Hello community,

here is the log from the commit of package tpm-quote-tools for openSUSE:Factory 
checked in at 2017-11-03 16:27:57
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/tpm-quote-tools (Old)
 and      /work/SRC/openSUSE:Factory/.tpm-quote-tools.new (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Package is "tpm-quote-tools"

Fri Nov  3 16:27:57 2017 rev:2 rq:538363 version:1.0.4

Changes:
--------
--- /work/SRC/openSUSE:Factory/tpm-quote-tools/tpm-quote-tools.changes  
2017-06-29 15:04:27.107507210 +0200
+++ /work/SRC/openSUSE:Factory/.tpm-quote-tools.new/tpm-quote-tools.changes     
2017-11-03 16:29:11.562727600 +0100
@@ -1,0 +2,7 @@
+Thu Nov  2 13:02:24 UTC 2017 - matthias.gerst...@suse.com
+
+- update to upstream version 1.0.4:
+       - this version fixes an issue with 'mkaik' when an SRK secret was
+         required. 'mkaik' always used the well-known secret as SRK.
+
+-------------------------------------------------------------------

Old:
----
  tpm-quote-tools-1.0.3.tar.gz

New:
----
  tpm-quote-tools-1.0.4.tar.gz

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Other differences:
------------------
++++++ tpm-quote-tools.spec ++++++
--- /var/tmp/diff_new_pack.LQTfwT/_old  2017-11-03 16:29:12.166705618 +0100
+++ /var/tmp/diff_new_pack.LQTfwT/_new  2017-11-03 16:29:12.166705618 +0100
@@ -1,5 +1,5 @@
 #
-# spec file for package tpm-tools
+# spec file for package tpm-quote-tools
 #
 # Copyright (c) 2017 SUSE LINUX GmbH, Nuernberg, Germany.
 #
@@ -17,7 +17,7 @@
 
 
 Name:           tpm-quote-tools
-Version:        1.0.3
+Version:        1.0.4
 Release:        0
 Summary:        Trusted Platform Module (TPM) remote attestation tools
 License:        BSD-3-Clause

++++++ tpm-quote-tools-1.0.3.tar.gz -> tpm-quote-tools-1.0.4.tar.gz ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/tpm-quote-tools-1.0.3/ChangeLog 
new/tpm-quote-tools-1.0.4/ChangeLog
--- old/tpm-quote-tools-1.0.3/ChangeLog 2017-01-18 18:10:09.000000000 +0100
+++ new/tpm-quote-tools-1.0.4/ChangeLog 2017-05-26 15:25:17.000000000 +0200
@@ -1,3 +1,12 @@
+2017-05-26  Matthias Gerstner <matthias.gerst...@suse.de>
+
+       * tpm_mkaik.c (setSecret): Fixed tpm_mkaik when SRK password is in
+       effect. The code before only set a TPM secret, the SRK secret was
+       always set to the well known one. This then failed with error code
+       0x1 "authentication failed".
+
+       * configure.ac: Tagged as 1.0.4.
+
 2017-01-18  John D. Ramsdell  <ramsd...@mitre.org>
 
        * *.8: For each manual page, added a description of the documented
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/tpm-quote-tools-1.0.3/configure 
new/tpm-quote-tools-1.0.4/configure
--- old/tpm-quote-tools-1.0.3/configure 2017-01-18 18:10:55.000000000 +0100
+++ new/tpm-quote-tools-1.0.4/configure 2017-05-26 15:26:05.000000000 +0200
@@ -1,6 +1,6 @@
 #! /bin/sh
 # Guess values for system-dependent variables and create Makefiles.
-# Generated by GNU Autoconf 2.69 for TPM Quote Tools 1.0.3.
+# Generated by GNU Autoconf 2.69 for TPM Quote Tools 1.0.4.
 #
 #
 # Copyright (C) 1992-1996, 1998-2012 Free Software Foundation, Inc.
@@ -577,8 +577,8 @@
 # Identity of this package.
 PACKAGE_NAME='TPM Quote Tools'
 PACKAGE_TARNAME='tpm-quote-tools'
-PACKAGE_VERSION='1.0.3'
-PACKAGE_STRING='TPM Quote Tools 1.0.3'
+PACKAGE_VERSION='1.0.4'
+PACKAGE_STRING='TPM Quote Tools 1.0.4'
 PACKAGE_BUGREPORT=''
 PACKAGE_URL=''
 
@@ -1273,7 +1273,7 @@
   # Omit some internal or obsolete options to make the list less imposing.
   # This message is too long to be a string in the A/UX 3.1 sh.
   cat <<_ACEOF
-\`configure' configures TPM Quote Tools 1.0.3 to adapt to many kinds of 
systems.
+\`configure' configures TPM Quote Tools 1.0.4 to adapt to many kinds of 
systems.
 
 Usage: $0 [OPTION]... [VAR=VALUE]...
 
@@ -1343,7 +1343,7 @@
 
 if test -n "$ac_init_help"; then
   case $ac_init_help in
-     short | recursive ) echo "Configuration of TPM Quote Tools 1.0.3:";;
+     short | recursive ) echo "Configuration of TPM Quote Tools 1.0.4:";;
    esac
   cat <<\_ACEOF
 
@@ -1439,7 +1439,7 @@
 test -n "$ac_init_help" && exit $ac_status
 if $ac_init_version; then
   cat <<\_ACEOF
-TPM Quote Tools configure 1.0.3
+TPM Quote Tools configure 1.0.4
 generated by GNU Autoconf 2.69
 
 Copyright (C) 2012 Free Software Foundation, Inc.
@@ -1737,7 +1737,7 @@
 This file contains any messages produced by compilers while
 running configure, to aid debugging if configure makes a mistake.
 
-It was created by TPM Quote Tools $as_me 1.0.3, which was
+It was created by TPM Quote Tools $as_me 1.0.4, which was
 generated by GNU Autoconf 2.69.  Invocation command line was
 
   $ $0 $@
@@ -2603,7 +2603,7 @@
 
 # Define the identity of the package.
  PACKAGE='tpm-quote-tools'
- VERSION='1.0.3'
+ VERSION='1.0.4'
 
 
 cat >>confdefs.h <<_ACEOF
@@ -5310,7 +5310,7 @@
 # report actual input values of CONFIG_FILES etc. instead of their
 # values after options handling.
 ac_log="
-This file was extended by TPM Quote Tools $as_me 1.0.3, which was
+This file was extended by TPM Quote Tools $as_me 1.0.4, which was
 generated by GNU Autoconf 2.69.  Invocation command line was
 
   CONFIG_FILES    = $CONFIG_FILES
@@ -5376,7 +5376,7 @@
 cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1
 ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; 
s/[\\""\`\$]/\\\\&/g'`"
 ac_cs_version="\\
-TPM Quote Tools config.status 1.0.3
+TPM Quote Tools config.status 1.0.4
 configured by $0, generated by GNU Autoconf 2.69,
   with options \\"\$ac_cs_config\\"
 
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/tpm-quote-tools-1.0.3/configure.ac 
new/tpm-quote-tools-1.0.4/configure.ac
--- old/tpm-quote-tools-1.0.3/configure.ac      2017-01-18 18:10:09.000000000 
+0100
+++ new/tpm-quote-tools-1.0.4/configure.ac      2017-05-26 15:25:17.000000000 
+0200
@@ -1,4 +1,4 @@
-AC_INIT(TPM Quote Tools, 1.0.3,, tpm-quote-tools)
+AC_INIT(TPM Quote Tools, 1.0.4,, tpm-quote-tools)
 
 AC_CONFIG_SRCDIR(tpm_mkaik.c)
 
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/tpm-quote-tools-1.0.3/tpm-quote-tools.spec.in 
new/tpm-quote-tools-1.0.4/tpm-quote-tools.spec.in
--- old/tpm-quote-tools-1.0.3/tpm-quote-tools.spec.in   2017-01-18 
18:10:09.000000000 +0100
+++ new/tpm-quote-tools-1.0.4/tpm-quote-tools.spec.in   2017-05-26 
15:25:17.000000000 +0200
@@ -37,6 +37,9 @@
 %{_mandir}/man8/*
 
 %changelog
+* Fri May 26 2017 Matthias Gerstner <matthias.gerst...@suse.de> - 1.0.4-1
+- Fixed tpm_mkaik when SRK password is in effect.
+
 * Wed Jan 18 2017 John D. Ramsdell <ramsd...@mitre.org> - 1.0.3-1
 - Added program descriptions to NAME sections in manual pages
 
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/tpm-quote-tools-1.0.3/tpm_mkaik.c 
new/tpm-quote-tools-1.0.4/tpm_mkaik.c
--- old/tpm-quote-tools-1.0.3/tpm_mkaik.c       2017-01-18 18:10:09.000000000 
+0100
+++ new/tpm-quote-tools-1.0.4/tpm_mkaik.c       2017-05-26 15:25:17.000000000 
+0200
@@ -53,6 +53,50 @@
 }
 #endif
 
+static int setSecret(const char *label, TSS_HCONTEXT hContext, TSS_HPOLICY 
hPolicy, int well_known, int utf16le)
+{
+       if( well_known )
+       {
+               BYTE wks[] = TSS_WELL_KNOWN_SECRET;
+               return Tspi_Policy_SetSecret(
+                       hPolicy,
+                       TSS_SECRET_MODE_SHA1,
+                       sizeof wks,
+                       wks
+               );
+       }
+
+#if defined USE_OPENSSL_UI
+       int bufSize = UI_MAX_SECRET_STRING_LENGTH;
+       char buf[bufSize];
+       if (getpasswd(label, buf, bufSize) < 0)
+               return tidy(hContext, tss_err(TSS_E_FAIL, "getting owner 
password"));
+#      if defined HAVE_ICONV_H
+       if (utf16le) {
+               char *passwd = toutf16le(buf);
+               if (!passwd)
+                       return tidy(
+                               hContext,
+                               tss_err(TSS_E_FAIL, "converting password to 
UTF16LE")
+                       );
+               size_t passwdLen = utf16lelen(passwd);
+               return Tspi_Policy_SetSecret(hPolicy, TSS_SECRET_MODE_PLAIN,
+                               passwdLen, (BYTE *)passwd);
+               free(passwd);
+       }
+       else
+               return Tspi_Policy_SetSecret(hPolicy, TSS_SECRET_MODE_PLAIN,
+                               strlen(buf), (BYTE *)buf);
+#      else // ICONV
+       return Tspi_Policy_SetSecret(hPolicy, TSS_SECRET_MODE_PLAIN,
+                       strlen(buf), (BYTE *)buf);
+#      endif // ICONV
+       memset(buf, 0, bufSize);
+#else // USE_OPENSSL_UI
+       return Tspi_Policy_SetSecret(hPolicy, TSS_SECRET_MODE_POPUP, 0, NULL);
+#endif
+}
+
 static int usage(const char *prog)
 {
   const char text[] =
@@ -129,9 +173,7 @@
   if (rc != TSS_SUCCESS)
     return tidy(hContext, tss_err(rc, "getting SRK policy"));
 
-  BYTE srkSecret[] = TSS_WELL_KNOWN_SECRET;
-  rc = Tspi_Policy_SetSecret(hSrkPolicy, TSS_SECRET_MODE_SHA1,
-                            sizeof srkSecret, srkSecret);
+  rc = setSecret("Enter SRK password: ", hContext, hSrkPolicy, well_known, 
utf16le);
   if (rc != TSS_SUCCESS)
     return tidy(hContext, tss_err(rc, "setting SRK secret"));
 
@@ -151,39 +193,7 @@
   if (rc != TSS_SUCCESS)
     return tidy(hContext, tss_err(rc, "assigning TPM policy"));
 
-  if (well_known)
-    rc = Tspi_Policy_SetSecret(hTPMPolicy, TSS_SECRET_MODE_SHA1,
-                              sizeof srkSecret, srkSecret);
-  else
-#if defined USE_OPENSSL_UI
-    {
-      int bufSize = UI_MAX_SECRET_STRING_LENGTH;
-      char buf[bufSize];
-      if (getpasswd("Enter owner password: ", buf, bufSize) < 0)
-       return tidy(hContext, tss_err(TSS_E_FAIL, "getting owner password"));
-#if defined HAVE_ICONV_H
-      if (utf16le) {
-       char *passwd = toutf16le(buf);
-       if (!passwd)
-         return tidy(hContext, 
-                     tss_err(TSS_E_FAIL, "converting password to UTF16LE"));
-       size_t passwdLen = utf16lelen(passwd);
-       rc = Tspi_Policy_SetSecret(hTPMPolicy, TSS_SECRET_MODE_PLAIN,
-                                  passwdLen, (BYTE *)passwd);
-       free(passwd);
-      }
-      else
-       rc = Tspi_Policy_SetSecret(hTPMPolicy, TSS_SECRET_MODE_PLAIN,
-                                  strlen(buf), (BYTE *)buf);
-#else
-      rc = Tspi_Policy_SetSecret(hTPMPolicy, TSS_SECRET_MODE_PLAIN,
-                                strlen(buf), (BYTE *)buf);
-#endif
-      memset(buf, 0, bufSize);
-    }
-#else
-    rc = Tspi_Policy_SetSecret(hTPMPolicy, TSS_SECRET_MODE_POPUP, 0, NULL);
-#endif
+  rc = setSecret("Enter owner password: ", hContext, hTPMPolicy, well_known, 
utf16le);
   if (rc != TSS_SUCCESS)
     return tidy(hContext, tss_err(rc, "setting TPM policy secret"));
 


Reply via email to