Hello community, here is the log from the commit of package libtpms for openSUSE:Factory checked in at 2020-07-24 10:05:23 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/libtpms (Old) and /work/SRC/openSUSE:Factory/.libtpms.new.3592 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "libtpms" Fri Jul 24 10:05:23 2020 rev:7 rq:822328 version:0.7.3 Changes: -------- --- /work/SRC/openSUSE:Factory/libtpms/libtpms.changes 2019-09-09 23:58:16.225228545 +0200 +++ /work/SRC/openSUSE:Factory/.libtpms.new.3592/libtpms.changes 2020-07-24 10:07:02.157997674 +0200 @@ -1,0 +2,30 @@ +Thu Jul 23 05:01:12 UTC 2020 - Kai Liu <kai....@suse.com> + +- Update to version 0.7.3 + * Fixed the set of PCRs belonging to the TCB group. This affects + the pcrUpdateCounter in TPM2_Pcrread() responses, thus needs + latest `swtpm` (master, stable branches) for test cases to + succeed there. + +- Changes since version 0.7.2 + * Fix output buffer parameter and size for RSA decryption that + could cause stack corruption under certain circumstances + * Set the RSA PSS salt length to the digest length rathern than + max. possible + * Fixes to symmetric decrytion related to input size check, defer + padding to the user [EVP_CIPHER_CTX_set_padding(ctx, 0)] and to + always use a temporary malloc'ed buffer for decryption + +- Changes since version 0.7.1 + * tpm2: Fix TDES key creation by adding missing un-/marshalling + functions + * tpm2: Fix a bug in CheckAuthSession + * compilation fixes for TPM 1.2 & TPM 2 and various architectures + and gcc versions + * Fix support for NIST curves P{192,224,521} and SM2 P256 and + BNP648 that would not work; + * Runtime filter elliptic curves (that OpenSSL does not support) + and do not advertise those curves as capabilities + * Removed unnecessary space in MANUFACTURER "IBM " -> "IBM" + +------------------------------------------------------------------- Old: ---- v0.7.0.tar.gz New: ---- v0.7.3.tar.gz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ libtpms.spec ++++++ --- /var/tmp/diff_new_pack.uxV92F/_old 2020-07-24 10:07:04.013999090 +0200 +++ /var/tmp/diff_new_pack.uxV92F/_new 2020-07-24 10:07:04.017999094 +0200 @@ -1,7 +1,7 @@ # # spec file for package libtpms # -# Copyright (c) 2019 SUSE LINUX GmbH, Nuernberg, Germany. +# Copyright (c) 2020 SUSE LLC # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -18,12 +18,12 @@ %define lname libtpms0 Name: libtpms -Version: 0.7.0 +Version: 0.7.3 Release: 0 Summary: Library providing Trusted Platform Module (TPM) functionality License: BSD-3-Clause Group: Development/Libraries/C and C++ -Url: https://github.com/stefanberger/libtpms +URL: https://github.com/stefanberger/libtpms Source0: https://github.com/stefanberger/libtpms/archive/v%{version}.tar.gz BuildRequires: autoconf BuildRequires: automake ++++++ v0.7.0.tar.gz -> v0.7.3.tar.gz ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libtpms-0.7.0/CHANGES new/libtpms-0.7.3/CHANGES --- old/libtpms-0.7.0/CHANGES 2019-07-19 18:27:37.000000000 +0200 +++ new/libtpms-0.7.3/CHANGES 2020-07-09 20:26:39.000000000 +0200 @@ -1,5 +1,29 @@ CHANGES - changes for libtpms +version 0.7.3 + - Fixed the set of PCRs belonging to the TCB group. This affects the + pcrUpdateCounter in TPM2_Pcrread() responses, thus needs latest `swtpm` + (master, stable branches) for test cases to succeed there. + +version 0.7.2 + - Fix output buffer parameter and size for RSA decryption that could cause + stack corruption under certain circumstances + - Set the RSA PSS salt length to the digest length rathern than max. possible + - Fixes to symmetric decrytion related to input size check, + defer padding to the user [EVP_CIPHER_CTX_set_padding(ctx, 0)] and + to always use a temporary malloc'ed buffer for decryption + +version 0.7.1 + - tpm2: Fix TDES key creation by adding missing un-/marshalling functions + - tpm2: Fix a bug in CheckAuthSession + - compilation fixes for TPM 1.2 & TPM 2 and various architectures and + gcc versions + - Fix support for NIST curves P{192,224,521} and SM2 P256 and BN P648 + that would not work; + - Runtime filter elliptic curves (that OpenSSL does not support) and do + not advertise those curves as capabilities + - Removed unnecessary space in MANUFACTURER "IBM " -> "IBM" + version 0.7.0 - use OpenSSL crypto for AES, TDES, EC, and RSA operations when possible diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libtpms-0.7.0/configure.ac new/libtpms-0.7.3/configure.ac --- old/libtpms-0.7.0/configure.ac 2019-07-19 18:27:37.000000000 +0200 +++ new/libtpms-0.7.3/configure.ac 2020-07-09 20:26:39.000000000 +0200 @@ -3,7 +3,7 @@ # # See the LICENSE file for the license associated with this file. -AC_INIT([libtpms], [0.7.0]) +AC_INIT([libtpms], [0.7.3]) AC_PREREQ(2.12) AC_CONFIG_SRCDIR(Makefile.am) AC_CONFIG_AUX_DIR([.]) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libtpms-0.7.0/debian/changelog new/libtpms-0.7.3/debian/changelog --- old/libtpms-0.7.0/debian/changelog 2019-07-19 18:27:37.000000000 +0200 +++ new/libtpms-0.7.3/debian/changelog 2020-07-09 20:26:39.000000000 +0200 @@ -1,9 +1,31 @@ +libtpms (0.7.3-1) RELEASED; urgency=medium + + * Fixed set of PCRs belonging to TCB group + + -- Stefan Berger <stef...@linux.ibm.com> Fri, 10 Jul 2020 12:01:00 -0500 + +libtpms (0.7.2-1) RELEASE; urgency=high + + * Bugfixes related to RSA signing, decryption, and symmetric decryption. + + -- Stefan Berger <stef...@linux.ibm.com> Wed, 27 May 2020 7:53:00 -0500 + +libtpms (0.7.1-1) RELEASE; urgency=medium + + * Backports and other bugfixes. + + -- Stefan Berger <stef...@linux.ibm.com> Mon, 18 May 2020 11:46:00 -0500 + libtpms (0.7.0-1) RELEASE; urgency=medium + * Stable release + -- Stefan Berger <stef...@linux.ibm.com> Thu, 18 Jul 2019 16:26:00 -0500 libtpms (0.7.0~dev1) UNRELEASED; urgency=medium + * Developer release + -- Stefan Berger <stef...@linux.ibm.com> Mon, 14 Jan 2019 10:25:08 -0500 libtpms (0.6.0-1) RELEASED; urgency=medium diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libtpms-0.7.0/debian/control new/libtpms-0.7.3/debian/control --- old/libtpms-0.7.0/debian/control 2019-07-19 18:27:37.000000000 +0200 +++ new/libtpms-0.7.3/debian/control 2020-07-09 20:26:39.000000000 +0200 @@ -3,14 +3,15 @@ Section: libs Priority: optional Build-Depends: automake, autoconf, libtool, libssl-dev, - gawk, dh-exec, debhelper, g++ + gawk, dh-exec, debhelper (>= 9), g++ Package: libtpms0 Architecture: any Multi-Arch: same Depends: openssl, ${shlibs:Depends}, - ${misc:Pre-Depends} + ${misc:Pre-Depends}, + ${misc:Depends} Description: TPM emulation library Libtpms is a library that provides TPM functionality. diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libtpms-0.7.0/dist/libtpms.spec new/libtpms-0.7.3/dist/libtpms.spec --- old/libtpms-0.7.0/dist/libtpms.spec 2019-07-19 18:27:37.000000000 +0200 +++ new/libtpms-0.7.3/dist/libtpms.spec 2020-07-09 20:26:39.000000000 +0200 @@ -1,7 +1,7 @@ # --- libtpm rpm-spec --- %define name libtpms -%define version 0.7.0 +%define version 0.7.3 %define release 0 # Valid crypto subsystems are 'freebl' and 'openssl' @@ -112,7 +112,16 @@ %postun -p /sbin/ldconfig %changelog -* Mon Jan 14 2018 Stefan Berger - 0.6.0-1 +* Fri Jul 10 2020 Stefan Berger - 0.7.3-1 +- Fixed set of PCRs belonging to TCB group + +* Wed May 27 2020 Stefan Berger - 0.7.2-1 +- Bugfixes related to RSA signing, decryption, and symmetric decryption. + +* Mon May 18 2020 Stefan Berger - 0.7.1-1 +- Backports and other bugfixes. + +* Mon Jan 15 2018 Stefan Berger - 0.6.0-1 - Release of version 0.6.0 with TPM 2.0 support * Mon Jun 30 2014 Stefan Berger - 0.5.2-1 diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libtpms-0.7.0/dist/libtpms.spec.in new/libtpms-0.7.3/dist/libtpms.spec.in --- old/libtpms-0.7.0/dist/libtpms.spec.in 2019-07-19 18:27:37.000000000 +0200 +++ new/libtpms-0.7.3/dist/libtpms.spec.in 2020-07-09 20:26:39.000000000 +0200 @@ -112,7 +112,16 @@ %postun -p /sbin/ldconfig %changelog -* Mon Jan 14 2018 Stefan Berger - 0.6.0-1 +* Fri Jul 10 2020 Stefan Berger - 0.7.3-1 +- Fixed set of PCRs belonging to TCB group + +* Wed May 27 2020 Stefan Berger - 0.7.2-1 +- Bugfixes related to RSA signing, decryption, and symmetric decryption. + +* Mon May 18 2020 Stefan Berger - 0.7.1-1 +- Backports and other bugfixes. + +* Mon Jan 15 2018 Stefan Berger - 0.6.0-1 - Release of version 0.6.0 with TPM 2.0 support * Mon Jun 30 2014 Stefan Berger - 0.5.2-1 diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libtpms-0.7.0/include/libtpms/tpm_library.h new/libtpms-0.7.3/include/libtpms/tpm_library.h --- old/libtpms-0.7.0/include/libtpms/tpm_library.h 2019-07-19 18:27:37.000000000 +0200 +++ new/libtpms-0.7.3/include/libtpms/tpm_library.h 2020-07-09 20:26:39.000000000 +0200 @@ -50,7 +50,7 @@ #define TPM_LIBRARY_VER_MAJOR 0 #define TPM_LIBRARY_VER_MINOR 7 -#define TPM_LIBRARY_VER_MICRO 0 +#define TPM_LIBRARY_VER_MICRO 3 #define TPM_LIBRARY_VERSION_GEN(MAJ, MIN, MICRO) \ (( MAJ << 16 ) | ( MIN << 8 ) | ( MICRO )) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libtpms-0.7.0/src/tpm12/tpm_delegate.c new/libtpms-0.7.3/src/tpm12/tpm_delegate.c --- old/libtpms-0.7.0/src/tpm12/tpm_delegate.c 2019-07-19 18:27:37.000000000 +0200 +++ new/libtpms-0.7.3/src/tpm12/tpm_delegate.c 2020-07-09 20:26:39.000000000 +0200 @@ -1629,7 +1629,7 @@ TPM_SECRET *hmacKey; TPM_SECRET savedAuth; /* saved copy for response */ TPM_DELEGATE_PUBLIC *delegatePublic; /* from DSAP session */ - TPM_FAMILY_TABLE_ENTRY *familyRow; /* family table row containing familyID */ + TPM_FAMILY_TABLE_ENTRY *familyRow = NULL; /* family table row containing familyID */ uint32_t nv1 = tpm_state->tpm_permanent_data.noOwnerNVWrite; /* temp for noOwnerNVWrite, initialize to silence compiler */ @@ -3360,7 +3360,7 @@ TPM_DELEGATE_INDEX d1DelegateIndex; TPM_DELEGATE_OWNER_BLOB d1DelegateOwnerBlob; TPM_DELEGATE_KEY_BLOB d1DelegateKeyBlob; - TPM_DELEGATE_TABLE_ROW *d1DelegateTableRow; + TPM_DELEGATE_TABLE_ROW *d1DelegateTableRow = NULL; TPM_FAMILY_ID familyID = 0; TPM_FAMILY_TABLE_ENTRY *familyRow; /* family table row containing familyID */ TPM_DELEGATE_PUBLIC *delegatePublic; /* from DSAP session */ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libtpms-0.7.0/src/tpm12/tpm_nvfile.c new/libtpms-0.7.3/src/tpm12/tpm_nvfile.c --- old/libtpms-0.7.0/src/tpm12/tpm_nvfile.c 2019-07-19 18:27:37.000000000 +0200 +++ new/libtpms-0.7.3/src/tpm12/tpm_nvfile.c 2020-07-09 20:26:39.000000000 +0200 @@ -70,7 +70,8 @@ /* local prototypes */ -static void TPM_NVRAM_GetFilenameForName(char *filename, +static TPM_RESULT TPM_NVRAM_GetFilenameForName(char *filename, + size_t filename_len, uint32_t tpm_number, const char *name); @@ -189,7 +190,10 @@ /* open the file */ if (rc == 0) { /* map name to the rooted filename */ - TPM_NVRAM_GetFilenameForName(filename, tpm_number, name); + rc = TPM_NVRAM_GetFilenameForName(filename, sizeof(filename), + tpm_number, name); + } + if (rc == 0) { printf(" TPM_NVRAM_LoadData: Opening file %s\n", filename); file = fopen(filename, "rb"); /* closed @1 */ if (file == NULL) { /* if failure, determine cause */ @@ -297,7 +301,10 @@ printf(" TPM_NVRAM_StoreData: To name %s\n", name); if (rc == 0) { /* map name to the rooted filename */ - TPM_NVRAM_GetFilenameForName(filename, tpm_number, name); + rc = TPM_NVRAM_GetFilenameForName(filename, sizeof(filename), + tpm_number, name); + } + if (rc == 0) { /* open the file */ printf(" TPM_NVRAM_StoreData: Opening file %s\n", filename); file = fopen(filename, "wb"); /* closed @1 */ @@ -339,14 +346,27 @@ state_directory/tpm_number.name */ -static void TPM_NVRAM_GetFilenameForName(char *filename, /* output: rooted filename */ - uint32_t tpm_number, - const char *name) /* input: abstract name */ +static TPM_RESULT TPM_NVRAM_GetFilenameForName(char *filename, /* output: rooted filename */ + size_t filename_len, + uint32_t tpm_number, + const char *name) /* input: abstract name */ { + int n; + TPM_RESULT rc = TPM_FAIL; + printf(" TPM_NVRAM_GetFilenameForName: For name %s\n", name); - sprintf(filename, "%s/%02lx.%s", state_directory, (unsigned long)tpm_number, name); - printf(" TPM_NVRAM_GetFilenameForName: File name %s\n", filename); - return; + n = snprintf(filename, filename_len, + "%s/%02lx.%s", state_directory, (unsigned long)tpm_number, + name); + if (n < 0) { + printf(" TPM_NVRAM_GetFilenameForName: Error (fatal), snprintf failed\n"); + } else if ((size_t)n >= filename_len) { + printf(" TPM_NVRAM_GetFilenameForName: Error (fatal), buffer too small\n"); + } else { + printf(" TPM_NVRAM_GetFilenameForName: File name %s\n", filename); + rc = TPM_SUCCESS; + } + return rc; } /* TPM_NVRAM_DeleteName() deletes the 'name' from NVRAM @@ -380,7 +400,10 @@ printf(" TPM_NVRAM_DeleteName: Name %s\n", name); /* map name to the rooted filename */ - TPM_NVRAM_GetFilenameForName(filename, tpm_number, name); + if (rc == 0) { + rc = TPM_NVRAM_GetFilenameForName(filename, sizeof(filename), + tpm_number, name); + } if (rc == 0) { irc = remove(filename); if ((irc != 0) && /* if the remove failed */ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libtpms-0.7.0/src/tpm12/tpm_nvram.c new/libtpms-0.7.3/src/tpm12/tpm_nvram.c --- old/libtpms-0.7.0/src/tpm12/tpm_nvram.c 2019-07-19 18:27:37.000000000 +0200 +++ new/libtpms-0.7.3/src/tpm12/tpm_nvram.c 2020-07-09 20:26:39.000000000 +0200 @@ -1288,7 +1288,7 @@ TPM_BOOL ignore_auth = FALSE; TPM_BOOL dir = FALSE; TPM_BOOL physicalPresence; - TPM_BOOL isGPIO; + TPM_BOOL isGPIO = FALSE; BYTE *gpioData = NULL; TPM_NV_DATA_SENSITIVE *d1NvdataSensitive; uint32_t s1Last; @@ -2000,7 +2000,7 @@ TPM_NV_DATA_SENSITIVE *d1NvdataSensitive; uint32_t s1Last; TPM_BOOL physicalPresence; - TPM_BOOL isGPIO; + TPM_BOOL isGPIO = FALSE; uint32_t nv1 = tpm_state->tpm_permanent_data.noOwnerNVWrite; /* temp for noOwnerNVWrite, initialize to silence compiler */ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libtpms-0.7.0/src/tpm12/tpm_process.c new/libtpms-0.7.3/src/tpm12/tpm_process.c --- old/libtpms-0.7.0/src/tpm12/tpm_process.c 2019-07-19 18:27:37.000000000 +0200 +++ new/libtpms-0.7.3/src/tpm12/tpm_process.c 2020-07-09 20:26:39.000000000 +0200 @@ -4844,7 +4844,7 @@ unsigned char * inParamEnd; /* ending point of inParam's */ TPM_DIGEST inParamDigest; TPM_BOOL auditStatus; /* audit the ordinal */ - TPM_BOOL transportEncrypt; /* wrapped in encrypted transport session */ + TPM_BOOL transportEncrypt = FALSE;/* wrapped in encrypted transport session */ TPM_BOOL authHandleValid = FALSE; TPM_AUTH_SESSION_DATA *auth_session_data; /* session data for authHandle */ TPM_SECRET *hmacKey; @@ -5144,7 +5144,7 @@ unsigned char * inParamEnd; /* ending point of inParam's */ TPM_DIGEST inParamDigest; TPM_BOOL auditStatus; /* audit the ordinal */ - TPM_BOOL transportEncrypt; /* wrapped in encrypted transport session */ + TPM_BOOL transportEncrypt = FALSE;/* wrapped in encrypted transport session */ TPM_BOOL authHandleValid = FALSE; TPM_AUTH_SESSION_DATA *auth_session_data; /* session data for authHandle */ TPM_SECRET *hmacKey; diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libtpms-0.7.0/src/tpm12/tpm_session.c new/libtpms-0.7.3/src/tpm12/tpm_session.c --- old/libtpms-0.7.0/src/tpm12/tpm_session.c 2019-07-19 18:27:37.000000000 +0200 +++ new/libtpms-0.7.3/src/tpm12/tpm_session.c 2020-07-09 20:26:39.000000000 +0200 @@ -3044,7 +3044,7 @@ TPM_STORE_BUFFER b1_sbuffer; /* serialization of b1 */ TPM_STCLEAR_DATA *v1StClearData = NULL; TPM_KEY_HANDLE_ENTRY *tpm_key_handle_entry; /* key table entry for the handle */ - TPM_AUTH_SESSION_DATA *tpm_auth_session_data; /* session table entry for the handle */ + TPM_AUTH_SESSION_DATA *tpm_auth_session_data = NULL; /* session table entry for the handle */ TPM_TRANSPORT_INTERNAL *tpm_transport_internal; /* transport table entry for the handle */ TPM_DAA_SESSION_DATA *tpm_daa_session_data; /* daa session table entry for the handle */ TPM_NONCE *n1ContextNonce = NULL; @@ -3053,7 +3053,7 @@ TPM_CONTEXT_SENSITIVE c1ContextSensitive; TPM_CONTEXT_BLOB b1ContextBlob; TPM_STORE_BUFFER c1_sbuffer; /* serialization of c1ContextSensitive */ - uint32_t contextIndex; /* free index in context list */ + uint32_t contextIndex = 0; /* free index in context list */ uint32_t space; /* free space in context list */ TPM_BOOL isZero; @@ -4931,7 +4931,7 @@ TPM_AUTH_SESSION_DATA *tpm_auth_session_data; /* session table entry for the handle */ TPM_BOOL isZero; /* contextNonceSession not set yet */ TPM_STCLEAR_DATA *v1StClearData = NULL; - uint32_t contextIndex; /* free index in context list */ + uint32_t contextIndex = 0; /* free index in context list */ uint32_t space; /* free space in context list */ TPM_CONTEXT_SENSITIVE contextSensitive; TPM_STORE_BUFFER contextSensitive_sbuffer; /* serialization of contextSensitive */ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libtpms-0.7.0/src/tpm12/tpm_transport.c new/libtpms-0.7.3/src/tpm12/tpm_transport.c --- old/libtpms-0.7.0/src/tpm12/tpm_transport.c 2019-07-19 18:27:37.000000000 +0200 +++ new/libtpms-0.7.3/src/tpm12/tpm_transport.c 2020-07-09 20:26:39.000000000 +0200 @@ -2599,7 +2599,7 @@ TPM_BOOL authHandleValid = FALSE; TPM_BOOL transHandleValid = FALSE; TPM_AUTH_SESSION_DATA *auth_session_data = NULL; /* session data for authHandle */ - TPM_TRANSPORT_INTERNAL *t1TpmTransportInternal; + TPM_TRANSPORT_INTERNAL *t1TpmTransportInternal = NULL; TPM_SECRET *hmacKey; TPM_KEY *sigKey = NULL; /* the key specified by keyHandle */ TPM_BOOL parentPCRStatus; diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libtpms-0.7.0/src/tpm2/Marshal.c new/libtpms-0.7.3/src/tpm2/Marshal.c --- old/libtpms-0.7.0/src/tpm2/Marshal.c 2019-07-19 18:27:37.000000000 +0200 +++ new/libtpms-0.7.3/src/tpm2/Marshal.c 2020-07-09 20:26:39.000000000 +0200 @@ -1125,6 +1125,14 @@ return written; } +UINT16 // libtpms added begin +TPMI_TDES_KEY_BITS_Marshal(TPMI_TDES_KEY_BITS *source, BYTE **buffer, INT32 *size) +{ + UINT16 written = 0; + written += TPM_KEY_BITS_Marshal(source, buffer, size); + return written; +} // libtpms added end + /* Table 2:128 - Definition of TPMU_SYM_KEY_BITS Union (StructuresTable()) */ UINT16 @@ -1148,6 +1156,11 @@ written += TPMI_CAMELLIA_KEY_BITS_Marshal(&source->camellia, buffer, size); break; #endif +#if ALG_TDES // libtpms added begin + case TPM_ALG_TDES: + written += TPMI_TDES_KEY_BITS_Marshal(&source->tdes, buffer, size); + break; +#endif // libtpms added end #if ALG_XOR case TPM_ALG_XOR: written += TPMI_ALG_HASH_Marshal(&source->xorr, buffer, size); @@ -1184,6 +1197,11 @@ written += TPMI_ALG_SYM_MODE_Marshal(&source->camellia, buffer, size); break; #endif +#if ALG_TDES // libtpms added begin + case TPM_ALG_TDES: + written += TPMI_ALG_SYM_MODE_Marshal(&source->tdes, buffer, size); + break; +#endif // libtpms added end #if ALG_XOR case TPM_ALG_XOR: #endif @@ -2002,7 +2020,7 @@ TPM2B_PUBLIC_Marshal(TPM2B_PUBLIC *source, BYTE **buffer, INT32 *size) { UINT16 written = 0; - BYTE *sizePtr; + BYTE *sizePtr = NULL; // libtpms changes for ppc64el gcc-5 -O3 if (buffer != NULL) { sizePtr = *buffer; diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libtpms-0.7.0/src/tpm2/NVDynamic.c new/libtpms-0.7.3/src/tpm2/NVDynamic.c --- old/libtpms-0.7.0/src/tpm2/NVDynamic.c 2019-07-19 18:27:37.000000000 +0200 +++ new/libtpms-0.7.3/src/tpm2/NVDynamic.c 2020-07-09 20:26:39.000000000 +0200 @@ -115,7 +115,7 @@ ) { NV_REF addr; - TPM_HANDLE nvHandle; + TPM_HANDLE nvHandle = 0; // libtpms changed: gcc 10.1.0 complaint while((addr = NvNext(iter, &nvHandle)) != 0) { // addr: the address of the location containing the handle of the value diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libtpms-0.7.0/src/tpm2/PCR.c new/libtpms-0.7.3/src/tpm2/PCR.c --- old/libtpms-0.7.0/src/tpm2/PCR.c 2019-07-19 18:27:37.000000000 +0200 +++ new/libtpms-0.7.3/src/tpm2/PCR.c 2020-07-09 20:26:39.000000000 +0200 @@ -163,6 +163,7 @@ ) { #if ENABLE_PCR_NO_INCREMENT == YES +#if 0 // Platform specification decides if a PCR belongs to a TCB group. In this // implementation, we assume PCR[20-22] belong to TCB group. If the platform // specification requires differently, the implementation should be @@ -170,6 +171,12 @@ if(handle >= 20 && handle <= 22) return TRUE; #endif + /* kgold - changed for PC Client, 16, 21-23 no increment */ + if ((handle == 16) || + ((handle >= 21) && (handle <= 23))) { + return TRUE; + } +#endif return FALSE; } /* 8.7.3.4 PCRPolicyIsAvailable() */ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libtpms-0.7.0/src/tpm2/SessionProcess.c new/libtpms-0.7.3/src/tpm2/SessionProcess.c --- old/libtpms-0.7.0/src/tpm2/SessionProcess.c 2019-07-19 18:27:37.000000000 +0200 +++ new/libtpms-0.7.3/src/tpm2/SessionProcess.c 2020-07-09 20:26:39.000000000 +0200 @@ -3,7 +3,7 @@ /* Process the Authorization Sessions */ /* Written by Ken Goldman */ /* IBM Thomas J. Watson Research Center */ -/* $Id: SessionProcess.c 1262 2018-07-11 21:03:43Z kgoldman $ */ +/* $Id: SessionProcess.c 1493 2019-09-04 13:31:35Z kgoldman $ */ /* */ /* Licenses and Notices */ /* */ @@ -1235,7 +1235,10 @@ TPM_HANDLE sessionHandle = s_sessionHandles[sessionIndex]; TPM_HANDLE associatedHandle = s_associatedHandles[sessionIndex]; TPM_HT sessionHandleType = HandleGetType(sessionHandle); + BOOL authUsed; + pAssert(sessionHandle != TPM_RH_UNASSIGNED); + // Take care of physical presence if(associatedHandle == TPM_RH_PLATFORM) { @@ -1265,11 +1268,14 @@ session->attributes.includeAuth = !IsSessionBindEntity(s_associatedHandles[sessionIndex], session); } + authUsed = session->attributes.includeAuth; } + else + // Password session + authUsed = TRUE; // If the authorization session is going to use an authValue, then make sure // that access to that authValue isn't locked out. - // Note: session == NULL for a PW session. - if(session == NULL || session->attributes.includeAuth) + if(authUsed) { // See if entity is subject to lockout. if(!IsDAExempted(associatedHandle)) @@ -1310,19 +1316,16 @@ else result = CheckSessionHMAC(command, sessionIndex); // Do processing for PIN Indexes are only three possibilities for 'result' at - // this point. - // TPM_RC_SUCCESS - // TPM_RC_AUTH_FAIL - // TPM_RC_BAD_AUTH + // this point: TPM_RC_SUCCESS, TPM_RC_AUTH_FAIL, TPM_RC_BAD_AUTH // For all these cases, we would have to process a PIN index if the // authValue of the index was used for authorization. - // See if we need to do anything to a PIN index - if(TPM_HT_NV_INDEX == HandleGetType(associatedHandle)) + if((TPM_HT_NV_INDEX == HandleGetType(associatedHandle)) && authUsed) { NV_REF locator; NV_INDEX *nvIndex = NvGetIndexInfo(associatedHandle, &locator); NV_PIN pinData; TPMA_NV nvAttributes; + pAssert(nvIndex != NULL); nvAttributes = nvIndex->publicArea.attributes; // If this is a PIN FAIL index and the value has been written @@ -1338,7 +1341,7 @@ NvWriteUINT64Data(nvIndex, pinData.intVal); } // If this is a PIN PASS Index, increment if we have used the - // authorization value for anything other than NV_Read. + // authorization value. // NOTE: If the counter has already hit the limit, then we // would not get here because the authorization value would not // be available and the TPM would have returned before it gets here diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libtpms-0.7.0/src/tpm2/Unmarshal.c new/libtpms-0.7.3/src/tpm2/Unmarshal.c --- old/libtpms-0.7.0/src/tpm2/Unmarshal.c 2019-07-19 18:27:37.000000000 +0200 +++ new/libtpms-0.7.3/src/tpm2/Unmarshal.c 2020-07-09 20:26:39.000000000 +0200 @@ -41,7 +41,9 @@ #include <string.h> +#include "Tpm.h" // libtpms added #include "Unmarshal_fp.h" +#include "CryptEccMain_fp.h" // libtpms added TPM_RC UINT8_Unmarshal(UINT8 *target, BYTE **buffer, INT32 *size) @@ -1085,6 +1087,9 @@ #if ALG_CAMELLIA case TPM_ALG_CAMELLIA: #endif +#if ALG_TDES // libtpms added begin + case TPM_ALG_TDES: +#endif // libtpms added end #if ALG_XOR case TPM_ALG_XOR: #endif @@ -1121,6 +1126,9 @@ #if ALG_CAMELLIA case TPM_ALG_CAMELLIA: #endif +#if ALG_TDES // libtpms added begin + case TPM_ALG_TDES: +#endif // iibtpms added end break; case TPM_ALG_NULL: if (allowNull) { @@ -2449,6 +2457,28 @@ } #endif +#if ALG_TDES // libtpms added begin +TPM_RC +TPMI_TDES_KEY_BITS_Unmarshal(TPMI_SM4_KEY_BITS *target, BYTE **buffer, INT32 *size) +{ + TPM_RC rc = TPM_RC_SUCCESS; + + if (rc == TPM_RC_SUCCESS) { + rc = TPM_KEY_BITS_Unmarshal(target, buffer, size); + } + if (rc == TPM_RC_SUCCESS) { + switch (*target) { + case 128: + case 192: + break; + default: + rc = TPM_RC_VALUE; + } + } + return rc; +} +#endif // libtpms added end + /* Table 125 - Definition of TPMU_SYM_KEY_BITS Union */ TPM_RC @@ -2472,6 +2502,11 @@ rc = TPMI_CAMELLIA_KEY_BITS_Unmarshal(&target->camellia, buffer, size); break; #endif +#if ALG_TDES // libtpms added beging + case TPM_ALG_TDES: + rc = TPMI_TDES_KEY_BITS_Unmarshal(&target->tdes, buffer, size); + break; +#endif // libtpms added end #if ALG_XOR case TPM_ALG_XOR: rc = TPMI_ALG_HASH_Unmarshal(&target->xorr, buffer, size, NO); @@ -2508,6 +2543,11 @@ rc = TPMI_ALG_SYM_MODE_Unmarshal(&target->camellia, buffer, size, YES); break; #endif +#if ALG_TDES // libtpms added begin + case TPM_ALG_TDES: + rc = TPMI_ALG_SYM_MODE_Unmarshal(&target->tdes, buffer, size, YES); + break; +#endif // libtpms added end case TPM_ALG_XOR: case TPM_ALG_NULL: break; @@ -3484,12 +3524,30 @@ #if ECC_BN_P256 case TPM_ECC_BN_P256: #endif +#if ECC_BN_P638 // libtpms added begin + case TPM_ECC_BN_P638: +#endif +#if ECC_NIST_P192 + case TPM_ECC_NIST_P192: +#endif +#if ECC_NIST_P224 + case TPM_ECC_NIST_P224: +#endif // libtpms added end #if ECC_NIST_P256 case TPM_ECC_NIST_P256: #endif #if ECC_NIST_P384 case TPM_ECC_NIST_P384: #endif +#if ECC_NIST_P521 // libtpms added begin + case TPM_ECC_NIST_P521: +#endif +#if ECC_SM2_P256 + case TPM_ECC_SM2_P256: +#endif + if (!CryptEccIsCurveRuntimeUsable(*target)) + rc = TPM_RC_CURVE; + // libtpms added end break; default: rc = TPM_RC_CURVE; diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libtpms-0.7.0/src/tpm2/VendorString.h new/libtpms-0.7.3/src/tpm2/VendorString.h --- old/libtpms-0.7.0/src/tpm2/VendorString.h 2019-07-19 18:27:37.000000000 +0200 +++ new/libtpms-0.7.3/src/tpm2/VendorString.h 2020-07-09 20:26:39.000000000 +0200 @@ -65,7 +65,7 @@ /* Define up to 4-byte values for MANUFACTURER. This value defines the response for TPM_PT_MANUFACTURER in TPM2_GetCapability(). The following line should be un-commented and a vendor specific string should be provided here. */ -#define MANUFACTURER "IBM " +#define MANUFACTURER "IBM" /* The following #if macro may be deleted after a proper MANUFACTURER is provided. */ #ifndef MANUFACTURER diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libtpms-0.7.0/src/tpm2/Volatile.c new/libtpms-0.7.3/src/tpm2/Volatile.c --- old/libtpms-0.7.0/src/tpm2/Volatile.c 2019-07-19 18:27:37.000000000 +0200 +++ new/libtpms-0.7.3/src/tpm2/Volatile.c 2020-07-09 20:26:39.000000000 +0200 @@ -62,6 +62,9 @@ UINT16 hashAlg = TPM_ALG_SHA1; if (rc == TPM_RC_SUCCESS) { + if ((UINT32)*size < sizeof(hash)) + return TPM_RC_INSUFFICIENT; + CryptHashBlock(hashAlg, *size - sizeof(hash), *buffer, sizeof(acthash), acthash); rc = VolatileState_Unmarshal(buffer, size); diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libtpms-0.7.0/src/tpm2/crypto/CryptEccMain_fp.h new/libtpms-0.7.3/src/tpm2/crypto/CryptEccMain_fp.h --- old/libtpms-0.7.0/src/tpm2/crypto/CryptEccMain_fp.h 2019-07-19 18:27:37.000000000 +0200 +++ new/libtpms-0.7.3/src/tpm2/crypto/CryptEccMain_fp.h 2020-07-09 20:26:39.000000000 +0200 @@ -216,5 +216,11 @@ // RNG state ); +// libtpms added begin +LIB_EXPORT BOOL +CryptEccIsCurveRuntimeUsable( + TPMI_ECC_CURVE curveId + ); +// libtpms added end #endif diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libtpms-0.7.0/src/tpm2/crypto/openssl/CryptEccMain.c new/libtpms-0.7.3/src/tpm2/crypto/openssl/CryptEccMain.c --- old/libtpms-0.7.0/src/tpm2/crypto/openssl/CryptEccMain.c 2019-07-19 18:27:37.000000000 +0200 +++ new/libtpms-0.7.3/src/tpm2/crypto/openssl/CryptEccMain.c 2020-07-09 20:26:39.000000000 +0200 @@ -244,6 +244,8 @@ // If curveID is less than the starting curveID, skip it if(curve < curveID) continue; + if (!CryptEccIsCurveRuntimeUsable(curve)) // libtpms added: runtime filter supported curves + continue; if(curveList->count < maxCount) { // If we have not filled up the return list, add more curves to @@ -779,4 +781,21 @@ CURVE_FREE(E); return retVal; } + +// libtpms added begin +// Support for some curves may be compiled in but they may not be +// supported by openssl's crypto library. +LIB_EXPORT BOOL +CryptEccIsCurveRuntimeUsable( + TPMI_ECC_CURVE curveId + ) +{ + CURVE_INITIALIZED(E, curveId); + if (E == NULL) + return FALSE; + CURVE_FREE(E); + return TRUE; +} +// libtpms added end + #endif // TPM_ALG_ECC diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libtpms-0.7.0/src/tpm2/crypto/openssl/CryptRsa.c new/libtpms-0.7.3/src/tpm2/crypto/openssl/CryptRsa.c --- old/libtpms-0.7.0/src/tpm2/crypto/openssl/CryptRsa.c 2019-07-19 18:27:37.000000000 +0200 +++ new/libtpms-0.7.3/src/tpm2/crypto/openssl/CryptRsa.c 2020-07-09 20:26:39.000000000 +0200 @@ -1318,6 +1318,7 @@ const char *digestname; size_t outlen; unsigned char *tmp = NULL; + unsigned char buffer[MAX_RSA_KEY_BYTES]; // Make sure that the necessary parameters are provided pAssert(cIn != NULL && dOut != NULL && key != NULL); @@ -1372,11 +1373,16 @@ break; } - outlen = cIn->size; - if (EVP_PKEY_decrypt(ctx, dOut->buffer, &outlen, + /* cannot use cOut->buffer */ + outlen = sizeof(buffer); + if (EVP_PKEY_decrypt(ctx, buffer, &outlen, cIn->buffer, cIn->size) <= 0) ERROR_RETURN(TPM_RC_FAILURE); + if (outlen > dOut->size) + ERROR_RETURN(TPM_RC_FAILURE); + + memcpy(dOut->buffer, buffer, outlen); dOut->size = outlen; retVal = TPM_RC_SUCCESS; @@ -1453,6 +1459,16 @@ EVP_PKEY_CTX_set_signature_md(ctx, md) <= 0) ERROR_RETURN(TPM_RC_FAILURE); + /* careful with PSS padding: Use salt length = hash length (-1) if + * length(digest) + length(hash-to-sign) + 2 <= modSize + * otherwise use the max. possible salt length, which is the default (-2) + * test case: 1024 bit key PSS signing sha512 hash + */ + if (padding == RSA_PKCS1_PSS_PADDING && + EVP_MD_size(md) + hIn->b.size + 2 <= modSize && /* OSSL: RSA_padding_add_PKCS1_PSS_mgf1 */ + EVP_PKEY_CTX_set_rsa_pss_saltlen(ctx, -1) <= 0) + ERROR_RETURN(TPM_RC_FAILURE); + outlen = sigOut->signature.rsapss.sig.t.size; if (EVP_PKEY_sign(ctx, sigOut->signature.rsapss.sig.t.buffer, &outlen, diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libtpms-0.7.0/src/tpm2/crypto/openssl/CryptSym.c new/libtpms-0.7.3/src/tpm2/crypto/openssl/CryptSym.c --- old/libtpms-0.7.0/src/tpm2/crypto/openssl/CryptSym.c 2019-07-19 18:27:37.000000000 +0200 +++ new/libtpms-0.7.3/src/tpm2/crypto/openssl/CryptSym.c 2020-07-09 20:26:39.000000000 +0200 @@ -631,8 +631,7 @@ EVP_CIPHER_CTX *ctx = NULL; int outlen1 = 0; int outlen2 = 0; - BYTE *pOut = dOut; - BYTE *buffer = NULL; + BYTE *buffer; UINT32 buffersize = 0; BYTE keyToUse[MAX_SYM_KEY_BYTES]; UINT16 keyToUseLen = (UINT16)sizeof(keyToUse); @@ -660,23 +659,35 @@ else iv = defaultIv; + switch(mode) + { +#if ALG_CBC || ALG_ECB + case ALG_CBC_VALUE: + case ALG_ECB_VALUE: + // For ECB and CBC, the data size must be an even multiple of the + // cipher block size + if((dSize % blockSize) != 0) + return TPM_RC_SIZE; + break; +#endif + default: + break; + } + evpfn = GetEVPCipher(algorithm, keySizeInBits, mode, key, keyToUse, &keyToUseLen); if (evpfn == NULL) return TPM_RC_FAILURE; - if (dIn == dOut) { - // in-place encryption; we use a temp buffer - buffersize = TPM2_ROUNDUP(dSize, blockSize); - buffer = malloc(buffersize); - if (buffer == NULL) - ERROR_RETURN(TPM_RC_FAILURE); - pOut = buffer; - } + /* a buffer with a 'safety margin' for EVP_DecryptUpdate */ + buffersize = TPM2_ROUNDUP(dSize + blockSize, blockSize); + buffer = malloc(buffersize); + if (buffer == NULL) + ERROR_RETURN(TPM_RC_FAILURE); #if ALG_TDES && ALG_CTR if (algorithm == TPM_ALG_TDES && mode == ALG_CTR_VALUE) { - TDES_CTR(keyToUse, keyToUseLen * 8, dSize, dIn, iv, pOut, blockSize); + TDES_CTR(keyToUse, keyToUseLen * 8, dSize, dIn, iv, buffer, blockSize); outlen1 = dSize; ERROR_RETURN(TPM_RC_SUCCESS); } @@ -685,17 +696,22 @@ ctx = EVP_CIPHER_CTX_new(); if (!ctx || EVP_DecryptInit_ex(ctx, evpfn(), NULL, keyToUse, iv) != 1 || - EVP_DecryptUpdate(ctx, pOut, &outlen1, dIn, dSize) != 1) + EVP_CIPHER_CTX_set_padding(ctx, 0) != 1 || + EVP_DecryptUpdate(ctx, buffer, &outlen1, dIn, dSize) != 1) ERROR_RETURN(TPM_RC_FAILURE); - pAssert(outlen1 <= dSize || dSize >= outlen1 + blockSize); + pAssert((int)buffersize >= outlen1); - if (EVP_DecryptFinal(ctx, pOut + outlen1, &outlen2) != 1) + if (EVP_DecryptFinal(ctx, &buffer[outlen1], &outlen2) != 1) ERROR_RETURN(TPM_RC_FAILURE); + pAssert((int)buffersize >= outlen1 + outlen2); + Exit: - if (retVal == TPM_RC_SUCCESS && pOut != dOut) - memcpy(dOut, pOut, outlen1 + outlen2); + if (retVal == TPM_RC_SUCCESS) { + pAssert(dSize >= outlen1 + outlen2); + memcpy(dOut, buffer, outlen1 + outlen2); + } clear_and_free(buffer, buffersize); EVP_CIPHER_CTX_free(ctx); diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libtpms-0.7.0/tests/tpm2_pcr_read.c new/libtpms-0.7.3/tests/tpm2_pcr_read.c --- old/libtpms-0.7.0/tests/tpm2_pcr_read.c 2019-07-19 18:27:37.000000000 +0200 +++ new/libtpms-0.7.3/tests/tpm2_pcr_read.c 2020-07-09 20:26:39.000000000 +0200 @@ -7,6 +7,19 @@ #include <libtpms/tpm_error.h> #include <libtpms/tpm_memory.h> +static void dump_array(const char *h, const unsigned char *d, size_t dlen) +{ + size_t i; + + fprintf(stderr, "%s\n", h); + for (i = 0; i < dlen; i++) { + fprintf(stderr, "%02x ", d[i]); + if ((i & 0xf) == 0xf) + fprintf(stderr, "\n"); + } + fprintf(stderr, "\n"); +} + int main(void) { unsigned char *rbuffer = NULL; @@ -43,7 +56,7 @@ }; const unsigned char tpm2_pcr_read_exp_resp[] = { 0x80, 0x01, 0x00, 0x00, 0x01, 0x86, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x15, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x14, 0x00, 0x00, 0x00, 0x04, 0x00, 0x04, 0x03, 0x01, 0x00, 0x10, 0x00, 0x0b, 0x03, 0x01, 0x00, 0x10, 0x00, 0x0c, 0x03, 0x01, 0x00, 0x10, 0x00, 0x0d, 0x03, 0x01, @@ -127,6 +140,8 @@ if (memcmp(rbuffer, tpm2_pcr_read_exp_resp, rlength)) { fprintf(stderr, "Expected response is different than received one.\n"); + dump_array("actual:", rbuffer, rlength); + dump_array("expected:", tpm2_pcr_read_exp_resp, sizeof(tpm2_pcr_read_exp_resp)); goto exit; } @@ -167,7 +182,7 @@ const unsigned char tpm2_pcr10_read_resp[] = { 0x80, 0x01, 0x00, 0x00, 0x00, 0x3e, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x16, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x15, 0x00, 0x00, 0x00, 0x01, 0x00, 0x0b, 0x03, 0x00, 0x04, 0x00, 0x00, 0x00, 0x00, 0x01, 0x00, 0x20, 0x1f, 0x7f, 0xb1, 0x00, 0xe1, 0xb2, 0xd1, 0x95, 0x19, 0x4b, @@ -178,6 +193,8 @@ if (memcmp(tpm2_pcr10_read_resp, rbuffer, rlength)) { fprintf(stderr, "TPM2_PCRRead(PCR10) did not return expected result\n"); + dump_array("actual:", rbuffer, rlength); + dump_array("expected:", tpm2_pcr10_read_resp, sizeof(tpm2_pcr10_read_resp)); goto exit; }