPM_RSA_padding_add_PKCS1_OAEP: from", from, fLen);
TPM_PrintFour(" TPM_RSA_padding_add_PKCS1_OAEP: pHash", pHash);
TPM_PrintFour(" TPM_RSA_padding_add_PKCS1_OAEP: seed", seed);
@@ -2140,7 +2140,7 @@
/* NOTE Created directly in em */
/* 12. Output EM. */
- TPM_PrintFour(" TPM_RSA_padding_add_PKCS1_OAEP: em", em);
+ TPM_PrintFourLimit(" TPM_RSA_padding_add_PKCS1_OAEP: em", em, emLen);
}
free(dbMask); /* @1 */
return rc;
@@ -2184,7 +2184,7 @@
size_t i;
printf(" TPM_RSA_padding_check_PKCS1_OAEP: emLen %d tSize %d\n", emLen,
tSize);
- TPM_PrintFour(" TPM_RSA_padding_check_PKCS1_OAEP: em", em);
+ TPM_PrintFourLimit(" TPM_RSA_padding_check_PKCS1_OAEP: em", em, emLen);
dbMask = NULL; /* freed @1 */
@@ -2264,7 +2264,7 @@
if (rc == 0) {
memcpy(to, db + i, *tLen);
printf(" TPM_RSA_padding_check_PKCS1_OAEP: tLen %d \n", *tLen);
- TPM_PrintFour(" TPM_RSA_padding_check_PKCS1_OAEP: to", to);
+ TPM_PrintFourLimit(" TPM_RSA_padding_check_PKCS1_OAEP: to", to, *tLen);
TPM_PrintFour(" TPM_RSA_padding_check_PKCS1_OAEP: pHash", pHash);
TPM_PrintFour(" TPM_RSA_padding_check_PKCS1_OAEP: seed", seed);
}
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/libtpms-0.7.4/src/tpm12/tpm_debug.c
new/libtpms-0.7.7/src/tpm12/tpm_debug.c
--- old/libtpms-0.7.4/src/tpm12/tpm_debug.c 2020-10-30 20:24:40.000000000
+0100
+++ new/libtpms-0.7.7/src/tpm12/tpm_debug.c 2021-03-01 19:17:11.000000000
+0100
@@ -57,17 +57,40 @@
#else
-/* TPM_PrintFour() prints a prefix plus 4 bytes of a buffer */
-
-void TPM_PrintFour(const char *string, const unsigned char* buff)
+void TPM_PrintFourLimit(const char *string,
+ const unsigned char *buff, size_t buflen)
{
if (buff != NULL) {
- TPMLIB_LogPrintf("%s %02x %02x %02x %02x\n",
- string,
- buff[0],
- buff[1],
- buff[2],
- buff[3]);
+ switch (buflen) {
+ case 0:
+ TPMLIB_LogPrintf("%s (no data)\n", string);
+ break;
+ case 1:
+ TPMLIB_LogPrintf("%s %02x\n",
+ string,
+ buff[0]);
+ break;
+ case 2:
+ TPMLIB_LogPrintf("%s %02x %02x\n",
+ string,
+ buff[0],
+ buff[1]);
+ break;
+ case 3:
+ TPMLIB_LogPrintf("%s %02x %02x %02x\n",
+ string,
+ buff[0],
+ buff[1],
+ buff[2]);
+ break;
+ default:
+ TPMLIB_LogPrintf("%s %02x %02x %02x %02x\n",
+ string,
+ buff[0],
+ buff[1],
+ buff[2],
+ buff[3]);
+ }
}
else {
TPMLIB_LogPrintf("%s null\n", string);
@@ -75,6 +98,13 @@
return;
}
+/* TPM_PrintFour() prints a prefix plus 4 bytes of a buffer */
+
+void TPM_PrintFour(const char *string, const unsigned char* buff)
+{
+ TPM_PrintFourLimit(string, buff, 4);
+}
+
#endif
/* TPM_PrintAll() prints 'string', the length, and then the entire byte array
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/libtpms-0.7.4/src/tpm12/tpm_debug.h
new/libtpms-0.7.7/src/tpm12/tpm_debug.h
--- old/libtpms-0.7.4/src/tpm12/tpm_debug.h 2020-10-30 20:24:40.000000000
+0100
+++ new/libtpms-0.7.7/src/tpm12/tpm_debug.h 2021-03-01 19:17:11.000000000
+0100
@@ -46,6 +46,8 @@
/* prototypes */
void TPM_PrintFour(const char *string, const unsigned char* buff);
+void TPM_PrintFourLimit(const char *string,
+ const unsigned char* buff, size_t bufflen);
void TPM_PrintAll(const char *string, const unsigned char* buff, uint32_t
length);
#if 0
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/libtpms-0.7.4/src/tpm12/tpm_key.c
new/libtpms-0.7.7/src/tpm12/tpm_key.c
--- old/libtpms-0.7.4/src/tpm12/tpm_key.c 2020-10-30 20:24:40.000000000
+0100
+++ new/libtpms-0.7.7/src/tpm12/tpm_key.c 2021-03-01 19:17:11.000000000
+0100
@@ -2455,8 +2455,9 @@
rc = TPM_MigrateAsymkey_Load(&tpm_migrate_asymkey, &stream,
&stream_size);
printf(" TPM_StoreAsymkey_LoadO1: partPrivKey length %u\n",
tpm_migrate_asymkey.partPrivKey.size);
- TPM_PrintFour(" TPM_StoreAsymkey_LoadO1: partPrivKey -",
- tpm_migrate_asymkey.partPrivKey.buffer);
+ TPM_PrintFourLimit(" TPM_StoreAsymkey_LoadO1: partPrivKey -",
+ tpm_migrate_asymkey.partPrivKey.buffer,
+ tpm_migrate_asymkey.partPrivKey.size);
}
/* create k1k2 by combining seed (k1) and TPM_MIGRATE_ASYMKEY.partPrivKey
(k2) field */
if (rc == 0) {
@@ -2475,7 +2476,7 @@
TPM_Digest_Copy(tpm_store_asymkey->pubDataDigest,
tpm_migrate_asymkey.pubDataDigest);
TPM_Sbuffer_Get(&k1k2_sbuffer, &k1k2_buffer, &k1k2_length);
printf(" TPM_StoreAsymkey_LoadO1: k1k2 length %u\n", k1k2_length);
- TPM_PrintFour(" TPM_StoreAsymkey_LoadO1: k1k2", k1k2_buffer);
+ TPM_PrintFourLimit(" TPM_StoreAsymkey_LoadO1: k1k2", k1k2_buffer,
k1k2_length);
rc = TPM_SizedBuffer_Load(&(tpm_store_asymkey->privKey.p_key),
(unsigned char **)&k1k2_buffer, &k1k2_length);
}
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/libtpms-0.7.4/src/tpm12/tpm_migration.c
new/libtpms-0.7.7/src/tpm12/tpm_migration.c
--- old/libtpms-0.7.4/src/tpm12/tpm_migration.c 2020-10-30 20:24:40.000000000
+0100
+++ new/libtpms-0.7.7/src/tpm12/tpm_migration.c 2021-03-01 19:17:11.000000000
+0100
@@ -844,9 +844,9 @@
}
/* e. Create x1 by XOR of o1 with r1 */
if (rc == 0) {
- TPM_PrintFour("TPM_CreateBlobCommon: r1 -", r1);
+ TPM_PrintFourLimit("TPM_CreateBlobCommon: r1 -", r1, o1_size);
TPM_XOR(x1, o1, r1, o1_size);
- TPM_PrintFour("TPM_CreateBlobCommon: x1 -", x1);
+ TPM_PrintFourLimit("TPM_CreateBlobCommon: x1 -", x1, o1_size);
/* f. Copy r1 into the output field "random".*/
rc = TPM_SizedBuffer_Set(random, o1_size, r1);
}
@@ -1513,7 +1513,7 @@
/* 3. Create d1 by decrypting the inData area using the key in
parentHandle */
if (returnCode == TPM_SUCCESS) {
printf("TPM_Process_ConvertMigrationBlob: Decrypting inData\n");
- TPM_PrintFour("TPM_Process_ConvertMigrationBlob: inData",
inData.buffer);
+ TPM_PrintFourLimit("TPM_Process_ConvertMigrationBlob: inData",
inData.buffer, inData.size);
returnCode = TPM_RSAPrivateDecryptMalloc(&d1Decrypt, /*
decrypted data */
&d1DecryptLength, /*
actual size of d1 data */
inData.buffer, /*
encrypted data */
@@ -1535,7 +1535,7 @@
}
if (returnCode == TPM_SUCCESS) {
printf("TPM_Process_ConvertMigrationBlob: d1 length %u\n",
d1DecryptLength);
- TPM_PrintFour("TPM_Process_ConvertMigrationBlob: d1 -", d1Decrypt);
+ TPM_PrintFourLimit("TPM_Process_ConvertMigrationBlob: d1 -", d1Decrypt,
d1DecryptLength);
/* 4. Create o1 by XOR d1 and random parameter */
TPM_XOR(o1Oaep, d1Decrypt, random.buffer, d1DecryptLength);
/* 5. Create m1 a TPM_MIGRATE_ASYMKEY structure, seed and pHash by OAEP
decoding o1 */
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/libtpms-0.7.4/src/tpm12/tpm_nvram.c
new/libtpms-0.7.7/src/tpm12/tpm_nvram.c
--- old/libtpms-0.7.4/src/tpm12/tpm_nvram.c 2020-10-30 20:24:40.000000000
+0100
+++ new/libtpms-0.7.7/src/tpm12/tpm_nvram.c 2021-03-01 19:17:11.000000000
+0100
@@ -1537,8 +1537,8 @@
}
/* c. Set data to area pointed to by offset */
if ((returnCode == TPM_SUCCESS) && !isGPIO) {
- TPM_PrintFour("TPM_Process_NVReadValue: read data",
- d1NvdataSensitive->data + offset);
+ TPM_PrintFourLimit("TPM_Process_NVReadValue: read data",
+ d1NvdataSensitive->data + offset, dataSize);
returnCode = TPM_SizedBuffer_Set(&data,
dataSize,
d1NvdataSensitive->data + offset);
}
@@ -1861,8 +1861,8 @@
}
/* c. Set data to area pointed to by offset */
if ((returnCode == TPM_SUCCESS) && !isGPIO) {
- TPM_PrintFour("TPM_Process_NVReadValueAuth: read data",
- d1NvdataSensitive->data + offset);
+ TPM_PrintFourLimit("TPM_Process_NVReadValueAuth: read data",
+ d1NvdataSensitive->data + offset, dataSize);
returnCode = TPM_SizedBuffer_Set(&data, dataSize,
d1NvdataSensitive->data + offset);
}
/* GPIO */
@@ -2078,7 +2078,7 @@
if (returnCode == TPM_SUCCESS) {
printf("TPM_Process_NVWriteValue: index %08x offset %u dataSize %u\n",
nvIndex, offset, data.size);
- TPM_PrintFour("TPM_Process_NVWriteValue: data", data.buffer);
+ TPM_PrintFourLimit("TPM_Process_NVWriteValue: data", data.buffer,
data.size);
/* 1. If TPM_PERMANENT_FLAGS -> nvLocked is FALSE then all
authorization checks except for
the max NV writes are ignored */
/* a. Ignored checks include physical presence, owner authorization,
TPM_NV_PER_OWNERWRITE,
@@ -2569,7 +2569,7 @@
if (returnCode == TPM_SUCCESS) {
printf("TPM_Process_NVWriteValueAuth: index %08x offset %u dataSize
%u\n",
nvIndex, offset, data.size);
- TPM_PrintFour("TPM_Process_NVWriteValueAuth: data", data.buffer);
+ TPM_PrintFourLimit("TPM_Process_NVWriteValueAuth: data", data.buffer,
data.size);
printf("TPM_Process_NVWriteValueAuth: Loading data from NVRAM\n");
returnCode = TPM_NVIndexEntries_GetEntry(&d1NvdataSensitive,
&(tpm_state->tpm_nv_index_entries),
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/libtpms-0.7.4/src/tpm12/tpm_storage.c
new/libtpms-0.7.7/src/tpm12/tpm_storage.c
--- old/libtpms-0.7.4/src/tpm12/tpm_storage.c 2020-10-30 20:24:40.000000000
+0100
+++ new/libtpms-0.7.7/src/tpm12/tpm_storage.c 2021-03-01 19:17:11.000000000
+0100
@@ -650,7 +650,7 @@
rc = TPM_Malloc(o1, inData->size); /* freed by caller */
}
if (rc == TPM_SUCCESS) {
- TPM_PrintFour(" TPM_SealCryptCommon: input data", inData->buffer);
+ TPM_PrintFourLimit(" TPM_SealCryptCommon: input data", inData->buffer,
inData->size);
}
switch (adipEncScheme) {
case TPM_ET_XOR:
@@ -1227,7 +1227,7 @@
}
if (returnCode == TPM_SUCCESS) {
printf("TPM_Process_Sealx: Sealing %u bytes\n", inData.size);
- TPM_PrintFour("TPM_Process_Sealx: Sealing data", inData.buffer);
+ TPM_PrintFourLimit("TPM_Process_Sealx: Sealing data", inData.buffer,
inData.size);
}
/* save the ending point of inParam's for authorization and auditing */
inParamEnd = command;
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/libtpms-0.7.4/src/tpm2/NVMarshal.c
new/libtpms-0.7.7/src/tpm2/NVMarshal.c
--- old/libtpms-0.7.4/src/tpm2/NVMarshal.c 2020-10-30 20:24:40.000000000
+0100
+++ new/libtpms-0.7.7/src/tpm2/NVMarshal.c 2021-03-01 19:17:11.000000000
+0100
@@ -482,8 +482,10 @@
rc = TPM_RC_SIZE;
}
}
- for (i = 0; i < array_size && rc == TPM_RC_SUCCESS; i++) {
- rc = UINT32_Unmarshal(&data->lastValue[i], buffer, size);
+ if (rc == TPM_RC_SUCCESS) {
+ for (i = 0; i < ARRAY_SIZE(data->lastValue) && rc == TPM_RC_SUCCESS;
i++) {
+ rc = UINT32_Unmarshal(&data->lastValue[i], buffer, size);
+ }
}
/* version 2 starts having indicator for next versions that we can skip;
@@ -573,7 +575,7 @@
this allows us to downgrade state */
if (rc == TPM_RC_SUCCESS && hdr.version >= 2) {
BLOCK_SKIP_READ(skip_future_versions, FALSE, buffer, size,
- "ORDERLY DATA", "version 3 or later");
+ "PCR_POLICY", "version 3 or later");
/* future versions nest-append here */
}
skip_future_versions:
@@ -651,7 +653,7 @@
#endif
if (rc == TPM_RC_SUCCESS) {
BLOCK_SKIP_READ(skip_self_heal_timer, needs_block, buffer, size,
- "ORDERLY DATA", "selfHealTimer");
+ "ORDERLY_DATA", "selfHealTimer");
}
#if ACCUMULATE_SELF_HEAL_TIMER
if (rc == TPM_RC_SUCCESS) {
@@ -670,7 +672,7 @@
this allows us to downgrade state */
if (rc == TPM_RC_SUCCESS && hdr.version >= 2) {
BLOCK_SKIP_READ(skip_future_versions, FALSE, buffer, size,
- "ORDERLY DATA", "version 3 or later");
+ "ORDERLY_DATA", "version 3 or later");
/* future versions nest-append here */
}
skip_future_versions:
@@ -1116,8 +1118,10 @@
ARRAY_SIZE(data->auth), array_size);
rc = TPM_RC_BAD_PARAMETER;
}
- for (i = 0; i < array_size && rc == TPM_RC_SUCCESS; i++) {
- rc = TPM2B_DIGEST_Unmarshal(&data->auth[i], buffer, size);
+ if (rc == TPM_RC_SUCCESS) {
+ for (i = 0; i < ARRAY_SIZE(data->auth) && rc == TPM_RC_SUCCESS; i++) {
+ rc = TPM2B_DIGEST_Unmarshal(&data->auth[i], buffer, size);
+ }
}
/* version 2 starts having indicator for next versions that we can skip;
@@ -1429,6 +1433,7 @@
rc = UINT16_Unmarshal(&numbytes, buffer, size);
}
if (rc == TPM_RC_SUCCESS) {
+ /* coverity: num_bytes is sanitized here! */
data->size = (numbytes + sizeof(crypt_uword_t) - 1) /
sizeof(crypt_word_t);
if (data->size > data->allocated) {
TPMLIB_LogTPM2Error("bn_prime_t: Require size larger %zu than "
@@ -1438,16 +1443,18 @@
}
}
- for (i = 0, idx = 0;
- i < numbytes && rc == TPM_RC_SUCCESS;
- i += sizeof(UINT32), idx += 1) {
- rc = UINT32_Unmarshal(&word, buffer, size);
+ if (rc == TPM_RC_SUCCESS) {
+ for (i = 0, idx = 0;
+ i < numbytes && rc == TPM_RC_SUCCESS;
+ i += sizeof(UINT32), idx += 1) {
+ rc = UINT32_Unmarshal(&word, buffer, size);
#if RADIX_BITS == 64
- data->d[idx / 2] <<= 32;
- data->d[idx / 2] |= word;
+ data->d[idx / 2] <<= 32;
+ data->d[idx / 2] |= word;
#elif RADIX_BITS == 32
- data->d[idx] = word;
+ data->d[idx] = word;
#endif
+ }
}
#if RADIX_BITS == 64
@@ -2094,7 +2101,7 @@
this allows us to downgrade state */
if (rc == TPM_RC_SUCCESS && hdr.version >= 2) {
BLOCK_SKIP_READ(skip_future_versions, FALSE, buffer, size,
- "STATE_RESET_DATA", "version 3 or later");
+ "HASH_STATE", "version 3 or later");
/* future versions nest-append here */
}
@@ -2248,6 +2255,67 @@
return rc;
}
+/* Local version of TPMT_SENSITIVE_Marshal handling public keys that don't
have much in TPM_SENSITIVE */
+static UINT16
+NV_TPMT_SENSITIVE_Marshal(TPMT_SENSITIVE *source, BYTE **buffer, INT32 *size)
+{
+ UINT16 written = 0;
+
+ written += TPM_ALG_ID_Marshal(&source->sensitiveType, buffer, size);
+ written += TPM2B_AUTH_Marshal(&source->authValue, buffer, size);
+ written += TPM2B_DIGEST_Marshal(&source->seedValue, buffer, size);
+
+ switch (source->sensitiveType) {
+ case TPM_ALG_RSA:
+ case TPM_ALG_ECC:
+ case TPM_ALG_KEYEDHASH:
+ case TPM_ALG_SYMCIPHER:
+ written += TPMU_SENSITIVE_COMPOSITE_Marshal(&source->sensitive,
buffer, size, source->sensitiveType);
+ break;
+ default:
+ /* we wrote these but they must have been 0 in this case */
+ pAssert(source->authValue.t.size == 0);
+ pAssert(source->seedValue.t.size == 0);
+ pAssert(source->sensitiveType == TPM_ALG_ERROR)
+ /* public keys */
+ }
+ return written;
+}
+
+/* local version of TPM_SENSITIVE_Unmarshal handling public keys that don't
have much in TPMT_SENSITVE */
+static TPM_RC
+NV_TPMT_SENSITIVE_Unmarshal(TPMT_SENSITIVE *target, BYTE **buffer, INT32 *size)
+{
+ TPM_RC rc = TPM_RC_SUCCESS;
+
+ if (rc == TPM_RC_SUCCESS) {
+ /* TPMI_ALG_PUBLIC_Unmarshal would test the sensitiveType; we don't
want this */
+ rc = TPM_ALG_ID_Unmarshal(&target->sensitiveType, buffer, size);
+ }
+ if (rc == TPM_RC_SUCCESS) {
+ rc = TPM2B_AUTH_Unmarshal(&target->authValue, buffer, size);
+ }
+ if (rc == TPM_RC_SUCCESS) {
+ rc = TPM2B_DIGEST_Unmarshal(&target->seedValue, buffer, size);
+ }
+ if (rc == TPM_RC_SUCCESS) {
+ switch (target->sensitiveType) {
+ case TPM_ALG_RSA:
+ case TPM_ALG_ECC:
+ case TPM_ALG_KEYEDHASH:
+ case TPM_ALG_SYMCIPHER:
+ rc = TPMU_SENSITIVE_COMPOSITE_Unmarshal(&target->sensitive, buffer,
size, target->sensitiveType);
+ break;
+ default:
+ pAssert(target->authValue.t.size == 0);
+ pAssert(target->seedValue.t.size == 0);
+ pAssert(target->sensitiveType == TPM_ALG_ERROR)
+ /* nothing do to do */
+ }
+ }
+ return rc;
+}
+
#define OBJECT_MAGIC 0x75be73af
#define OBJECT_VERSION 2
@@ -2265,7 +2333,7 @@
* attributes are written in ANY_OBJECT_Marshal
*/
written += TPMT_PUBLIC_Marshal(&data->publicArea, buffer, size);
- written += TPMT_SENSITIVE_Marshal(&data->sensitive, buffer, size);
+ written += NV_TPMT_SENSITIVE_Marshal(&data->sensitive, buffer, size);
#if ALG_RSA
has_block = TRUE;
@@ -2312,7 +2380,7 @@
rc = TPMT_PUBLIC_Unmarshal(&data->publicArea, buffer, size, TRUE);
}
if (rc == TPM_RC_SUCCESS) {
- rc = TPMT_SENSITIVE_Unmarshal(&data->sensitive, buffer, size);
+ rc = NV_TPMT_SENSITIVE_Unmarshal(&data->sensitive, buffer, size);
}
#if ALG_RSA
@@ -2978,6 +3046,10 @@
rc = TPM2B_Unmarshal(&seed.b, PRIMARY_SEED_SIZE, buffer, size);
}
if (rc == TPM_RC_SUCCESS) {
+ if (seed.b.size > PRIMARY_SEED_SIZE) /* coverity */
+ rc = TPM_RC_SIZE;
+ }
+ if (rc == TPM_RC_SUCCESS) {
if (TPM2B_Cmp(&seed.b, &pd.EPSeed.b)) {
TPMLIB_LogTPM2Error("%s: EPSeed does not match\n",
__func__);
@@ -2988,6 +3060,10 @@
rc = TPM2B_Unmarshal(&seed.b, PRIMARY_SEED_SIZE, buffer, size);
}
if (rc == TPM_RC_SUCCESS) {
+ if (seed.b.size > PRIMARY_SEED_SIZE) /* coverity */
+ rc = TPM_RC_SIZE;
+ }
+ if (rc == TPM_RC_SUCCESS) {
if (TPM2B_Cmp(&seed.b, &pd.SPSeed.b)) {
TPMLIB_LogTPM2Error("%s: SPSeed does not match\n",
__func__);
@@ -2998,6 +3074,10 @@
rc = TPM2B_Unmarshal(&seed.b, PRIMARY_SEED_SIZE, buffer, size);
}
if (rc == TPM_RC_SUCCESS) {
+ if (seed.b.size > PRIMARY_SEED_SIZE) /* coverity */
+ rc = TPM_RC_SIZE;
+ }
+ if (rc == TPM_RC_SUCCESS) {
if (TPM2B_Cmp(&seed.b, &pd.PPSeed.b)) {
TPMLIB_LogTPM2Error("%s: PPSeed does not match\n",
__func__);
@@ -3967,11 +4047,11 @@
this allows us to downgrade state */
if (rc == TPM_RC_SUCCESS && hdr.version >= 2) {
BLOCK_SKIP_READ(skip_future_versions, hdr.version >= 3, buffer, size,
- "Volatile State", "version 3 or later");
+ "PERSISTENT_DATA", "version 3 or later");
rc = TPML_PCR_SELECTION_Unmarshal(&shadow.pcrAllocated, buffer, size);
BLOCK_SKIP_READ(skip_future_versions, FALSE, buffer, size,
- "PERSISTENT DATA", "version 4 or later");
+ "PERSISTENT_DATA", "version 4 or later");
/* future versions nest-append here */
}
@@ -3991,7 +4071,7 @@
BYTE **buffer, INT32 *size)
{
UINT16 written;
- NV_RAM_HEADER *nrh;
+ NV_RAM_HEADER nrh, *nrhp;
UINT16 offset = 0;
UINT16 datasize;
UINT32 sourceside_size = array_size;
@@ -4005,36 +4085,42 @@
written += UINT32_Marshal(&sourceside_size, buffer, size);
while (TRUE) {
- nrh = array + offset;
+ nrhp = array + offset;
+ /* nrhp may point to misaligned address (ubsan), so use 'nrh'; first
access only 'size' */
+ memcpy(&nrh, nrhp, sizeof(nrh.size));
+
/* write the NVRAM header;
nrh->size holds the complete size including data;
nrh->size = 0 indicates the end */
- written += UINT32_Marshal(&nrh->size, buffer, size);
- if (nrh->size == 0)
+ written += UINT32_Marshal(&nrh.size, buffer, size);
+ if (nrh.size == 0)
break;
- written += TPM_HANDLE_Marshal(&nrh->handle, buffer, size);
- written += TPMA_NV_Marshal(&nrh->attributes, buffer, size);
+ /* copy the entire structure now; ubsan does not allow 'nrh = *nrhp' */
+ memcpy(&nrh, nrhp, sizeof(nrh));
+
+ written += TPM_HANDLE_Marshal(&nrh.handle, buffer, size);
+ written += TPMA_NV_Marshal(&nrh.attributes, buffer, size);
- if (offset + nrh->size > array_size) {
- TPMLIB_LogTPM2Error("NV_ORDERLY_RAM: nrh->size corrupted: %d\n",
- nrh->size);
+ if (offset + nrh.size > array_size) {
+ TPMLIB_LogTPM2Error("INDEX_ORDERLY_RAM: nrh->size corrupted: %d\n",
+ nrh.size);
break;
}
/* write data size before array */
- if (nrh->size < sizeof(NV_RAM_HEADER)) {
+ if (nrh.size < sizeof(NV_RAM_HEADER)) {
TPMLIB_LogTPM2Error(
- "NV_ORDERLY_RAM: nrh->size < sizeof(NV_RAM_HEADER): %d <
%zu\n",
- (int)nrh->size, sizeof(NV_RAM_HEADER));
+ "INDEX_ORDERLY_RAM: nrh->size < sizeof(NV_RAM_HEADER): %d <
%zu\n",
+ (int)nrh.size, sizeof(NV_RAM_HEADER));
break;
}
- datasize = nrh->size - sizeof(NV_RAM_HEADER);
+ datasize = nrh.size - sizeof(NV_RAM_HEADER);
written += UINT16_Marshal(&datasize, buffer, size);
if (datasize > 0) {
/* append the data */
written += Array_Marshal(array + offset + sizeof(NV_RAM_HEADER),
datasize, buffer, size);
}
- offset += nrh->size;
+ offset += nrh.size;
}
written += BLOCK_SKIP_WRITE_PUSH(TRUE, buffer, size);
@@ -4053,7 +4139,7 @@
{
TPM_RC rc = TPM_RC_SUCCESS;
NV_HEADER hdr;
- NV_RAM_HEADER *nrh;
+ NV_RAM_HEADER nrh, *nrhp;
UINT16 offset = 0;
UINT16 datasize = 0;
UINT32 sourceside_size;
@@ -4071,31 +4157,37 @@
}
while (rc == TPM_RC_SUCCESS) {
- nrh = array + offset;
+ memset(&nrh, 0, sizeof(nrh)); /* coverity */
+ /* nrhp may point to misaligned address (ubsan)
+ * we read 'into' nrh and copy to nrhp at end
+ */
+ nrhp = array + offset;
+
/* write the NVRAM header;
nrh->size holds the complete size including data;
nrh->size = 0 indicates the end */
- if (offset + sizeof(nrh->size) > array_size) {
- offset += sizeof(nrh->size);
+ if (offset + sizeof(nrh.size) > array_size) {
+ offset += sizeof(nrh.size);
goto exit_size;
}
if (rc == TPM_RC_SUCCESS) {
- rc = UINT32_Unmarshal(&nrh->size, buffer, size);
- if (nrh->size == 0)
+ rc = UINT32_Unmarshal(&nrh.size, buffer, size);
+ if (rc == TPM_RC_SUCCESS && nrh.size == 0) {
+ memcpy(nrhp, &nrh, sizeof(nrh.size));
break;
+ }
}
if (offset + sizeof(NV_RAM_HEADER) > array_size) {
offset += sizeof(NV_RAM_HEADER);
goto exit_size;
}
if (rc == TPM_RC_SUCCESS) {
- rc = TPM_HANDLE_Unmarshal(&nrh->handle, buffer, size);
+ rc = TPM_HANDLE_Unmarshal(&nrh.handle, buffer, size);
}
if (rc == TPM_RC_SUCCESS) {
- rc = TPMA_NV_Unmarshal(&nrh->attributes, buffer, size);
+ rc = TPMA_NV_Unmarshal(&nrh.attributes, buffer, size);
}
-
if (rc == TPM_RC_SUCCESS) {
rc = UINT16_Unmarshal(&datasize, buffer, size);
}
@@ -4110,8 +4202,10 @@
}
if (rc == TPM_RC_SUCCESS) {
/* fix up size in case it is architecture-dependent */
- nrh->size = sizeof(*nrh) + datasize;
- offset += nrh->size;
+ nrh.size = sizeof(nrh) + datasize;
+ offset += nrh.size;
+ /* copy header into possibly misaligned address in NVRAM */
+ *nrhp = nrh;
}
}
@@ -4119,7 +4213,7 @@
this allows us to downgrade state */
if (rc == TPM_RC_SUCCESS && hdr.version >= 2) {
BLOCK_SKIP_READ(skip_future_versions, FALSE, buffer, size,
- "INDEX ORDERLY RAM", "version 3 or later");
+ "INDEX_ORDERLY_RAM", "version 3 or later");
/* future versions nest-append here */
}
@@ -4181,7 +4275,7 @@
fprintf(stderr, " sizeof(obj): %zu\n", sizeof(obj));
break;
default:
- TPMLIB_LogTPM2Error("USER NVRAM: Corrupted handle: %08x\n",
handle);
+ TPMLIB_LogTPM2Error("USER_NVRAM: Corrupted handle: %08x\n",
handle);
}
/* advance to next entry */
entryRef += entrysize;
@@ -4257,7 +4351,7 @@
written += ANY_OBJECT_Marshal(&obj, buffer, size);
break;
default:
- TPMLIB_LogTPM2Error("USER NVRAM: Corrupted handle: %08x\n",
handle);
+ TPMLIB_LogTPM2Error("USER_NVRAM: Corrupted handle: %08x\n",
handle);
}
/* advance to next entry */
entryRef += entrysize;
@@ -4420,7 +4514,7 @@
this allows us to downgrade state */
if (rc == TPM_RC_SUCCESS && hdr.version >= 2) {
BLOCK_SKIP_READ(skip_future_versions, FALSE, buffer, size,
- "USER NVRAM", "version 3 or later");
+ "USER_NVRAM", "version 3 or later");
/* future versions nest-append here */
}
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/libtpms-0.7.4/src/tpm2/Policy_spt.c
new/libtpms-0.7.7/src/tpm2/Policy_spt.c
--- old/libtpms-0.7.4/src/tpm2/Policy_spt.c 2020-10-30 20:24:40.000000000
+0100
+++ new/libtpms-0.7.7/src/tpm2/Policy_spt.c 2021-03-01 19:17:11.000000000
+0100
@@ -190,8 +190,11 @@
policyTime = 0;
else
{
- if(expiration < 0)
+ if(expiration < 0) {
+ if (expiration == (INT32)0x80000000) /* libtpms changed begin;
ubsan */
+ expiration++; /* libtpms changed end */
expiration = -expiration;
+ }
if(nonce->t.size == 0)
// The input time is absolute Time (not Clock), but it is
expressed
// in seconds. To make sure that we don't time out too early,
take the
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/libtpms-0.7.4/src/tpm2/Session.c
new/libtpms-0.7.7/src/tpm2/Session.c
--- old/libtpms-0.7.4/src/tpm2/Session.c 2020-10-30 20:24:40.000000000
+0100
+++ new/libtpms-0.7.7/src/tpm2/Session.c 2021-03-01 19:17:11.000000000
+0100
@@ -406,8 +406,11 @@
}
}
// if no spot found, then this is an internal error
- if(slotIndex >= MAX_LOADED_SESSIONS)
+ if(slotIndex >= MAX_LOADED_SESSIONS) { // libtpms changed
FAIL(FATAL_ERROR_INTERNAL);
+ // should never get here due to longjmp in FAIL() libtpms added begin;
cppcheck
+ return TPM_RC_FAILURE;
+ } // libtpms added end
// Call context ID function to get a handle. TPM_RC_SESSION_HANDLE may be
// returned from ContextIdHandelAssign()
result = ContextIdSessionCreate(sessionHandle, slotIndex);
@@ -572,6 +575,12 @@
if(s_sessions[slotIndex].occupied == FALSE) break;
// if no spot found, then this is an internal error
pAssert(slotIndex < MAX_LOADED_SESSIONS);
+ // libtpms: besides the s_freeSessionSlots guard add another array index
guard
+ if (slotIndex >= MAX_LOADED_SESSIONS) { // libtpms added begin; cppcheck
+ FAIL(FATAL_ERROR_INTERNAL);
+ // should never get here due to longjmp in FAIL()
+ return TPM_RC_FAILURE;
+ } // libtpms added end
contextIndex = *handle & HR_HANDLE_MASK; // extract the index
// If there is only one slot left, and the gap is at maximum, the only
session
// context that we can safely load is the oldest one.
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/libtpms-0.7.4/src/tpm2/crypto/openssl/CryptCmac.c
new/libtpms-0.7.7/src/tpm2/crypto/openssl/CryptCmac.c
--- old/libtpms-0.7.4/src/tpm2/crypto/openssl/CryptCmac.c 2020-10-30
20:24:40.000000000 +0100
+++ new/libtpms-0.7.7/src/tpm2/crypto/openssl/CryptCmac.c 2021-03-01
19:17:11.000000000 +0100
@@ -121,6 +121,7 @@
tpmCryptKeySchedule_t keySchedule;
TpmCryptSetSymKeyCall_t encrypt;
//
+ memset(&keySchedule, 0, sizeof(keySchedule)); /* libtpms added: coverity */
SELECT(ENCRYPT);
while(size > 0)
{
@@ -157,6 +158,7 @@
TPM2B_IV subkey = {{0, {0}}};
BOOL xorVal;
UINT16 i;
+ memset(&keySchedule, 0, sizeof(keySchedule)); /* libtpms added: coverity */
subkey.t.size = cState->iv.t.size;
// Encrypt a block of zero
SELECT(ENCRYPT);
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/libtpms-0.7.4/src/tpm2/crypto/openssl/CryptEccMain.c
new/libtpms-0.7.7/src/tpm2/crypto/openssl/CryptEccMain.c
--- old/libtpms-0.7.4/src/tpm2/crypto/openssl/CryptEccMain.c 2020-10-30
20:24:40.000000000 +0100
+++ new/libtpms-0.7.7/src/tpm2/crypto/openssl/CryptEccMain.c 2021-03-01
19:17:11.000000000 +0100
@@ -403,8 +403,8 @@
parameters->kdf = curve->kdf;
parameters->sign = curve->sign;
BnTo2B(data->prime, ¶meters->p.b, 0);
- BnTo2B(data->a, ¶meters->a.b, 0);
- BnTo2B(data->b, ¶meters->b.b, 0);
+ BnTo2B(data->a, ¶meters->a.b, parameters->p.t.size /* libtpms
changed for HLK */);
+ BnTo2B(data->b, ¶meters->b.b, parameters->p.t.size /* libtpms
changed for HLK */);
BnTo2B(data->base.x, ¶meters->gX.b, parameters->p.t.size);
BnTo2B(data->base.y, ¶meters->gY.b, parameters->p.t.size);
BnTo2B(data->order, ¶meters->n.b, 0);
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/libtpms-0.7.4/src/tpm2/crypto/openssl/CryptPrime.c
new/libtpms-0.7.7/src/tpm2/crypto/openssl/CryptPrime.c
--- old/libtpms-0.7.4/src/tpm2/crypto/openssl/CryptPrime.c 2020-10-30
20:24:40.000000000 +0100
+++ new/libtpms-0.7.7/src/tpm2/crypto/openssl/CryptPrime.c 2021-03-01
19:17:11.000000000 +0100
@@ -308,6 +308,16 @@
{
UINT16 highBytes;
crypt_uword_t *msw = &prime->d[prime->size - 1];
+
+ /* This computation is known to be buggy on 64-bit systems, as MASK=0xffff
+ * instead of 0x0000ffffffffffff and this introduces 32 zero bits in the
+ * adjusted prime number. But fixing this would modify keys which were
+ * previously generated, so keep it this way for now.
+ * This was fixed in the current version of "Trusted Platform Module
Library
+ * Family 2.0 Specification - Part 4: Routines - Code" (from TCG) and this
issue
+ * will be fixed for newly-generated prime numbers for the version of
libtpms
+ * which will come after 0.7.x.
+ */
#define MASK (MAX_CRYPT_UWORD >> (RADIX_BITS - 16))
highBytes = *msw >> (RADIX_BITS - 16);
// This is fixed point arithmetic on 16-bit values
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/libtpms-0.7.4/src/tpm2/crypto/openssl/CryptRand.c
new/libtpms-0.7.7/src/tpm2/crypto/openssl/CryptRand.c
--- old/libtpms-0.7.4/src/tpm2/crypto/openssl/CryptRand.c 2020-10-30
20:24:40.000000000 +0100
+++ new/libtpms-0.7.7/src/tpm2/crypto/openssl/CryptRand.c 2021-03-01
19:17:11.000000000 +0100
@@ -358,6 +358,7 @@
DRBG_KEY *key = pDRBG_KEY(&drbgState->seed);
DRBG_IV *iv = pDRBG_IV(&drbgState->seed);
DRBG_KEY_SCHEDULE localKeySchedule;
+ memset(&localKeySchedule, 0, sizeof(localKeySchedule)); /* libtpms added:
coverity */
//
pAssert(drbgState->magic == DRBG_MAGIC);
// If an key schedule was not provided, make one
@@ -745,6 +746,7 @@
DRBG_STATE *drbgState = (DRBG_STATE *)state;
DRBG_KEY_SCHEDULE keySchedule;
DRBG_SEED *seed = &drbgState->seed;
+ memset(&keySchedule, 0, sizeof(keySchedule)); /* libtpms added:
coverity */
if(drbgState->reseedCounter >= CTR_DRBG_MAX_REQUESTS_PER_RESEED)
{
if(drbgState == &drbgDefault)
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/libtpms-0.7.4/src/tpm2/crypto/openssl/CryptSym.c
new/libtpms-0.7.7/src/tpm2/crypto/openssl/CryptSym.c
--- old/libtpms-0.7.4/src/tpm2/crypto/openssl/CryptSym.c 2020-10-30
20:24:40.000000000 +0100
+++ new/libtpms-0.7.7/src/tpm2/crypto/openssl/CryptSym.c 2021-03-01
19:17:11.000000000 +0100
@@ -531,6 +531,7 @@
BYTE keyToUse[MAX_SYM_KEY_BYTES];
UINT16 keyToUseLen = (UINT16)sizeof(keyToUse);
TPM_RC retVal = TPM_RC_SUCCESS;
+ int ivLen;
pAssert(dOut != NULL && key != NULL && dIn != NULL);
if(dSize == 0)
@@ -595,6 +596,14 @@
if (EVP_EncryptFinal_ex(ctx, pOut + outlen1, &outlen2) != 1)
ERROR_RETURN(TPM_RC_FAILURE);
+ if (ivInOut) {
+ ivLen = EVP_CIPHER_CTX_iv_length(ctx);
+ if (ivLen < 0 || (size_t)ivLen > sizeof(ivInOut->t.buffer))
+ ERROR_RETURN(TPM_RC_FAILURE);
+
+ ivInOut->t.size = ivLen;
+ memcpy(ivInOut->t.buffer, EVP_CIPHER_CTX_iv(ctx), ivInOut->t.size);
+ }
Exit:
if (retVal == TPM_RC_SUCCESS && pOut != dOut)
memcpy(dOut, pOut, outlen1 + outlen2);
@@ -636,6 +645,7 @@
BYTE keyToUse[MAX_SYM_KEY_BYTES];
UINT16 keyToUseLen = (UINT16)sizeof(keyToUse);
TPM_RC retVal = TPM_RC_SUCCESS;
+ int ivLen;
// These are used but the compiler can't tell because they are initialized
// in case statements and it can't tell if they are always initialized
@@ -702,11 +712,21 @@
pAssert((int)buffersize >= outlen1);
- if (EVP_DecryptFinal(ctx, &buffer[outlen1], &outlen2) != 1)
+ if ((int)buffersize <= outlen1 /* coverity */ ||
+ EVP_DecryptFinal(ctx, &buffer[outlen1], &outlen2) != 1)
ERROR_RETURN(TPM_RC_FAILURE);
pAssert((int)buffersize >= outlen1 + outlen2);
+ if (ivInOut) {
+ ivLen = EVP_CIPHER_CTX_iv_length(ctx);
+ if (ivLen < 0 || (size_t)ivLen > sizeof(ivInOut->t.buffer))
+ ERROR_RETURN(TPM_RC_FAILURE);
+
+ ivInOut->t.size = ivLen;
+ memcpy(ivInOut->t.buffer, EVP_CIPHER_CTX_iv(ctx), ivInOut->t.size);
+ }
+
Exit:
if (retVal == TPM_RC_SUCCESS) {
pAssert(dSize >= outlen1 + outlen2);
