Compare commits

...

No commits in common. "c8" and "c9-beta" have entirely different histories.
c8 ... c9-beta

54 changed files with 10458 additions and 988 deletions

2
.gitignore vendored
View File

@ -1 +1 @@
SOURCES/tpm2-tools-4.1.1.tar.gz
SOURCES/tpm2-tools-5.2.tar.gz

View File

@ -1 +1 @@
d097d321237983435f05c974533ad90e6f20acef SOURCES/tpm2-tools-4.1.1.tar.gz
00dc3b052d3b4ea44aeda95a9b3a6809ee471358 SOURCES/tpm2-tools-5.2.tar.gz

View File

@ -1,80 +0,0 @@
From e607f78a054acfdbe119499c3608bdb2a44423d9 Mon Sep 17 00:00:00 2001
From: Andreas Fuchs <andreas.fuchs@sit.fraunhofer.de>
Date: Thu, 7 May 2020 11:51:17 +0200
Subject: [PATCH] Fix ESYS_TR hierarchy transition
Fix those cases of TPM2_RH_ to ESYS_TR_RH_ translations that were missed in
780800c0be69a49b9097f8eae653cdb0623d2100
Signed-off-by: Andreas Fuchs <andreas.fuchs@sit.fraunhofer.de>
---
lib/tpm2.c | 20 ++++++++++++++------
1 file changed, 14 insertions(+), 6 deletions(-)
diff --git a/lib/tpm2.c b/lib/tpm2.c
index e7ff77047bef..909a4422339d 100644
--- a/lib/tpm2.c
+++ b/lib/tpm2.c
@@ -656,6 +656,12 @@ uint32_t fix_esys_hierarchy(TPMI_RH_HIERARCHY hierarchy)
{
#if defined(ESYS_3_0)
switch (hierarchy) {
+ case ESYS_TR_RH_NULL:
+ case ESYS_TR_RH_OWNER:
+ case ESYS_TR_RH_ENDORSEMENT:
+ case ESYS_TR_RH_PLATFORM:
+ case ESYS_TR_RH_PLATFORM_NV:
+ return hierarchy;
case TPM2_RH_NULL:
return ESYS_TR_RH_NULL;
case TPM2_RH_OWNER:
@@ -664,14 +670,16 @@ uint32_t fix_esys_hierarchy(TPMI_RH_HIERARCHY hierarchy)
return ESYS_TR_RH_ENDORSEMENT;
case TPM2_RH_PLATFORM:
return ESYS_TR_RH_PLATFORM;
+ case TPM2_RH_PLATFORM_NV:
+ return ESYS_TR_RH_PLATFORM_NV;
default:
- return TSS2_ESYS_RC_BAD_VALUE;
+ LOG_ERR("An unknown hierarchy handle was passed: 0x%08x", hierarchy);
+ return 0xffffffff;
}
#elif defined(ESYS_2_3)
return hierarchy;
#else
- UNUSED(hierarchy);
- return TSS2_ESYS_RC_BAD_VALUE;
+#error "Need to define either ESYS_3_0 or ESYS_2_3"
#endif
}
@@ -1154,7 +1162,7 @@ tool_rc tpm2_hierarchycontrol(ESYS_CONTEXT *esys_context,
}
TSS2_RC rval = Esys_HierarchyControl(esys_context, auth_hierarchy->tr_handle,
- shandle, ESYS_TR_NONE, ESYS_TR_NONE, enable, state);
+ shandle, ESYS_TR_NONE, ESYS_TR_NONE, fix_esys_hierarchy(enable), state);
if (rval != TPM2_RC_SUCCESS && rval != TPM2_RC_INITIALIZE) {
LOG_PERR(Esys_HierarchyControl, rval);
return tool_rc_from_tpm(rval);
@@ -1251,7 +1259,7 @@ tool_rc tpm2_hmac_sequencecomplete(ESYS_CONTEXT *esys_context,
TPM2_RC rval = Esys_SequenceComplete(esys_context, sequence_handle,
hmac_key_obj_shandle, ESYS_TR_NONE, ESYS_TR_NONE, input_buffer,
- TPM2_RH_NULL, result, validation);
+ fix_esys_hierarchy(TPM2_RH_NULL), result, validation);
if (rval != TSS2_RC_SUCCESS) {
LOG_PERR(Esys_HMAC, rval);
return tool_rc_from_tpm(rval);
@@ -1907,7 +1915,7 @@ tool_rc tpm2_loadexternal(ESYS_CONTEXT *ectx, const TPM2B_SENSITIVE *private,
TSS2_RC rval = Esys_LoadExternal(ectx,
ESYS_TR_NONE, ESYS_TR_NONE, ESYS_TR_NONE,
- private, public, hierarchy,
+ private, public, fix_esys_hierarchy(hierarchy),
object_handle);
if (rval != TSS2_RC_SUCCESS) {
LOG_PERR(Esys_LoadExternal, rval);
--
2.27.0

View File

@ -0,0 +1,62 @@
From 4dffb4295392f69f00003b2879f60bd36076f22d Mon Sep 17 00:00:00 2001
From: Imran Desai <imran.desai@intel.com>
Date: Tue, 7 Dec 2021 13:21:58 -0700
Subject: [PATCH 01/17] Fix nv_readpublic
Based on 4af3e6b4 tpm2_nvreadpublic: Add option to output cpHash
---
lib/tpm2.c | 11 +++++++++--
lib/tpm2_nv_util.h | 14 +-------------
2 files changed, 10 insertions(+), 15 deletions(-)
diff --git a/lib/tpm2.c b/lib/tpm2.c
index 4ee27c8c..d91072ae 100644
--- a/lib/tpm2.c
+++ b/lib/tpm2.c
@@ -101,9 +101,16 @@ tool_rc tpm2_close(ESYS_CONTEXT *esys_context, ESYS_TR *rsrc_handle) {
tool_rc tpm2_nv_readpublic(ESYS_CONTEXT *esys_context, ESYS_TR nv_index,
TPM2B_NV_PUBLIC **nv_public, TPM2B_NAME **nv_name) {
- TSS2_RC rval = Esys_NV_ReadPublic(esys_context, nv_index,
- ESYS_TR_NONE, ESYS_TR_NONE, ESYS_TR_NONE, nv_public, nv_name);
+ ESYS_TR esys_tr_nv_index;
+ TSS2_RC rval = Esys_TR_FromTPMPublic(esys_context, nv_index, ESYS_TR_NONE,
+ ESYS_TR_NONE, ESYS_TR_NONE, &esys_tr_nv_index);
+ if (rval != TPM2_RC_SUCCESS) {
+ LOG_PERR(Esys_TR_FromTPMPublic, rval);
+ return tool_rc_from_tpm(rval);
+ }
+ rval = Esys_NV_ReadPublic(esys_context, esys_tr_nv_index,
+ ESYS_TR_NONE, ESYS_TR_NONE, ESYS_TR_NONE, nv_public, nv_name);
if (rval != TSS2_RC_SUCCESS) {
LOG_PERR(Esys_NV_ReadPublic, rval);
return tool_rc_from_tpm(rval);
diff --git a/lib/tpm2_nv_util.h b/lib/tpm2_nv_util.h
index 99843156..daf8b624 100644
--- a/lib/tpm2_nv_util.h
+++ b/lib/tpm2_nv_util.h
@@ -28,19 +28,7 @@
static inline tool_rc tpm2_util_nv_read_public(ESYS_CONTEXT *context,
TPMI_RH_NV_INDEX nv_index, TPM2B_NV_PUBLIC **nv_public) {
- ESYS_TR tr_object;
- tool_rc rc = tpm2_from_tpm_public(context, nv_index, ESYS_TR_NONE,
- ESYS_TR_NONE, ESYS_TR_NONE, &tr_object);
- if (rc != tool_rc_success) {
- return rc;
- }
-
- rc = tpm2_nv_readpublic(context, tr_object, nv_public, NULL);
- tool_rc tmp_rc = tpm2_close(context, &tr_object);
- if (tmp_rc != tool_rc_success) {
- rc = tmp_rc;
- }
- return rc;
+ return tpm2_nv_readpublic(context, nv_index, nv_public, 0);
}
/**
--
2.40.1

View File

@ -1,211 +0,0 @@
From 2e7839b905f7a493f739d36e3e550e0cee30049e Mon Sep 17 00:00:00 2001
From: Andreas Fuchs <andreas.fuchs@sit.fraunhofer.de>
Date: Thu, 7 May 2020 19:12:36 +0200
Subject: [PATCH] Refactor fix_esys_hierarchies()
Refactor fix_esys_hierarchies() to return an actual TSS2_RC return code
and have an output parameter.
Signed-off-by: Andreas Fuchs <andreas.fuchs@sit.fraunhofer.de>
---
lib/tpm2.c | 88 +++++++++++++++++++++++++++++----------
lib/tpm2.h | 2 +-
tools/tpm2_loadexternal.c | 9 +++-
3 files changed, 75 insertions(+), 24 deletions(-)
diff --git a/lib/tpm2.c b/lib/tpm2.c
index 909a4422339d..744fed8c529f 100644
--- a/lib/tpm2.c
+++ b/lib/tpm2.c
@@ -645,39 +645,51 @@ tool_rc tpm2_evictcontrol(ESYS_CONTEXT *esys_context,
}
/* This function addresses ESAPI change that changes parameter type from
- * Esys_TR to TPMI_RH_HIERARCHY and breaks backwards compatibility.
+ * Esys_TR to TPMI_RH_HIERARCHY or TPMI_RH_ENABLES and breaks backwards
+ * compatibility.
* To keep the tools parameters consistent after v4.0 release we need to
* map the values to appropriate type based on the version of the ESYS API.
* Note: the mapping is based on the ESYS version recognized at compile time.
* The TSS change can be found here:
* https://github.com/tpm2-software/tpm2-tss/pull/1531
*/
-uint32_t fix_esys_hierarchy(TPMI_RH_HIERARCHY hierarchy)
+TSS2_RC fix_esys_hierarchy(uint32_t in, uint32_t *out)
{
#if defined(ESYS_3_0)
- switch (hierarchy) {
+ switch (in) {
case ESYS_TR_RH_NULL:
+ /* FALLTHRU */
case ESYS_TR_RH_OWNER:
+ /* FALLTHRU */
case ESYS_TR_RH_ENDORSEMENT:
+ /* FALLTHRU */
case ESYS_TR_RH_PLATFORM:
+ /* FALLTHRU */
case ESYS_TR_RH_PLATFORM_NV:
- return hierarchy;
+ *out = in;
+ return TSS2_RC_SUCCESS;
case TPM2_RH_NULL:
- return ESYS_TR_RH_NULL;
+ *out = ESYS_TR_RH_NULL;
+ return TSS2_RC_SUCCESS;
case TPM2_RH_OWNER:
- return ESYS_TR_RH_OWNER;
+ *out = ESYS_TR_RH_OWNER;
+ return TSS2_RC_SUCCESS;
case TPM2_RH_ENDORSEMENT:
- return ESYS_TR_RH_ENDORSEMENT;
+ *out = ESYS_TR_RH_ENDORSEMENT;
+ return TSS2_RC_SUCCESS;
case TPM2_RH_PLATFORM:
- return ESYS_TR_RH_PLATFORM;
+ *out = ESYS_TR_RH_PLATFORM;
+ return TSS2_RC_SUCCESS;
case TPM2_RH_PLATFORM_NV:
- return ESYS_TR_RH_PLATFORM_NV;
+ *out = ESYS_TR_RH_PLATFORM_NV;
+ return TSS2_RC_SUCCESS;
default:
- LOG_ERR("An unknown hierarchy handle was passed: 0x%08x", hierarchy);
- return 0xffffffff;
+ LOG_ERR("An unknown hierarchy handle was passed: 0x%08x", in);
+ return TSS2_ESYS_RC_BAD_VALUE;
}
#elif defined(ESYS_2_3)
- return hierarchy;
+ *out = in;
+ return TSS2_RC_SUCCESS;
#else
#error "Need to define either ESYS_3_0 or ESYS_2_3"
#endif
@@ -688,8 +700,14 @@ tool_rc tpm2_hash(ESYS_CONTEXT *esys_context, ESYS_TR shandle1, ESYS_TR shandle2
TPMI_RH_HIERARCHY hierarchy, TPM2B_DIGEST **out_hash,
TPMT_TK_HASHCHECK **validation) {
- TSS2_RC rval = Esys_Hash(esys_context, shandle1, shandle2, shandle3, data,
- hash_alg, fix_esys_hierarchy(hierarchy), out_hash, validation);
+ TSS2_RC rval = fix_esys_hierarchy(hierarchy, &hierarchy);
+ if (rval != TSS2_RC_SUCCESS) {
+ LOG_ERR("Unknown hierarchy");
+ return tool_rc_from_tpm(rval);
+ }
+
+ rval = Esys_Hash(esys_context, shandle1, shandle2, shandle3, data,
+ hash_alg, hierarchy, out_hash, validation);
if (rval != TSS2_RC_SUCCESS) {
LOG_PERR(Esys_Hash, rval);
return tool_rc_from_tpm(rval);
@@ -729,9 +747,15 @@ tool_rc tpm2_sequence_complete(ESYS_CONTEXT *esys_context,
TPMI_RH_HIERARCHY hierarchy, TPM2B_DIGEST **result,
TPMT_TK_HASHCHECK **validation) {
- TSS2_RC rval = Esys_SequenceComplete(esys_context, sequence_handle,
+ TSS2_RC rval = fix_esys_hierarchy(hierarchy, &hierarchy);
+ if (rval != TSS2_RC_SUCCESS) {
+ LOG_ERR("Unknown hierarchy");
+ return tool_rc_from_tpm(rval);
+ }
+
+ rval = Esys_SequenceComplete(esys_context, sequence_handle,
ESYS_TR_PASSWORD, ESYS_TR_NONE, ESYS_TR_NONE, buffer,
- fix_esys_hierarchy(hierarchy), result, validation);
+ hierarchy, result, validation);
if (rval != TSS2_RC_SUCCESS) {
LOG_PERR(Esys_SequenceComplete, rval);
return tool_rc_from_tpm(rval);
@@ -1161,8 +1185,14 @@ tool_rc tpm2_hierarchycontrol(ESYS_CONTEXT *esys_context,
return rc;
}
- TSS2_RC rval = Esys_HierarchyControl(esys_context, auth_hierarchy->tr_handle,
- shandle, ESYS_TR_NONE, ESYS_TR_NONE, fix_esys_hierarchy(enable), state);
+ TSS2_RC rval = fix_esys_hierarchy(enable, &enable);
+ if (rval != TSS2_RC_SUCCESS) {
+ LOG_ERR("Unknown hierarchy");
+ return tool_rc_from_tpm(rval);
+ }
+
+ rval = Esys_HierarchyControl(esys_context, auth_hierarchy->tr_handle,
+ shandle, ESYS_TR_NONE, ESYS_TR_NONE, enable, state);
if (rval != TPM2_RC_SUCCESS && rval != TPM2_RC_INITIALIZE) {
LOG_PERR(Esys_HierarchyControl, rval);
return tool_rc_from_tpm(rval);
@@ -1257,9 +1287,17 @@ tool_rc tpm2_hmac_sequencecomplete(ESYS_CONTEXT *esys_context,
return rc;
}
- TPM2_RC rval = Esys_SequenceComplete(esys_context, sequence_handle,
+ uint32_t hierarchy;
+
+ TSS2_RC rval = fix_esys_hierarchy(TPM2_RH_NULL, &hierarchy);
+ if (rval != TSS2_RC_SUCCESS) {
+ LOG_ERR("Unknown hierarchy");
+ return tool_rc_from_tpm(rval);
+ }
+
+ rval = Esys_SequenceComplete(esys_context, sequence_handle,
hmac_key_obj_shandle, ESYS_TR_NONE, ESYS_TR_NONE, input_buffer,
- fix_esys_hierarchy(TPM2_RH_NULL), result, validation);
+ hierarchy, result, validation);
if (rval != TSS2_RC_SUCCESS) {
LOG_PERR(Esys_HMAC, rval);
return tool_rc_from_tpm(rval);
@@ -1913,9 +1951,15 @@ tool_rc tpm2_loadexternal(ESYS_CONTEXT *ectx, const TPM2B_SENSITIVE *private,
const TPM2B_PUBLIC *public, TPMI_RH_HIERARCHY hierarchy,
ESYS_TR *object_handle) {
- TSS2_RC rval = Esys_LoadExternal(ectx,
+ TSS2_RC rval = fix_esys_hierarchy(hierarchy, &hierarchy);
+ if (rval != TSS2_RC_SUCCESS) {
+ LOG_ERR("Unknown hierarchy");
+ return tool_rc_from_tpm(rval);
+ }
+
+ rval = Esys_LoadExternal(ectx,
ESYS_TR_NONE, ESYS_TR_NONE, ESYS_TR_NONE,
- private, public, fix_esys_hierarchy(hierarchy),
+ private, public, hierarchy,
object_handle);
if (rval != TSS2_RC_SUCCESS) {
LOG_PERR(Esys_LoadExternal, rval);
diff --git a/lib/tpm2.h b/lib/tpm2.h
index a37e05606c7a..2e4ae5e7dddc 100644
--- a/lib/tpm2.h
+++ b/lib/tpm2.h
@@ -389,7 +389,7 @@ tool_rc tpm2_policy_nv_written(ESYS_CONTEXT *esys_context,
ESYS_TR policy_session, ESYS_TR shandle1, ESYS_TR shandle2,
ESYS_TR shandle3, TPMI_YES_NO written_set);
-uint32_t fix_esys_hierarchy(TPMI_RH_HIERARCHY hierarchy);
+TSS2_RC fix_esys_hierarchy(uint32_t in, uint32_t *out);
tool_rc tpm2_certifycreation(ESYS_CONTEXT *esys_context,
tpm2_loaded_object *signingkey_obj, tpm2_loaded_object *certifiedkey_obj,
diff --git a/tools/tpm2_loadexternal.c b/tools/tpm2_loadexternal.c
index 70fb72877aae..4127ca1b524b 100644
--- a/tools/tpm2_loadexternal.c
+++ b/tools/tpm2_loadexternal.c
@@ -48,9 +48,16 @@ static tpm_loadexternal_ctx ctx = {
static tool_rc load_external(ESYS_CONTEXT *ectx, TPM2B_PUBLIC *pub,
TPM2B_SENSITIVE *priv, bool has_priv, TPM2B_NAME **name) {
+ uint32_t hierarchy;
+ TSS2_RC rval = fix_esys_hierarchy(ctx.hierarchy_value, &hierarchy);
+ if (rval != TSS2_RC_SUCCESS) {
+ LOG_ERR("Unknown hierarchy");
+ return tool_rc_from_tpm(rval);
+ }
+
tool_rc rc = tpm2_loadexternal(ectx,
has_priv ? priv : NULL, pub,
- fix_esys_hierarchy(ctx.hierarchy_value), &ctx.handle);
+ hierarchy, &ctx.handle);
if (rc != tool_rc_success) {
return rc;
}
--
2.27.0

View File

@ -1,26 +0,0 @@
From 012249ad9d06d7534a94690a33638691f5104839 Mon Sep 17 00:00:00 2001
From: Radoslav Gerganov <rgerganov@vmware.com>
Date: Wed, 26 Feb 2020 10:40:26 +0200
Subject: [PATCH] lib/files: fix an error message in files_load_##name
Signed-off-by: Radoslav Gerganov <rgerganov@vmware.com>
---
lib/files.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/lib/files.c b/lib/files.c
index a6beea5b8ff2..ef2170b079e1 100644
--- a/lib/files.c
+++ b/lib/files.c
@@ -687,7 +687,7 @@ tool_rc files_save_ESYS_TR(ESYS_CONTEXT *ectx, ESYS_TR handle, const char *path)
size_t offset = 0; \
TSS2_RC rc = Tss2_MU_##type##_Unmarshal(buffer, size, &offset, name); \
if (rc != TSS2_RC_SUCCESS) { \
- LOG_ERR("Error serializing "str(name)" structure: 0x%x", rc); \
+ LOG_ERR("Error deserializing "str(name)" structure: 0x%x", rc); \
LOG_ERR("The input file needs to be a valid "xstr(type)" data structure"); \
return false; \
} \
--
2.31.0

View File

@ -1,42 +0,0 @@
From a20415d6f1d3fa09300ff1181646fe7e1785fd15 Mon Sep 17 00:00:00 2001
From: Imran Desai <imran.desai@intel.com>
Date: Sun, 29 Mar 2020 10:14:28 -0700
Subject: [PATCH] lib/files.c: Fix an issue where execution could not reach
function return
Signed-off-by: Imran Desai <imran.desai@intel.com>
---
lib/files.c | 8 +++-----
1 file changed, 3 insertions(+), 5 deletions(-)
diff --git a/lib/files.c b/lib/files.c
index ef2170b079e1..501f88d11b48 100644
--- a/lib/files.c
+++ b/lib/files.c
@@ -607,9 +607,7 @@ bool files_load_bytes_from_buffer_or_file_or_stdin(const char *input_buffer,
return true;
}
-// printf("Reading file: %s\n", path);
-// printf("size: %u\n", *size);
-
+ bool retval = true;
/* Read from stdin */
if (!input_buffer && !path) {
UINT16 read_bytes = 0;
@@ -640,10 +638,10 @@ bool files_load_bytes_from_buffer_or_file_or_stdin(const char *input_buffer,
return true;
}
} else if (path) {
- return files_load_bytes_from_path(path, buf, size);
+ retval = files_load_bytes_from_path(path, buf, size);
}
- return false;
+ return retval;
}
tool_rc files_save_ESYS_TR(ESYS_CONTEXT *ectx, ESYS_TR handle, const char *path) {
--
2.31.0

View File

@ -0,0 +1,26 @@
From 4351d850bb664941f88463229758171c2603080a Mon Sep 17 00:00:00 2001
From: Erik Larsson <who+github@cnackers.org>
Date: Mon, 4 Oct 2021 10:21:49 +0200
Subject: [PATCH 1/9] lib/tpm2_eventlog_yaml: use char16_t for UEFI characters
Signed-off-by: Erik Larsson <who+github@cnackers.org>
---
lib/tpm2_eventlog_yaml.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/lib/tpm2_eventlog_yaml.c b/lib/tpm2_eventlog_yaml.c
index 6e6923e5..9b048db1 100644
--- a/lib/tpm2_eventlog_yaml.c
+++ b/lib/tpm2_eventlog_yaml.c
@@ -475,7 +475,7 @@ static bool yaml_uefi_var(UEFI_VARIABLE_DATA *data, size_t size, UINT32 type,
tpm2_tool_output(" Description: \"");
int i;
for (i = 0; (wchar_t)loadopt->Description[i] != 0; i++) {
- wchar_t c = (wchar_t)loadopt->Description[i];
+ char16_t c = (char16_t)loadopt->Description[i];
tpm2_tool_output("%lc", c);
}
tpm2_tool_output("\"\n");
--
2.37.3

View File

@ -0,0 +1,34 @@
From 0789bf264a108c4718875a050d00b1fdee4478b7 Mon Sep 17 00:00:00 2001
From: Jonas Witschel <git@diabonas.de>
Date: Wed, 29 Sep 2021 17:08:07 +0200
Subject: [PATCH] testparms: fix condition for negative test
Content-type: text/plain
Commit e858dec76686bb4c42e74e0984b433231e530f93 ("testparms: ensure curve not
supported before negative test") is supposed to ensure that the negative test
is run only if ecc521 is *not* supported, but instead it runs the negative test
if ecc521 is *available*. This worked anyway for libtpms < 0.9.0 because camellia
was not supported, but since libtpms 0.9.0 added support for this algorithm, the
test suite fails now with swtpm.
Signed-off-by: Jonas Witschel <git@diabonas.de>
---
test/integration/tests/testparms.sh | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/test/integration/tests/testparms.sh b/test/integration/tests/testparms.sh
index 8c3548e58f39..a587a60a34cf 100644
--- a/test/integration/tests/testparms.sh
+++ b/test/integration/tests/testparms.sh
@@ -63,7 +63,7 @@ else
fi
# Attempt to specify a suite that is not supported (error from TPM)
-if tpm2 getcap ecc-curves | grep -q TPM2_ECC_NIST_P521; then
+if ! tpm2 getcap ecc-curves | grep -q TPM2_ECC_NIST_P521; then
if tpm2 testparms "ecc521:ecdsa:camellia" &>/dev/null; then
echo "tpm2 testparms succeeded while it shouldn't or TPM failed"
exit 1
--
2.35.3

View File

@ -1,63 +0,0 @@
From 77d4592e3eec9ec2c7932586f41f925b43ecc5ba Mon Sep 17 00:00:00 2001
From: Imran Desai <imran.desai@intel.com>
Date: Sun, 29 Mar 2020 10:22:42 -0700
Subject: [PATCH] tools/tpm2_nvcertify.c: Fix incompatible pointer cast that
may cause memory leak
Pointer "&ctx.size" and "&ctx.offset" points to an object whose effective type is
"unsigned short" (16 bits, unsigned) but is dereferenced as a wider
"unsigned int" (32 bits, unsigned). This may lead to memory corruption.
Signed-off-by: Imran Desai <imran.desai@intel.com>
---
tools/tpm2_nvcertify.c | 17 +++++++++++++++--
1 file changed, 15 insertions(+), 2 deletions(-)
diff --git a/tools/tpm2_nvcertify.c b/tools/tpm2_nvcertify.c
index b49f38dbff20..414cbea85574 100644
--- a/tools/tpm2_nvcertify.c
+++ b/tools/tpm2_nvcertify.c
@@ -80,6 +80,7 @@ static bool set_signature_format(char *value) {
static bool on_option(char key, char *value) {
bool result = true;
+ uint32_t input_value;
switch (key) {
case 'C':
@@ -110,18 +111,30 @@ static bool on_option(char key, char *value) {
ctx.policy_qualifier_arg = value;
break;
case 0:
- result = tpm2_util_string_to_uint32(value, (uint32_t*)&ctx.size);
+ result = tpm2_util_string_to_uint32(value, &input_value);
if (!result) {
LOG_ERR("Could not convert size to number, got: \"%s\"", value);
return false;
}
+ if (input_value > UINT16_MAX) {
+ LOG_ERR("Specified size is larger than that allowed by command");
+ return false;
+ } else {
+ ctx.size = input_value;
+ }
break;
case 1:
- result = tpm2_util_string_to_uint32(value, (uint32_t*)&ctx.offset);
+ result = tpm2_util_string_to_uint32(value, &input_value);
if (!result) {
LOG_ERR("Could not convert offset to number, got: \"%s\"", value);
return false;
}
+ if (input_value > UINT16_MAX) {
+ LOG_ERR("Specified offset is larger than that allowed by command");
+ return false;
+ } else {
+ ctx.offset = input_value;
+ }
break;
case 2:
ctx.certify_info_path = value;
--
2.31.0

View File

@ -1,25 +0,0 @@
From 023ec5c0eafe8dfb5b71e400cb0c2c337fb8c108 Mon Sep 17 00:00:00 2001
From: Imran Desai <imran.desai@intel.com>
Date: Sun, 29 Mar 2020 10:49:12 -0700
Subject: [PATCH] tools/tpm2_nvreadpublic: Fix resource leak
Signed-off-by: Imran Desai <imran.desai@intel.com>
---
tools/tpm2_nvreadpublic.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/tools/tpm2_nvreadpublic.c b/tools/tpm2_nvreadpublic.c
index 7f8e46cbf863..eca1fd715a79 100644
--- a/tools/tpm2_nvreadpublic.c
+++ b/tools/tpm2_nvreadpublic.c
@@ -41,6 +41,7 @@ static tool_rc print_nv_public(ESYS_CONTEXT *context, TPMI_RH_NV_INDEX index, TP
rc = tpm2_tr_get_name(context, tr_handle,
&name);
if (rc != tool_rc_success) {
+ free(attrs);
return rc;
}
--
2.31.0

View File

@ -1,28 +0,0 @@
From c28932caef2036039901a91cf55eb7ff093c70f5 Mon Sep 17 00:00:00 2001
From: Imran Desai <imran.desai@intel.com>
Date: Fri, 24 Jan 2020 15:53:39 -0700
Subject: [PATCH] tpm2_alg_util.c: fix a bug where the string rsa3072 wasnt
being parsed
Signed-off-by: Imran Desai <imran.desai@intel.com>
---
lib/tpm2_alg_util.c | 3 +++
1 file changed, 3 insertions(+)
diff --git a/lib/tpm2_alg_util.c b/lib/tpm2_alg_util.c
index b83c387a05bd..fcad480e0c3d 100644
--- a/lib/tpm2_alg_util.c
+++ b/lib/tpm2_alg_util.c
@@ -301,6 +301,9 @@ static alg_parser_rc handle_rsa(const char *ext, TPM2B_PUBLIC *public) {
} else if (!strncmp(ext, "4096", 4)) {
r->keyBits = 4096;
ext += 4;
+ } else if (!strncmp(ext, "3072", 4)) {
+ r->keyBits = 3072;
+ ext += 4;
} else {
r->keyBits = 2048;
}
--
2.27.0

View File

@ -1,186 +0,0 @@
From 696a17861c38b38fb2acf888119d918eb9c12329 Mon Sep 17 00:00:00 2001
From: Imran Desai <imran.desai@intel.com>
Date: Thu, 21 May 2020 11:31:43 -0700
Subject: [PATCH] tpm2_create.c: Fix an issue where userwithauth attr cleared
if policy specified
Fixes #2037
Signed-off-by: Imran Desai <imran.desai@intel.com>
---
man/tpm2_create.1.md | 9 +++-
test/integration/tests/import_tpm.sh | 78 +++++++++++++++++-----------
tools/tpm2_create.c | 10 ++--
3 files changed, 60 insertions(+), 37 deletions(-)
diff --git a/man/tpm2_create.1.md b/man/tpm2_create.1.md
index e8e5eaac49c3..9a7ba33e6017 100644
--- a/man/tpm2_create.1.md
+++ b/man/tpm2_create.1.md
@@ -13,7 +13,7 @@
**tpm2_create**(1) - Create a child object. The object can either be a key or
a sealing object. A sealing object allows to seal user data to the TPM, with a
maximum size of 256 bytes. Additionally it will load the created object if the
-**-o** is specified.
+**-c** is specified.
# OPTIONS
@@ -55,6 +55,13 @@ These options for creating the TPM entity:
and unsealing. I.e. one cannot use an object for sealing and cryptography
operations.
+ When **-L** is specified for adding policy based authorization information
+ AND no string password is specified, the attribute `TPMA_OBJECT_USERWITHAUTH`
+ is cleared unless an explicit choice is made by setting of the attribute
+ with **-a** option. This prevents creation of objects with inadvertant auth
+ model where in user intended to enforce a policy but inadvertantly created
+ an object with empty auth which can be used instead of policy authorization.
+
* **-i**, **\--sealing-input**=_FILE_ or _STDIN_:
The data file to be sealed, optional. If file is -, read from stdin.
diff --git a/test/integration/tests/import_tpm.sh b/test/integration/tests/import_tpm.sh
index ff48185aba70..3d1e10820844 100755
--- a/test/integration/tests/import_tpm.sh
+++ b/test/integration/tests/import_tpm.sh
@@ -54,8 +54,13 @@ load_new_parent() {
create_load_duplicatee() {
# Create the key we want to duplicate
create_policy dpolicy.dat TPM2_CC_Duplicate
- tpm2_create -Q -C primary.ctx -g sha256 -G $1 -p foo -r key.prv -u key.pub \
- -L dpolicy.dat -a "sensitivedataorigin|decrypt|userwithauth"
+ if [ -z "$2" ];then
+ tpm2_create -Q -C primary.ctx -g sha256 -G $1 -r key.prv \
+ -u key.pub -L dpolicy.dat -a "sensitivedataorigin|decrypt|userwithauth"
+ else
+ tpm2_create -Q -C primary.ctx -g sha256 -G $1 -p "$2" -r key.prv \
+ -u key.pub -L dpolicy.dat -a "sensitivedataorigin|decrypt|userwithauth"
+ fi
# Load the key
tpm2_load -Q -C primary.ctx -r key.prv -u key.pub -c key.ctx
# Extract the public part for import later
@@ -113,34 +118,45 @@ for dup_key_type in aes rsa ecc; do
done
done
-# Part 2 :
-# Create a rsa key (Kd)
-# Encrypt a message using Kd
-# Duplicate Kd
-# Import & Load Kd
-# Decrypt the message and verify
-tpm2_createprimary -Q -C o -g sha256 -G rsa -c primary.ctx
-# New parent ...
-create_load_new_parent
-# Key to be duplicated
-create_load_duplicatee rsa
-# Encrypt a secret message
-echo "Mary had a little lamb ..." > plain.txt
-tpm2_rsaencrypt -Q -c key.ctx -o cipher.txt plain.txt
-# Duplicate the key
-do_duplication null
-# Remove, we're done with it
-rm new_parent.ctx
-# Load the full thing this time
-load_new_parent
-# Import & load the duplicate
-do_import_load null
-# Decrypt the secret message using duplicated key
-tpm2_rsadecrypt -Q -p foo -c dup.ctx -o recovered.txt cipher.txt
-# Check we got it right ...
-diff recovered.txt plain.txt
-# Cleanup
-rm plain.txt recovered.txt cipher.txt
-cleanup "no-shut-down"
+test_key_usage() {
+ # Part 2 :
+ # Create a rsa key (Kd)
+ # Encrypt a message using Kd
+ # Duplicate Kd
+ # Import & Load Kd
+ # Decrypt the message and verify
+ tpm2_createprimary -Q -C o -g sha256 -G rsa -c primary.ctx
+ # New parent ...
+ create_load_new_parent
+ # Key to be duplicated
+ create_load_duplicatee rsa "$1"
+ # Encrypt a secret message
+ echo "Mary had a little lamb ..." > plain.txt
+ tpm2_rsaencrypt -Q -c key.ctx -o cipher.txt plain.txt
+ # Duplicate the key
+ do_duplication null
+ # Remove, we're done with it
+ rm new_parent.ctx
+ # Load the full thing this time
+ load_new_parent
+ # Import & load the duplicate
+ do_import_load null
+ # Decrypt the secret message using duplicated key
+ if [ -z "$1" ];then
+ tpm2_rsadecrypt -Q -c dup.ctx -o recovered.txt cipher.txt
+ else
+ tpm2_rsadecrypt -Q -p "$1" -c dup.ctx -o recovered.txt cipher.txt
+ fi
+ # Check we got it right ...
+ diff recovered.txt plain.txt
+ # Cleanup
+ rm plain.txt recovered.txt cipher.txt
+ cleanup "no-shut-down"
+}
+
+#Test key with password
+test_key_usage foo
+#Test key without password
+test_key_usage
exit 0
diff --git a/tools/tpm2_create.c b/tools/tpm2_create.c
index 941b77655f55..8e92cc747e17 100644
--- a/tools/tpm2_create.c
+++ b/tools/tpm2_create.c
@@ -47,7 +47,7 @@ struct tpm_create_ctx {
TPML_PCR_SELECTION creation_pcr;
struct {
- UINT8 b :1;
+ UINT8 a :1;
UINT8 i :1;
UINT8 L :1;
UINT8 u :1;
@@ -224,7 +224,7 @@ static bool on_option(char key, char *value) {
break;
case 'a':
ctx.object.attrs = value;
- ctx.flags.b = 1;
+ ctx.flags.a = 1;
break;
case 'i':
ctx.object.sealed_data = strcmp("-", value) ? value : NULL;
@@ -346,12 +346,12 @@ tool_rc tpm2_tool_onrun(ESYS_CONTEXT *ectx, tpm2_option_flags flags) {
ctx.object.alg = "keyedhash";
- if (!ctx.flags.b) {
+ if (!ctx.flags.a) {
attrs &= ~TPMA_OBJECT_SIGN_ENCRYPT;
attrs &= ~TPMA_OBJECT_DECRYPT;
attrs &= ~TPMA_OBJECT_SENSITIVEDATAORIGIN;
}
- } else if (!ctx.flags.b && !strncmp("hmac", ctx.object.alg, 4)) {
+ } else if (!ctx.flags.a && !strncmp("hmac", ctx.object.alg, 4)) {
attrs &= ~TPMA_OBJECT_DECRYPT;
}
@@ -362,7 +362,7 @@ tool_rc tpm2_tool_onrun(ESYS_CONTEXT *ectx, tpm2_option_flags flags) {
return tool_rc_general_error;
}
- if (ctx.flags.L && !ctx.object.auth_str) {
+ if (!ctx.flags.a && ctx.flags.L && !ctx.object.auth_str) {
ctx.object.public.publicArea.objectAttributes &=
~TPMA_OBJECT_USERWITHAUTH;
}
--
2.27.0

View File

@ -1,49 +0,0 @@
From 8c72f7402d8977807f531b08976760d62676cf8a Mon Sep 17 00:00:00 2001
From: Imran Desai <imran.desai@intel.com>
Date: Thu, 23 Jan 2020 11:21:58 -0700
Subject: [PATCH] tpm2_getekcertificate: add default web address
Currently only Intel (R) PTT certificates are hosted online.
A default web address pointing to the endorsement key certificate
hosting will help reduce user input.
Signed-off-by: Imran Desai <imran.desai@intel.com>
---
test/integration/tests/getekcertificate.sh | 6 ++----
tools/tpm2_getekcertificate.c | 1 +
2 files changed, 3 insertions(+), 4 deletions(-)
diff --git a/test/integration/tests/getekcertificate.sh b/test/integration/tests/getekcertificate.sh
index 33f4f8b2e4c0..e8c521756d2a 100755
--- a/test/integration/tests/getekcertificate.sh
+++ b/test/integration/tests/getekcertificate.sh
@@ -38,12 +38,10 @@ else
fi
fi
-tpm2_getekcertificate -u test_ek.pub -x -X -o ECcert.bin \
-https://ekop.intel.com/ekcertservice/
+tpm2_getekcertificate -u test_ek.pub -x -X -o ECcert.bin
# Test that stdoutput is the same
-tpm2_getekcertificate -u test_ek.pub -x https://ekop.intel.com/ekcertservice/ \
--X > ECcert2.bin
+tpm2_getekcertificate -u test_ek.pub -x -X > ECcert2.bin
# stdout file should match -E file.
cmp ECcert.bin ECcert2.bin
diff --git a/tools/tpm2_getekcertificate.c b/tools/tpm2_getekcertificate.c
index 233d04d8b3d7..6a8fe894bb1c 100644
--- a/tools/tpm2_getekcertificate.c
+++ b/tools/tpm2_getekcertificate.c
@@ -32,6 +32,7 @@ struct tpm_getekcertificate_ctx {
static tpm_getekcertificate_ctx ctx = {
.is_tpm2_device_active = true,
+ .ek_server_addr = "https://ekop.intel.com/ekcertservice/",
};
static unsigned char *hash_ek_public(void) {
--
2.31.0

View File

@ -1,37 +0,0 @@
From 334b4c739fa575fb4ea58f92df6de87c38e59e15 Mon Sep 17 00:00:00 2001
From: Imran Desai <imran.desai@intel.com>
Date: Thu, 23 Jan 2020 08:06:56 -0700
Subject: [PATCH] tpm2_hierarchycontrol: Fixed bug where hierarchycontrol
operation failed silently
Fixes #1841
Signed-off-by: Imran Desai <imran.desai@intel.com>
---
tools/tpm2_hierarchycontrol.c | 10 ++++++++--
1 file changed, 8 insertions(+), 2 deletions(-)
diff --git a/tools/tpm2_hierarchycontrol.c b/tools/tpm2_hierarchycontrol.c
index 0baf2ca487d3..7e9e2c657544 100644
--- a/tools/tpm2_hierarchycontrol.c
+++ b/tools/tpm2_hierarchycontrol.c
@@ -32,8 +32,14 @@ static tool_rc hierarchycontrol(ESYS_CONTEXT *ectx) {
ctx.enable == TPM2_RH_ENDORSEMENT ? "ehEnable" : "phEnableNV",
ctx.state ? "SET" : "CLEAR");
- return tpm2_hierarchycontrol(ectx, &ctx.auth_hierarchy.object, ctx.enable,
- ctx.state);
+ tool_rc rc = tpm2_hierarchycontrol(ectx, &ctx.auth_hierarchy.object,
+ ctx.enable, ctx.state);
+
+ if (rc != tool_rc_success) {
+ LOG_ERR("Failed hierarchycontrol operation.");
+ }
+
+ return rc;
}
bool on_arg(int argc, char **argv) {
--
2.27.0

View File

@ -1,46 +0,0 @@
From c069e4f179d5e6653a84fb236816c375dca82515 Mon Sep 17 00:00:00 2001
From: William Roberts <william.c.roberts@intel.com>
Date: Fri, 21 May 2021 12:22:31 -0500
Subject: [PATCH] tpm2_import: fix fixed AES key CVE-2021-3565
tpm2_import used a fixed AES key for the inner wrapper, which means that
a MITM attack would be able to unwrap the imported key. Even the
use of an encrypted session will not prevent this. The TPM only
encrypts the first parameter which is the fixed symmetric key.
To fix this, ensure the key size is 16 bytes or bigger and use
OpenSSL to generate a secure random AES key.
Fixes: #2738
Signed-off-by: William Roberts <william.c.roberts@intel.com>
---
tools/tpm2_import.c | 12 +++++++++++-
1 file changed, 11 insertions(+), 1 deletion(-)
diff --git a/tools/tpm2_import.c b/tools/tpm2_import.c
index cfb6f207ba9c..f44326c87e7e 100644
--- a/tools/tpm2_import.c
+++ b/tools/tpm2_import.c
@@ -118,7 +118,17 @@ static tool_rc key_import(ESYS_CONTEXT *ectx, TPM2B_PUBLIC *parent_pub,
TPM2B_DATA enc_sensitive_key = {
.size = parent_pub->publicArea.parameters.rsaDetail.symmetric.keyBits.sym / 8
};
- memset(enc_sensitive_key.buffer, 0xFF, enc_sensitive_key.size);
+
+ if(enc_sensitive_key.size < 16) {
+ LOG_ERR("Calculated wrapping keysize is less than 16 bytes, got: %u", enc_sensitive_key.size);
+ return tool_rc_general_error;
+ }
+
+ int ossl_rc = RAND_bytes(enc_sensitive_key.buffer, enc_sensitive_key.size);
+ if (ossl_rc != 1) {
+ LOG_ERR("RAND_bytes failed: %s", ERR_error_string(ERR_get_error(), NULL));
+ return tool_rc_general_error;
+ }
/*
* Calculate the object name.
--
2.31.0

View File

@ -1,31 +0,0 @@
From 652322f7278ec8c384fde9ec2204b06d084a24e4 Mon Sep 17 00:00:00 2001
From: Imran Desai <imran.desai@intel.com>
Date: Thu, 23 Jan 2020 07:54:58 -0700
Subject: [PATCH] tpm2_nvdefine.c: Fixed error reporting message
Fixes #1861
NV define failure error message had the wording to suggest NV index
was successfully defined.
Signed-off-by: Imran Desai <imran.desai@intel.com>
---
tools/tpm2_nvdefine.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/tools/tpm2_nvdefine.c b/tools/tpm2_nvdefine.c
index cb2949c4dddc..71203cb6c80d 100644
--- a/tools/tpm2_nvdefine.c
+++ b/tools/tpm2_nvdefine.c
@@ -65,7 +65,7 @@ static tool_rc nv_space_define(ESYS_CONTEXT *ectx) {
tool_rc rc = tpm2_nv_definespace(ectx, &ctx.auth_hierarchy.object,
&ctx.nv_auth, &public_info);
if (rc != tool_rc_success) {
- LOG_INFO("Success to define NV area at index 0x%x.", ctx.nv_index);
+ LOG_ERR("Failed to create NV index 0x%x.", ctx.nv_index);
return rc;
}
--
2.27.0

View File

@ -1,28 +0,0 @@
From e556da0a2099573f82391c16477fba08584a7a12 Mon Sep 17 00:00:00 2001
From: Imran Desai <imran.desai@intel.com>
Date: Tue, 10 Mar 2020 09:15:55 -0700
Subject: [PATCH] tpm2_policy.c: restrict policy digest size
Fixes #1916
Signed-off-by: Imran Desai <imran.desai@intel.com>
---
lib/tpm2_policy.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/lib/tpm2_policy.c b/lib/tpm2_policy.c
index 6c352b2b41ae..01387ba01645 100644
--- a/lib/tpm2_policy.c
+++ b/lib/tpm2_policy.c
@@ -163,7 +163,7 @@ tool_rc tpm2_policy_build_policyauthorize(ESYS_CONTEXT *ectx,
bool result = true;
TPM2B_DIGEST approved_policy = { .size = 0 };
if (policy_digest_path) {
- approved_policy.size = UINT16_MAX;
+ approved_policy.size = sizeof(TPMU_HA);
result = files_load_bytes_from_path(policy_digest_path,
approved_policy.buffer, &approved_policy.size);
}
--
2.31.0

View File

@ -1,30 +0,0 @@
From cab7b3edcc6a44aece0642c0c2621a4bb70d449b Mon Sep 17 00:00:00 2001
From: Imran Desai <imran.desai@intel.com>
Date: Tue, 10 Mar 2020 18:19:04 -0700
Subject: [PATCH] tpm2_policycountertimer: Fix an issue where operandB array
was reversed
Signed-off-by: Imran Desai <imran.desai@intel.com>
---
tools/tpm2_policycountertimer.c | 5 ++++-
1 file changed, 4 insertions(+), 1 deletion(-)
diff --git a/tools/tpm2_policycountertimer.c b/tools/tpm2_policycountertimer.c
index 1c72d525dab7..170a544f2203 100644
--- a/tools/tpm2_policycountertimer.c
+++ b/tools/tpm2_policycountertimer.c
@@ -81,7 +81,10 @@ static bool convert_keyvalue_to_operand_buffer(const char *value,
}
ctx.operand_b.size = size;
- memcpy(ctx.operand_b.buffer, &data.b, size);
+ size_t i = 0;
+ for (i = 0; i < size; i++) {
+ ctx.operand_b.buffer[i] = *(&data.b + size - i - 1);
+ }
return true;
}
--
2.31.0

View File

@ -1,26 +0,0 @@
From 44d0d2d17dc693e029e0557ec985c9b68c3efeb5 Mon Sep 17 00:00:00 2001
From: Imran Desai <imran.desai@intel.com>
Date: Wed, 22 Jan 2020 14:15:48 -0700
Subject: [PATCH] tpm2_policyor: Silent failure bug fix for invalid/unspecified
policy digest alg
Signed-off-by: Imran Desai <imran.desai@intel.com>
---
lib/tpm2_policy.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/lib/tpm2_policy.c b/lib/tpm2_policy.c
index 3d9b5491f9ce..8460bd1d9ae9 100644
--- a/lib/tpm2_policy.c
+++ b/lib/tpm2_policy.c
@@ -588,6 +588,7 @@ bool tpm2_policy_parse_policy_list(char *str, TPML_DIGEST *policy_list) {
hash = tpm2_alg_util_from_optarg(subtoken,
tpm2_alg_util_flags_hash);
if (hash == TPM2_ALG_ERROR) {
+ LOG_ERR("Invalid/ Unspecified policy digest algorithm.");
return false;
}
}
--
2.27.0

View File

@ -0,0 +1,131 @@
From c2dff7cfac16a857fcd5161d6e171483221ab003 Mon Sep 17 00:00:00 2001
From: Juergen Repp <juergen_repp@web.de>
Date: Sun, 17 Dec 2023 09:53:01 +0100
Subject: [PATCH 1/6] tpm2_sessionconfig fix usage of --disable-continuesession
Conflicts: context change due to missing 6169d8c22
If continue session was disabled a error did occur in the function for
restoring the session context.
Now after usage of an session with continue session disabled the
context will not be saved and the session context file will be
deleted.
In one integration test continue session is now disabled and the
flush for this session is removed.
Fixes: #3295
Signed-off-by: Juergen Repp <juergen_repp@web.de>
---
lib/tpm2_session.c | 45 +++++++++++++++++++++++---------
test/integration/tests/unseal.sh | 7 +++--
2 files changed, 37 insertions(+), 15 deletions(-)
diff --git a/lib/tpm2_session.c b/lib/tpm2_session.c
index 60b8643b..3e5503db 100644
--- a/lib/tpm2_session.c
+++ b/lib/tpm2_session.c
@@ -35,6 +35,7 @@ struct tpm2_session {
char *path;
ESYS_CONTEXT *ectx;
bool is_final;
+ bool delete;
} internal;
};
@@ -290,18 +291,23 @@ tool_rc tpm2_session_restore(ESYS_CONTEXT *ctx, const char *path, bool is_final,
dup_path = NULL;
TPMA_SESSION attrs = 0;
+ s->internal.delete = false;
+ s->internal.is_final = is_final;
+ *session = s;
if (ctx) {
-
/* hack this in here, should be done when starting the session */
tmp_rc = tpm2_sess_get_attributes(ctx, handle, &attrs);
- UNUSED(tmp_rc);
+ if (tmp_rc != tool_rc_success) {
+ rc = tmp_rc;
+ LOG_ERR("Can't get session attributes.");
+ goto out;
+ }
+ if ((attrs & TPMA_SESSION_CONTINUESESSION) == 0) {
+ s->internal.delete = true;
+ }
}
- s->internal.is_final = is_final;
-
- *session = s;
-
LOG_INFO("Restored session: ESYS_TR(0x%x) attrs(0x%x)", handle, attrs);
rc = tool_rc_success;
@@ -341,22 +347,35 @@ tool_rc tpm2_session_close(tpm2_session **s) {
}
const char *path = session->internal.path;
- FILE *session_file = path ? fopen(path, "w+b") : NULL;
- if (path && !session_file) {
- LOG_ERR("Could not open path \"%s\", due to error: \"%s\"", path,
- strerror(errno));
- rc = tool_rc_general_error;
- goto out;
- }
bool flush = path ? session->internal.is_final : true;
if (flush) {
rc = tpm2_flush_context(session->internal.ectx,
session->output.session_handle);
/* done, use rc to indicate status */
+ goto out2;
+ }
+
+ if ((*s)->internal.delete && path) {
+ if (remove(path)) {
+ LOG_ERR("File \"%s\" can't be deleted.", path);
+ rc = tool_rc_general_error;
+ goto out2;
+ } else {
+ rc = tool_rc_success;
+ goto out2;
+ }
+ }
+
+ FILE *session_file = path ? fopen(path, "w+b") : NULL;
+ if (path && !session_file) {
+ LOG_ERR("Could not open path \"%s\", due to error: \"%s\"", path,
+ strerror(errno));
+ rc = tool_rc_general_error;
goto out;
}
+
/*
* Now write the session_type, handle and auth hash data to disk
*/
diff --git a/test/integration/tests/unseal.sh b/test/integration/tests/unseal.sh
index dd6c2bc6..d0f7104f 100644
--- a/test/integration/tests/unseal.sh
+++ b/test/integration/tests/unseal.sh
@@ -152,10 +152,13 @@ tpm2 sessionconfig enc_session.ctx --disable-encrypt
tpm2 create -Q -C prim.ctx -u seal_key.pub -r seal_key.priv -c seal_key.ctx \
-p sealkeypass -i- <<< $secret -S enc_session.ctx
-tpm2 sessionconfig enc_session.ctx --enable-encrypt
+tpm2 sessionconfig enc_session.ctx --enable-encrypt --disable-continuesession
unsealed=`tpm2 unseal -c seal_key.ctx -p sealkeypass -S enc_session.ctx`
test "$unsealed" == "$secret"
-tpm2 flushcontext enc_session.ctx
+if [ -e enc_session.ctx ]; then
+ echo "enc_session.ctx was not deleted.";
+ exit 1
+fi
exit 0
--
2.45.2

View File

@ -0,0 +1,151 @@
From 2558005814e4a64f8941216b9dc3d3c3a9b35c51 Mon Sep 17 00:00:00 2001
From: George Almasi <gheorghe@us.ibm.com>
Date: Fri, 8 Apr 2022 15:27:05 +0000
Subject: [PATCH 2/9] Patch set for handling of new event types in
tpm2_eventlog: EV_EFI_PLATFORM_FIRMWARE_BLOB2, EV_EFI_HANDOFF_TABLES2,
EV_EFI_VARIABLE_BOOT2
Signed-off-by: George Almasi <gheorghe@us.ibm.com>
---
lib/efi_event.h | 11 ++++++++
lib/tpm2_eventlog_yaml.c | 42 ++++++++++++++++++++++++++++-
test/unit/test_tpm2_eventlog_yaml.c | 6 +++++
3 files changed, 58 insertions(+), 1 deletion(-)
diff --git a/lib/efi_event.h b/lib/efi_event.h
index 0136e32b..cc2ffc98 100644
--- a/lib/efi_event.h
+++ b/lib/efi_event.h
@@ -41,6 +41,10 @@
#define EV_EFI_ACTION EV_EFI_EVENT_BASE + 0x7
#define EV_EFI_PLATFORM_FIRMWARE_BLOB EV_EFI_EVENT_BASE + 0x8
#define EV_EFI_HANDOFF_TABLES EV_EFI_EVENT_BASE + 0x9
+#define EV_EFI_PLATFORM_FIRMWARE_BLOB2 EV_EFI_EVENT_BASE + 0xa
+#define EV_EFI_HANDOFF_TABLES2 EV_EFI_EVENT_BASE + 0xb
+#define EV_EFI_VARIABLE_BOOT2 EV_EFI_EVENT_BASE + 0xc
+
#define EV_EFI_VARIABLE_AUTHORITY EV_EFI_EVENT_BASE + 0xe0
#ifndef PACKED
@@ -96,6 +100,13 @@ typedef struct {
UINT64 BlobLength;
} PACKED UEFI_PLATFORM_FIRMWARE_BLOB;
+
+typedef struct {
+ UINT8 BlobDescriptionSize;
+ BYTE BlobDescription[];
+ /* UEFI_PLATFORM_FIRMWARE_BLOB comes next */
+} PACKED UEFI_PLATFORM_FIRMWARE_BLOB2;
+
typedef struct {
UINT32 pcrIndex;
UINT32 eventType;
diff --git a/lib/tpm2_eventlog_yaml.c b/lib/tpm2_eventlog_yaml.c
index 9b048db1..d2d4aefe 100644
--- a/lib/tpm2_eventlog_yaml.c
+++ b/lib/tpm2_eventlog_yaml.c
@@ -90,6 +90,12 @@ char const *eventtype_to_string (UINT32 event_type) {
return "EV_EFI_PLATFORM_FIRMWARE_BLOB";
case EV_EFI_HANDOFF_TABLES:
return "EV_EFI_HANDOFF_TABLES";
+ case EV_EFI_PLATFORM_FIRMWARE_BLOB2:
+ return "EV_EFI_PLATFORM_FIRMWARE_BLOB2";
+ case EV_EFI_HANDOFF_TABLES2:
+ return "EV_EFI_HANDOFF_TABLES2";
+ case EV_EFI_VARIABLE_BOOT2:
+ return "EV_EFI_VARIABLE_BOOT2";
case EV_EFI_VARIABLE_AUTHORITY:
return "EV_EFI_VARIABLE_AUTHORITY";
default:
@@ -433,7 +439,7 @@ static bool yaml_uefi_var(UEFI_VARIABLE_DATA *data, size_t size, UINT32 type,
uuidstr, sdata);
free(sdata);
return true;
- } else if (type == EV_EFI_VARIABLE_BOOT) {
+ } else if (type == EV_EFI_VARIABLE_BOOT || type == EV_EFI_VARIABLE_BOOT2) {
if ((strlen(ret) == 9 && strncmp(ret, "BootOrder", 9) == 0)) {
free(ret);
tpm2_tool_output(" VariableData:\n");
@@ -526,6 +532,37 @@ bool yaml_uefi_platfwblob(UEFI_PLATFORM_FIRMWARE_BLOB *data) {
data->BlobLength);
return true;
}
+
+/* TCG PC Client PFP (02 dec 2020) section 10.2.5 */
+bool yaml_uefi_platfwblob2(UEFI_PLATFORM_FIRMWARE_BLOB2 *data) {
+ UINT8 blobdescsize = data->BlobDescriptionSize;
+ UEFI_PLATFORM_FIRMWARE_BLOB * data2 = (UEFI_PLATFORM_FIRMWARE_BLOB *)((UINT8 *)data + sizeof(UINT8) + blobdescsize);
+
+ char * eventdesc = (char *)calloc (1, 2*blobdescsize+1);
+ if (!eventdesc) {
+ LOG_ERR("failed to allocate memory: %s\n", strerror(errno));
+ return false;
+ }
+
+ bytes_to_str (data->BlobDescription, blobdescsize, eventdesc, 2*blobdescsize);
+
+ tpm2_tool_output(" Event:\n"
+ " BlobDescriptionSize: %d\n"
+ " BlobDescription: \"%.*s\"\n"
+ " BlobBase: 0x%" PRIx64 "\n"
+ " BlobLength: 0x%" PRIx64 "\n",
+ blobdescsize,
+ 2*blobdescsize,
+ eventdesc,
+ data2->BlobBase,
+ data2->BlobLength);
+
+ free(eventdesc);
+ return true;
+}
+
+
+
/* TCG PC Client PFP section 9.4.4 */
bool yaml_uefi_action(UINT8 const *action, size_t size) {
@@ -713,6 +750,7 @@ bool yaml_event2data(TCG_EVENT2 const *event, UINT32 type, uint32_t eventlog_ver
switch (type) {
case EV_EFI_VARIABLE_DRIVER_CONFIG:
case EV_EFI_VARIABLE_BOOT:
+ case EV_EFI_VARIABLE_BOOT2:
case EV_EFI_VARIABLE_AUTHORITY:
return yaml_uefi_var((UEFI_VARIABLE_DATA*)event->Event,
event->EventSize, type, eventlog_version);
@@ -721,6 +759,8 @@ bool yaml_event2data(TCG_EVENT2 const *event, UINT32 type, uint32_t eventlog_ver
case EV_S_CRTM_CONTENTS:
case EV_EFI_PLATFORM_FIRMWARE_BLOB:
return yaml_uefi_platfwblob((UEFI_PLATFORM_FIRMWARE_BLOB*)event->Event);
+ case EV_EFI_PLATFORM_FIRMWARE_BLOB2:
+ return yaml_uefi_platfwblob2((UEFI_PLATFORM_FIRMWARE_BLOB2*)event->Event);
case EV_EFI_ACTION:
return yaml_uefi_action(event->Event, event->EventSize);
case EV_IPL:
diff --git a/test/unit/test_tpm2_eventlog_yaml.c b/test/unit/test_tpm2_eventlog_yaml.c
index d4e30b0e..6881703b 100644
--- a/test/unit/test_tpm2_eventlog_yaml.c
+++ b/test/unit/test_tpm2_eventlog_yaml.c
@@ -47,6 +47,9 @@ def_eventtype_to_string(EV_EFI_GPT_EVENT)
def_eventtype_to_string(EV_EFI_ACTION)
def_eventtype_to_string(EV_EFI_PLATFORM_FIRMWARE_BLOB)
def_eventtype_to_string(EV_EFI_HANDOFF_TABLES)
+def_eventtype_to_string(EV_EFI_PLATFORM_FIRMWARE_BLOB2)
+def_eventtype_to_string(EV_EFI_HANDOFF_TABLES2)
+def_eventtype_to_string(EV_EFI_VARIABLE_BOOT2)
def_eventtype_to_string(EV_EFI_VARIABLE_AUTHORITY)
static void eventtype_to_string_default(void **state) {
@@ -141,6 +144,9 @@ int main(void) {
cmocka_unit_test(eventtype_to_string_EV_EFI_ACTION),
cmocka_unit_test(eventtype_to_string_EV_EFI_PLATFORM_FIRMWARE_BLOB),
cmocka_unit_test(eventtype_to_string_EV_EFI_HANDOFF_TABLES),
+ cmocka_unit_test(eventtype_to_string_EV_EFI_PLATFORM_FIRMWARE_BLOB2),
+ cmocka_unit_test(eventtype_to_string_EV_EFI_HANDOFF_TABLES2),
+ cmocka_unit_test(eventtype_to_string_EV_EFI_VARIABLE_BOOT2),
cmocka_unit_test(eventtype_to_string_EV_EFI_VARIABLE_AUTHORITY),
cmocka_unit_test(eventtype_to_string_default),
cmocka_unit_test(test_yaml_event2hdr_callback),
--
2.37.3

View File

@ -0,0 +1,385 @@
From ba7682dc511f4ef6bbb8a15ca3bb0edf67ec39ce Mon Sep 17 00:00:00 2001
From: Daiki Ueno <ueno@gnu.org>
Date: Fri, 17 Sep 2021 07:14:20 +0200
Subject: [PATCH 02/17] tpm2_encodeobject: New tool to encode TPM2 object
This adds a new tool tpm2_encodeobject in tools/misc. It takes
public and private portions of an object and encode them in a combined
PEM form used by tpm2-tss-engine and other applications.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
---
Makefile.am | 2 +
man/tpm2_encodeobject.1.md | 92 +++++++++++++
tools/misc/tpm2_encodeobject.c | 240 +++++++++++++++++++++++++++++++++
3 files changed, 334 insertions(+)
create mode 100644 man/tpm2_encodeobject.1.md
create mode 100644 tools/misc/tpm2_encodeobject.c
diff --git a/Makefile.am b/Makefile.am
index 71322159..e1a51ebf 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -103,6 +103,7 @@ tools_tpm2_SOURCES = \
tpm2_tools = \
tools/misc/tpm2_certifyX509certutil.c \
tools/misc/tpm2_checkquote.c \
+ tools/misc/tpm2_encodeobject.c \
tools/misc/tpm2_eventlog.c \
tools/misc/tpm2_print.c \
tools/misc/tpm2_rc_decode.c \
@@ -376,6 +377,7 @@ if HAVE_MAN_PAGES
man/man1/tpm2_createprimary.1 \
man/man1/tpm2_dictionarylockout.1 \
man/man1/tpm2_duplicate.1 \
+ man/man1/tpm2_encodeobject.1 \
man/man1/tpm2_getcap.1 \
man/man1/tpm2_encryptdecrypt.1 \
man/man1/tpm2_eventlog.1 \
diff --git a/man/tpm2_encodeobject.1.md b/man/tpm2_encodeobject.1.md
new file mode 100644
index 00000000..791eafbd
--- /dev/null
+++ b/man/tpm2_encodeobject.1.md
@@ -0,0 +1,92 @@
+% tpm2_encodeobject(1) tpm2-tools | General Commands Manual
+
+# NAME
+
+**tpm2_encodeobject**(1) - Encode an object into a combined PEM format.
+
+# SYNOPSIS
+
+**tpm2_encodeobject** [*OPTIONS*]
+
+# DESCRIPTION
+
+**tpm2_encodeobject**(1) - Encode both the private and public portions of an
+object into a combined PEM format used by tpm2-tss-engine.
+
+The tool reads private and public portions of an object and encodes it
+into a combined PEM format used by tpm2-tss-engine and other
+applications.
+
+**NOTE**: Both private and public portions of the tpm key must be specified.
+
+# OPTIONS
+
+ * **-C**, **\--parent-context**=_OBJECT_:
+
+ The parent object.
+
+ * **-P**, **\--auth**=_AUTH_:
+
+ The authorization value of the parent object specified by **-C**.
+
+ * **-u**, **\--public**=_FILE_:
+
+ A file containing the public portion of the object.
+
+ * **-r**, **\--private**=_FILE_:
+
+ A file containing the sensitive portion of the object.
+
+ * **-o**, **\--output**=_FILE_:
+
+ The output file path, recording the public portion of the object.
+
+## References
+
+[context object format](common/ctxobj.md) details the methods for specifying
+_OBJECT_.
+
+[authorization formatting](common/authorizations.md) details the methods for
+specifying _AUTH_.
+
+[common options](common/options.md) collection of common options that provide
+information many users may expect.
+
+[common tcti options](common/tcti.md) collection of options used to configure
+the various known TCTI modules.
+
+# EXAMPLES
+
+## Setup
+To load an object you first must create an object under a primary object. So the
+first step is to create the primary object.
+
+```bash
+tpm2_createprimary -c primary.ctx
+```
+
+Step 2 is to create an object under the primary object.
+
+```bash
+tpm2_create -C primary.ctx -u key.pub -r key.priv -f pem -o pub.pem
+```
+
+This creates the private and public portions of the TPM object. With these
+object portions, it is now possible to load that object into the TPM for
+subsequent use.
+
+## Encoding an Object into a combined PEM format
+
+The final step, is encoding the public and private portions of the object into a
+PEM format.
+
+```bash
+tpm2_encodeobject -C primary.ctx -u key.pub -r key.priv -c priv.pem
+```
+
+The generated `priv.pem` can be used together with `pub.pem` created in the
+step 2 of Setup section.
+
+[returns](common/returns.md)
+
+[footer](common/footer.md)
diff --git a/tools/misc/tpm2_encodeobject.c b/tools/misc/tpm2_encodeobject.c
new file mode 100644
index 00000000..2341c3a1
--- /dev/null
+++ b/tools/misc/tpm2_encodeobject.c
@@ -0,0 +1,240 @@
+/* SPDX-License-Identifier: BSD-3-Clause */
+
+/*
+ * Part of this file is copied from tpm2-tss-engine.
+ *
+ * Copyright 2017-2018, Fraunhofer SIT sponsored by Infineon Technologies AG
+ * All rights reserved.
+ * Copyright (c) 2019, Wind River Systems.
+ * All rights reserved.
+ */
+
+#include <inttypes.h>
+#include <stdbool.h>
+#include <stdio.h>
+#include <string.h>
+#include <openssl/asn1.h>
+#include <openssl/asn1t.h>
+#include <openssl/pem.h>
+#include <tss2/tss2_mu.h>
+
+#include "files.h"
+#include "log.h"
+#include "tpm2.h"
+#include "tpm2_options.h"
+#include "tpm2_tool.h"
+
+#define OID_loadableKey "2.23.133.10.1.3"
+
+typedef struct {
+ ASN1_OBJECT *type;
+ ASN1_BOOLEAN emptyAuth;
+ ASN1_INTEGER *parent;
+ ASN1_OCTET_STRING *pubkey;
+ ASN1_OCTET_STRING *privkey;
+} TSSPRIVKEY;
+
+DECLARE_ASN1_FUNCTIONS(TSSPRIVKEY);
+DECLARE_PEM_write_bio(TSSPRIVKEY, TSSPRIVKEY);
+
+ASN1_SEQUENCE(TSSPRIVKEY) = {
+ ASN1_SIMPLE(TSSPRIVKEY, type, ASN1_OBJECT),
+ ASN1_EXP_OPT(TSSPRIVKEY, emptyAuth, ASN1_BOOLEAN, 0),
+ ASN1_SIMPLE(TSSPRIVKEY, parent, ASN1_INTEGER),
+ ASN1_SIMPLE(TSSPRIVKEY, pubkey, ASN1_OCTET_STRING),
+ ASN1_SIMPLE(TSSPRIVKEY, privkey, ASN1_OCTET_STRING)
+} ASN1_SEQUENCE_END(TSSPRIVKEY)
+
+#define TSSPRIVKEY_PEM_STRING "TSS2 PRIVATE KEY"
+
+IMPLEMENT_ASN1_FUNCTIONS(TSSPRIVKEY);
+IMPLEMENT_PEM_write_bio(TSSPRIVKEY, TSSPRIVKEY, TSSPRIVKEY_PEM_STRING, TSSPRIVKEY);
+IMPLEMENT_PEM_read_bio(TSSPRIVKEY, TSSPRIVKEY, TSSPRIVKEY_PEM_STRING, TSSPRIVKEY);
+
+typedef struct tpm_encodeobject_ctx tpm_encodeobject_ctx;
+struct tpm_encodeobject_ctx {
+ struct {
+ const char *ctx_path;
+ const char *auth_str;
+ tpm2_loaded_object object;
+ } parent;
+
+ struct {
+ const char *pubpath;
+ TPM2B_PUBLIC public;
+ const char *privpath;
+ TPM2B_PRIVATE private;
+ ESYS_TR handle;
+ } object;
+
+ char *output_path;
+};
+
+static tpm_encodeobject_ctx ctx;
+
+static bool on_option(char key, char *value) {
+ switch (key) {
+ case 'P':
+ ctx.parent.auth_str = value;
+ break;
+ case 'u':
+ ctx.object.pubpath = value;
+ break;
+ case 'r':
+ ctx.object.privpath = value;
+ break;
+ case 'C':
+ ctx.parent.ctx_path = value;
+ break;
+ case 'o':
+ ctx.output_path = value;
+ break;
+ }
+
+ return true;
+}
+
+static bool tpm2_tool_onstart(tpm2_options **opts) {
+ const struct option topts[] = {
+ { "auth", required_argument, NULL, 'P' },
+ { "public", required_argument, NULL, 'u' },
+ { "private", required_argument, NULL, 'r' },
+ { "parent-context", required_argument, NULL, 'C' },
+ { "output", required_argument, NULL, 'o' },
+ };
+
+ *opts = tpm2_options_new("P:u:r:C:o:", ARRAY_LEN(topts), topts, on_option,
+ NULL, 0);
+
+ return *opts != NULL;
+}
+
+static tool_rc check_opts(void) {
+ tool_rc rc = tool_rc_success;
+ if (!ctx.parent.ctx_path) {
+ LOG_ERR("Expected parent object via -C");
+ rc = tool_rc_option_error;
+ }
+
+ if (!ctx.object.pubpath) {
+ LOG_ERR("Expected public object portion via -u");
+ rc = tool_rc_option_error;
+ }
+
+ if (!ctx.object.privpath) {
+ LOG_ERR("Expected private object portion via -r");
+ rc = tool_rc_option_error;
+ }
+
+ if (!ctx.output_path) {
+ LOG_ERR("Expected output file path via -o");
+ rc = tool_rc_option_error;
+ }
+
+ return rc;
+}
+
+static tool_rc init(ESYS_CONTEXT *ectx) {
+ bool res = files_load_public(ctx.object.pubpath, &ctx.object.public);
+ if (!res) {
+ return tool_rc_general_error;
+ }
+
+ res = files_load_private(ctx.object.privpath, &ctx.object.private);
+ if (!res) {
+ return tool_rc_general_error;
+ }
+
+ return tpm2_util_object_load_auth(ectx, ctx.parent.ctx_path,
+ ctx.parent.auth_str, &ctx.parent.object, false,
+ TPM2_HANDLE_ALL_W_NV);
+}
+
+static int
+encode(void)
+{
+ TSS2_RC rc;
+ BIO *bio = NULL;
+ TSSPRIVKEY *tpk = NULL;
+
+ uint8_t private_buf[sizeof(ctx.object.private)];
+ uint8_t public_buf[sizeof(ctx.object.public)];
+ size_t private_len = 0, public_len = 0;
+
+ rc = Tss2_MU_TPM2B_PRIVATE_Marshal(&ctx.object.private, private_buf,
+ sizeof(private_buf), &private_len);
+ if (rc) {
+ LOG_ERR("Error serializing private portion of object");
+ goto error;
+ }
+
+ rc = Tss2_MU_TPM2B_PUBLIC_Marshal(&ctx.object.public, public_buf,
+ sizeof(public_buf), &public_len);
+ if (rc) {
+ LOG_ERR("Error serializing public portion of object");
+ goto error;
+ }
+
+ tpk = TSSPRIVKEY_new();
+ if (!tpk) {
+ LOG_ERR("oom");
+ goto error;
+ }
+
+ tpk->type = OBJ_txt2obj(OID_loadableKey, 1);
+ tpk->parent = ASN1_INTEGER_new();
+ tpk->privkey = ASN1_OCTET_STRING_new();
+ tpk->pubkey = ASN1_OCTET_STRING_new();
+ if (!tpk->type || !tpk->privkey || !tpk->pubkey || !tpk->parent) {
+ LOG_ERR("oom");
+ goto error;
+ }
+
+ tpk->emptyAuth = ctx.parent.auth_str == NULL ? 0xFF : 0;
+
+ if ((ctx.parent.object.handle >> TPM2_HR_SHIFT) == TPM2_HT_PERSISTENT) {
+ ASN1_INTEGER_set(tpk->parent, ctx.parent.object.handle);
+ } else {
+ /* Indicate that the parent is a primary object generated on the fly. */
+ ASN1_INTEGER_set(tpk->parent, TPM2_RH_OWNER);
+ }
+
+ ASN1_STRING_set(tpk->privkey, private_buf, private_len);
+ ASN1_STRING_set(tpk->pubkey, public_buf, public_len);
+
+ if ((bio = BIO_new_file(ctx.output_path, "w")) == NULL) {
+ LOG_ERR("Could not open file: \"%s\"", ctx.output_path);
+ goto error;
+ }
+
+ PEM_write_bio_TSSPRIVKEY(bio, tpk);
+ TSSPRIVKEY_free(tpk);
+ BIO_free(bio);
+
+ return tool_rc_success;
+ error:
+ if (bio)
+ BIO_free(bio);
+ if (tpk)
+ TSSPRIVKEY_free(tpk);
+ return tool_rc_general_error;
+}
+
+static tool_rc tpm2_tool_onrun(ESYS_CONTEXT *ectx, tpm2_option_flags flags) {
+ UNUSED(flags);
+
+ tool_rc rc = check_opts();
+ if (rc != tool_rc_success) {
+ return rc;
+ }
+
+ rc = init(ectx);
+ if (rc != tool_rc_success) {
+ return rc;
+ }
+
+ return encode();
+}
+
+// Register this tool with tpm2_tool.c
+TPM2_TOOL_REGISTER("encodeobject", tpm2_tool_onstart, tpm2_tool_onrun, NULL, NULL)
--
2.40.1

View File

@ -0,0 +1,28 @@
From 2e4d5da9a5e8808b1b075e0bde11c13fdd4c60b3 Mon Sep 17 00:00:00 2001
From: Juergen Repp <juergen_repp@web.de>
Date: Tue, 19 Dec 2023 17:24:26 +0100
Subject: [PATCH 2/6] tpm2_tool.c Fix missing include for basename.
tpm2_tool.c did not compile without the include libgen.h on netbsd.
Fixes: #3321
Signed-off-by: Juergen Repp <juergen_repp@web.de>
---
tools/tpm2_tool.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/tools/tpm2_tool.c b/tools/tpm2_tool.c
index edd04c83..f59e316a 100644
--- a/tools/tpm2_tool.c
+++ b/tools/tpm2_tool.c
@@ -3,6 +3,7 @@
#include <stdbool.h>
#include <stdlib.h>
#include <string.h>
+#include <libgen.h>
#include <openssl/err.h>
#include <openssl/evp.h>
--
2.45.2

View File

@ -0,0 +1,27 @@
From 18f211c7f28d204e5676a30480b681519316d87f Mon Sep 17 00:00:00 2001
From: George Almasi <gheorghe@us.ibm.com>
Date: Mon, 11 Apr 2022 12:12:45 +0000
Subject: [PATCH 3/9] Code clarity fix for calculation of data member addresses
when printing out UEFI_PLATFORM_FIRMWARE_BLOB2 structures.
Signed-off-by: George Almasi <gheorghe@us.ibm.com>
---
lib/tpm2_eventlog_yaml.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/lib/tpm2_eventlog_yaml.c b/lib/tpm2_eventlog_yaml.c
index d2d4aefe..647a2225 100644
--- a/lib/tpm2_eventlog_yaml.c
+++ b/lib/tpm2_eventlog_yaml.c
@@ -536,7 +536,7 @@ bool yaml_uefi_platfwblob(UEFI_PLATFORM_FIRMWARE_BLOB *data) {
/* TCG PC Client PFP (02 dec 2020) section 10.2.5 */
bool yaml_uefi_platfwblob2(UEFI_PLATFORM_FIRMWARE_BLOB2 *data) {
UINT8 blobdescsize = data->BlobDescriptionSize;
- UEFI_PLATFORM_FIRMWARE_BLOB * data2 = (UEFI_PLATFORM_FIRMWARE_BLOB *)((UINT8 *)data + sizeof(UINT8) + blobdescsize);
+ UEFI_PLATFORM_FIRMWARE_BLOB * data2 = (UEFI_PLATFORM_FIRMWARE_BLOB *)((UINT8 *)data + sizeof(data->BlobDescriptionSize) + blobdescsize);
char * eventdesc = (char *)calloc (1, 2*blobdescsize+1);
if (!eventdesc) {
--
2.37.3

View File

@ -0,0 +1,104 @@
From be8b4cb178332f24fb06f30d3211a24ea3c9e632 Mon Sep 17 00:00:00 2001
From: Imran Desai <imran.desai@intel.com>
Date: Fri, 3 Sep 2021 11:24:31 -0700
Subject: [PATCH 03/17] tools/tpm2_evictconrol: fix for call to Esys_TR_Close
on bad handle
Fixes #2254
Signed-off-by: Imran Desai <imran.desai@intel.com>
---
tools/tpm2_evictcontrol.c | 36 +++++++++++++++---------------------
1 file changed, 15 insertions(+), 21 deletions(-)
diff --git a/tools/tpm2_evictcontrol.c b/tools/tpm2_evictcontrol.c
index 0ae4edc6..8199be39 100644
--- a/tools/tpm2_evictcontrol.c
+++ b/tools/tpm2_evictcontrol.c
@@ -106,20 +106,18 @@ static tool_rc tpm2_tool_onrun(ESYS_CONTEXT *ectx, tpm2_option_flags flags) {
bool evicted = false;
/* load up the object/handle to work on */
- tool_rc tmp_rc = tpm2_util_object_load(ectx, ctx.to_persist_key.ctx_path,
- &ctx.to_persist_key.object, TPM2_HANDLE_ALL_W_NV);
- if (tmp_rc != tool_rc_success) {
- rc = tmp_rc;
- goto out;
+ rc = tpm2_util_object_load(ectx, ctx.to_persist_key.ctx_path,
+ &ctx.to_persist_key.object, TPM2_HANDLE_ALL_W_NV);
+ if (rc != tool_rc_success) {
+ return rc;
}
/* load up the auth hierarchy */
- tmp_rc = tpm2_util_object_load_auth(ectx, ctx.auth_hierarchy.ctx_path,
+ rc = tpm2_util_object_load_auth(ectx, ctx.auth_hierarchy.ctx_path,
ctx.auth_hierarchy.auth_str, &ctx.auth_hierarchy.object, false,
TPM2_HANDLE_FLAGS_O | TPM2_HANDLE_FLAGS_P);
- if (tmp_rc != tool_rc_success) {
- rc = tmp_rc;
- goto out;
+ if (rc != tool_rc_success) {
+ return rc;
}
if (ctx.to_persist_key.object.handle >> TPM2_HR_SHIFT
@@ -136,11 +134,10 @@ static tool_rc tpm2_tool_onrun(ESYS_CONTEXT *ectx, tpm2_option_flags flags) {
*/
if (ctx.flags.c && !ctx.flags.p) {
bool is_platform = ctx.auth_hierarchy.object.handle == TPM2_RH_PLATFORM;
- tmp_rc = tpm2_capability_find_vacant_persistent_handle(ectx,
+ rc = tpm2_capability_find_vacant_persistent_handle(ectx,
is_platform, &ctx.persist_handle);
- if (tmp_rc != tool_rc_success) {
- rc = tmp_rc;
- goto out;
+ if (rc != tool_rc_success) {
+ return rc;
}
/* we searched and found a persistent handle, so mark that peristent handle valid */
ctx.flags.p = 1;
@@ -148,7 +145,7 @@ static tool_rc tpm2_tool_onrun(ESYS_CONTEXT *ectx, tpm2_option_flags flags) {
if (ctx.flags.o && !ctx.flags.p) {
LOG_ERR("Cannot specify -o without using a persistent handle");
- goto out;
+ return tool_rc_option_error;
}
ESYS_TR out_tr;
@@ -175,7 +172,7 @@ static tool_rc tpm2_tool_onrun(ESYS_CONTEXT *ectx, tpm2_option_flags flags) {
rc = tpm2_evictcontrol(ectx, &ctx.auth_hierarchy.object,
&ctx.to_persist_key.object, ctx.persist_handle, &out_tr, NULL);
if (rc != tool_rc_success) {
- goto out;
+ return rc;
}
/*
@@ -191,19 +188,16 @@ static tool_rc tpm2_tool_onrun(ESYS_CONTEXT *ectx, tpm2_option_flags flags) {
evicted = out_tr == ESYS_TR_NONE;
tpm2_tool_output("persistent-handle: 0x%x\n", ctx.persist_handle);
tpm2_tool_output("action: %s\n", evicted ? "evicted" : "persisted");
-
+ tool_rc tmp_rc = tool_rc_success;
if (ctx.output_arg) {
- rc = files_save_ESYS_TR(ectx, out_tr, ctx.output_arg);
- } else {
- rc = tool_rc_success;
+ tmp_rc = files_save_ESYS_TR(ectx, out_tr, ctx.output_arg);
}
-out:
if (!evicted) {
rc = tpm2_close(ectx, &out_tr);
}
- return rc;
+ return (tmp_rc == tool_rc_success) ? rc : tmp_rc;
}
static tool_rc tpm2_tool_onstop(ESYS_CONTEXT *ectx) {
--
2.40.1

View File

@ -0,0 +1,63 @@
From 5b5dd6263f1f2d41f08abd60134396a12756c5e7 Mon Sep 17 00:00:00 2001
From: Bill Roberts <bill.c.roberts+gh@gmail.com>
Date: Sun, 10 Dec 2023 10:26:33 -0600
Subject: [PATCH 3/6] tpm2_nvread: fix input handling no nv index
Fixes:
./tools/tpm2 nvread
WARN: Reading full size of the NV index
ERROR: object string is empty
ERROR: Invalid handle authorization.
ERROR: Unable to run nvread
with:
./tools/tpm2 nvread
ERROR: Must specify NV index argument
Usage: nvread [<options>] <arguments>
Where <options> are:
[ -C | --hierarchy=<value>] [ -o | --output=<value>] [ -s | --size=<value>] [ --offset=<value>]
[ --cphash=<value>] [ --rphash=<value>] [ -n | --name=<value>] [ -P | --auth=<value>]
[ -S | --session=<value>] [ --print-yaml]
Signed-off-by: Bill Roberts <bill.c.roberts+gh@gmail.com>
---
tools/tpm2_nvread.c | 9 ++++++++-
1 file changed, 8 insertions(+), 1 deletion(-)
diff --git a/tools/tpm2_nvread.c b/tools/tpm2_nvread.c
index f64d00c1..8f9c61cc 100644
--- a/tools/tpm2_nvread.c
+++ b/tools/tpm2_nvread.c
@@ -24,6 +24,7 @@ struct tpm_nvread_ctx {
TPM2B_NAME precalc_nvname;
UINT32 size_to_read;
UINT32 offset;
+ bool nv_specified;
/*
* Outputs
@@ -192,6 +193,11 @@ static tool_rc check_options(tpm2_option_flags flags) {
return tool_rc_option_error;
}
+ if(!ctx.nv_specified) {
+ LOG_ERR("Must specify NV index argument");
+ return tool_rc_option_error;
+ }
+
/*
* Peculiar to this and some other tools, the object (nvindex) name must
* be specified when only calculating the cpHash.
@@ -266,7 +272,8 @@ static bool on_arg(int argc, char **argv) {
if (!ctx.auth_hierarchy.ctx_path) {
ctx.auth_hierarchy.ctx_path = argv[0];
}
- return on_arg_nv_index(argc, argv, &ctx.nv_index);
+
+ return ctx.nv_specified = on_arg_nv_index(argc, argv, &ctx.nv_index);
}
static bool on_option(char key, char *value) {
--
2.45.2

View File

@ -0,0 +1,45 @@
From f365a0adca8379ce89ff86fdf740082cf6a56f1b Mon Sep 17 00:00:00 2001
From: Tien-Ren Chen <trchen1033@gmail.com>
Date: Thu, 25 Nov 2021 12:41:52 -0500
Subject: [PATCH 04/17] Fix argument parsing in tpm2_policylocality
This patch fixes a bug that caused tpm2_policylocality to almost
always generate PolicyLocality(0).
There was a logical inversion that caused almost any argument
(including invalid ones) to be interpreted as zero, except "zero"
would be interpreted as one.
Signed-off-by: Tien-Ren Chen <trchen1033@gmail.com>
---
tools/tpm2_policylocality.c | 10 +++++-----
1 file changed, 5 insertions(+), 5 deletions(-)
diff --git a/tools/tpm2_policylocality.c b/tools/tpm2_policylocality.c
index 81edbe65..b1d43d02 100644
--- a/tools/tpm2_policylocality.c
+++ b/tools/tpm2_policylocality.c
@@ -54,15 +54,15 @@ static bool on_arg(int argc, char **argv) {
return false;
}
- if (strcmp(argv[0], "zero")) {
+ if (strcmp(argv[0], "zero") == 0) {
ctx.locality = TPMA_LOCALITY_TPM2_LOC_ZERO;
- } else if (strcmp(argv[0], "one")) {
+ } else if (strcmp(argv[0], "one") == 0) {
ctx.locality = TPMA_LOCALITY_TPM2_LOC_ONE;
- } else if (strcmp(argv[0], "two")) {
+ } else if (strcmp(argv[0], "two") == 0) {
ctx.locality = TPMA_LOCALITY_TPM2_LOC_TWO;
- } else if (strcmp(argv[0], "three")) {
+ } else if (strcmp(argv[0], "three") == 0) {
ctx.locality = TPMA_LOCALITY_TPM2_LOC_THREE;
- } else if (strcmp(argv[0], "four")) {
+ } else if (strcmp(argv[0], "four") == 0) {
ctx.locality = TPMA_LOCALITY_TPM2_LOC_FOUR;
} else {
bool result = tpm2_util_string_to_uint8(argv[0], &ctx.locality);
--
2.40.1

View File

@ -0,0 +1,86 @@
From 7076608db4b8a2cdcab6ff4bc47c23c935618e3b Mon Sep 17 00:00:00 2001
From: Juergen Repp <juergen_repp@web.de>
Date: Tue, 5 Mar 2024 22:11:38 +0100
Subject: [PATCH 4/6] tpm2_checkquote: Add comparison of pcr selection.
The pcr selection which is passed with the --pcr parameter it not
compared with the attest. So it's possible to fake a valid
attestation.
Fixes: CVE-2024-29039
Signed-off-by: Juergen Repp <juergen_repp@web.de>
Signed-off-by: Andreas Fuchs <andreas.fuchs@infineon.com>
---
tools/misc/tpm2_checkquote.c | 41 +++++++++++++++++++++++++++++++++++-
1 file changed, 40 insertions(+), 1 deletion(-)
diff --git a/tools/misc/tpm2_checkquote.c b/tools/misc/tpm2_checkquote.c
index 6ce086f8..8a2a154e 100644
--- a/tools/misc/tpm2_checkquote.c
+++ b/tools/misc/tpm2_checkquote.c
@@ -54,6 +54,37 @@ static tpm2_verifysig_ctx ctx = {
.pcr_hash = TPM2B_TYPE_INIT(TPM2B_DIGEST, buffer),
};
+static bool compare_pcr_selection(TPML_PCR_SELECTION *attest_sel, TPML_PCR_SELECTION *pcr_sel) {
+ if (attest_sel->count != pcr_sel->count) {
+ LOG_ERR("Selection sizes do not match.");
+ return false;
+ }
+ for (uint32_t i = 0; i < attest_sel->count; i++) {
+ for (uint32_t j = 0; j < pcr_sel->count; j++) {
+ if (attest_sel->pcrSelections[i].hash ==
+ pcr_sel->pcrSelections[j].hash) {
+ if (attest_sel->pcrSelections[i].sizeofSelect !=
+ pcr_sel->pcrSelections[j].sizeofSelect) {
+ LOG_ERR("Bitmask size does not match");
+ return false;
+ }
+ if (memcmp(&attest_sel->pcrSelections[i].pcrSelect[0],
+ &pcr_sel->pcrSelections[j].pcrSelect[0],
+ attest_sel->pcrSelections[i].sizeofSelect) != 0) {
+ LOG_ERR("Selection bitmasks do not match");
+ return false;
+ }
+ break;
+ }
+ if (j == pcr_sel->count - 1) {
+ LOG_ERR("Hash selections to not match.");
+ return false;
+ }
+ }
+ }
+ return true;
+}
+
static bool verify(void) {
bool result = false;
@@ -374,7 +405,7 @@ static tool_rc init(void) {
}
TPM2B_ATTEST *msg = NULL;
- TPML_PCR_SELECTION pcr_select;
+ TPML_PCR_SELECTION pcr_select = { 0 };
tpm2_pcrs *pcrs;
tpm2_pcrs temp_pcrs = {};
tool_rc return_value = tool_rc_general_error;
@@ -537,6 +568,14 @@ static tool_rc init(void) {
goto err;
}
+ if (ctx.flags.pcr) {
+ if (!compare_pcr_selection(&ctx.attest.attested.quote.pcrSelect,
+ &pcr_select)) {
+ LOG_ERR("PCR selection does not match PCR slection from attest!");
+ goto err;
+ }
+ }
+
// Figure out the digest for this message
res = tpm2_openssl_hash_compute_data(ctx.halg, msg->attestationData,
msg->size, &ctx.msg_hash);
--
2.45.2

View File

@ -0,0 +1,55 @@
From 2781de8cb60d0e8efb72d57eb1178f2f6df9415c Mon Sep 17 00:00:00 2001
From: Jerry Snitselaar <jsnitsel@redhat.com>
Date: Tue, 2 Aug 2022 11:59:06 -0700
Subject: [PATCH 4/9] tpm2_eventlog: clean up some magic numbers
Make the code a bit clearer by making it clear
we are subtracting the size of the EFI_GUID member
from the EFI_SIGNATURE_DATA size.
Signed-off-by: Jerry Snitselaar <jsnitsel@redhat.com>
---
lib/tpm2_eventlog_yaml.c | 12 ++++++------
1 file changed, 6 insertions(+), 6 deletions(-)
diff --git a/lib/tpm2_eventlog_yaml.c b/lib/tpm2_eventlog_yaml.c
index 647a2225..fee78027 100644
--- a/lib/tpm2_eventlog_yaml.c
+++ b/lib/tpm2_eventlog_yaml.c
@@ -374,13 +374,13 @@ static bool yaml_uefi_var(UEFI_VARIABLE_DATA *data, size_t size, UINT32 type,
for (i = 0; i < signatures; i++) {
EFI_SIGNATURE_DATA *s = (EFI_SIGNATURE_DATA *)signature;
char *sdata = calloc (1,
- BYTES_TO_HEX_STRING_SIZE(slist->SignatureSize-16));
+ BYTES_TO_HEX_STRING_SIZE(slist->SignatureSize - sizeof(EFI_GUID)));
if (sdata == NULL) {
LOG_ERR("Failled to allocate data: %s\n", strerror(errno));
return false;
}
- bytes_to_str(s->SignatureData, slist->SignatureSize-16,
- sdata, BYTES_TO_HEX_STRING_SIZE(slist->SignatureSize-16));
+ bytes_to_str(s->SignatureData, slist->SignatureSize - sizeof(EFI_GUID),
+ sdata, BYTES_TO_HEX_STRING_SIZE(slist->SignatureSize - sizeof(EFI_GUID)));
guid_unparse_lower(s->SignatureOwner, uuidstr);
tpm2_tool_output(" - SignatureOwner: %s\n"
" SignatureData: %s\n",
@@ -426,13 +426,13 @@ static bool yaml_uefi_var(UEFI_VARIABLE_DATA *data, size_t size, UINT32 type,
EFI_SIGNATURE_DATA *s= (EFI_SIGNATURE_DATA *)&data->UnicodeName[
data->UnicodeNameLength];
char *sdata = calloc (1,
- BYTES_TO_HEX_STRING_SIZE(data->VariableDataLength - 16));
+ BYTES_TO_HEX_STRING_SIZE(data->VariableDataLength - sizeof(EFI_GUID)));
if (sdata == NULL) {
LOG_ERR("Failled to allocate data: %s\n", strerror(errno));
return false;
}
- bytes_to_str(s->SignatureData, data->VariableDataLength - 16,
- sdata, BYTES_TO_HEX_STRING_SIZE(data->VariableDataLength - 16));
+ bytes_to_str(s->SignatureData, data->VariableDataLength - sizeof(EFI_GUID),
+ sdata, BYTES_TO_HEX_STRING_SIZE(data->VariableDataLength - sizeof(EFI_GUID)));
guid_unparse_lower(s->SignatureOwner, uuidstr);
tpm2_tool_output(" - SignatureOwner: %s\n"
" SignatureData: %s\n",
--
2.37.3

View File

@ -0,0 +1,82 @@
From 221d8e557ab5a00246f7b09746377819cfbaec5e Mon Sep 17 00:00:00 2001
From: Imran Desai <imran.desai@intel.com>
Date: Wed, 9 Mar 2022 10:24:45 -0700
Subject: [PATCH 05/17] tools/tpm2_tool.c: Fix an issue where LOG_WARN is
always displayed
Despite setting the 'quiet' flag with -Q the warning messages were
always displayed.
Signed-off-by: Imran Desai <imran.desai@intel.com>
---
lib/tpm2_options.c | 12 +++++++++---
tools/tpm2_makecredential.c | 9 ++++++---
2 files changed, 15 insertions(+), 6 deletions(-)
diff --git a/lib/tpm2_options.c b/lib/tpm2_options.c
index 8c8af2af..1238e440 100644
--- a/lib/tpm2_options.c
+++ b/lib/tpm2_options.c
@@ -456,12 +456,16 @@ tpm2_option_code tpm2_handle_options(int argc, char **argv,
/* tool doesn't request a sapi, don't initialize one */
if (flags->tcti_none && is_optional_sapi) {
- LOG_WARN("Tool optionally uses SAPI. Continuing with tcti=none");
+ if (!flags->quiet) {
+ LOG_WARN("Tool optionally uses SAPI. Continuing with tcti=none");
+ }
goto none;
}
if (flags->tcti_none && is_no_sapi) {
- LOG_WARN("Tool does not use SAPI. Continuing with tcti=none");
+ if (!flags->quiet) {
+ LOG_WARN("Tool does not use SAPI. Continuing with tcti=none");
+ }
goto none;
}
@@ -481,7 +485,9 @@ tpm2_option_code tpm2_handle_options(int argc, char **argv,
bool is_optional_fake_tcti = (flags->tcti_none && tool_opts &&
tool_opts->flags & TPM2_OPTIONS_OPTIONAL_SAPI_AND_FAKE_TCTI);
if (is_optional_fake_tcti) {
- LOG_WARN("Tool optionally uses SAPI. Continuing with tcti=fake");
+ if (!flags->quiet) {
+ LOG_WARN("Tool optionally uses SAPI. Continuing with tcti=fake");
+ }
*tcti = (TSS2_TCTI_CONTEXT *)&fake_tcti;
goto none;
}
diff --git a/tools/tpm2_makecredential.c b/tools/tpm2_makecredential.c
index 0b0fa123..5bd5b484 100644
--- a/tools/tpm2_makecredential.c
+++ b/tools/tpm2_makecredential.c
@@ -310,11 +310,14 @@ static void set_default_TCG_EK_template(TPMI_ALG_PUBLIC alg) {
ctx.public.publicArea.nameAlg = TPM2_ALG_SHA256;
}
-static tool_rc process_input(void) {
+static tool_rc process_input(tpm2_option_flags flags) {
TPMI_ALG_PUBLIC alg = TPM2_ALG_NULL;
if (ctx.key_type) {
- LOG_WARN("Because **-G** is specified, assuming input encryption public key is in PEM format.");
+ if (!flags.quiet) {
+ LOG_WARN("Because **-G** is specified, assuming input encryption "
+ "public key is in PEM format.");
+ }
alg = tpm2_alg_util_from_optarg(ctx.key_type,
tpm2_alg_util_flags_asymmetric);
if (alg == TPM2_ALG_ERROR ||
@@ -379,7 +382,7 @@ static tool_rc tpm2_tool_onrun(ESYS_CONTEXT *ectx, tpm2_option_flags flags) {
UNUSED(flags);
- tool_rc rc = process_input();
+ tool_rc rc = process_input(flags);
if (rc != tool_rc_success) {
return rc;
}
--
2.40.1

View File

@ -0,0 +1,38 @@
From 0f122ba3f7bdee12f8ee725db41d90e737fb3e49 Mon Sep 17 00:00:00 2001
From: Juergen Repp <juergen_repp@web.de>
Date: Tue, 31 Oct 2023 11:29:50 +0100
Subject: [PATCH 5/6] tpm2_checkquote: Fix check of magic number.
It was not checked whether the magic number in the
attest is equal to TPM2_GENERATED_VALUE.
So an malicious attacker could generate arbitrary quote data
which was not detected by tpm2 checkquote.
Fixes: CVE-2024-29038
Signed-off-by: Juergen Repp <juergen_repp@web.de>
---
tools/misc/tpm2_checkquote.c | 7 +++++++
1 file changed, 7 insertions(+)
diff --git a/tools/misc/tpm2_checkquote.c b/tools/misc/tpm2_checkquote.c
index 8a2a154e..5083d855 100644
--- a/tools/misc/tpm2_checkquote.c
+++ b/tools/misc/tpm2_checkquote.c
@@ -146,6 +146,13 @@ static bool verify(void) {
goto err;
}
+ // check magic
+ if (ctx.attest.magic != TPM2_GENERATED_VALUE) {
+ LOG_ERR("Bad magic, got: 0x%x, expected: 0x%x",
+ ctx.attest.magic, TPM2_GENERATED_VALUE);
+ return false;
+ }
+
// Also ensure digest from quote matches PCR digest
if (ctx.flags.pcr) {
if (!tpm2_util_verify_digests(&ctx.attest.attested.quote.pcrDigest,
--
2.45.2

View File

@ -0,0 +1,209 @@
From cef0317b83e06fdca25ef52a8bfd59b74d318e5a Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= <berrange@redhat.com>
Date: Thu, 29 Sep 2022 10:48:36 -0400
Subject: [PATCH 5/9] tpm2_eventlog_yaml: fix malformed YAML for EV_IPL data
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
The code for printing EV_IPL data was fairly crude and often
did not generate valid YAML syntax. Some problems
* Data starting with a space would result in invalid
indentation, a leading space requires a quoted string
* Non-printable cahracters must generally be escaped,
using a quoted string
* Embedded NUL bytes were turned into newlines, which
mangled any UTF16 encoded data.
This change attempts to make the YAML output much safer. It
is not pefect as it just processes the data bytewise and
thus could potentially emit invalid UTF-8 bytes. In practice
this won't be a problem for known bootloader emitting EV_IPL
events.
This changes the formatting slightly
- All strings are now surrounded with double quotes
- All NUL bytes, including the final trailing NUL
are displayed in escaped format.
- Non-printable ASCII chars are escaped, including
the tab character, per YAML recommendations
A much better long term solution would be to switch to
using libyaml for generating the output which would give
a strong guarantee of correct formatting.
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
---
lib/tpm2_eventlog_yaml.c | 141 ++++++++++++++++++++++++++++++++++++---
1 file changed, 130 insertions(+), 11 deletions(-)
diff --git a/lib/tpm2_eventlog_yaml.c b/lib/tpm2_eventlog_yaml.c
index fee78027..66a20701 100644
--- a/lib/tpm2_eventlog_yaml.c
+++ b/lib/tpm2_eventlog_yaml.c
@@ -571,6 +571,125 @@ bool yaml_uefi_action(UINT8 const *action, size_t size) {
return true;
}
+
+
+/*
+ * The yaml_ipl description is received as raw bytes, but the
+ * data will represent a printable string. Unfortunately we
+ * are not told its encoding, and this can vary. For example,
+ * grub will use UTF8, while sd-boot will UTF16LE.
+ *
+ * We need to emit YAML with some rules:
+ *
+ * - No leading ' ' without quoting it
+ * - Escape non-printable ascii chars
+ * - Double quotes if using escape sequences
+ * - Valid UTF8 string
+ *
+ * This method will ignore the question of original data
+ * encoding and apply a few simple rules to make the data
+ * mostly YAML compliant. Where it falls down is not
+ * guaranteeing valid UTF8, if the input was not already
+ * valid UTF8. In practice this limitation shouldn't be
+ * a problem given expected measured data.
+ *
+ * Note: one consequence of this approach is that most
+ * UTF16LE data will be rendered with lots of \0 bytes
+ * escaped.
+ *
+ * For ease of output reading, the data is also split on newlines
+ */
+char **yaml_split_escape_string(UINT8 const *description, size_t size)
+{
+ char **lines = NULL, **tmp;
+ size_t nlines = 0;
+ size_t i, j, k;
+ size_t len;
+ UINT8 *nl;
+
+ i = 0;
+ do {
+ nl = memchr(description + i, '\n', size - i);
+ len = nl ? (size_t)(nl - (description + i)) : size - i;
+
+ tmp = realloc(lines, sizeof(char *) * (nlines + 2));
+ if (!tmp) {
+ LOG_ERR("failed to allocate memory for description lines: %s\n",
+ strerror(errno));
+ goto error;
+ }
+ lines = tmp;
+ lines[nlines + 1] = NULL;
+ k = 0;
+
+ /* Worst case: every byte needs escaping, plus start/end quotes, plus nul */
+ lines[nlines] = calloc(1, (len * 2) + 2 + 1);
+ if (!lines[nlines]) {
+ LOG_ERR("failed to allocate memory for escaped string: %s\n",
+ strerror(errno));
+ goto error;
+ }
+
+ lines[nlines][k++] = '"';
+ for (j = i; j < (i + len); j++) {
+ char escape = '\0';
+
+ switch (description[j]) {
+ case '\0':
+ escape = '0';
+ break;
+ case '\a':
+ escape = 'a';
+ break;
+ case '\b':
+ escape = 'b';
+ break;
+ case '\t':
+ escape = 't';
+ break;
+ case '\v':
+ escape = 'v';
+ break;
+ case '\f':
+ escape = 'f';
+ break;
+ case '\r':
+ escape = 'r';
+ break;
+ case '\e':
+ escape = 'e';
+ break;
+ case '\'':
+ escape = '\'';
+ break;
+ case '\\':
+ escape = '\\';
+ break;
+ }
+
+ if (escape == '\0') {
+ lines[nlines][k++] = description[j];
+ } else {
+ lines[nlines][k++] = '\\';
+ lines[nlines][k++] = escape;
+ }
+ }
+ lines[nlines][k++] = '"';
+
+ nlines++;
+ i += len + 1;
+ } while (i < size);
+
+ return lines;
+
+ error:
+ for (i = 0; lines != NULL && lines[i] != NULL; i++) {
+ free(lines[i]);
+ }
+ free(lines);
+ return NULL;
+}
+
/*
* TCG PC Client PFP section 9.4.1
* This event type is extensively used by the Shim and Grub on a wide varities
@@ -578,21 +697,21 @@ bool yaml_uefi_action(UINT8 const *action, size_t size) {
* the loading of grub, kernel, and initrd images.
*/
bool yaml_ipl(UINT8 const *description, size_t size) {
-
+ char **lines = NULL;
+ size_t i;
tpm2_tool_output(" Event:\n"
" String: |-\n");
- /* We need to handle when description contains multiple lines. */
- size_t i, j;
- for (i = 0; i < size; i++) {
- for (j = i; j < size; j++) {
- if (description[j] == '\n' || description[j] == '\0') {
- break;
- }
- }
- tpm2_tool_output(" %.*s\n", (int)(j - i), description+i);
- i = j;
+ lines = yaml_split_escape_string(description, size);
+ if (!lines) {
+ return false;
+ }
+
+ for (i = 0; lines[i] != NULL; i++) {
+ tpm2_tool_output(" %s\n", lines[i]);
+ free(lines[i]);
}
+ free(lines);
return true;
}
--
2.37.3

View File

@ -0,0 +1,100 @@
From acc82191f519f8bcdfcc0827faf024dcd2f56f78 Mon Sep 17 00:00:00 2001
From: William Roberts <william.c.roberts@intel.com>
Date: Fri, 20 May 2022 10:49:04 -0500
Subject: [PATCH 06/17] import: fix bug on using scheme
When scheme is specified in the template, the openssl load functions
clobber the scheme value and set it to TPM2_ALG_NULL. Only set the
algorithm to NULL if zero value is specified.
Fixes: #2997
Signed-off-by: William Roberts <william.c.roberts@intel.com>
---
lib/tpm2_openssl.c | 24 ++++++++++++++++++------
test/integration/tests/import.sh | 13 +++++++++----
2 files changed, 27 insertions(+), 10 deletions(-)
diff --git a/lib/tpm2_openssl.c b/lib/tpm2_openssl.c
index 01bfc9ef..ad43c8e1 100644
--- a/lib/tpm2_openssl.c
+++ b/lib/tpm2_openssl.c
@@ -534,9 +534,15 @@ static bool load_public_RSA_from_key(EVP_PKEY *key, TPM2B_PUBLIC *pub) {
pt->type = TPM2_ALG_RSA;
TPMS_RSA_PARMS *rdetail = &pub->publicArea.parameters.rsaDetail;
- rdetail->scheme.scheme = TPM2_ALG_NULL;
- rdetail->symmetric.algorithm = TPM2_ALG_NULL;
- rdetail->scheme.details.anySig.hashAlg = TPM2_ALG_NULL;
+ /*
+ * If the scheme is not TPM2_ALG_ERROR (0),
+ * its a valid scheme so don't set it to NULL scheme
+ */
+ if (rdetail->scheme.scheme == TPM2_ALG_ERROR) {
+ rdetail->scheme.scheme = TPM2_ALG_NULL;
+ rdetail->symmetric.algorithm = TPM2_ALG_NULL;
+ rdetail->scheme.details.anySig.hashAlg = TPM2_ALG_NULL;
+ }
/* NULL out sym details */
TPMT_SYM_DEF_OBJECT *sym = &rdetail->symmetric;
@@ -809,9 +815,15 @@ static bool load_public_ECC_from_key(EVP_PKEY *key, TPM2B_PUBLIC *pub) {
* no kdf - not sure what this should be
*/
pp->kdf.scheme = TPM2_ALG_NULL;
- pp->scheme.scheme = TPM2_ALG_NULL;
- pp->symmetric.algorithm = TPM2_ALG_NULL;
- pp->scheme.details.anySig.hashAlg = TPM2_ALG_NULL;
+
+ /*
+ * If the scheme is not TPM2_ALG_ERROR (0),
+ * its a valid scheme so don't set it to NULL scheme
+ */
+ if (pp->scheme.scheme == TPM2_ALG_ERROR) {
+ pp->scheme.scheme = TPM2_ALG_NULL;
+ pp->scheme.details.anySig.hashAlg = TPM2_ALG_NULL;
+ }
/* NULL out sym details */
TPMT_SYM_DEF_OBJECT *sym = &pp->symmetric;
diff --git a/test/integration/tests/import.sh b/test/integration/tests/import.sh
index 9f6a474e..9cb6096f 100644
--- a/test/integration/tests/import.sh
+++ b/test/integration/tests/import.sh
@@ -4,8 +4,8 @@ source helpers.sh
cleanup() {
rm -f import_key.ctx import_key.name import_key.priv import_key.pub \
- parent.ctx plain.dec.ssl plain.enc plain.txt sym.key import_rsa_key.pub \
- import_rsa_key.priv import_rsa_key.ctx import_rsa_key.name private.pem \
+ parent.ctx plain.dec.ssl plain.enc plain.txt sym.key import_rsa_key*.pub \
+ import_rsa_key*.priv import_rsa_key.ctx import_rsa_key.name private.pem \
public.pem plain.rsa.enc plain.rsa.dec public.pem data.in.raw \
data.in.digest data.out.signed ticket.out ecc.pub ecc.priv ecc.name \
ecc.ctx private.ecc.pem public.ecc.pem passfile aes.key policy.dat \
@@ -67,6 +67,10 @@ run_rsa_import_test() {
tpm2 import -Q -G rsa -g "$name_alg" -i private.pem -C $1 \
-u import_rsa_key.pub -r import_rsa_key.priv
+ # test in import with scheme and discard
+ tpm2 import -G rsa:rsassa-sha256 -g "$name_alg" -i private.pem -C $1 \
+ -u import_rsa_key2.pub -r import_rsa_key2.priv | grep -q 'rsassa'
+
tpm2 load -Q -C $1 -u import_rsa_key.pub -r import_rsa_key.priv \
-n import_rsa_key.name -c import_rsa_key.ctx
@@ -118,8 +122,9 @@ run_ecc_import_test() {
shasum -a 256 data.in.raw | awk '{ print "000000 " $1 }' | xxd -r -c 32 > \
data.in.digest
- tpm2 import -Q -G ecc -g "$name_alg" -i private.ecc.pem -C $1 -u ecc.pub \
- -r ecc.priv
+ # test import with scheme
+ tpm2 import -G ecc:ecdsa-sha256 -g "$name_alg" -i private.ecc.pem -C $1 -u ecc.pub \
+ -r ecc.priv | grep -q 'ecdsa'
tpm2 load -Q -C $1 -u ecc.pub -r ecc.priv -n ecc.name -c ecc.ctx
--
2.40.1

File diff suppressed because one or more lines are too long

View File

@ -0,0 +1,28 @@
From d7c541d839d6c470fbd273d0c482091a1fe59fe6 Mon Sep 17 00:00:00 2001
From: rpm-build <rpm-build>
Date: Tue, 18 Jun 2024 15:42:13 +0200
Subject: [PATCH 6/6] tpm2_setprimarypolicy: Fix resource leak
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Signed-off-by: Štěpán Horáček <shoracek@redhat.com>
---
tools/tpm2_setprimarypolicy.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/tools/tpm2_setprimarypolicy.c b/tools/tpm2_setprimarypolicy.c
index 140a8083..459d3d03 100644
--- a/tools/tpm2_setprimarypolicy.c
+++ b/tools/tpm2_setprimarypolicy.c
@@ -134,6 +134,7 @@ static tool_rc process_setprimarypolicy_input(ESYS_CONTEXT *ectx,
(*auth_policy)->buffer, &((*auth_policy)->size));
if (!result) {
LOG_ERR("Failed loading policy digest from path");
+ free(*auth_policy);
return tool_rc_general_error;
}
}
--
2.45.2

View File

@ -0,0 +1,92 @@
From c26464eb59b71b40bea11b4829b2a848343081f2 Mon Sep 17 00:00:00 2001
From: Thore Sommer <mail@thson.de>
Date: Sat, 8 Oct 2022 21:29:18 +0300
Subject: [PATCH 7/9] tpm2_eventlog_yaml: fix parsing for MokListTrusted
Not all data in events of the EV_EFI_VARIABLE_AUTHORITY are
EFI_SIGNATURE_DATA. The entry for MokListTrusted is a boolean
encoded as an integer similar to SecureBoot variable.
Fixes #3050
Signed-off-by: Thore Sommer <mail@thson.de>
---
lib/tpm2_eventlog_yaml.c | 60 +++++++++++++++++++++++++++-------------
1 file changed, 41 insertions(+), 19 deletions(-)
diff --git a/lib/tpm2_eventlog_yaml.c b/lib/tpm2_eventlog_yaml.c
index 66a20701..0b1d0318 100644
--- a/lib/tpm2_eventlog_yaml.c
+++ b/lib/tpm2_eventlog_yaml.c
@@ -418,27 +418,49 @@ static bool yaml_uefi_var(UEFI_VARIABLE_DATA *data, size_t size, UINT32 type,
}
return true;
}
- /* Other variables will be printed as a hex string */
} else if (type == EV_EFI_VARIABLE_AUTHORITY) {
- free(ret);
- tpm2_tool_output(" VariableData:\n");
-
- EFI_SIGNATURE_DATA *s= (EFI_SIGNATURE_DATA *)&data->UnicodeName[
- data->UnicodeNameLength];
- char *sdata = calloc (1,
- BYTES_TO_HEX_STRING_SIZE(data->VariableDataLength - sizeof(EFI_GUID)));
- if (sdata == NULL) {
- LOG_ERR("Failled to allocate data: %s\n", strerror(errno));
- return false;
+ /* The MokListTrusted is boolean option, not a EFI_SIGNATURE_DATA*/
+ if ((strlen(ret) == 14 && strncmp(ret, "MokListTrusted", 14) == 0)) {
+ free(ret);
+ tpm2_tool_output(" VariableData:\n"
+ " Enabled: ");
+ if (data->VariableDataLength == 0) {
+ tpm2_tool_output("'No'\n");
+ } else if (data->VariableDataLength > 1) {
+ LOG_ERR("MokListTrusted value length %" PRIu64 " is unexpectedly > 1\n",
+ data->VariableDataLength);
+ return false;
+ } else {
+ uint8_t *variable_data = (uint8_t *)&data->UnicodeName[
+ data->UnicodeNameLength];
+ if (*variable_data == 0) {
+ tpm2_tool_output("'No'\n");
+ } else {
+ tpm2_tool_output("'Yes'\n");
+ }
+ }
+ return true;
+ } else {
+ /* Other variables will be printed as a hex string */
+ free(ret);
+ tpm2_tool_output(" VariableData:\n");
+ EFI_SIGNATURE_DATA *s= (EFI_SIGNATURE_DATA *)&data->UnicodeName[
+ data->UnicodeNameLength];
+ char *sdata = calloc (1,
+ BYTES_TO_HEX_STRING_SIZE(data->VariableDataLength - sizeof(EFI_GUID)));
+ if (sdata == NULL) {
+ LOG_ERR("Failled to allocate data: %s\n", strerror(errno));
+ return false;
+ }
+ bytes_to_str(s->SignatureData, data->VariableDataLength - sizeof(EFI_GUID),
+ sdata, BYTES_TO_HEX_STRING_SIZE(data->VariableDataLength - sizeof(EFI_GUID)));
+ guid_unparse_lower(s->SignatureOwner, uuidstr);
+ tpm2_tool_output(" - SignatureOwner: %s\n"
+ " SignatureData: %s\n",
+ uuidstr, sdata);
+ free(sdata);
+ return true;
}
- bytes_to_str(s->SignatureData, data->VariableDataLength - sizeof(EFI_GUID),
- sdata, BYTES_TO_HEX_STRING_SIZE(data->VariableDataLength - sizeof(EFI_GUID)));
- guid_unparse_lower(s->SignatureOwner, uuidstr);
- tpm2_tool_output(" - SignatureOwner: %s\n"
- " SignatureData: %s\n",
- uuidstr, sdata);
- free(sdata);
- return true;
} else if (type == EV_EFI_VARIABLE_BOOT || type == EV_EFI_VARIABLE_BOOT2) {
if ((strlen(ret) == 9 && strncmp(ret, "BootOrder", 9) == 0)) {
free(ret);
--
2.37.3

View File

@ -0,0 +1,85 @@
From d35bff8cf06cec386afd24bdbed9828caf063a2f Mon Sep 17 00:00:00 2001
From: William Roberts <william.c.roberts@intel.com>
Date: Mon, 18 Jul 2022 11:31:51 -0500
Subject: [PATCH 07/17] tpm2_policyor: fix unallocated policy list
The TPML_DIGEST policy list was calloc'd for some reason, however it
could just be statically allocated in the context. The side effect is
that when no options or arguments were given a NPD occured when checking
the count of the policy list. TO fix this, just statically allocate it.
Signed-off-by: William Roberts <william.c.roberts@intel.com>
---
tools/tpm2_policyor.c | 15 ++++++---------
1 file changed, 6 insertions(+), 9 deletions(-)
diff --git a/tools/tpm2_policyor.c b/tools/tpm2_policyor.c
index e4f6541b..d27fff8b 100644
--- a/tools/tpm2_policyor.c
+++ b/tools/tpm2_policyor.c
@@ -14,7 +14,7 @@ struct tpm2_policyor_ctx {
//File path for the session context data
const char *session_path;
//List of policy digests that will be compounded
- TPML_DIGEST *policy_list;
+ TPML_DIGEST policy_list;
//File path for storing the policy digest output
const char *out_policy_dgst_path;
@@ -36,8 +36,7 @@ static bool on_option(char key, char *value) {
ctx.session_path = value;
break;
case 'l':
- ctx.policy_list = calloc(1, sizeof(TPML_DIGEST));
- result = tpm2_policy_parse_policy_list(value, ctx.policy_list);
+ result = tpm2_policy_parse_policy_list(value, &ctx.policy_list);
if (!result) {
return false;
}
@@ -54,8 +53,7 @@ static bool on_arg(int argc, char **argv) {
return false;
}
- ctx.policy_list = calloc(1, sizeof(TPML_DIGEST));
- bool result = tpm2_policy_parse_policy_list(argv[0], ctx.policy_list);
+ bool result = tpm2_policy_parse_policy_list(argv[0], &ctx.policy_list);
if (!result) {
return false;
}
@@ -85,7 +83,7 @@ static bool is_input_option_args_valid(void) {
}
//Minimum two policies needed to be specified for compounding
- if (ctx.policy_list->count < 1) {
+ if (ctx.policy_list.count < 1) {
LOG_ERR("Must specify at least 2 policy digests for compounding.");
return false;
}
@@ -109,14 +107,14 @@ static tool_rc tpm2_tool_onrun(ESYS_CONTEXT *ectx, tpm2_option_flags flags) {
}
/* Policy digest hash alg should match that of the session */
- if (ctx.policy_list->digests[0].size
+ if (ctx.policy_list.digests[0].size
!= tpm2_alg_util_get_hash_size(
tpm2_session_get_authhash(ctx.session))) {
LOG_ERR("Policy digest hash alg should match that of the session.");
return tool_rc_general_error;
}
- rc = tpm2_policy_build_policyor(ectx, ctx.session, ctx.policy_list);
+ rc = tpm2_policy_build_policyor(ectx, ctx.session, &ctx.policy_list);
if (rc != tool_rc_success) {
LOG_ERR("Could not build policyor TPM");
return rc;
@@ -127,7 +125,6 @@ static tool_rc tpm2_tool_onrun(ESYS_CONTEXT *ectx, tpm2_option_flags flags) {
static tool_rc tpm2_tool_onstop(ESYS_CONTEXT *ectx) {
UNUSED(ectx);
- free(ctx.policy_list);
free(ctx.policy_digest);
return tpm2_session_close(&ctx.session);
}
--
2.40.1

View File

@ -0,0 +1,35 @@
From cfb18410e8f706646adce2bd9f6cffecbd363d2b Mon Sep 17 00:00:00 2001
From: Imran Desai <imran.desai@intel.com>
Date: Thu, 21 Jul 2022 15:19:36 -0700
Subject: [PATCH 08/17] lib/tpm2_alg_util.c: Fix potential null pointer
dereference
Must test ext_alg_str before dereferencing in
tpm2_alg_util_handle_rsa_ext_alg
char *ext_alg_str = calloc(1, strlen(alg_spec) + strlen("rsa") +
RSA_KEYBITS_STRLEN)
Signed-off-by: Imran Desai <imran.desai@intel.com>
---
lib/tpm2_alg_util.c | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/lib/tpm2_alg_util.c b/lib/tpm2_alg_util.c
index 1e984d74..580f41cb 100644
--- a/lib/tpm2_alg_util.c
+++ b/lib/tpm2_alg_util.c
@@ -601,6 +601,10 @@ tool_rc tpm2_alg_util_handle_rsa_ext_alg(const char *alg_spec,
#define RSA_KEYBITS_STRLEN 6
char *ext_alg_str = calloc(1, strlen(alg_spec) + strlen("rsa") +
RSA_KEYBITS_STRLEN);
+ if (ext_alg_str == NULL) {
+ LOG_ERR("oom");
+ return tool_rc_general_error;
+ }
strcat(ext_alg_str, "rsa");
switch(public->publicArea.parameters.rsaDetail.keyBits) {
--
2.40.1

File diff suppressed because it is too large Load Diff

View File

@ -0,0 +1,87 @@
From e05d4ac57960b9aa81943254f5757405a5217616 Mon Sep 17 00:00:00 2001
From: Thore Sommer <mail@thson.de>
Date: Tue, 11 Oct 2022 08:44:44 +0300
Subject: [PATCH 9/9] tpm2_eventlog_yaml: use defines for Unicode variables
The used variables and their length are defined as the following:
- Name: NAME_{VARIABLE_NAME}
- Length: NAME_{VARIABLE_NAME}_LEN
Signed-off-by: Thore Sommer <mail@thson.de>
---
lib/tpm2_eventlog_yaml.c | 30 +++++++++++++++++++++++-------
1 file changed, 23 insertions(+), 7 deletions(-)
diff --git a/lib/tpm2_eventlog_yaml.c b/lib/tpm2_eventlog_yaml.c
index 0b1d0318..59a5d8fc 100644
--- a/lib/tpm2_eventlog_yaml.c
+++ b/lib/tpm2_eventlog_yaml.c
@@ -23,6 +23,22 @@
#include <efivar/efivar.h>
#endif
+/* Valid variable unicode names and their length */
+#define NAME_DB "db"
+#define NAME_DB_LEN 2
+#define NAME_DBX "dbx"
+#define NAME_DBX_LEN 3
+#define NAME_KEK "KEK"
+#define NAME_KEK_LEN 3
+#define NAME_PK "PK"
+#define NAME_PK_LEN 2
+#define NAME_MOKLISTTRUSTED "MokListTrusted"
+#define NAME_MOKLISTTRUSTED_LEN 14
+#define NAME_SECUREBOOT "SecureBoot"
+#define NAME_SECUREBOOT_LEN 10
+#define NAME_BOOTORDER "BootOrder"
+#define NAME_BOOTORDER_LEN 9
+
static void guid_unparse_lower(EFI_GUID guid, char guid_buf[37]) {
snprintf(guid_buf, 37, "%08x-%04x-%04x-%02x%02x-%02x%02x%02x%02x%02x%02x",
@@ -321,10 +337,10 @@ static bool yaml_uefi_var(UEFI_VARIABLE_DATA *data, size_t size, UINT32 type,
* respectively.
*/
if (type == EV_EFI_VARIABLE_DRIVER_CONFIG) {
- if ((strlen(ret) == 2 && strncmp(ret, "PK", 2) == 0) ||
- (strlen(ret) == 3 && strncmp(ret, "KEK", 3) == 0) ||
- (strlen(ret) == 2 && strncmp(ret, "db", 2) == 0) ||
- (strlen(ret) == 3 && strncmp(ret, "dbx", 3) == 0)) {
+ if ((strlen(ret) == NAME_PK_LEN && strncmp(ret, NAME_PK, NAME_PK_LEN) == 0) ||
+ (strlen(ret) == NAME_KEK_LEN && strncmp(ret, NAME_KEK, NAME_KEK_LEN) == 0) ||
+ (strlen(ret) == NAME_DB_LEN && strncmp(ret, NAME_DB, NAME_DB_LEN) == 0) ||
+ (strlen(ret) == NAME_DBX_LEN && strncmp(ret, NAME_DBX, NAME_DBX_LEN) == 0)) {
free(ret);
tpm2_tool_output(" VariableData:\n");
@@ -397,7 +413,7 @@ static bool yaml_uefi_var(UEFI_VARIABLE_DATA *data, size_t size, UINT32 type,
variable_data += slist->SignatureListSize;
}
return true;
- } else if ((strlen(ret) == 10 && strncmp(ret, "SecureBoot", 10) == 0)) {
+ } else if ((strlen(ret) == NAME_SECUREBOOT_LEN && strncmp(ret, NAME_SECUREBOOT, NAME_SECUREBOOT_LEN) == 0)) {
free(ret);
tpm2_tool_output(" VariableData:\n"
" Enabled: ");
@@ -420,7 +436,7 @@ static bool yaml_uefi_var(UEFI_VARIABLE_DATA *data, size_t size, UINT32 type,
}
} else if (type == EV_EFI_VARIABLE_AUTHORITY) {
/* The MokListTrusted is boolean option, not a EFI_SIGNATURE_DATA*/
- if ((strlen(ret) == 14 && strncmp(ret, "MokListTrusted", 14) == 0)) {
+ if ((strlen(ret) == NAME_MOKLISTTRUSTED_LEN && strncmp(ret, NAME_MOKLISTTRUSTED, NAME_MOKLISTTRUSTED_LEN) == 0)) {
free(ret);
tpm2_tool_output(" VariableData:\n"
" Enabled: ");
@@ -462,7 +478,7 @@ static bool yaml_uefi_var(UEFI_VARIABLE_DATA *data, size_t size, UINT32 type,
return true;
}
} else if (type == EV_EFI_VARIABLE_BOOT || type == EV_EFI_VARIABLE_BOOT2) {
- if ((strlen(ret) == 9 && strncmp(ret, "BootOrder", 9) == 0)) {
+ if ((strlen(ret) == NAME_BOOTORDER_LEN && strncmp(ret, NAME_BOOTORDER, NAME_BOOTORDER_LEN) == 0)) {
free(ret);
tpm2_tool_output(" VariableData:\n");
--
2.37.3

View File

@ -0,0 +1,30 @@
From d783e7962e268b45c13ad800fca636bb922005fa Mon Sep 17 00:00:00 2001
From: Juergen Repp <juergen_repp@web.de>
Date: Tue, 18 Oct 2022 10:32:43 +0200
Subject: [PATCH 09/17] tss2_provision: fix usage of -L parameter.
The -L short parameter was not marked as parameter with required
arg in the short opt list.
Fixes #3147.
Signed-off-by: Juergen Repp <juergen_repp@web.de>
---
tools/fapi/tss2_provision.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/tools/fapi/tss2_provision.c b/tools/fapi/tss2_provision.c
index 5be7b4dc..7edf2dd3 100644
--- a/tools/fapi/tss2_provision.c
+++ b/tools/fapi/tss2_provision.c
@@ -33,7 +33,7 @@ static bool tss2_tool_onstart(tpm2_options **opts) {
{"authValueSh", required_argument, NULL, 'S'},
{"authValueLockout", required_argument, NULL, 'L'},
};
- return (*opts = tpm2_options_new ("E:S:L",
+ return (*opts = tpm2_options_new ("E:S:L:",
ARRAY_LEN(topts), topts, on_option, NULL, 0)) != NULL;
}
--
2.40.1

View File

@ -0,0 +1,26 @@
From 0582b619c3a2c407bf5eace8d83d832688781789 Mon Sep 17 00:00:00 2001
From: William Roberts <william.c.roberts@intel.com>
Date: Mon, 24 Oct 2022 10:31:05 -0500
Subject: [PATCH 10/17] tpm2_encodeobject: fix formatting
Signed-off-by: William Roberts <william.c.roberts@intel.com>
---
tools/misc/tpm2_encodeobject.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/tools/misc/tpm2_encodeobject.c b/tools/misc/tpm2_encodeobject.c
index 2341c3a1..ccbd0e01 100644
--- a/tools/misc/tpm2_encodeobject.c
+++ b/tools/misc/tpm2_encodeobject.c
@@ -87,7 +87,7 @@ static bool on_option(char key, char *value) {
ctx.parent.ctx_path = value;
break;
case 'o':
- ctx.output_path = value;
+ ctx.output_path = value;
break;
}
--
2.40.1

View File

@ -0,0 +1,99 @@
From 579bb674b5bdf2a0d50e8d3a3d6f5391d233bdff Mon Sep 17 00:00:00 2001
From: William Roberts <william.c.roberts@intel.com>
Date: Mon, 24 Oct 2022 10:48:18 -0500
Subject: [PATCH 11/17] tpm2_encodeobject: fix auth boolean flag
The flag for wether or not a key needs a password was being set based on
if the parent needed a password or not when it should be set based on if
the child object needs a password or not.
Correct this by adding a -p/--key-auth option to indicate the value of
this boolean.
$ tpm2 encodeobject -C 0x81000000 -u key.pub -r key.priv -o key.pem
$ openssl asn1parse -dump -inform PEM -in key.pem
<snip>
14:d=2 hl=2 l= 1 prim: BOOLEAN :0
</snip>
$ tpm2 encodeobject -C 0x81000000 -u key.pub -r key.priv -o key.pem -p
$ openssl asn1parse -dump -inform PEM -in key.pem
<snip>
14:d=2 hl=2 l= 1 prim: BOOLEAN :1
</snip>
A workaround would be manually modifying the ASN1 PEM file boolean flag
OR creating the same parent key but with a password and specifying the
password via `-P`. Note that a primary key is the same given the same
inputs and password doesn't change the generated key.
Fixes: #3152
Signed-off-by: William Roberts <william.c.roberts@intel.com>
---
man/tpm2_encodeobject.1.md | 5 +++++
tools/misc/tpm2_encodeobject.c | 9 +++++++--
2 files changed, 12 insertions(+), 2 deletions(-)
diff --git a/man/tpm2_encodeobject.1.md b/man/tpm2_encodeobject.1.md
index 791eafbd..2e83fa7d 100644
--- a/man/tpm2_encodeobject.1.md
+++ b/man/tpm2_encodeobject.1.md
@@ -37,6 +37,11 @@ applications.
A file containing the sensitive portion of the object.
+ * **-p**, **\--key-auth**:
+
+ Indicates if an authorization value is needed for the object specified by
+ **-r** and **-u**.
+
* **-o**, **\--output**=_FILE_:
The output file path, recording the public portion of the object.
diff --git a/tools/misc/tpm2_encodeobject.c b/tools/misc/tpm2_encodeobject.c
index ccbd0e01..80de14f5 100644
--- a/tools/misc/tpm2_encodeobject.c
+++ b/tools/misc/tpm2_encodeobject.c
@@ -65,6 +65,7 @@ struct tpm_encodeobject_ctx {
const char *privpath;
TPM2B_PRIVATE private;
ESYS_TR handle;
+ bool needs_auth;
} object;
char *output_path;
@@ -89,6 +90,9 @@ static bool on_option(char key, char *value) {
case 'o':
ctx.output_path = value;
break;
+ case 'p':
+ ctx.object.needs_auth = true;
+ break;
}
return true;
@@ -101,9 +105,10 @@ static bool tpm2_tool_onstart(tpm2_options **opts) {
{ "private", required_argument, NULL, 'r' },
{ "parent-context", required_argument, NULL, 'C' },
{ "output", required_argument, NULL, 'o' },
+ { "key-auth", no_argument, NULL, 'p' },
};
- *opts = tpm2_options_new("P:u:r:C:o:", ARRAY_LEN(topts), topts, on_option,
+ *opts = tpm2_options_new("P:u:r:C:o:p", ARRAY_LEN(topts), topts, on_option,
NULL, 0);
return *opts != NULL;
@@ -190,7 +195,7 @@ encode(void)
goto error;
}
- tpk->emptyAuth = ctx.parent.auth_str == NULL ? 0xFF : 0;
+ tpk->emptyAuth = ctx.object.needs_auth;
if ((ctx.parent.object.handle >> TPM2_HR_SHIFT) == TPM2_HT_PERSISTENT) {
ASN1_INTEGER_set(tpk->parent, ctx.parent.object.handle);
--
2.40.1

View File

@ -0,0 +1,30 @@
From 3848000b934b9e2546a506ab0922c028491d2284 Mon Sep 17 00:00:00 2001
From: mayuanchen <94815698+mayuanchenma@users.noreply.github.com>
Date: Thu, 1 Dec 2022 21:44:22 +0800
Subject: [PATCH 12/17] bugfix: fix convert sm2 public key in openssl3.
Signed-off-by: mayuanchen <94815698+mayuanchenma@users.noreply.github.com>
---
lib/tpm2_convert.c | 6 +++++-
1 file changed, 5 insertions(+), 1 deletion(-)
diff --git a/lib/tpm2_convert.c b/lib/tpm2_convert.c
index 1bba370f..edb9bed0 100644
--- a/lib/tpm2_convert.c
+++ b/lib/tpm2_convert.c
@@ -335,7 +335,11 @@ EVP_PKEY *convert_pubkey_ECC(TPMT_PUBLIC *public) {
goto out;
}
- ctx = EVP_PKEY_CTX_new_from_name(NULL, "EC", NULL);
+ if (nid == NID_sm2) {
+ ctx = EVP_PKEY_CTX_new_from_name(NULL, "SM2", NULL);
+ } else {
+ ctx = EVP_PKEY_CTX_new_from_name(NULL, "EC", NULL);
+ }
if (!ctx) {
print_ssl_error("Failed to allocate EC key context");
goto out;
--
2.40.1

View File

@ -0,0 +1,46 @@
From 62f6cdaa36e1c9e8f39e1ca60d8e3049de6860bf Mon Sep 17 00:00:00 2001
From: William Roberts <william.c.roberts@intel.com>
Date: Mon, 27 Feb 2023 15:32:55 -0600
Subject: [PATCH 13/17] readpublic: fix reading and writing serialized trs
Fix reading and writing a serialized persistent ESYS_TR handles. This
occurs becuase the TPM2_HANDLE is never set after loading and decisions
are made on it.
Fixes:
tpm2_readpublic -t handle2.tr -c handle.tr
ERROR: Can only output a serialized handle for persistent object handles
ERROR: Unable to run tpm2_readpublic
Signed-off-by: William Roberts <william.c.roberts@intel.com>
---
lib/object.c | 13 ++++++++++++-
1 file changed, 12 insertions(+), 1 deletion(-)
diff --git a/lib/object.c b/lib/object.c
index c186a820..1279a8e5 100644
--- a/lib/object.c
+++ b/lib/object.c
@@ -15,7 +15,18 @@ static tool_rc do_ctx_file(ESYS_CONTEXT *ctx, const char *objectstr, FILE *f,
/* assign a dummy transient handle */
outobject->handle = TPM2_TRANSIENT_FIRST;
outobject->path = objectstr;
- return files_load_tpm_context_from_file(ctx, &outobject->tr_handle, f);
+ tool_rc rc = files_load_tpm_context_from_file(ctx, &outobject->tr_handle, f);
+ if (rc != tool_rc_success) {
+ return rc;
+ }
+
+ TSS2_RC rval = Esys_TR_GetTpmHandle(ctx, outobject->tr_handle, &outobject->handle);
+ if (rval != TPM2_RC_SUCCESS) {
+ LOG_ERR("Failed to acquire SAPI handle");
+ return tool_rc_general_error;
+ }
+
+ return tool_rc_success;
}
static tool_rc tpm2_util_object_load2(ESYS_CONTEXT *ctx, const char *objectstr,
--
2.40.1

View File

@ -0,0 +1,29 @@
From f1515918ebba36a540432425f7cd01ca3c44aaac Mon Sep 17 00:00:00 2001
From: yuxiaojun <yuxiaojun@uniontech.com>
Date: Wed, 1 Feb 2023 11:47:40 +0800
Subject: [PATCH 14/17] fix:wrong function name of "Esys_Load"
LOG_PERR(Eys_Load, rval);
The first parameter in the function should be Esys_Load.
Signed-off-by: yuxiaojun <yuxiaojun@uniontech.com>
---
lib/tpm2.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/lib/tpm2.c b/lib/tpm2.c
index d91072ae..27f101e9 100644
--- a/lib/tpm2.c
+++ b/lib/tpm2.c
@@ -1921,7 +1921,7 @@ tpm2_load_free_name1:
parent_object_session_handle, ESYS_TR_NONE, ESYS_TR_NONE, in_private,
in_public, object_handle);
if (rval != TPM2_RC_SUCCESS) {
- LOG_PERR(Eys_Load, rval);
+ LOG_PERR(Esys_Load, rval);
return tool_rc_from_tpm(rval);
}
--
2.40.1

View File

@ -0,0 +1,224 @@
From 510d570d9c4f34d4768af3453dcfcc4f74006e32 Mon Sep 17 00:00:00 2001
From: Juergen Repp <juergen_repp@web.de>
Date: Fri, 7 Apr 2023 14:02:33 +0200
Subject: [PATCH 15/17] tpm errata: switch to twos-complement.
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Errata TCG Trusted Platform Module Library Revision 1.59 Version 1.4,
Section 2.5 TPM_EO twos complement states:
"The signed arithmetic operations are performed using twos-complement."
The tests policynv and policycountertimer were adapted to work with the
complement representation of signed numbers. If the tests return the error 0x126
the test will be skipped.
Signed-off-by: Juergen Repp <juergen_repp@web.de>
---
.../tests/abrmd_policycountertimer.sh | 35 +++++++--
test/integration/tests/abrmd_policynv.sh | 75 +++++++++++++------
2 files changed, 78 insertions(+), 32 deletions(-)
diff --git a/test/integration/tests/abrmd_policycountertimer.sh b/test/integration/tests/abrmd_policycountertimer.sh
index 58fcf1b9..80afc541 100644
--- a/test/integration/tests/abrmd_policycountertimer.sh
+++ b/test/integration/tests/abrmd_policycountertimer.sh
@@ -11,6 +11,27 @@ cleanup() {
fi
}
+call_policy_countertimer () {
+ trap - ERR
+ output=$(tpm2 policycountertimer $@ 2>&1)
+ result=$?
+
+ if [ $result != 0 ] && echo $output | grep "ErrorCode.*0126" > /dev/null
+ then
+ echo "This test failed due to a TPM bug regarding signed comparison as described"
+ echo "in TCG's Errata for TCG Trusted Platform Module Library Revision 1.59 Version 1.4,"
+ echo "Section 2.5 TPM_EO twos complement"
+ tpm2 flushcontext session.ctx
+ skip_test
+ else
+ if [ $result != 0 ]; then
+ tpm2 flushcontext session.ctx
+ exit 1
+ fi
+ fi
+ trap onerror ERR
+}
+
trap cleanup EXIT
start_up
@@ -25,8 +46,7 @@ tpm2 clear
#
tpm2 startauthsession -S session.ctx
-tpm2 policycountertimer -S session.ctx -L policy.countertimer.minute --ult \
-60000
+call_policy_countertimer -S session.ctx -L policy.countertimer.minute --ult 60000
tpm2 flushcontext session.ctx
@@ -42,8 +62,7 @@ tpm2 create -Q -u key.pub -r key.priv -i- -C prim.ctx \
#
tpm2 startauthsession -S session.ctx --policy-session
-tpm2 policycountertimer -S session.ctx -L policy.countertimer.minute --ult \
-60000
+call_policy_countertimer -S session.ctx -L policy.countertimer.minute --ult 60000
tpm2 unseal -c key.ctx -p session:session.ctx
@@ -54,7 +73,7 @@ tpm2 flushcontext session.ctx
#
tpm2 clear
tpm2 startauthsession -S session.ctx --policy-session
-tpm2 policycountertimer -S session.ctx --ult clock=60000
+call_policy_countertimer -S session.ctx --ult clock=60000
tpm2 flushcontext session.ctx
#
@@ -63,7 +82,7 @@ tpm2 flushcontext session.ctx
#
tpm2 clear
tpm2 startauthsession -S session.ctx --policy-session
-tpm2 policycountertimer -S session.ctx safe
+call_policy_countertimer -S session.ctx safe
tpm2 flushcontext session.ctx
#
@@ -72,7 +91,7 @@ tpm2 flushcontext session.ctx
#
tpm2 clear
tpm2 startauthsession -S session.ctx --policy-session
-tpm2 policycountertimer -S session.ctx resets=0
+call_policy_countertimer -S session.ctx resets=0
tpm2 flushcontext session.ctx
#
@@ -81,7 +100,7 @@ tpm2 flushcontext session.ctx
#
tpm2 clear
tpm2 startauthsession -S session.ctx --policy-session
-tpm2 policycountertimer -S session.ctx restarts=0
+call_policy_countertimer -S session.ctx restarts=0
tpm2 flushcontext session.ctx
exit 0
diff --git a/test/integration/tests/abrmd_policynv.sh b/test/integration/tests/abrmd_policynv.sh
index b75cabb8..220edec0 100644
--- a/test/integration/tests/abrmd_policynv.sh
+++ b/test/integration/tests/abrmd_policynv.sh
@@ -36,10 +36,34 @@ evaluate_failing_test_case() {
}
evaluate_passing_test_case() {
- tpm2 startauthsession -S session.ctx --policy-session
- echo $operandB | xxd -r -p | \
- tpm2 policynv -S session.ctx -i- -P nvpass $nv_test_index $1
- tpm2 flushcontext session.ctx
+ tpm2 startauthsession -S session.ctx --policy-session
+ if [[ ${1:0:1} == "s" ]]; then
+ echo "Test sign: $1 $operandA $operandB"
+ # check whether sign compare fails with 0x126
+ trap - ERR
+ output=$(echo $operandB | xxd -r -p | \
+ tpm2 policynv -S session.ctx -i- -P nvpass $nv_test_index $1 2>&1)
+ result=$?
+ if [ $result != 0 ] && echo $output | grep "ErrorCode.*0126" > /dev/null
+ then
+ echo "This test failed due to a TPM bug regarding signed comparison as described"
+ echo "in TCG's Errata for TCG Trusted Platform Module Library Revision 1.59 Version 1.4,"
+ echo "Section 2.5 TPM_EO twos complement"
+ tpm2 flushcontext session.ctx
+ skip_test
+ else
+ if [ $result != 0 ]; then
+ tpm2 flushcontext session.ctx
+ exit 1
+ fi
+ fi
+ tpm2 flushcontext session.ctx
+ trap onerror ERR
+ else
+ echo $operandB | xxd -r -p | \
+ tpm2 policynv -S session.ctx -i- -P nvpass $nv_test_index $1
+ tpm2 flushcontext session.ctx
+ fi
}
trap cleanup EXIT
@@ -70,40 +94,20 @@ evaluate_passing_test_case eq
operandB=0x80
evaluate_passing_test_case neq
-# Perform comparison operation "sgt"
-operandB=0x82
-evaluate_passing_test_case sgt
-
# Perform comparison operation "ugt"
operandB=0x80
evaluate_passing_test_case ugt
-# Perform comparison operation "slt"
-operandB=0x80
-evaluate_passing_test_case slt
-
# Perform comparison operation "ult"
operandB=0x82
evaluate_passing_test_case ult
-# Perform comparison operation "sge"
-operandB=0x82
-evaluate_passing_test_case sge
-operandB=0x81
-evaluate_passing_test_case sge
-
# Perform comparison operation "uge"
operandB=0x80
evaluate_passing_test_case uge
operandB=0x81
evaluate_passing_test_case uge
-# Perform comparison operation "sle"
-operandB=0x80
-evaluate_passing_test_case sle
-operandB=0x81
-evaluate_passing_test_case sle
-
# Perform comparison operation "ule"
operandB=0x82
evaluate_passing_test_case ule
@@ -118,4 +122,27 @@ evaluate_passing_test_case bs
operandB=0x7E
evaluate_passing_test_case bc
+operandA=0xfe # -1
+echo $operandA | xxd -r -p | tpm2 nvwrite -P nvpass -i- $nv_test_index
+
+# Perform comparison operation "sgt"
+operandB=0xfd # -2
+evaluate_passing_test_case sgt
+
+# Perform comparison operation "slt"
+operandB=0xff # 0
+evaluate_passing_test_case slt
+
+# Perform comparison operation "sle"
+operandB=0xff #0
+evaluate_passing_test_case sle
+operandB=0xfe # -1
+evaluate_passing_test_case sle
+
+# Perform comparison operation "sge"
+operandB=0xfd # -2
+evaluate_passing_test_case sge
+operandB=0xfe # -1
+evaluate_passing_test_case sge
+
exit 0
--
2.40.1

View File

@ -0,0 +1,159 @@
From 2f6a737efddce480803c02a5e3b65ce739c6acf2 Mon Sep 17 00:00:00 2001
From: Juergen Repp <juergen_repp@web.de>
Date: Tue, 28 Mar 2023 17:29:36 +0200
Subject: [PATCH 16/17] tpm2_eventlog.c Fix pcr extension for EV_NO_ACTION
EV_NO_ACTION events should not be extended to PCR registers.
Fixes: #3224
Signed-off-by: Juergen Repp <juergen_repp@web.de>
---
lib/tpm2_eventlog.c | 14 +++++++++-----
lib/tpm2_eventlog.h | 2 +-
test/unit/test_tpm2_eventlog.c | 15 ++++++++-------
3 files changed, 18 insertions(+), 13 deletions(-)
diff --git a/lib/tpm2_eventlog.c b/lib/tpm2_eventlog.c
index 1b59eeeb..e2e27f02 100644
--- a/lib/tpm2_eventlog.c
+++ b/lib/tpm2_eventlog.c
@@ -30,7 +30,8 @@ bool digest2_accumulator_callback(TCG_DIGEST2 const *digest, size_t size,
* hold the digest. The size of the digest is passed to the callback in the
* 'size' parameter.
*/
-bool foreach_digest2(tpm2_eventlog_context *ctx, unsigned pcr_index, TCG_DIGEST2 const *digest, size_t count, size_t size) {
+bool foreach_digest2(tpm2_eventlog_context *ctx, UINT32 eventType, unsigned pcr_index,
+ TCG_DIGEST2 const *digest, size_t count, size_t size) {
if (digest == NULL) {
LOG_ERR("digest cannot be NULL");
@@ -80,7 +81,8 @@ bool foreach_digest2(tpm2_eventlog_context *ctx, unsigned pcr_index, TCG_DIGEST2
LOG_WARN("PCR%d algorithm %d unsupported", pcr_index, alg);
}
- if (pcr && !tpm2_openssl_pcr_extend(alg, pcr, digest->Digest, alg_size)) {
+ if (eventType != EV_NO_ACTION && pcr &&
+ !tpm2_openssl_pcr_extend(alg, pcr, digest->Digest, alg_size)) {
LOG_ERR("PCR%d extend failed", pcr_index);
return false;
}
@@ -179,7 +181,8 @@ bool parse_event2(TCG_EVENT_HEADER2 const *eventhdr, size_t buf_size,
.data = digests_size,
.digest2_cb = digest2_accumulator_callback,
};
- ret = foreach_digest2(&ctx, eventhdr->PCRIndex,
+ ret = foreach_digest2(&ctx, eventhdr->EventType,
+ eventhdr->PCRIndex,
eventhdr->Digests, eventhdr->DigestCount,
buf_size - sizeof(*eventhdr));
if (ret != true) {
@@ -216,7 +219,7 @@ bool parse_sha1_log_event(tpm2_eventlog_context *ctx, TCG_EVENT const *event, si
*event_size = sizeof(*event);
pcr = ctx->sha1_pcrs[ event->pcrIndex];
- if (pcr) {
+ if (event->eventType != EV_NO_ACTION && pcr) {
tpm2_openssl_pcr_extend(TPM2_ALG_SHA1, pcr, &event->digest[0], 20);
ctx->sha1_used |= (1 << event->pcrIndex);
}
@@ -451,7 +454,8 @@ bool foreach_event2(tpm2_eventlog_context *ctx, TCG_EVENT_HEADER2 const *eventhd
}
/* digest callback foreach digest */
- ret = foreach_digest2(ctx, eventhdr->PCRIndex, eventhdr->Digests, eventhdr->DigestCount, digests_size);
+ ret = foreach_digest2(ctx, eventhdr->EventType, eventhdr->PCRIndex,
+ eventhdr->Digests, eventhdr->DigestCount, digests_size);
if (ret != true) {
return false;
}
diff --git a/lib/tpm2_eventlog.h b/lib/tpm2_eventlog.h
index 2a91ed60..f141e806 100644
--- a/lib/tpm2_eventlog.h
+++ b/lib/tpm2_eventlog.h
@@ -44,7 +44,7 @@ bool digest2_accumulator_callback(TCG_DIGEST2 const *digest, size_t size,
void *data);
bool parse_event2body(TCG_EVENT2 const *event, UINT32 type);
-bool foreach_digest2(tpm2_eventlog_context *ctx, unsigned pcr_index,
+bool foreach_digest2(tpm2_eventlog_context *ctx, UINT32 eventType, unsigned pcr_index,
TCG_DIGEST2 const *event_hdr, size_t count, size_t size);
bool parse_event2(TCG_EVENT_HEADER2 const *eventhdr, size_t buf_size,
size_t *event_size, size_t *digests_size);
diff --git a/test/unit/test_tpm2_eventlog.c b/test/unit/test_tpm2_eventlog.c
index ebf50e80..e48404d8 100644
--- a/test/unit/test_tpm2_eventlog.c
+++ b/test/unit/test_tpm2_eventlog.c
@@ -27,7 +27,7 @@ static void test_foreach_digest2_null(void **state){
(void)state;
tpm2_eventlog_context ctx = {0};
- assert_false(foreach_digest2(&ctx, 0, NULL, 0, sizeof(TCG_DIGEST2)));
+ assert_false(foreach_digest2(&ctx, 0, 0, NULL, 0, sizeof(TCG_DIGEST2)));
}
static void test_foreach_digest2_size(void **state) {
@@ -36,7 +36,7 @@ static void test_foreach_digest2_size(void **state) {
TCG_DIGEST2 *digest = (TCG_DIGEST2*)buf;
tpm2_eventlog_context ctx = { .digest2_cb = foreach_digest2_test_callback };
- assert_false(foreach_digest2(&ctx, 0, digest, 1, sizeof(TCG_DIGEST2) - 1));
+ assert_false(foreach_digest2(&ctx, 0, 0, digest, 1, sizeof(TCG_DIGEST2) - 1));
}
static void test_foreach_digest2(void **state) {
@@ -47,7 +47,7 @@ static void test_foreach_digest2(void **state) {
will_return(foreach_digest2_test_callback, true);
tpm2_eventlog_context ctx = { .digest2_cb = foreach_digest2_test_callback };
- assert_true(foreach_digest2(&ctx, 0, digest, 1, TCG_DIGEST2_SHA1_SIZE));
+ assert_true(foreach_digest2(&ctx, 0, 0, digest, 1, TCG_DIGEST2_SHA1_SIZE));
}
static void test_foreach_digest2_cbnull(void **state){
@@ -56,7 +56,7 @@ static void test_foreach_digest2_cbnull(void **state){
TCG_DIGEST2* digest = (TCG_DIGEST2*)buf;
tpm2_eventlog_context ctx = {0};
- assert_true(foreach_digest2(&ctx, 0, digest, 1, TCG_DIGEST2_SHA1_SIZE));
+ assert_true(foreach_digest2(&ctx, 0, 0, digest, 1, TCG_DIGEST2_SHA1_SIZE));
}
static void test_sha1(void **state){
@@ -73,7 +73,7 @@ static void test_sha1(void **state){
memcpy(digest->Digest, "the magic words are:", TPM2_SHA1_DIGEST_SIZE);
tpm2_eventlog_context ctx = {0};
- assert_true(foreach_digest2(&ctx, pcr_index, digest, 1, TCG_DIGEST2_SHA1_SIZE));
+ assert_true(foreach_digest2(&ctx, 0, pcr_index, digest, 1, TCG_DIGEST2_SHA1_SIZE));
assert_memory_equal(ctx.sha1_pcrs[pcr_index], sha1sum, sizeof(sha1sum));
}
static void test_sha256(void **state){
@@ -93,7 +93,7 @@ static void test_sha256(void **state){
memcpy(digest->Digest, "The Magic Words are Squeamish Ossifrage, for RSA-129 (from 1977)", TPM2_SHA256_DIGEST_SIZE);
tpm2_eventlog_context ctx = {0};
- assert_true(foreach_digest2(&ctx, pcr_index, digest, 1, TCG_DIGEST2_SHA256_SIZE));
+ assert_true(foreach_digest2(&ctx, 0, pcr_index, digest, 1, TCG_DIGEST2_SHA256_SIZE));
assert_memory_equal(ctx.sha256_pcrs[pcr_index], sha256sum, sizeof(sha256sum));
}
static void test_foreach_digest2_cbfail(void **state){
@@ -105,7 +105,7 @@ static void test_foreach_digest2_cbfail(void **state){
will_return(foreach_digest2_test_callback, false);
tpm2_eventlog_context ctx = { .digest2_cb = foreach_digest2_test_callback };
- assert_false(foreach_digest2(&ctx, 0, digest, 1, TCG_DIGEST2_SHA1_SIZE));
+ assert_false(foreach_digest2(&ctx, 0, 0, digest, 1, TCG_DIGEST2_SHA1_SIZE));
}
static void test_digest2_accumulator_callback(void **state) {
@@ -292,6 +292,7 @@ static void test_foreach_event2_parse_event2body_fail(void **state){
eventhdr->DigestCount = 1;
eventhdr->EventType = EV_EFI_VARIABLE_BOOT;
+ eventhdr->PCRIndex = 0;
digest->AlgorithmId = TPM2_ALG_SHA1;
event->EventSize = 1;
--
2.40.1

View File

@ -0,0 +1,52 @@
From 72b6a5497df8757987dfedd6263346154adb921e Mon Sep 17 00:00:00 2001
From: Juergen Repp <juergen_repp@web.de>
Date: Mon, 6 Mar 2023 12:16:05 +0100
Subject: [PATCH 17/17] kdfa.c Fix problem with FORTIFY_SOURCE on Fedora
The original kdfa implementation did produce an error caused by the flags
-flto -_FORTIFY_SOURCE=3 on Fedora rawhide.
This error can be avoided by switching off the optimization with pragma.
Fixes: #3210.
Signed-off-by: Juergen Repp <juergen_repp@web.de>
---
lib/tpm2_kdfa.c | 19 +++++++++++++++++++
1 file changed, 19 insertions(+)
diff --git a/lib/tpm2_kdfa.c b/lib/tpm2_kdfa.c
index 5eb8d558..e97c06f6 100644
--- a/lib/tpm2_kdfa.c
+++ b/lib/tpm2_kdfa.c
@@ -13,6 +13,15 @@
#include "tpm2_kdfa.h"
#include "tpm2_openssl.h"
+/*
+ * Disable optimization because of an error in FORTIFY_SOURCE
+ */
+
+#ifdef _FORTIFY_SOURCE
+#pragma GCC push_options
+#pragma GCC optimize ("O0")
+#endif
+
TSS2_RC tpm2_kdfa(TPMI_ALG_HASH hash_alg, TPM2B *key, char *label,
TPM2B *context_u, TPM2B *context_v, UINT16 bits,
TPM2B_MAX_BUFFER *result_key) {
@@ -139,3 +148,13 @@ err:
return rval;
}
+#ifdef _FORTIFY_SOURCE
+
+#endif
+
+#ifdef _FORTIFY_SOURCE
+#pragma GCC pop_options
+#endif
+
+
+
--
2.40.1

View File

@ -0,0 +1,32 @@
From 395651f059ceb21d56c44cddda05e055caa0fd19 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=C5=A0t=C4=9Bp=C3=A1n=20Hor=C3=A1=C4=8Dek?=
<shoracek@redhat.com>
Date: Mon, 18 Oct 2021 19:04:54 +0200
Subject: [PATCH] build: Use hardcoded version variable
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Before this commit the version was generated from git tag/commit hash.
This caused problems with having empty version variable while building
outside of git. Fix this by hardcoding the variable.
Signed-off-by: Štěpán Horáček <shoracek@redhat.com>
---
configure.ac | 3 +--
1 file changed, 1 insertion(+), 2 deletions(-)
diff --git a/configure.ac b/configure.ac
index 9561fa86..2bf3a790 100644
--- a/configure.ac
+++ b/configure.ac
@@ -1,5 +1,4 @@
-AC_INIT([tpm2-tools],
- [m4_esyscmd_s([git describe --tags --always --dirty])])
+AC_INIT([tpm2-tools], [5.2])
AC_CONFIG_MACRO_DIR([m4])
AX_IS_RELEASE([dash-version])
--
2.31.1

View File

@ -0,0 +1,434 @@
diff --git a/man/man1/tpm2_encodeobject.1 b/man/man1/tpm2_encodeobject.1
new file mode 100644
index 00000000..9b616bb0
--- /dev/null
+++ b/man/man1/tpm2_encodeobject.1
@@ -0,0 +1,428 @@
+.\" Automatically generated by Pandoc 2.5
+.\"
+.TH "tpm2_encodeobject" "1" "" "tpm2\-tools" "General Commands Manual"
+.hy
+.SH NAME
+.PP
+\f[B]tpm2_encodeobject\f[R](1) \- Encode an object into a combined PEM
+format.
+.SH SYNOPSIS
+.PP
+\f[B]tpm2_encodeobject\f[R] [\f[I]OPTIONS\f[R]]
+.SH DESCRIPTION
+.PP
+\f[B]tpm2_encodeobject\f[R](1) \- Encode both the private and public
+portions of an object into a combined PEM format used by
+tpm2\-tss\-engine.
+.PP
+The tool reads private and public portions of an object and encodes it
+into a combined PEM format used by tpm2\-tss\-engine and other
+applications.
+.PP
+\f[B]NOTE\f[R]: Both private and public portions of the tpm key must be
+specified.
+.SH OPTIONS
+.IP \[bu] 2
+\f[B]\-C\f[R], \f[B]\-\-parent\-context\f[R]=\f[I]OBJECT\f[R]:
+.RS 2
+.PP
+The parent object.
+.RE
+.IP \[bu] 2
+\f[B]\-P\f[R], \f[B]\-\-auth\f[R]=\f[I]AUTH\f[R]:
+.RS 2
+.PP
+The authorization value of the parent object specified by \f[B]\-C\f[R].
+.RE
+.IP \[bu] 2
+\f[B]\-u\f[R], \f[B]\-\-public\f[R]=\f[I]FILE\f[R]:
+.RS 2
+.PP
+A file containing the public portion of the object.
+.RE
+.IP \[bu] 2
+\f[B]\-r\f[R], \f[B]\-\-private\f[R]=\f[I]FILE\f[R]:
+.RS 2
+.PP
+A file containing the sensitive portion of the object.
+.RE
+.IP \[bu] 2
+\f[B]\-p\f[R], \f[B]\-\-key\-auth\f[R]:
+.RS 2
+.PP
+Indicates if an authorization value is needed for the object specified
+by \f[B]\-r\f[R] and \f[B]\-u\f[R].
+.RE
+.IP \[bu] 2
+\f[B]\-o\f[R], \f[B]\-\-output\f[R]=\f[I]FILE\f[R]:
+.RS 2
+.PP
+The output file path, recording the public portion of the object.
+.RE
+.SS References
+.SH Context Object Format
+.PP
+The type of a context object, whether it is a handle or file name, is
+determined according to the following logic \f[I]in\-order\f[R]:
+.IP \[bu] 2
+If the argument is a file path, then the file is loaded as a restored
+TPM transient object.
+.IP \[bu] 2
+If the argument is a \f[I]prefix\f[R] match on one of:
+.RS 2
+.IP \[bu] 2
+owner: the owner hierarchy
+.IP \[bu] 2
+platform: the platform hierarchy
+.IP \[bu] 2
+endorsement: the endorsement hierarchy
+.IP \[bu] 2
+lockout: the lockout control persistent object
+.RE
+.IP \[bu] 2
+If the argument argument can be loaded as a number it will be treat as a
+handle, e.g.\ 0x81010013 and used directly._OBJECT_.
+.SH Authorization Formatting
+.PP
+Authorization for use of an object in TPM2.0 can come in 3 different
+forms: 1.
+Password 2.
+HMAC 3.
+Sessions
+.PP
+\f[B]NOTE:\f[R] \[lq]Authorizations default to the \f[B]EMPTY
+PASSWORD\f[R] when not specified\[rq].
+.SS Passwords
+.PP
+Passwords are interpreted in the following forms below using prefix
+identifiers.
+.PP
+\f[B]Note\f[R]: By default passwords are assumed to be in the string
+form when they do not have a prefix.
+.SS String
+.PP
+A string password, specified by prefix \[lq]str:\[rq] or it\[cq]s
+absence (raw string without prefix) is not interpreted, and is directly
+used for authorization.
+.SS Examples
+.IP
+.nf
+\f[C]
+foobar
+str:foobar
+\f[R]
+.fi
+.SS Hex\-string
+.PP
+A hex\-string password, specified by prefix \[lq]hex:\[rq] is converted
+from a hexidecimal form into a byte array form, thus allowing passwords
+with non\-printable and/or terminal un\-friendly characters.
+.SS Example
+.IP
+.nf
+\f[C]
+hex:1122334455667788
+\f[R]
+.fi
+.SS File
+.PP
+A file based password, specified be prefix \[lq]file:\[rq] should be the
+path of a file containing the password to be read by the tool or a
+\[lq]\-\[rq] to use stdin.
+Storing passwords in files prevents information leakage, passwords
+passed as options can be read from the process list or common shell
+history features.
+.SS Examples
+.IP
+.nf
+\f[C]
+# to use stdin and be prompted
+file:\-
+
+# to use a file from a path
+file:path/to/password/file
+
+# to echo a password via stdin:
+echo foobar | tpm2_tool \-p file:\-
+
+# to use a bash here\-string via stdin:
+
+tpm2_tool \-p file:\- <<< foobar
+\f[R]
+.fi
+.SS Sessions
+.PP
+When using a policy session to authorize the use of an object, prefix
+the option argument with the \f[I]session\f[R] keyword.
+Then indicate a path to a session file that was created with
+tpm2_startauthsession(1).
+Optionally, if the session requires an auth value to be sent with the
+session handle (eg policy password), then append a + and a string as
+described in the \f[B]Passwords\f[R] section.
+.SS Examples
+.PP
+To use a session context file called \f[I]session.ctx\f[R].
+.IP
+.nf
+\f[C]
+session:session.ctx
+\f[R]
+.fi
+.PP
+To use a session context file called \f[I]session.ctx\f[R] \f[B]AND\f[R]
+send the authvalue mypassword.
+.IP
+.nf
+\f[C]
+session:session.ctx+mypassword
+\f[R]
+.fi
+.PP
+To use a session context file called \f[I]session.ctx\f[R] \f[B]AND\f[R]
+send the \f[I]HEX\f[R] authvalue 0x11223344.
+.IP
+.nf
+\f[C]
+session:session.ctx+hex:11223344
+\f[R]
+.fi
+.SS PCR Authorizations
+.PP
+You can satisfy a PCR policy using the \[lq]pcr:\[rq] prefix and the PCR
+minilanguage.
+The PCR minilanguage is as follows:
+\f[C]<pcr\-spec>=<raw\-pcr\-file>\f[R]
+.PP
+The PCR spec is documented in in the section \[lq]PCR bank
+specifiers\[rq].
+.PP
+The \f[C]raw\-pcr\-file\f[R] is an \f[B]optional\f[R] argument that
+contains the output of the raw PCR contents as returned by
+\f[I]tpm2_pcrread(1)\f[R].
+.PP
+PCR bank specifiers (pcr.md)
+.SS Examples
+.PP
+To satisfy a PCR policy of sha256 on banks 0, 1, 2 and 3 use a specifier
+of:
+.IP
+.nf
+\f[C]
+pcr:sha256:0,1,2,3
+\f[R]
+.fi
+.PP
+specifying \f[I]AUTH\f[R].
+.SH COMMON OPTIONS
+.PP
+This collection of options are common to many programs and provide
+information that many users may expect.
+.IP \[bu] 2
+\f[B]\-h\f[R], \f[B]\-\-help=[man|no\-man]\f[R]: Display the tools
+manpage.
+By default, it attempts to invoke the manpager for the tool, however, on
+failure will output a short tool summary.
+This is the same behavior if the \[lq]man\[rq] option argument is
+specified, however if explicit \[lq]man\[rq] is requested, the tool will
+provide errors from man on stderr.
+If the \[lq]no\-man\[rq] option if specified, or the manpager fails, the
+short options will be output to stdout.
+.RS 2
+.PP
+To successfully use the manpages feature requires the manpages to be
+installed or on \f[I]MANPATH\f[R], See man(1) for more details.
+.RE
+.IP \[bu] 2
+\f[B]\-v\f[R], \f[B]\-\-version\f[R]: Display version information for
+this tool, supported tctis and exit.
+.IP \[bu] 2
+\f[B]\-V\f[R], \f[B]\-\-verbose\f[R]: Increase the information that the
+tool prints to the console during its execution.
+When using this option the file and line number are printed.
+.IP \[bu] 2
+\f[B]\-Q\f[R], \f[B]\-\-quiet\f[R]: Silence normal tool output to
+stdout.
+.IP \[bu] 2
+\f[B]\-Z\f[R], \f[B]\-\-enable\-errata\f[R]: Enable the application of
+errata fixups.
+Useful if an errata fixup needs to be applied to commands sent to the
+TPM.
+Defining the environment TPM2TOOLS_ENABLE_ERRATA is equivalent.
+information many users may expect.
+.SH TCTI Configuration
+.PP
+The TCTI or \[lq]Transmission Interface\[rq] is the communication
+mechanism with the TPM.
+TCTIs can be changed for communication with TPMs across different
+mediums.
+.PP
+To control the TCTI, the tools respect:
+.IP "1." 3
+The command line option \f[B]\-T\f[R] or \f[B]\-\-tcti\f[R]
+.IP "2." 3
+The environment variable: \f[I]TPM2TOOLS_TCTI\f[R].
+.PP
+\f[B]Note:\f[R] The command line option always overrides the environment
+variable.
+.PP
+The current known TCTIs are:
+.IP \[bu] 2
+tabrmd \- The resource manager, called
+tabrmd (https://github.com/tpm2-software/tpm2-abrmd).
+Note that tabrmd and abrmd as a tcti name are synonymous.
+.IP \[bu] 2
+mssim \- Typically used for communicating to the TPM software simulator.
+.IP \[bu] 2
+device \- Used when talking directly to a TPM device file.
+.IP \[bu] 2
+none \- Do not initalize a connection with the TPM.
+Some tools allow for off\-tpm options and thus support not using a TCTI.
+Tools that do not support it will error when attempted to be used
+without a TCTI connection.
+Does not support \f[I]ANY\f[R] options and \f[I]MUST BE\f[R] presented
+as the exact text of \[lq]none\[rq].
+.PP
+The arguments to either the command line option or the environment
+variable are in the form:
+.PP
+\f[C]<tcti\-name>:<tcti\-option\-config>\f[R]
+.PP
+Specifying an empty string for either the \f[C]<tcti\-name>\f[R] or
+\f[C]<tcti\-option\-config>\f[R] results in the default being used for
+that portion respectively.
+.SS TCTI Defaults
+.PP
+When a TCTI is not specified, the default TCTI is searched for using
+\f[I]dlopen(3)\f[R] semantics.
+The tools will search for \f[I]tabrmd\f[R], \f[I]device\f[R] and
+\f[I]mssim\f[R] TCTIs \f[B]IN THAT ORDER\f[R] and \f[B]USE THE FIRST ONE
+FOUND\f[R].
+You can query what TCTI will be chosen as the default by using the
+\f[B]\-v\f[R] option to print the version information.
+The \[lq]default\-tcti\[rq] key\-value pair will indicate which of the
+aforementioned TCTIs is the default.
+.SS Custom TCTIs
+.PP
+Any TCTI that implements the dynamic TCTI interface can be loaded.
+The tools internally use \f[I]dlopen(3)\f[R], and the raw
+\f[I]tcti\-name\f[R] value is used for the lookup.
+Thus, this could be a path to the shared library, or a library name as
+understood by \f[I]dlopen(3)\f[R] semantics.
+.SH TCTI OPTIONS
+.PP
+This collection of options are used to configure the various known TCTI
+modules available:
+.IP \[bu] 2
+\f[B]device\f[R]: For the device TCTI, the TPM character device file for
+use by the device TCTI can be specified.
+The default is \f[I]/dev/tpm0\f[R].
+.RS 2
+.PP
+Example: \f[B]\-T device:/dev/tpm0\f[R] or \f[B]export
+\f[BI]TPM2TOOLS_TCTI\f[B]=\[lq]device:/dev/tpm0\[rq]\f[R]
+.RE
+.IP \[bu] 2
+\f[B]mssim\f[R]: For the mssim TCTI, the domain name or IP address and
+port number used by the simulator can be specified.
+The default are 127.0.0.1 and 2321.
+.RS 2
+.PP
+Example: \f[B]\-T mssim:host=localhost,port=2321\f[R] or \f[B]export
+\f[BI]TPM2TOOLS_TCTI\f[B]=\[lq]mssim:host=localhost,port=2321\[rq]\f[R]
+.RE
+.IP \[bu] 2
+\f[B]abrmd\f[R]: For the abrmd TCTI, the configuration string format is
+a series of simple key value pairs separated by a `,' character.
+Each key and value string are separated by a `=' character.
+.RS 2
+.IP \[bu] 2
+TCTI abrmd supports two keys:
+.RS 2
+.IP "1." 3
+`bus_name' : The name of the tabrmd service on the bus (a string).
+.IP "2." 3
+`bus_type' : The type of the dbus instance (a string) limited to
+`session' and `system'.
+.RE
+.PP
+Specify the tabrmd tcti name and a config string of
+\f[C]bus_name=com.example.FooBar\f[R]:
+.IP
+.nf
+\f[C]
+\[rs]\-\-tcti=tabrmd:bus_name=com.example.FooBar
+\f[R]
+.fi
+.PP
+Specify the default (abrmd) tcti and a config string of
+\f[C]bus_type=session\f[R]:
+.IP
+.nf
+\f[C]
+\[rs]\-\-tcti:bus_type=session
+\f[R]
+.fi
+.PP
+\f[B]NOTE\f[R]: abrmd and tabrmd are synonymous.
+the various known TCTI modules.
+.RE
+.SH EXAMPLES
+.SS Setup
+.PP
+To load an object you first must create an object under a primary
+object.
+So the first step is to create the primary object.
+.IP
+.nf
+\f[C]
+tpm2_createprimary \-c primary.ctx
+\f[R]
+.fi
+.PP
+Step 2 is to create an object under the primary object.
+.IP
+.nf
+\f[C]
+tpm2_create \-C primary.ctx \-u key.pub \-r key.priv \-f pem \-o pub.pem
+\f[R]
+.fi
+.PP
+This creates the private and public portions of the TPM object.
+With these object portions, it is now possible to load that object into
+the TPM for subsequent use.
+.SS Encoding an Object into a combined PEM format
+.PP
+The final step, is encoding the public and private portions of the
+object into a PEM format.
+.IP
+.nf
+\f[C]
+tpm2_encodeobject \-C primary.ctx \-u key.pub \-r key.priv \-o priv.pem
+\f[R]
+.fi
+.PP
+The generated \f[C]priv.pem\f[R] can be used together with
+\f[C]pub.pem\f[R] created in the step 2 of Setup section.
+.SH Returns
+.PP
+Tools can return any of the following codes:
+.IP \[bu] 2
+0 \- Success.
+.IP \[bu] 2
+1 \- General non\-specific error.
+.IP \[bu] 2
+2 \- Options handling error.
+.IP \[bu] 2
+3 \- Authentication error.
+.IP \[bu] 2
+4 \- TCTI related error.
+.IP \[bu] 2
+5 \- Non supported scheme.
+Applicable to tpm2_testparams.
+.SH BUGS
+.PP
+Github Issues (https://github.com/tpm2-software/tpm2-tools/issues)
+.SH HELP
+.PP
+See the Mailing
+List (https://lists.linuxfoundation.org/mailman/listinfo/tpm2)

12
SOURCES/test-fixup.patch Normal file
View File

@ -0,0 +1,12 @@
diff -ur tpm2-tools-5.2/test/integration/helpers.sh tpm2-tools-5.2-new/test/integration/helpers.sh
--- tpm2-tools-5.2/test/integration/helpers.sh 2021-08-23 09:47:20.000000000 -0700
+++ tpm2-tools-5.2-new/test/integration/helpers.sh 2022-05-31 16:06:07.939025537 -0700
@@ -409,7 +409,7 @@
echo "Starting tpm2-abrmd"
# Start tpm2-abrmd
start_abrmd || exit 1
- run_startup=false
+ # run_startup=false
else
echo "not starting abrmd"
fi

View File

@ -1,31 +1,55 @@
#global candidate rc2
Name: tpm2-tools
Version: 4.1.1
Release: 5%{?dist}
Summary: A TPM2.0 testing tool build upon TPM2.0-TSS
Version: 5.2
Release: 4%{?candidate:.%{candidate}}%{?dist}
Summary: A bunch of TPM testing toolS build upon tpm2-tss
License: BSD
URL: https://github.com/tpm2-software/tpm2-tools
Source0: https://github.com/tpm2-software/tpm2-tools/releases/download/%{version}/%{name}-%{version}.tar.gz
Patch0: 0001-tpm2_hierarchycontrol-Fixed-bug-where-hierarchycontr.patch
Patch1: 0001-tpm2_nvdefine.c-Fixed-error-reporting-message.patch
Patch2: 0001-tpm2_policyor-Silent-failure-bug-fix-for-invalid-uns.patch
Patch3: 0001-tpm2_alg_util.c-fix-a-bug-where-the-string-rsa3072-w.patch
Patch4: 0001-Fix-ESYS_TR-hierarchy-transition.patch
Patch5: 0001-Refactor-fix_esys_hierarchies.patch
Patch6: 0001-tpm2_create.c-Fix-an-issue-where-userwithauth-attr-c.patch
Patch7: 0001-tpm2_getekcertificate-add-default-web-address.patch
Patch8: 0001-lib-files-fix-an-error-message-in-files_load_-name.patch
Patch9: 0001-tpm2_policy.c-restrict-policy-digest-size.patch
Patch10: 0001-tpm2_policycountertimer-Fix-an-issue-where-operandB-.patch
Patch11: 0001-tools-tpm2_nvcertify.c-Fix-incompatible-pointer-cast.patch
Patch12: 0001-tools-tpm2_nvreadpublic-Fix-resource-leak.patch
Patch13: 0001-lib-files.c-Fix-an-issue-where-execution-could-not-r.patch
Patch14: 0001-tpm2_import-fix-fixed-AES-key-CVE-2021-3565.patch
Source0: https://github.com/tpm2-software/tpm2-tools/releases/download/%{version}%{?candidate:-%{candidate}}/%{name}-%{version}%{?candidate:-%{candidate}}.tar.gz
Patch0: 0019-build-Use-hardcoded-version-variable.patch
Patch1: test-fixup.patch
Patch2: 0001-testparms-fix-condition-for-negative-test.patch
Patch3: 0001-lib-tpm2_eventlog_yaml-use-char16_t-for-UEFI-charact.patch
Patch4: 0002-Patch-set-for-handling-of-new-event-types-in-tpm2_ev.patch
Patch5: 0003-Code-clarity-fix-for-calculation-of-data-member-addr.patch
Patch6: 0004-tpm2_eventlog-clean-up-some-magic-numbers.patch
Patch7: 0005-tpm2_eventlog_yaml-fix-malformed-YAML-for-EV_IPL-dat.patch
Patch8: 0006-test-track-expected-YAML-output-for-eventlog.patch
Patch9: 0007-tpm2_eventlog_yaml-fix-parsing-for-MokListTrusted.patch
Patch10: 0008-tests-add-eventlog-for-parsing-MokListTrusted.patch
Patch11: 0009-tpm2_eventlog_yaml-use-defines-for-Unicode-variables.patch
Patch101: 0001-Fix-nv_readpublic.patch
Patch102: 0002-tpm2_encodeobject-New-tool-to-encode-TPM2-object.patch
Patch103: 0003-tools-tpm2_evictconrol-fix-for-call-to-Esys_TR_Close.patch
Patch104: 0004-Fix-argument-parsing-in-tpm2_policylocality.patch
Patch105: 0005-tools-tpm2_tool.c-Fix-an-issue-where-LOG_WARN-is-alw.patch
Patch106: 0006-import-fix-bug-on-using-scheme.patch
Patch107: 0007-tpm2_policyor-fix-unallocated-policy-list.patch
Patch108: 0008-lib-tpm2_alg_util.c-Fix-potential-null-pointer-deref.patch
Patch109: 0009-tss2_provision-fix-usage-of-L-parameter.patch
Patch110: 0010-tpm2_encodeobject-fix-formatting.patch
Patch111: 0011-tpm2_encodeobject-fix-auth-boolean-flag.patch
Patch112: 0012-bugfix-fix-convert-sm2-public-key-in-openssl3.patch
Patch113: 0013-readpublic-fix-reading-and-writing-serialized-trs.patch
Patch114: 0014-fix-wrong-function-name-of-Esys_Load.patch
Patch115: 0015-tpm-errata-switch-to-twos-complement.patch
Patch116: 0016-tpm2_eventlog.c-Fix-pcr-extension-for-EV_NO_ACTION.patch
Patch117: 0017-kdfa.c-Fix-problem-with-FORTIFY_SOURCE-on-Fedora.patch
Patch118: add_pregenerated_doc.patch
Patch201: 0001-tpm2_sessionconfig-fix-usage-of-disable-continuesess.patch
Patch202: 0002-tpm2_tool.c-Fix-missing-include-for-basename.patch
Patch203: 0003-tpm2_nvread-fix-input-handling-no-nv-index.patch
Patch204: 0004-tpm2_checkquote-Add-comparison-of-pcr-selection.patch
Patch205: 0005-tpm2_checkquote-Fix-check-of-magic-number.patch
Patch206: 0006-tpm2_setprimarypolicy-Fix-resource-leak.patch
BuildRequires: git
BuildRequires: make
BuildRequires: gcc-c++
BuildRequires: libtool
BuildRequires: autoconf-archive
BuildRequires: pandoc
BuildRequires: pkgconfig(cmocka)
BuildRequires: pkgconfig(libcurl)
BuildRequires: pkgconfig(openssl)
@ -33,94 +57,182 @@ BuildRequires: pkgconfig(openssl)
BuildRequires: pkgconfig(tss2-mu)
BuildRequires: pkgconfig(tss2-sys)
BuildRequires: pkgconfig(tss2-esys)
BuildRequires: pkgconfig(uuid)
# tpm2-tools is heavily depending on TPM2.0-TSS project, matched tss is required
Requires: tpm2-tss%{?_isa} >= 2.3.2-1%{?dist}
# tpm2-tools project changed the install path for binaries and man page section
Obsoletes: tpm2-tools <= 2.1.1-2
Requires: tpm2-tss%{?_isa} >= 2.3.1
%description
tpm2-tools is a batch of testing tools for tpm2.0. It is based on tpm2-tss.
tpm2-tools is a batch of tools for tpm2.0. It is based on tpm2-tss.
%prep
%autosetup -p1 -n %{name}-%{version}
%autosetup -S git -p1 -n %{name}-%{version}%{?candidate:-%{candidate}}
%build
%configure --prefix=/usr --disable-static --disable-silent-rules
autoreconf -i
# LTO exposes a latent uninitialized variable "value" in the function # "nt".
# This has been reported to the maintainer (Yunying), but they have not
# responded and I am not comfortable enough with the code to know if a trivial
# initialization to zero is appropriate/safe. So LTO is disabled for now.
%define _lto_cflags %{nil}
%configure --prefix=/usr --disable-static --disable-silent-rules CFLAGS="%{optflags} -Wno-error=deprecated-declarations"
%make_build
%install
%make_install
%files
%doc README.md CHANGELOG.md
%license LICENSE
%license doc/LICENSE
%doc doc/README.md doc/CHANGELOG.md
%{_bindir}/tpm2
%{_bindir}/tpm2_*
%{_bindir}/tss2
%{_bindir}/tss2_*
%{_datadir}/bash-completion/completions/tpm2*
%{_datadir}/bash-completion/completions/tss2*
%{_mandir}/man1/tpm2_*.1.gz
%{_mandir}/man1/tpm2.1.gz
%{_mandir}/man1/tss2_*.1.gz
%changelog
* Mon Aug 09 2021 Jerry Snitselaar <jsnitsel@redhat.com> - 4.1.1-5
- Bump nvr to trigger osci.
resolves: rhbz#1965981
* Wed Jun 19 2024 Štěpán Horáček <shoracek@redhat.com> - 5.2-4
- Backport upstream fixes.
- tpm2_checkquote: Fix check of magic number. (CVE-2024-29038)
- tpm2_checkquote: Add comparison of pcr selection. (CVE-2024-29039)
- Fix check of magic number.
Resolves: RHEL-23198
Resolves: RHEL-41031
Resolves: RHEL-41035
* Tue Jun 01 2021 Jerry Snitselaar <jsnitsel@redhat.com> - 4.1.1-4
- Fix CVE-2021-3565
resolves: rhbz#1965981
* Wed May 24 2023 Štěpán Horáček <shoracek@redhat.com> - 5.2-3
- Backport fixes.
- Add tpm2_encodeobject tool.
Resolves: rhbz#2160304
Resolves: rhbz#2047342
* Fri May 14 2021 Jerry Snitselaar <jsnitsel@redhat.com> - 4.1.1-3
- Fix resource leak.
- Fix to restrict policy digest size.
- Fix incompatible pointer cast.
- Fix error message in files_load_##name
- Fix issue where execution couldn't reach function return.
resolves: rhbz#1920821
* Wed Oct 19 2022 Štěpán Horáček <shoracek@redhat.com> - 5.2-2
- Fix eventlog output.
Resolves: rhbz#2136215
* Mon Nov 16 2020 Jerry Snitselaar <jsnitsel@redhat.com> - 4.1.1-2
- Fix ESYS_TR hierarchy transition.
- Refactor fix_esys_hierarchies to return actual TSS2_RC return code.
- tpm2_alg_util.c: fix a bug where the string rsa3072 wasn't being parsed.
- tpm2_create.c: Fix an issue where userwithauth attr cleared if policy specified.
- tpm2_hierarchycontrol: Fix bug where hierarchycontrol operation failed silently.
- tpm2_nvdefine.c: Fix error reporting message.
- tpm2_policyor: Fix silent failure for invalid/unspecified policy digest alg.
resolves: rhbz#1854774
* Tue May 31 2022 Jerry Snitselaar <jsnitsel@redhat.com> - 5.2-1
- Rebase to 5.2 release.
Resolves: rhbz#2090748
* Wed Apr 29 2020 Jerry Snitselaar <jsnitsel@redhat.com> - 4.1.1-1
- Update to 4.1.1 release
resolves: rhbz#1789682
* Mon Oct 25 2021 Štěpán Horáček <shoracek@redhat.com> - 5.0-10
- Fix the version not being reported
Resolves: rhbz#2015941
* Tue Oct 22 2019 Jerry Snitselaar <jsnitsel@redhat.com> - 3.2.1-1
- Update to 3.2.1 release
resolves: rhbz#1725714
* Fri Oct 1 2021 Štěpán Horáček <shoracek@redhat.com> - 5.0-9
- Fix a segfault on ppc64le and add support for OpenSSL 3
Resolves: rhbz#1989617
* Tue May 28 2019 Jerry Snitselaar <jsnitsel@redhat.com> - 3.1.4-5
- Another dependency needed for CI gating
resolves: rhbz#1682417
* Tue Aug 10 2021 Mohan Boddu <mboddu@redhat.com> - 5.0-8
- Rebuilt for IMA sigs, glibc 2.34, aarch64 flags
Related: rhbz#1991688
* Tue May 28 2019 Jerry Snitselaar <jsnitsel@redhat.com> - 3.1.4-4
- Fix CI dependency
resolves: rhbz#1682417
* Mon Jun 28 2021 Jerry Snitselaar <jsnitsel@redhat.com> - 5.0-7
- Fix for CVE-2021-3565
Resolves: rhbz#1965982
* Tue May 28 2019 Jerry Snitselaar <jsnitsel@redhat.com> - 3.1.4-3
- Add CI gating test
resolves: rhbz#1682417
* Wed Jun 16 2021 Mohan Boddu <mboddu@redhat.com> - 5.0-6
- Rebuilt for RHEL 9 BETA for openssl 3.0
Related: rhbz#1971065
* Tue May 14 2019 Jerry Snitselaar <jsnitsel@redhat.com> - 3.1.4-2
- Add initial CI gating support
resolves: rhbz#1682417
* Mon May 24 2021 Jerry Snitselaar <jsnitsel@redhat.com> - 5.0-5
- Remove pandoc dependency. Related: rhbz#1943528
* Tue Apr 30 2019 Jerry Snitselaar <jsnitsel@redhat.com> - 3.1.4-1
- Rebase to 3.1.4 release.
resolves: rhbz#1664498
* Wed May 19 2021 Jerry Snitselaar <jsnitsel@redhat.com> - 5.0-4
- Work around for openssl 3.0 update. Related: rhbz#1958029
* Thu Nov 08 2018 Jerry Snitselaar <jsnitsel@redhat.com> - 3.1.1-4
- lib/tpm2_options: restore TCTI configuration environment variables
- tpm2_getcap: restore tool output to print properties with TPM_PT prefix
resolves: rhbz#1648001
* Fri Apr 16 2021 Mohan Boddu <mboddu@redhat.com> - 5.0-3
- Rebuilt for RHEL 9 BETA on Apr 15th 2021. Related: rhbz#1947937
* Sat Jul 14 2018 Javier Martinez Canillas <javierm@redhat.com> - - 3.1.1-3
* Wed Jan 27 2021 Fedora Release Engineering <releng@fedoraproject.org> - 5.0-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
* Mon Nov 23 2020 Peter Robinson <pbrobinson@fedoraproject.org> - 5.0-1
- Update tp tpm2-tools 5.0
* Sat Aug 29 2020 Peter Robinson <pbrobinson@fedoraproject.org> - 4.3.0-1
- Update to 4.3.0
* Mon Aug 10 2020 Peter Robinson <pbrobinson@fedoraproject.org> - 4.2.1-4
- Rebuild for tpm2-tss 3.0
* Wed Jul 29 2020 Fedora Release Engineering <releng@fedoraproject.org> - 4.2.1-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
* Tue Jun 30 2020 Jeff Law <law@redhat.com> - 4.2.1-2
- Disable LTO due to latent uninitialized variable exposed by LTO
* Wed May 27 2020 Peter Robinson <pbrobinson@fedoraproject.org> - 4.2.1-1
- Update to 4.2.1
* Tue Apr 14 2020 Peter Robinson <pbrobinson@fedoraproject.org> - 4.2-1
- Update to 4.2
* Fri Jan 31 2020 Fedora Release Engineering <releng@fedoraproject.org> - 4.1-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild
* Thu Nov 28 2019 Yunying Sun <yunying.sun@intel.com> - 4.1-1
- Update to 4.1 release
* Tue Oct 29 2019 Yunying Sun <yunying.sun@intel.com> - 4.0.1-1
- Update to 4.0.1 release
* Tue Sep 10 2019 Peter Robinson <pbrobinson@fedoraproject.org> 4.0-1
- Update to 4.0
* Fri Sep 6 2019 Javier Martinez Canillas <javierm@redhat.com> 4.0-0.4-rc2
- Use a release tarball instead of a source code tarball
* Fri Sep 6 2019 Peter Robinson <pbrobinson@fedoraproject.org> 4.0-0.3-rc2
- Update to 4.0 RC2
* Tue Aug 27 2019 Peter Robinson <pbrobinson@fedoraproject.org> 4.0-0.2-rc1
- Update to 4.0 RC1
* Tue Aug 20 2019 Peter Robinson <pbrobinson@fedoraproject.org> 4.0-0.1-rc0
- Update to 4.0 RC0
* Thu Aug 1 2019 Peter Robinson <pbrobinson@fedoraproject.org> 3.2.0-3
- Fix for crash for max PCRs available
* Sat Jul 27 2019 Fedora Release Engineering <releng@fedoraproject.org> - 3.2.0-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild
* Fri Jun 21 2019 Yunying Sun <yunying.sun@intel.com> - 3.2.0-1
- Update to 3.2.0 release
- Removed patches since all have been included in 3.2.0 release
* Fri May 10 2019 Javier Martinez Canillas <javierm@redhat.com> - 3.1.4-2
- Allow tpm2_makecredential to run without a TPM (jetwhiz)
- Add tpm2_pcrreset and tpm2_checkquote tools (jetwhiz)
* Fri Mar 15 2019 Yunying Sun <yunying.sun@intel.com> - 3.1.4-1
- Update to 3.1.4 release
- Removed the 4 patches since all have been included in 3.1.4 release
* Sun Feb 03 2019 Fedora Release Engineering <releng@fedoraproject.org> - 3.1.3-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
* Mon Jan 7 2019 Javier Martinez Canillas <javierm@redhat.com> - 3.1.3-3
- Fix broken -T option when passing additional arguments
* Mon Jan 7 2019 Javier Martinez Canillas <javierm@redhat.com> - 3.1.3-2
- Fix broken -T option and a couple of minor fixes
- Add pandoc BuildRequires
* Wed Nov 7 2018 Yunying Sun <yunying.sun@intel.com> - 3.1.3-1
- Update to 3.1.3 release
* Wed Sep 12 2018 Javier Martinez Canillas <javierm@redhat.com> - 3.1.2-1
- Update to 3.1.2 release
- Restore TCTI configuration environment for tools
- Restore tpm2_getcap tool properties output
Resolves: rhbz#1625647
* Sat Jul 14 2018 Javier Martinez Canillas <javierm@redhat.com> - 3.1.1-3
- Revert backward incompatible change that removes default object attributes
* Sat Jul 14 2018 Fedora Release Engineering <releng@fedoraproject.org> - 3.1.1-2