rpms/tpm2-tools
7
0
Fork 0
Code Issues Pull Requests Releases Activity
eccdf14ada
tpm2-tools/0011-openssl-Rename-tpm2_openssl_halg_from_tpmhalg.patch
Štěpán Horáček d8b5733ac7 tpm2-tools: Fix segfault and add support for OpenSSL 3 
The segfault was caused by calling tpm2 command on ppc64le without any
additional arguments.

Resolves: rhbz#1989617

Signed-off-by: Štěpán Horáček <shoracek@redhat.com>
2021-10-05 12:20:18 +02:00

195 lines
7.4 KiB
Diff
Raw Blame History

From b32168af24708f42a0ee28252912e3155505e983 Mon Sep 17 00:00:00 2001
From: Petr Gotthard <petr.gotthard@centrum.cz>
Date: Tue, 10 Aug 2021 11:49:00 +0200
Subject: [PATCH 10/17] openssl: Rename tpm2_openssl_halg_from_tpmhalg
Change its name to tpm2_openssl_md_from_tpmhalg for better naming
consistency with the openssl.
Signed-off-by: Petr Gotthard <petr.gotthard@centrum.cz>
---
lib/tpm2_identity_util.c | 8 ++++----
lib/tpm2_kdfa.c | 2 +-
lib/tpm2_kdfe.c | 2 +-
lib/tpm2_openssl.c | 12 ++++++------
lib/tpm2_openssl.h | 2 +-
lib/tpm2_util.c | 4 ++--
tools/misc/tpm2_checkquote.c | 2 +-
7 files changed, 16 insertions(+), 16 deletions(-)
diff --git a/lib/tpm2_identity_util.c b/lib/tpm2_identity_util.c
index e0c3f404..ba0c0e1c 100644
--- a/lib/tpm2_identity_util.c
+++ b/lib/tpm2_identity_util.c
@@ -134,7 +134,7 @@ static bool share_secret_with_tpm2_rsa_public_key(TPM2B_DIGEST *protection_seed,
unsigned char encoded[TPM2_MAX_DIGEST_BUFFER];
return_code = RSA_padding_add_PKCS1_OAEP_mgf1(encoded, mod_size,
protection_seed->buffer, protection_seed->size, label, label_len,
- tpm2_openssl_halg_from_tpmhalg(parent_name_alg), NULL);
+ tpm2_openssl_md_from_tpmhalg(parent_name_alg), NULL);
if (return_code != 1) {
LOG_ERR("Failed RSA_padding_add_PKCS1_OAEP_mgf1\n");
goto error;
@@ -356,7 +356,7 @@ static void hmac_outer_integrity(TPMI_ALG_HASH parent_name_alg,
UINT16 hash_size = tpm2_alg_util_get_hash_size(parent_name_alg);
- HMAC(tpm2_openssl_halg_from_tpmhalg(parent_name_alg), hmac_key, hash_size,
+ HMAC(tpm2_openssl_md_from_tpmhalg(parent_name_alg), hmac_key, hash_size,
to_hmac_buffer, buffer1_size + buffer2_size,
outer_integrity_hmac->buffer, &size);
outer_integrity_hmac->size = size;
@@ -391,7 +391,7 @@ bool tpm2_identity_util_calculate_inner_integrity(TPMI_ALG_HASH name_alg,
Tss2_MU_UINT16_Marshal(hash_size, marshalled_sensitive_and_name_digest,
sizeof(uint16_t), &digest_size_info);
- const EVP_MD *md = tpm2_openssl_halg_from_tpmhalg(name_alg);
+ const EVP_MD *md = tpm2_openssl_md_from_tpmhalg(name_alg);
if (!md) {
LOG_ERR("Algorithm not supported: %x", name_alg);
return false;
@@ -461,7 +461,7 @@ bool tpm2_identity_create_name(TPM2B_PUBLIC *public, TPM2B_NAME *pubname) {
&tpmt_marshalled_size);
// Step 3 - Hash the data into name just past the alg type.
- const EVP_MD *md = tpm2_openssl_halg_from_tpmhalg(name_alg);
+ const EVP_MD *md = tpm2_openssl_md_from_tpmhalg(name_alg);
if (!md) {
LOG_ERR("Algorithm not supported: %x", name_alg);
return false;
diff --git a/lib/tpm2_kdfa.c b/lib/tpm2_kdfa.c
index 5747b3ca..c8d0a2e1 100644
--- a/lib/tpm2_kdfa.c
+++ b/lib/tpm2_kdfa.c
@@ -34,7 +34,7 @@ TSS2_RC tpm2_kdfa(TPMI_ALG_HASH hash_alg, TPM2B *key, char *label,
i = 1;
- const EVP_MD *md = tpm2_openssl_halg_from_tpmhalg(hash_alg);
+ const EVP_MD *md = tpm2_openssl_md_from_tpmhalg(hash_alg);
if (!md) {
LOG_ERR("Algorithm not supported for hmac: %x", hash_alg);
return TPM2_RC_HASH;
diff --git a/lib/tpm2_kdfe.c b/lib/tpm2_kdfe.c
index aa4d3e0b..84718b9f 100644
--- a/lib/tpm2_kdfe.c
+++ b/lib/tpm2_kdfe.c
@@ -42,7 +42,7 @@ TSS2_RC tpm2_kdfe(
tpm2_util_concat_buffer(&hash_input, (TPM2B *) party_u);
tpm2_util_concat_buffer(&hash_input, (TPM2B *) party_v);
- const EVP_MD *md = tpm2_openssl_halg_from_tpmhalg(hash_alg);
+ const EVP_MD *md = tpm2_openssl_md_from_tpmhalg(hash_alg);
if (!md) {
LOG_ERR("Algorithm not supported: %x", hash_alg);
return TPM2_RC_HASH;
diff --git a/lib/tpm2_openssl.c b/lib/tpm2_openssl.c
index cdce92f8..9cc362af 100644
--- a/lib/tpm2_openssl.c
+++ b/lib/tpm2_openssl.c
@@ -55,7 +55,7 @@ int tpm2_openssl_halgid_from_tpmhalg(TPMI_ALG_HASH algorithm) {
/* no return, not possible */
}
-const EVP_MD *tpm2_openssl_halg_from_tpmhalg(TPMI_ALG_HASH algorithm) {
+const EVP_MD *tpm2_openssl_md_from_tpmhalg(TPMI_ALG_HASH algorithm) {
switch (algorithm) {
case TPM2_ALG_SHA1:
@@ -77,7 +77,7 @@ bool tpm2_openssl_hash_compute_data(TPMI_ALG_HASH halg, BYTE *buffer,
bool result = false;
- const EVP_MD *md = tpm2_openssl_halg_from_tpmhalg(halg);
+ const EVP_MD *md = tpm2_openssl_md_from_tpmhalg(halg);
if (!md) {
return false;
}
@@ -121,7 +121,7 @@ bool tpm2_openssl_pcr_extend(TPMI_ALG_HASH halg, BYTE *pcr,
bool result = false;
- const EVP_MD *md = tpm2_openssl_halg_from_tpmhalg(halg);
+ const EVP_MD *md = tpm2_openssl_md_from_tpmhalg(halg);
if (!md) {
return false;
}
@@ -170,7 +170,7 @@ bool tpm2_openssl_hash_pcr_values(TPMI_ALG_HASH halg, TPML_DIGEST *digests,
bool result = false;
- const EVP_MD *md = tpm2_openssl_halg_from_tpmhalg(halg);
+ const EVP_MD *md = tpm2_openssl_md_from_tpmhalg(halg);
if (!md) {
return false;
}
@@ -222,7 +222,7 @@ bool tpm2_openssl_hash_pcr_banks(TPMI_ALG_HASH hash_alg,
UINT32 vi = 0, di = 0, i;
bool result = false;
- const EVP_MD *md = tpm2_openssl_halg_from_tpmhalg(hash_alg);
+ const EVP_MD *md = tpm2_openssl_md_from_tpmhalg(hash_alg);
if (!md) {
return false;
}
@@ -299,7 +299,7 @@ bool tpm2_openssl_hash_pcr_banks_le(TPMI_ALG_HASH hash_alg,
UINT32 vi = 0, di = 0, i;
bool result = false;
- const EVP_MD *md = tpm2_openssl_halg_from_tpmhalg(hash_alg);
+ const EVP_MD *md = tpm2_openssl_md_from_tpmhalg(hash_alg);
if (!md) {
return false;
}
diff --git a/lib/tpm2_openssl.h b/lib/tpm2_openssl.h
index 78cb826a..b757baa5 100644
--- a/lib/tpm2_openssl.h
+++ b/lib/tpm2_openssl.h
@@ -48,7 +48,7 @@ int tpm2_openssl_halgid_from_tpmhalg(TPMI_ALG_HASH algorithm);
* @return
* A pointer to a message digester or NULL on failure.
*/
-const EVP_MD *tpm2_openssl_halg_from_tpmhalg(TPMI_ALG_HASH algorithm);
+const EVP_MD *tpm2_openssl_md_from_tpmhalg(TPMI_ALG_HASH algorithm);
/**
* Hash a byte buffer.
diff --git a/lib/tpm2_util.c b/lib/tpm2_util.c
index d2c654db..c4dc68e4 100644
--- a/lib/tpm2_util.c
+++ b/lib/tpm2_util.c
@@ -579,7 +579,7 @@ bool tpm2_util_calc_unique(TPMI_ALG_HASH name_alg,
memcpy(buf.buffer, seed->buffer, seed->size);
memcpy(&buf.buffer[seed->size], key->buffer, key->size);
- const EVP_MD *md = tpm2_openssl_halg_from_tpmhalg(name_alg);
+ const EVP_MD *md = tpm2_openssl_md_from_tpmhalg(name_alg);
if (!md) {
LOG_ERR("Algorithm not supported: %x", name_alg);
return false;
@@ -951,7 +951,7 @@ bool tpm2_calq_qname(TPM2B_NAME *pqname,
// QNB ≔ HB (QNA || NAMEB)
bool result = false;
- const EVP_MD *md = tpm2_openssl_halg_from_tpmhalg(halg);
+ const EVP_MD *md = tpm2_openssl_md_from_tpmhalg(halg);
EVP_MD_CTX *mdctx = EVP_MD_CTX_create();
if (!mdctx) {
diff --git a/tools/misc/tpm2_checkquote.c b/tools/misc/tpm2_checkquote.c
index ca78238e..5e0c42a5 100644
--- a/tools/misc/tpm2_checkquote.c
+++ b/tools/misc/tpm2_checkquote.c
@@ -74,7 +74,7 @@ static bool verify(void) {
/* get the digest alg */
/* TODO SPlit loading on plain vs tss format to detect the hash alg */
/* If its a plain sig we need -g */
- const EVP_MD *md = tpm2_openssl_halg_from_tpmhalg(ctx.halg);
+ const EVP_MD *md = tpm2_openssl_md_from_tpmhalg(ctx.halg);
// TODO error handling
int rc = EVP_PKEY_verify_init(pkey_ctx);
--
2.31.1
Reference in New Issue View Git Blame Copy Permalink