Script 'mail_helper' called by obssrc
Hello community,

here is the log from the commit of package ibmtss for openSUSE:Factory checked 
in at 2025-03-16 18:57:52
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/ibmtss (Old)
 and      /work/SRC/openSUSE:Factory/.ibmtss.new.19136 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Package is "ibmtss"

Sun Mar 16 18:57:52 2025 rev:24 rq:1252679 version:2.4.1

Changes:
--------
--- /work/SRC/openSUSE:Factory/ibmtss/ibmtss.changes    2024-12-04 
15:26:47.516391773 +0100
+++ /work/SRC/openSUSE:Factory/.ibmtss.new.19136/ibmtss.changes 2025-03-16 
18:58:00.747028201 +0100
@@ -1,0 +2,10 @@
+Tue Feb 25 10:42:23 UTC 2025 - Pedro Monreal <pmonr...@suse.com>
+
+- Update to 2.4.1:
+  * Issue new test EK CA root certificates with a longer validity period.
+  * Remove patches upstream:
+    - tss-Commit-changelog-and-autotools-version-update.patch
+    - utils-Update-.so-version-to-2.4.patch
+    - ibmtss-2.4.0-fix-FTBFS-2026.patch
+
+-------------------------------------------------------------------

Old:
----
  ibmtss-2.4.0-fix-FTBFS-2026.patch
  ibmtss-2.4.0.tar.gz
  tss-Commit-changelog-and-autotools-version-update.patch
  utils-Update-.so-version-to-2.4.patch

New:
----
  ibmtss-2.4.1.tar.gz

BETA DEBUG BEGIN:
  Old:    - utils-Update-.so-version-to-2.4.patch
    - ibmtss-2.4.0-fix-FTBFS-2026.patch
  Old:  * Remove patches upstream:
    - tss-Commit-changelog-and-autotools-version-update.patch
    - utils-Update-.so-version-to-2.4.patch
  Old:    - tss-Commit-changelog-and-autotools-version-update.patch
    - utils-Update-.so-version-to-2.4.patch
    - ibmtss-2.4.0-fix-FTBFS-2026.patch
BETA DEBUG END:

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Other differences:
------------------
++++++ ibmtss.spec ++++++
--- /var/tmp/diff_new_pack.6SKdNK/_old  2025-03-16 18:58:01.363053971 +0100
+++ /var/tmp/diff_new_pack.6SKdNK/_new  2025-03-16 18:58:01.363053971 +0100
@@ -1,7 +1,7 @@
 #
 # spec file for package ibmtss
 #
-# Copyright (c) 2024 SUSE LLC
+# Copyright (c) 2025 SUSE LLC
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@@ -19,9 +19,8 @@
 %define libversion 2
 %define libname libibmtss
 %define libpkgname %{libname}%{libversion}
-
 Name:           ibmtss
-Version:        2.4.0
+Version:        2.4.1
 Release:        0
 Summary:        IBM's TPM 2.0 TSS
 License:        BSD-3-Clause
@@ -30,9 +29,6 @@
 Source:         
https://github.com/kgoldman/ibmtss/archive/refs/tags/v%{version}.tar.gz#/%{name}-%{version}.tar.gz
 Source1:        90-tpm-ibmtss.rules
 Patch1:         
ibmtss-configure.ac-Do-not-disable-optimization-for-debug-b.patch
-Patch2:         tss-Commit-changelog-and-autotools-version-update.patch
-Patch3:         utils-Update-.so-version-to-2.4.patch
-Patch4:         ibmtss-2.4.0-fix-FTBFS-2026.patch
 BuildRequires:  autoconf
 BuildRequires:  automake
 BuildRequires:  ibmswtpm2
@@ -58,8 +54,8 @@
 %package base
 Summary:        IBM's TPM 2.0 TSS shared files
 Group:          Productivity/Security
-BuildArch:      noarch
 Requires(post): user(tss)
+BuildArch:      noarch
 
 %description base
 Includes IBM's TPM 2.0 TSS certificates and policy files.
@@ -104,6 +100,7 @@
 
 %post base
 %_bindir/udevadm trigger -s tpm -s tpmrm || :
+
 %post   -n %{libpkgname} -p /sbin/ldconfig
 %postun -n %{libpkgname} -p /sbin/ldconfig
 

++++++ ibmtss-2.4.0.tar.gz -> ibmtss-2.4.1.tar.gz ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/ibmtss-2.4.0/ChangeLog new/ibmtss-2.4.1/ChangeLog
--- old/ibmtss-2.4.0/ChangeLog  2024-10-14 16:03:03.000000000 +0200
+++ new/ibmtss-2.4.1/ChangeLog  2024-10-28 15:22:32.000000000 +0100
@@ -1,4 +1,22 @@
 ----------------
+Changes in 2.4.1
+----------------
+
+Issue new test EK CA root certificates with a longer validity period.
+
+----------------
+Changes in 2.4.0
+----------------
+
+Add support for SHA-256, SHA-384, and SHA-512 IMA event logs. Add
+local command line support and update the API to support
+attestation. Add known value test to event regression tests. Change
+the -ty switch to -ealg for event log angorithms.
+
+Add support for EK intermediate certificates in the IWG standard
+locations.
+
+----------------
 Changes in 2.3 1
 ----------------
 
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/ibmtss-2.4.0/configure.ac 
new/ibmtss-2.4.1/configure.ac
--- old/ibmtss-2.4.0/configure.ac       2024-10-14 16:03:03.000000000 +0200
+++ new/ibmtss-2.4.1/configure.ac       2024-10-28 15:22:32.000000000 +0100
@@ -3,12 +3,12 @@
 
 # Set package release version"
 # After committing set git tag version.
-AC_INIT(ibmtss, 2.3.1, kg...@linux.ibm.com)
+AC_INIT(ibmtss, 2.4.1, kg...@linux.ibm.com)
 AC_PREREQ([2.63])
 
 # Convert major.minor.micro to libtool versioning (current-revision-age)
 TSSLIB_VER_MAJOR=2
-TSSLIB_VER_MINOR=3
+TSSLIB_VER_MINOR=4
 TSSLIB_VER_MICRO=1
 TSSLIB_VERSION_INFO=`expr $TSSLIB_VER_MAJOR + 
$TSSLIB_VER_MINOR`:$TSSLIB_VER_MICRO:$TSSLIB_VER_MINOR
 AC_SUBST([TSSLIB_VERSION_INFO], [$TSSLIB_VERSION_INFO])
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/ibmtss-2.4.0/tss2.spec new/ibmtss-2.4.1/tss2.spec
--- old/ibmtss-2.4.0/tss2.spec  2024-10-14 16:03:03.000000000 +0200
+++ new/ibmtss-2.4.1/tss2.spec  2024-10-28 15:22:32.000000000 +0100
@@ -7,7 +7,7 @@
 
 Name:           tss2
 # this is the release of the TSS library
-Version:        2.3.2
+Version:        2.4.0
 # this is the release of the fedora package, goes back to 1 when version 
changes
 Release:        1%{?dist}
 Epoch:          1
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/ibmtss-2.4.0/utils/certificates/cacert.pem 
new/ibmtss-2.4.1/utils/certificates/cacert.pem
--- old/ibmtss-2.4.0/utils/certificates/cacert.pem      2024-10-14 
16:03:03.000000000 +0200
+++ new/ibmtss-2.4.1/utils/certificates/cacert.pem      2024-10-28 
15:22:32.000000000 +0100
@@ -1,21 +1,21 @@
 -----BEGIN CERTIFICATE-----
-MIIDbDCCAlKgAwIBAgIJALbpb8xivmmsMA0GCSqGSIb3DQEBBQUAMEsxCzAJBgNV
-BAYTAlVTMQswCQYDVQQIDAJOWTERMA8GA1UEBwwIWW9ya3Rvd24xDDAKBgNVBAoM
-A0lCTTEOMAwGA1UEAwwFRUsgQ0EwHhcNMTYwNTIzMTkwNjExWhcNMjYwMjIwMTkw
-NjExWjBLMQswCQYDVQQGEwJVUzELMAkGA1UECAwCTlkxETAPBgNVBAcMCFlvcmt0
-b3duMQwwCgYDVQQKDANJQk0xDjAMBgNVBAMMBUVLIENBMIIBIzANBgkqhkiG9w0B
-AQEFAAOCARAAMIIBCwKCAQICsUzdWU1yjZNL5QeJU/emaKBbOuHvZqdCvApjGM+T
-31XO1s52BkxRtOjULxd+xiK0xogdxDwwsnh/o/YR9zmj7aDVFz068WCEBvjKkClf
-KOk+1VpdAFzni+NNYMNESNul3ZWwEzpfBmghI7zJQrUBh1rn27PC9OtfTFhONzRT
-XPq5K2vScvU3Wz0papT4+hEmsd8YyhMYJr00cjV2bDzphZ7wg9YNNpUMJZ4yipYy
-4XLG+HVPb9DyERFQNpDooA/ZhCZVT8auDbdSvYyrO9q+Uxz30UeqXK3YnDCyk00k
-JCBWmf3TobjWMKwZO3gUIRMrBuJ7UsEtkkh8+jLaJ7Qcl68CAwEAAaNQME4wHQYD
-VR0OBBYEFMSPNuKcE6FeRlRc+DKJeakTyaDpMB8GA1UdIwQYMBaAFMSPNuKcE6Fe
-RlRc+DKJeakTyaDpMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADggEDAAFr
-xBCzqiAkYNofYGNidpGrkiP2T3xj/hUx57HjVVoWNlVDBGsxbnoB+WlBqzApJLZC
-/XZs/zuvS4bnMiSUEw2v8v3/sAqkzMJN7VOg0US1etNjPSrlBmSeun/6HX0C+5M2
-wQ836P6Y49PePvJO6zGdxJ9SlZ8jKNgtQgQKyUSViSEj0N09CndQJMnOPYIYhc+T
-/9/HPaNMymHu7Hep0/NgASoLnm8LzP+nzmR286L4DeZ47hKBHMbnTeNNlodEjh92
-AyI4yaGKjujRjPokTHWUWjFt6t1VXn1cc6Sdpj2YVeFCjkjB9NmDV+Msv9h4UAqy
-K0wEax/1fsWqDeoom5I1NA==
+MIIDejCCAmCgAwIBAgIUVOe6TM3djGkrJ/G+ttuqcW2o/ccwDQYJKoZIhvcNAQEL
+BQAwSzELMAkGA1UEBhMCVVMxCzAJBgNVBAgMAk5ZMREwDwYDVQQHDAhZb3JrdG93
+bjEMMAoGA1UECgwDSUJNMQ4wDAYDVQQDDAVFSyBDQTAeFw0yNDEwMjIwNDAwNDJa
+Fw00NDEwMTcwNDAwNDJaMEsxCzAJBgNVBAYTAlVTMQswCQYDVQQIDAJOWTERMA8G
+A1UEBwwIWW9ya3Rvd24xDDAKBgNVBAoMA0lCTTEOMAwGA1UEAwwFRUsgQ0EwggEj
+MA0GCSqGSIb3DQEBAQUAA4IBEAAwggELAoIBAgKxTN1ZTXKNk0vlB4lT96ZooFs6
+4e9mp0K8CmMYz5PfVc7WznYGTFG06NQvF37GIrTGiB3EPDCyeH+j9hH3OaPtoNUX
+PTrxYIQG+MqQKV8o6T7VWl0AXOeL401gw0RI26XdlbATOl8GaCEjvMlCtQGHWufb
+s8L0619MWE43NFNc+rkra9Jy9TdbPSlqlPj6ESax3xjKExgmvTRyNXZsPOmFnvCD
+1g02lQwlnjKKljLhcsb4dU9v0PIREVA2kOigD9mEJlVPxq4Nt1K9jKs72r5THPfR
+R6pcrdicMLKTTSQkIFaZ/dOhuNYwrBk7eBQhEysG4ntSwS2SSHz6MtontByXrwID
+AQABo1MwUTAdBgNVHQ4EFgQUxI824pwToV5GVFz4Mol5qRPJoOkwHwYDVR0jBBgw
+FoAUxI824pwToV5GVFz4Mol5qRPJoOkwDwYDVR0TAQH/BAUwAwEB/zANBgkqhkiG
+9w0BAQsFAAOCAQMAADawHyUjkBDBEjf9ITGSbdWhhPFAZ5R1YNxVY7gERFNIqm2/
+K2C0Dj8L3eYr7dyGSafQfOaMZRHaDDx/LiIrrrGGfcDMoBLdCPNNp04etRIe6w+y
+pSM3ebJm2RW415L8YrirXVO+cUEWvLZcotvszLgE4hzt+mFosmIy5U3/MQU7RyiW
+LS066Nw2IXyisb2kKiwEqw+iC4eWvj6DWnjgHqZJ6/0zuV9RjJXDFEq5YvV6E13I
+2OnvDaoq9FRadXHJmqdlSbpzuLMY4JOftXOTps1kfejMun303HUfzf7+LiA1bOf4
+UGt6LgzbOG72WRDQMKlhXNZcthNWtqU8ZCD0KQgP
 -----END CERTIFICATE-----
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/ibmtss-2.4.0/utils/certificates/cacertecc.pem 
new/ibmtss-2.4.1/utils/certificates/cacertecc.pem
--- old/ibmtss-2.4.0/utils/certificates/cacertecc.pem   2024-10-14 
16:03:03.000000000 +0200
+++ new/ibmtss-2.4.1/utils/certificates/cacertecc.pem   2024-10-28 
15:22:32.000000000 +0100
@@ -1,13 +1,13 @@
 -----BEGIN CERTIFICATE-----
-MIIB4zCCAYmgAwIBAgIJALX8+MVL3dXPMAoGCCqGSM49BAMCME4xCzAJBgNVBAYT
-AlVTMQswCQYDVQQIDAJOWTERMA8GA1UEBwwIWW9ya3Rvd24xDDAKBgNVBAoMA0lC
-TTERMA8GA1UEAwwIRUsgRUMgQ0EwHhcNMTcwMTEzMjAzOTE2WhcNMjcwMTExMjAz
-OTE2WjBOMQswCQYDVQQGEwJVUzELMAkGA1UECAwCTlkxETAPBgNVBAcMCFlvcmt0
-b3duMQwwCgYDVQQKDANJQk0xETAPBgNVBAMMCEVLIEVDIENBMFkwEwYHKoZIzj0C
-AQYIKoZIzj0DAQcDQgAEahnfxuCQ+NsMcDIe8GZxIiFSX65CXICk6zc3NLRPbPvq
-ToRdIanaP14TT6eu76FkNDzbtsY6PSMgVNTeAAnfGqNQME4wHQYDVR0OBBYEFAFk
-p5Lu8Z+laxVYak8/WHhLsG+lMB8GA1UdIwQYMBaAFAFkp5Lu8Z+laxVYak8/WHhL
-sG+lMAwGA1UdEwQFMAMBAf8wCgYIKoZIzj0EAwIDSAAwRQIgQ9GClH24Y9NPpKdh
-3HTwudrjYPYyjK8o5HQ9c8Xc9ecCIQD0NgIj1iUvkEzgNoXS7UP1RD0MpKdzywqM
-5RyP15ckRA==
+MIIB8TCCAZegAwIBAgIUNMOdoYR8km3U06frlHaKH3I94pIwCgYIKoZIzj0EAwIw
+TjELMAkGA1UEBhMCVVMxCzAJBgNVBAgMAk5ZMREwDwYDVQQHDAhZb3JrdG93bjEM
+MAoGA1UECgwDSUJNMREwDwYDVQQDDAhFSyBFQyBDQTAeFw0yNDEwMjMxNTAwMjFa
+Fw00NDEwMTgxNTAwMjFaME4xCzAJBgNVBAYTAlVTMQswCQYDVQQIDAJOWTERMA8G
+A1UEBwwIWW9ya3Rvd24xDDAKBgNVBAoMA0lCTTERMA8GA1UEAwwIRUsgRUMgQ0Ew
+WTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAARqGd/G4JD42wxwMh7wZnEiIVJfrkJc
+gKTrNzc0tE9s++pOhF0hqdo/XhNPp67voWQ0PNu2xjo9IyBU1N4ACd8ao1MwUTAd
+BgNVHQ4EFgQUAWSnku7xn6VrFVhqTz9YeEuwb6UwHwYDVR0jBBgwFoAUAWSnku7x
+n6VrFVhqTz9YeEuwb6UwDwYDVR0TAQH/BAUwAwEB/zAKBggqhkjOPQQDAgNIADBF
+AiEAhLQDUXzw9zBXSgAM1PHdhKT9AcVN6DIOpZhniHwXnnQCIAM5Uzc7DrUpuWUM
+aXcP5Jnwafl78umJOocN/R72zWqt
 -----END CERTIFICATE-----
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/ibmtss-2.4.0/utils/ekutils.c 
new/ibmtss-2.4.1/utils/ekutils.c
--- old/ibmtss-2.4.0/utils/ekutils.c    2024-10-14 16:03:03.000000000 +0200
+++ new/ibmtss-2.4.1/utils/ekutils.c    2024-10-28 15:22:32.000000000 +0100
@@ -934,7 +934,7 @@
        if (irc != 1) {
            printf("verifyCertificateI: "
                   "Error in X509_STORE_CTX_init initializing verify 
context\n");
-           rc = TSS_RC_RSA_SIGNATURE;
+           rc = TSS_RC_X509_ERROR;
        }
     }
     /* walk the certificate chain */
@@ -942,7 +942,7 @@
        int irc = X509_verify_cert(verifyCtx);
        if (irc != 1) {
            printf("verifyCertificateI: Error in X509_verify_cert verifying 
certificate\n");
-           rc = TSS_RC_RSA_SIGNATURE;
+           rc = TSS_RC_X509_ERROR;
        }
        else {
            if (print) printf("EK certificate verified against the root\n");
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/ibmtss-2.4.0/utils/ibmtss/tsserror.h 
new/ibmtss-2.4.1/utils/ibmtss/tsserror.h
--- old/ibmtss-2.4.0/utils/ibmtss/tsserror.h    2024-10-14 16:03:03.000000000 
+0200
+++ new/ibmtss-2.4.1/utils/ibmtss/tsserror.h    2024-10-28 15:22:32.000000000 
+0100
@@ -4,7 +4,7 @@
 /*                          Written by Ken Goldman                             
*/
 /*                    IBM Thomas J. Watson Research Center                     
*/
 /*                                                                             
*/
-/* (c) Copyright IBM Corporation 2015 - 2019.                                  
*/
+/* (c) Copyright IBM Corporation 2015 - 2024.                                  
*/
 /*                                                                             
*/
 /* All rights reserved.                                                        
        */
 /*                                                                             
*/
@@ -100,7 +100,7 @@
 #define TSS_RC_EC_SIGNATURE            0x000b007b      /* EC signature is bad 
*/
 #define TSS_RC_EC_KEY_CONVERT          0x000b007c      /* EC key conversion 
failed */
 #define TSS_RC_BAD_SIGNATURE_ALGORITHM 0x000b007d      /* Unimplemented 
signature algorithm */
-#define TSS_RC_X509_ERROR              0x000b007e      /* X509 parse error */
+#define TSS_RC_X509_ERROR              0x000b007e      /* X509 parse or verify 
error */
 #define TSS_RC_PEM_ERROR               0x000b007f      /* PEM parse error */
 #define TSS_RC_COMMAND_UNIMPLEMENTED   0x000b0080      /* Unimplemented 
command */
 #define TSS_RC_IN_PARAMETER            0x000b0081      /* Bad in parameter to 
TSS_Execute */
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/ibmtss-2.4.0/utils/makefile.nofile 
new/ibmtss-2.4.1/utils/makefile.nofile
--- old/ibmtss-2.4.0/utils/makefile.nofile      2024-10-14 16:03:03.000000000 
+0200
+++ new/ibmtss-2.4.1/utils/makefile.nofile      2024-10-28 15:22:32.000000000 
+0100
@@ -90,7 +90,7 @@
 LNALIBS +=  -libmtssutils -libmtssmin
 
 # versioned shared library
-LIBTSSVERSIONED=libibmtssmin.so.2.1
+LIBTSSVERSIONED=libibmtssmin.so.2.4
 
 # soname field of the shared library
 # which will be made symbolic link to the versioned shared library
@@ -109,7 +109,7 @@
 
 # TSS utilities shared library
 
-LIBTSSUTILSVERSIONED=libibmtssutils.so.2.1
+LIBTSSUTILSVERSIONED=libibmtssutils.so.2.4
 LIBTSSUTILSSONAME=libibmtssutils.so.2
 LIBTSSUTILS=libibmtssutils.so
 
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/ibmtss-2.4.0/utils/makefiletpm12 
new/ibmtss-2.4.1/utils/makefiletpm12
--- old/ibmtss-2.4.0/utils/makefiletpm12        2024-10-14 16:03:03.000000000 
+0200
+++ new/ibmtss-2.4.1/utils/makefiletpm12        2024-10-28 15:22:32.000000000 
+0100
@@ -103,7 +103,7 @@
 # shared library
 
 # versioned shared library
-LIBTSSVERSIONED=libibmtss.so.2.1
+LIBTSSVERSIONED=libibmtss.so.2.4
 
 # soname field of the shared library
 # which will be made symbolic link to the versioned shared library
@@ -122,7 +122,7 @@
 
 # TSS utilities shared library
 
-LIBTSSUTILSVERSIONED=libibmtssutils.so.2.1
+LIBTSSUTILSVERSIONED=libibmtssutils.so.2.4
 LIBTSSUTILSSONAME=libibmtssutils.so.2
 LIBTSSUTILS=libibmtssutils.so
 
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/ibmtss-2.4.0/utils/makefiletpm20 
new/ibmtss-2.4.1/utils/makefiletpm20
--- old/ibmtss-2.4.0/utils/makefiletpm20        2024-10-14 16:03:03.000000000 
+0200
+++ new/ibmtss-2.4.1/utils/makefiletpm20        2024-10-28 15:22:32.000000000 
+0100
@@ -140,7 +140,7 @@
 # shared library
 
 # versioned shared library
-LIBTSSVERSIONED=libibmtss.so.2.3
+LIBTSSVERSIONED=libibmtss.so.2.4
 
 # soname field of the shared library
 # which will be made symbolic link to the versioned shared library
@@ -159,7 +159,7 @@
 
 # TSS utilities shared library
 
-LIBTSSUTILSVERSIONED=libibmtssutils.so.2.3
+LIBTSSUTILSVERSIONED=libibmtssutils.so.2.4
 LIBTSSUTILSSONAME=libibmtssutils.so.2
 LIBTSSUTILS=libibmtssutils.so
 
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/ibmtss-2.4.0/utils/makefiletpmc 
new/ibmtss-2.4.1/utils/makefiletpmc
--- old/ibmtss-2.4.0/utils/makefiletpmc 2024-10-14 16:03:03.000000000 +0200
+++ new/ibmtss-2.4.1/utils/makefiletpmc 2024-10-28 15:22:32.000000000 +0100
@@ -108,7 +108,7 @@
 # shared library
 
 # versioned shared library
-LIBTSSVERSIONED=libibmtss.so.2.3
+LIBTSSVERSIONED=libibmtss.so.2.4
 
 # soname field of the shared library
 # which will be made symbolic link to the versioned shared library
@@ -127,7 +127,7 @@
 
 # TSS utilities shared library
 
-LIBTSSUTILSVERSIONED=libibmtssutils.so.2.3
+LIBTSSUTILSVERSIONED=libibmtssutils.so.2.4
 LIBTSSUTILSSONAME=libibmtssutils.so.2
 LIBTSSUTILS=libibmtssutils.so
 
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/ibmtss-2.4.0/utils/regtests/testcredential.sh 
new/ibmtss-2.4.1/utils/regtests/testcredential.sh
--- old/ibmtss-2.4.0/utils/regtests/testcredential.sh   2024-10-14 
16:03:03.000000000 +0200
+++ new/ibmtss-2.4.1/utils/regtests/testcredential.sh   2024-10-28 
15:22:32.000000000 +0100
@@ -7,7 +7,7 @@
 #                           Written by Ken Goldman                             
#
 #                     IBM Thomas J. Watson Research Center                     
#
 #                                                                              
#
-# (c) Copyright IBM Corporation 2015 - 2022                                    
#
+# (c) Copyright IBM Corporation 2015 - 2024                                    
#
 #                                                                              
#
 # All rights reserved.                                                         
#
 #                                                                              
#
@@ -100,6 +100,27 @@
 # It is not useful when the entire regression test runs, because a
 # later test generates a new EPS (endorsement primary seed), which
 # invalidates the EK and thus the certificate.
+#
+# The below notes are only for the regression test and for the TSS or
+# command line utilities.
+#
+# The EK certificate tests depend on a test EK CA. The self signed
+# root certificates for RSA and ECC were are created using openssl.
+#
+# openssl req -new -x509 -days 7300 -sha256 -pkeyopt rsa_keygen_bits:3072 -key 
cakey.pem    -out certificates/cacert.pem    -passin pass:rrrr
+# openssl req -new -x509 -days 7300 -sha256                               -key 
cakeyecc.pem -out certificates/cacertecc.pem -passin pass:rrrr
+#
+# They can be viewed using:
+#
+# openssl x509 -text -in certificates/cacert.pem -noout
+# openssl x509 -text -in certificates/cacertecc.pem -noout
+#
+# The regression tests require these hard coded Issuer/Subject
+# parameters for RSA and ECC:
+#
+# Issuer: C=US, ST=NY, L=Yorktown, O=IBM, CN=EK CA
+# Issuer: C=US, ST=NY, L=Yorktown, O=IBM, CN=EK EC CA
+
 
 # optional NV index for Policy C
 NVIDX=(01c07f01 01c07f02 01c07f03)
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/ibmtss-2.4.0/utils/tssresponsecode.c 
new/ibmtss-2.4.1/utils/tssresponsecode.c
--- old/ibmtss-2.4.0/utils/tssresponsecode.c    2024-10-14 16:03:03.000000000 
+0200
+++ new/ibmtss-2.4.1/utils/tssresponsecode.c    2024-10-28 15:22:32.000000000 
+0100
@@ -4,7 +4,7 @@
 /*                          Written by Ken Goldman                             
*/
 /*                    IBM Thomas J. Watson Research Center                     
*/
 /*                                                                             
*/
-/* (c) Copyright IBM Corporation 2015 - 2019.                                  
*/
+/* (c) Copyright IBM Corporation 2015 - 2024.                                  
*/
 /*                                                                             
*/
 /* All rights reserved.                                                        
        */
 /*                                                                             
*/
@@ -377,7 +377,7 @@
     {TSS_RC_RSA_SIGNATURE, "TSS_RC_RSA_SIGNATURE - RSA signature is bad"},
     {TSS_RC_EC_SIGNATURE, "TSS_RC_EC_SIGNATURE - EC signature is bad"},
     {TSS_RC_EC_KEY_CONVERT, "TSS_RC_EC_KEY_CONVERT - EC key conversion 
failed"},
-    {TSS_RC_X509_ERROR, "TSS_RC_X509_ERROR - X509 parse error"},
+    {TSS_RC_X509_ERROR, "TSS_RC_X509_ERROR - X509 parse or verify error"},
     {TSS_RC_PEM_ERROR, "TSS_RC_PEM_ERROR - PEM parse error"},
     {TSS_RC_BAD_SIGNATURE_ALGORITHM, "TSS_RC_BAD_SIGNATURE_ALGORITHM - 
Unimplemented signature algorithm"},
     {TSS_RC_COMMAND_UNIMPLEMENTED, "TSS_RC_COMMAND_UNIMPLEMENTED - 
Unimplemented command"},

Reply via email to