tboot/0003-Use-sha256-as-default-hashing-algorithm.patch

# HG changeset patch
# User Lukasz Hawrylko <lukasz.hawrylko@intel.com>
# Date 1631717614 -7200
#      Wed Sep 15 16:53:34 2021 +0200
# Node ID 5bf5c12411d3a4a7e0a552203b40bfe59d5c7789
# Parent  4cdcf97e4723647b6fac761565c0be13f7e31009
Use sha256 as default hashing algorithm in lcp2_mlehash and tb_polgen

Signed-off-by: Lukasz Hawrylko <lukasz.hawrylko@intel.com>

diff -r 4cdcf97e4723 -r 5bf5c12411d3 docs/man/tb_polgen.8
--- a/docs/man/tb_polgen.8	Thu Aug 26 14:12:44 2021 +0200
+++ b/docs/man/tb_polgen.8	Wed Sep 15 16:53:34 2021 +0200
@@ -21,6 +21,9 @@
 \fR[\fB\-\-ctrl \fIpolicy-control-value\fR]
 The default value 1 is to extend policy into PCR 17.
 .TP
+\fR[\fB\-\-alg \fIsha1 \fR|\fI sha256 \fR|\fI sha384 \fR|\fI sha512\fR]
+Policy hashing algorithm.
+.TP
 \fIpolicy-file\fR
 .RE
 .TP
diff -r 4cdcf97e4723 -r 5bf5c12411d3 lcptools-v2/mlehash.c
--- a/lcptools-v2/mlehash.c	Thu Aug 26 14:12:44 2021 +0200
+++ b/lcptools-v2/mlehash.c	Wed Sep 15 16:53:34 2021 +0200
@@ -70,8 +70,8 @@
 
 
 bool        verbose = false;
-char        alg_name[32] = "sha1";
-uint16_t    alg_type = TPM_ALG_SHA1;
+char        alg_name[32] = "sha256";
+uint16_t    alg_type = TPM_ALG_SHA256;
 
 static struct option long_opts[] =
 {
diff -r 4cdcf97e4723 -r 5bf5c12411d3 tb_polgen/param.c
--- a/tb_polgen/param.c	Thu Aug 26 14:12:44 2021 +0200
+++ b/tb_polgen/param.c	Wed Sep 15 16:53:34 2021 +0200
@@ -51,7 +51,7 @@
 
 static const char *help[] = {
     "tb_polgen --create --type        nonfatal|continue|halt\n",
-    "                   [--alg        sha1 (default)|sha256|sha384|sha512]\n",
+    "                   [--alg        sha1|sha256 (default)|sha384|sha512]\n",
     "                   [--ctrl       <policy control value>]\n",
     "                   [--verbose]\n",
     "                   <policy file name>\n",
@@ -330,7 +330,7 @@
     params->cmd = POLGEN_CMD_NONE;
     params->mod_num = -1;
     params->pcr = -1;
-    params->hash_alg = TB_HALG_SHA1;
+    params->hash_alg = TB_HALG_SHA256;
     params->policy_type = -1;
     params->policy_control = TB_POLCTL_EXTEND_PCR17;
     params->hash_type = -1;
Use sha256 as default hashing algorithm new file: 0003-Use-sha256-as-default-hashing-algorithm.patch modified: tboot.spec Bump to 1.10.2-6 for rebuild. Resolves: rhbz#1935448 2021-09-30 14:21:59 +00:00			`# HG changeset patch`
			`# User Lukasz Hawrylko <lukasz.hawrylko@intel.com>`
			`# Date 1631717614 -7200`
			`# Wed Sep 15 16:53:34 2021 +0200`
			`# Node ID 5bf5c12411d3a4a7e0a552203b40bfe59d5c7789`
			`# Parent 4cdcf97e4723647b6fac761565c0be13f7e31009`
			`Use sha256 as default hashing algorithm in lcp2_mlehash and tb_polgen`

			`Signed-off-by: Lukasz Hawrylko <lukasz.hawrylko@intel.com>`

			`diff -r 4cdcf97e4723 -r 5bf5c12411d3 docs/man/tb_polgen.8`
			`--- a/docs/man/tb_polgen.8 Thu Aug 26 14:12:44 2021 +0200`
			`+++ b/docs/man/tb_polgen.8 Wed Sep 15 16:53:34 2021 +0200`
			`@@ -21,6 +21,9 @@`
			`\fR[\fB\-\-ctrl \fIpolicy-control-value\fR]`
			`The default value 1 is to extend policy into PCR 17.`
			`.TP`
			`+\fR[\fB\-\-alg \fIsha1 \fR\|\fI sha256 \fR\|\fI sha384 \fR\|\fI sha512\fR]`
			`+Policy hashing algorithm.`
			`+.TP`
			`\fIpolicy-file\fR`
			`.RE`
			`.TP`
			`diff -r 4cdcf97e4723 -r 5bf5c12411d3 lcptools-v2/mlehash.c`
			`--- a/lcptools-v2/mlehash.c Thu Aug 26 14:12:44 2021 +0200`
			`+++ b/lcptools-v2/mlehash.c Wed Sep 15 16:53:34 2021 +0200`
			`@@ -70,8 +70,8 @@`


			`bool verbose = false;`
			`-char alg_name[32] = "sha1";`
			`-uint16_t alg_type = TPM_ALG_SHA1;`
			`+char alg_name[32] = "sha256";`
			`+uint16_t alg_type = TPM_ALG_SHA256;`

			`static struct option long_opts[] =`
			`{`
			`diff -r 4cdcf97e4723 -r 5bf5c12411d3 tb_polgen/param.c`
			`--- a/tb_polgen/param.c Thu Aug 26 14:12:44 2021 +0200`
			`+++ b/tb_polgen/param.c Wed Sep 15 16:53:34 2021 +0200`
			`@@ -51,7 +51,7 @@`

			`static const char *help[] = {`
			`"tb_polgen --create --type nonfatal\|continue\|halt\n",`
			`- " [--alg sha1 (default)\|sha256\|sha384\|sha512]\n",`
			`+ " [--alg sha1\|sha256 (default)\|sha384\|sha512]\n",`
			`" [--ctrl <policy control value>]\n",`
			`" [--verbose]\n",`
			`" <policy file name>\n",`
			`@@ -330,7 +330,7 @@`
			`params->cmd = POLGEN_CMD_NONE;`
			`params->mod_num = -1;`
			`params->pcr = -1;`
			`- params->hash_alg = TB_HALG_SHA1;`
			`+ params->hash_alg = TB_HALG_SHA256;`
			`params->policy_type = -1;`
			`params->policy_control = TB_POLCTL_EXTEND_PCR17;`
			`params->hash_type = -1;`