From 836936840130a82874a5278612de5fc006a26195e907d74a8a1afec6dbc7f9a9 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Adrian=20Schr=C3=B6ter?= Date: Sat, 4 May 2024 01:27:19 +0200 Subject: [PATCH] Sync from SUSE:SLFO:Main tpm2-0-tss revision b680ea2c79b8570fc45f365d00f6610f --- .gitattributes | 23 ++ baselibs.conf | 12 + tpm2-0-tss.changes | 706 ++++++++++++++++++++++++++++++++++++++ tpm2-0-tss.spec | 336 ++++++++++++++++++ tpm2-tss-4.0.1.tar.gz | 3 + tpm2-tss-4.0.1.tar.gz.asc | 16 + tpm2-tss.keyring | 51 +++ 7 files changed, 1147 insertions(+) create mode 100644 .gitattributes create mode 100644 baselibs.conf create mode 100644 tpm2-0-tss.changes create mode 100644 tpm2-0-tss.spec create mode 100644 tpm2-tss-4.0.1.tar.gz create mode 100644 tpm2-tss-4.0.1.tar.gz.asc create mode 100644 tpm2-tss.keyring diff --git a/.gitattributes b/.gitattributes new file mode 100644 index 0000000..9b03811 --- /dev/null +++ b/.gitattributes @@ -0,0 +1,23 @@ +## Default LFS +*.7z filter=lfs diff=lfs merge=lfs -text +*.bsp filter=lfs diff=lfs merge=lfs -text +*.bz2 filter=lfs diff=lfs merge=lfs -text +*.gem filter=lfs diff=lfs merge=lfs -text +*.gz filter=lfs diff=lfs merge=lfs -text +*.jar filter=lfs diff=lfs merge=lfs -text +*.lz filter=lfs diff=lfs merge=lfs -text +*.lzma filter=lfs diff=lfs merge=lfs -text +*.obscpio filter=lfs diff=lfs merge=lfs -text +*.oxt filter=lfs diff=lfs merge=lfs -text +*.pdf filter=lfs diff=lfs merge=lfs -text +*.png filter=lfs diff=lfs merge=lfs -text +*.rpm filter=lfs diff=lfs merge=lfs -text +*.tbz filter=lfs diff=lfs merge=lfs -text +*.tbz2 filter=lfs diff=lfs merge=lfs -text +*.tgz filter=lfs diff=lfs merge=lfs -text +*.ttf filter=lfs diff=lfs merge=lfs -text +*.txz filter=lfs diff=lfs merge=lfs -text +*.whl filter=lfs diff=lfs merge=lfs -text +*.xz filter=lfs diff=lfs merge=lfs -text +*.zip filter=lfs diff=lfs merge=lfs -text +*.zst filter=lfs diff=lfs merge=lfs -text diff --git a/baselibs.conf b/baselibs.conf new file mode 100644 index 0000000..552bbc9 --- /dev/null +++ b/baselibs.conf @@ -0,0 +1,12 @@ +libtss2-esys0 +libtss2-fapi1 +libtss2-mu0 +libtss2-policy0 +libtss2-rc0 +libtss2-sys1 +libtss2-tcti-cmd0 +libtss2-tcti-device0 +libtss2-tcti-mssim0 +libtss2-tcti-spi-helper0 +libtss2-tcti-swtpm0 +libtss2-tctildr0 diff --git a/tpm2-0-tss.changes b/tpm2-0-tss.changes new file mode 100644 index 0000000..50aee2a --- /dev/null +++ b/tpm2-0-tss.changes @@ -0,0 +1,706 @@ +------------------------------------------------------------------- +Thu Feb 16 14:41:06 UTC 2023 - Alberto Planas Dominguez + +- Drop 0001-tss2_rc-ensure-layer-number-is-in-bounds.patch as was + already merged upstream +- Update to 4.0.1 + + Fixed: + * A buffer overflow in tss2-rc as CVE-2023-22745. +- Update to 4.0.0 + + Fixed: + * tcti-ldr: Use heap instead of stack when tcti initialize + * Fix usage of NULL pointer if Esys_TR_SetAuth is calles with + ESYS_TR_NONE. + * Conditionally check user/group manipulation commands. + * Store VERSION into the release tarball. + * When using DESTDIR for make einstall, do not invoke + systemd-sysusers and systemd-tmpfiles. + * esys_iutil: fix possible NPD. + * Tss2_Sys_Flushcontext: flushHandle was encoded as a handleArea + handle and not as parameter one, this affected the contents of + cpHash. + * esys: fix allow usage of HMAC sessions for + Esys_TR_FromTPMPublic. + * fapi: fix usage of policy_nv with a TPM nv index. + * linking tcti for libtpms against tss2-tctildr. It should be + linked against tss2-mu. + * build: Remove erroneous trailing comma in linker option. Bug + #2391. + * fapi: fix encoding of complex tpm2bs in authorize nv, + duplication select and policy template policies. Now the complex + and TPMT or TPMS representations can be used. Bug #2383 + * The error message for unsupported FAPI curves was in hex without + a leading 0x, make it integer output to clarify. + * Documentation that had various scalar out pointers as "callee + allocated". + * test: build with opaque FILE structure like in musl libc. + * Transient endorsement keys were not recreated according to the + EK credential profile. + * Evict control for a persistent EK failed during provisioning if + an auth value for the storage hierarchy was set. + * The authorization of the storage hierarchy is now added. Fixes + FAPI: Provisioning error if an auth value is needed for the + storage hierarchy #2438. + * Usage of a second profile in a path was not possible because the + default profile was always used. + * The setting of an empty auth value for Fapi_Provision was fixed. + * JSON encoding of a structure TPMS_POLICYAUTHORIZATION used the + field keyPEMhashAlg instead of hashAlg as defined in "TCG TSS + 2.0 JSON Data Types and Policy Language Specification". Rename + to hashAlg but preserve support for reading keyPEMhashAlg for + backwards compatibility. + * fapi: PolicySecret did not work with keys as secret object. + * Esys_PCR_SetAuthValue: remembers the auth like other SetAutg + ESAPI functions. + * tests: esys-pcr-auth-value.int moved to destructive tests. + * FAPI: Fix double free if keystore is corrupted. + * Marshaling of TPMU_CAPABILITIES data, only field + intelPttProperty was broken before.a + * Spec deviation in Fapi_GetDescription caused description to be + NULL when it should be empty string. This is API breaking but + considered a bug since it deviated from the FAPI spec. + * FAPI: undefined reference to curl_url_strerror when using curl + less than 7.80.0. + * FAPI: Fixed support for EK templates in NV inidices per the + spec, see #2518 for details. + * FAPI: fix NPD in ifapi_curl logging. + * FAPI: Improve documentation fapi-profile + * FAPI: Fix CURL HTTP handling. + * FAPI: Return FAPI_RC_IO_ERROR if a policy does not exist in + keystore. + + Added: + * TPM version 1.59 support. + * ci: ubuntu-22.04 added. + * mbedTLS 3.0 is supported by ESAPI. + * Add CreationHash to JSON output for usage between applications + not using the FAPI keystore, like command line tools. + * Reduced code size for SAPI. + * Support for Runtime Switchable ESAPI Crypto Backend via + Esys_SetCryptoCallbacks. + * Testing for TCG EK Credential Profile TPM 2.0, Version 2.4 + Rev. 3, 2021 for the low and high address range of EK templates. + * tss2-rc: Tss2_RC_DecodeInfo function for parsing TSS2_RC into + the various bit fields. + * FAPI support for P_ECC384 profile. + * tss2-rc: Tss2_RC_DecodeInfoError: Function to get a human + readable error from a TSS2_RC_INFO returned by + Tss2_RC_DecodeInfo + * tcti: Generic SPI driver, implementors only need to connect to + acquire/release, transmit/receive, and sleep/timeout functions. + * FAPI: Add event logging for Firmware and IMA Events. See #2170 + for details. + * FAPI: Fix Fapi_ChangeAuth updates on hierarchy objects not being + reflected across profiles. + * FAPI: Allow keyedhash keys in PolicySigned. + * ESAPI: Support sha512 for mbedtls crypto backend. + * TPM2B_MAX_CAP_BUFFER and mu routines + * vendor field to TPMU_CAPABILTIIES + * FAPI: support for PolicyTemplate + + Changed + * libmu soname from 0:0:0 to 0:1:0. + * tss2-sys soname from 1:0:0 to 1:1:0 + * tss2-esys: from 0:0:0 to 0:1:0 + * FAPI ignores vendor properties on Fapi_GetInfo + * FAPI Event Logging JSON format, See #2170 for details. + + Removed + * Dead struct TPMS_ALGORITHM_DESCRIPTION + * Dead field intelPttProperty from TPMU_CAPABILITIES + * Dead code Tss2_MU_TPMS_ALGORITHM_DESCRIPTION_Marshal + * Dead code Tss2_MU_TPMS_ALGORITHM_DESCRIPTION_Unmarshal + +------------------------------------------------------------------- +Fri Jan 20 11:10:30 UTC 2023 - Matthias Gerstner + +- add 0001-tss2_rc-ensure-layer-number-is-in-bounds.patch: fixes + CVE-2023-22745 (bsc#1207325): Buffer Overlow in TSS2_RC_Decode. Overly large + RC values passed to the TSS2 function could lead to memory overread or + memory overread. + This patch is not yet part of any upstream git tag. + +------------------------------------------------------------------- +Mon Jul 11 11:19:36 UTC 2022 - Alberto Planas Dominguez + +- Revert "Add version the configuration file tpm2-tss-fapi.conf" + This generate whitelist problems in rpmlint. + +------------------------------------------------------------------- +Fri Jul 8 11:52:40 UTC 2022 - Alberto Planas Dominguez + +- Update to 3.2.0 + + Fixed + * FAPI: fix curl_url_set call + * FAPI: Fix usage of curl url (Should fix Ubuntu 22.04) + * Fix buffer upcast leading to misalignment + * Fix check whether SM3 is available + * Update git.mk to support R/O src-dir + * Fixed file descriptor leak when tcti initialization failed. + * 32 Bit builds of the integration tests. + * Primary key creation, in some cases the unique field was not + cleared before calling create primary. + * Primary keys was used for signing the object were cleared after + loading. So access e.g. to the certificate did not work. + * Primary keys created with Fapi_Create with an auth value, the + auth_value was not used in inSensitive to recreate the primary + key. Now the auth value callback is used to initialize + inSensitive. + * The not possible usage of policies for primary keys generated + with Fapi_CreatePrimary has been fixed. + * An infinite loop when parsing erroneous JSON was fixed in FAPI. + * A buffer overflow in ESAPI xor parameter obfuscation was fixed. + * Certificates could be read only once in one application The + setting the init state of the state automaton for getting + certificates was fixed. + * A double free when executing policy action was fixed. + * A leak in Fapi_Quote was fixed. + * The wrong file locking in FAPI IO was fixed. + * Enable creation of tss group and user on systems with busybox + for fapi. + * One fapi integration test did change the auth value of the + storage hierarchy. + * A leak in fapi crypto with ossl3 was fixed. + * Add initial camelia support to FAPI + * Fix tests of fapi PCR + * Fix tests of ACT functionality if not supported by pTPM + * Fix compiler (unused) warning when building without debug + logging + * Fix leaks in error cases of integration tests + * Fix memory leak after ifapi_init_primary_finish failed + * Fix double-close of stream in FAPI + * Fix segfault when ESYS_TR_NONE is passed to Esys_TR_GetName + * Fix the authorization of hierarchy objects used in policy + secret. + * Fix check of qualifying data in Fapi_VerifyQuote. + * Fix some leaks in FAPI error cases. + * Make scripts compatible with non-posix shells where test does + not know -a and -o. + * Fix usage of variable not initialized when fapi keystore is + empty. + + Added + * Add additional IFX root CAs + * Added support for SM2, SM3 and SM4. + * Added support for OpenSSL 3.0.0. + * Added authPolicy field to the TPMU_CAPABILITIES union. + * Added actData field to the TPMU_CAPABILITIES union. + * Added TPM2_CAP_AUTH_POLICIES + * Added TPM2_CAP_ACT constants. + * Added updates to the marshalling and unmarshalling of the + TPMU_CAPABILITIES union. + * Added updated to the FAPI serializations and deserializations of + the TPMU_CAPABILITIES union and associated types. + * Add CODE_OF_CONDUCT + * tcti-mssim and tcti-swtpm gained support for UDX communication + * Missing constant for TPM2_RH_PW + + Removed + * Removed support for OpenSSL < 1.1.0. + * Marked TPMS_ALGORITHM_DESCRIPTION and corresponding MU routines + as deprecated. + * Those were errorous typedefs that are not use and not useful. So + we will remove this with 3.3 + * Marked TPM2_RS_PW as deprecated. Use TPM2_RH_PW instead. + +- Update to 3.1.1 + + Fixed + * Fixed file descriptor leak when tcti initialization failed. + * Primary key creation, in some cases the unique field was not + cleared before calling create primary. + * Primary keys was used for signing the object were cleared after + loading. So access e.g. to the certificate did not work. + * Primary keys created with Fapi_Create with an auth value, the + auth_value was not used in inSensitive to recreate the primary + key. Now the auth value callback is used to initialize + inSensitive. + * The not possible usage of policies for primary keys generated + with Fapi_CreatePrimary has been fixed. + * An infinite loop when parsing erroneous JSON was fixed in FAPI. + * A buffer overflow in ESAPI xor parameter obfuscation was fixed. + * Certificates could be read only once in one application The + setting the init state of the state automaton for getting + certificates was fixed. + * A double free when executing policy action was fixed. + * A leak in Fapi_Quote was fixed. + * The wrong file locking in FAPI IO was fixed. + * One fapi integration test did change the auth value of the + storage hierarchy. + * Fix test of FAPI PCR + * Fix leaks in error cases of integration tests + * Fix segfault when ESYS_TR_NONE is passed to Esys_TR_GetName + * Fix the authorization of hierarchy objects used in policy + secret. + * Fix check of qualifying data in Fapi_VerifyQuote. + * Fix some leaks in FAPI error cases. + * Fix usage of variable not initialized when fapi keystore is + empty. + + Added + * Add additional IFX root CAs + +------------------------------------------------------------------- +Wed Dec 8 16:57:58 UTC 2021 - Alberto Planas Dominguez + +- Version 3.1.0 includes: + + cover update to 2.4.5 (jsc#SLE-17366) + + cover update to 2.3.0 (jsc#SLE-9515) + + fix policy session for TPM2_PolicyAuthValue (bsc#1160736) +- Add version the configuration file tpm2-tss-fapi.conf + +------------------------------------------------------------------- +Thu Jul 15 15:51:04 UTC 2021 - Callum Farmer + +- Remove conflicting sysusers.d file + +------------------------------------------------------------------- +Wed Jul 14 15:11:55 UTC 2021 - Callum Farmer + +- Clean spec file +- Add new library libtss2-tcti-pcap0 +- Update to 3.1.0: + * Fix FAPI PolicyPCR not instatiating correctly (CVE-2020-24455) + * Fixed possible access outside the array in ifapi_calculate_tree + * Added pcap TCTI + * Added GlobalSign TPM Root CA certs to FAPI cert store + * Changed EncryptDecrypt mode type to align with TPM2.0 spec 1.59 + * Added two new TPM commands TPM2_CC_CertifyX509, + and TPM2_CC_ACT_SetTimeout + +------------------------------------------------------------------- +Mon Jun 28 06:52:53 UTC 2021 - Marcus Meissner + +- small services fixes and comments + +------------------------------------------------------------------- +Thu Jan 28 09:18:58 UTC 2021 - Matthias Gerstner + +- update to 3.0.3: + - changes in 3.0.3: + * Fix Regression in Fapi_List + * Fix memory leak in policy calculation + - changes in 3.0.2: + * FAPI: Fix setting of the system flag of NV objects + * This will let NV object metadata be created system-wide always instead of + * locally in the user. Existing metadata will remain in the user directory. + * It can be moved to the corresponding systemstore manually if needed. + * FAPI: Fix policy searching, when a policyRef was provided + * FAPI: Accept EK-Certs without CRL dist point + * FAPI: Fix return codes of Fapi_List + * FAPI: Fix memleak in policy execution + * FAPI: Fix coverity NULL-pointer check + * FAPI: Set the written flag of NV objects in FAPI PolicyNV commands + * FAPI: Fix deleting of policy files. + * FAPI: Fix wrong file loading during object search. + * Fapi: Fix memory leak + * Fapi: Fix potential NULL-Dereference + * Fapi: Remove superfluous NULL check + * Fix a memory leak in async keystore load. + +------------------------------------------------------------------- +Thu Oct 22 11:38:52 UTC 2020 - Matthias Gerstner + +- move the tcti-fapi tmpfiles.d config file into the libtss2-fapi1 sub-package. +- improve the descriptions of new libraries (fapi1, cmd0, swtpm0) +- adjust baselibs.conf to match new library versions and added libraries + +------------------------------------------------------------------- +Mon Oct 19 13:30:39 UTC 2020 - Guillaume GARDET + +- Update to 3.0.1, changelog at: + https://github.com/tpm2-software/tpm2-tss/blob/3.0.x/CHANGELOG.md +- Update libtss2-sys0 to libtss2-sys1 +- Add new libs: + * libtss2-fapi1 + * libtss2-tcti-cmd0 + * libtss2-tcti-swtpm0 + +------------------------------------------------------------------- +Wed Feb 19 19:37:14 UTC 2020 - Martin Hauke + +- Update to version 2.3.3 + * Fixed mixing salted and unsalted sessions in the same ESAPI + context + * Removed use of VLAs from TPML marshal code + * Added check for object node before calling compute_session_value + function + * Fixed auth calculation in Esys_StartAuthSession called with + optional parameters + * Fixed compute_encrypted_salt error handling in + Esys_StartAuthSession + * Fixed exported symbols map for libtss2-mu + +------------------------------------------------------------------- +Fri Jan 31 11:51:03 UTC 2020 - Michal Suchanek + +- Use system-users for tss user creation (boo#1162360). + +------------------------------------------------------------------- +Fri Jan 24 14:13:01 UTC 2020 - Dominique Leuenberger + +- BuildRequire pkgconfig(udev) instead of udev: allow OBS to + shortcut through the -mini flavor. + +------------------------------------------------------------------- +Sun Dec 29 21:06:27 UTC 2019 - Martin Hauke + +- update to upstream version 2.3.2: + - changes since version 2.3.0: + - Fix unit tests on S390 architectures + - Fixed HMAC generation for policy sessions + +------------------------------------------------------------------- +Wed Dec 11 11:01:44 UTC 2019 - matthias.gerstner@suse.com + +- update to upstream version 2.3.0: + - changes in version 2.3.0: + - tss2-tctildr: A new library that helps with tcti initialization + Recommend to use this in place of custom tcti loading code now ! + - tss2-rc: A new library that provides textual representations for return + codes + - Option to disable NIST-deprecated crypto (--disable-weak-crypto) + - Support Esys_TR_FromTPMPublic on sessions (for use in Esys_FlushContext) + - map-files with correct symbol lists for tss2-sys and tss2-esys + This may lead to unresolved symbols in linked applications + - Support to call Tss2_Sys_Execute repeatedly on certain errors + - Reduced RAM consumption in Esys due to Tss2_Sys_Execute change + - Automated session attribution clearing for esys (decrypt and encrypt) + per cmd + - Removed libtss2-mu from "Requires" field of libtss2-esys.pc + Needs to be added explicitely now + - All fixes from 2.2.1, 2.2.2 and 2.2.3 + - Fixed SPDX License Identifiers + - Fixed Null-pointer problems in tcti-tbs + - Fixed Default locality for tcti-mssim set to LOC_0 + - Fixed coverity and valgrind leaks detected in test programs (not library + code) + +------------------------------------------------------------------- +Fri Aug 23 12:06:22 UTC 2019 - matthias.gerstner@suse.com + +- update to upstream version 2.2.3: + - changes in version 2.2.3: + * Fix computation of session name + * Fixed PolicyPassword handling of session Attributes + * Fixed windows build from dist ball + * Fixed default tcti configure option + * Fixed nonce size calculation in ESYS sessions + - changes in version 2.2.2: + * Fixed wrong encryption flag in EncryptDecrypt + * Fixing openssl engine invocation + +------------------------------------------------------------------- +Fri Apr 26 10:37:23 UTC 2019 - mvetter@suse.com + +- bsc#1130588: Require shadow instead of old pwdutils + +------------------------------------------------------------------- +Wed Mar 6 10:06:35 UTC 2019 - matthias.gerstner@suse.com + +- update to upstream version 2.2.1: + - changes from version 2.2.0: + - Fixed leak of hkey on success in iesys_cryptossl_hmac_start + - Fixed NULL ptr issues in Esys_HMAC_Start, Esys_HierarchyChangeAuth and Esys_NV_ChangeAuth + - Fixed NULL ptr issue in sequenceHandleNode + - Fixed NULL ptr auth handling in Esys_TR_SetAuth + - Fixed NULL auth handling in iesys_compute_session_value + - Fixed marshaling of TPM2Bs with sub types. + - Fixed NULL ptr session handling in Esys_TRSess_SetAttributes + - Fixed the way size of the hmac value of a session without authorization + - Added missing MU functions for TPM2_NT type + - Added missing MU functions for TPMA_ID_OBJECT type + - Added missing type TPM2_NT into tss2_tpm2_types.h + - Fixed wrong typename _ID_OBJECT in tss2_tpm2_types.h + - Fixed build breakage when --with-maxloglevel is not 'trace' + - Fixed build breakage in generated configure script when CFLAGS is set + - Fixed configure scritp ERROR_IF_NO_PROG macro + - Changed TPM2B type unmarshal to use sizeof of the dest buffer instead of dest + - Fixed unmarshaling of the TPM2B type with invalid size + - Removed dead code defect detected by coverity from Esys_TRSess_GetNonceTPM + - Added support for QNX build + - Added support for partial reads in device TCTI + - changes from version 2.1.1: + - Fixed leak of hkey on success in iesys_cryptossl_hmac_start + - Fixed NULL ptr issues in Esys_HMAC_Start, Esys_HierarchyChangeAuth and Esys_NV_ChangeAuth + - Fixed NULL ptr issue in sequenceHandleNode + - Fixed NULL ptr auth handling in Esys_TR_SetAuth + - Fixed NULL auth handling in iesys_compute_session_value + - Fixed marshaling of TPM2Bs with sub types. + - Fixed NULL ptr session handling in Esys_TRSess_SetAttributes + - Fixed the way size of the hmac value of a session without authorization + - Added missing MU functions for TPM2_NT type + - Added missing MU functions for TPMA_ID_OBJECT type + - Added missing type TPM2_NT into tss2_tpm2_types.h + - Fixed wrong typename _ID_OBJECT in tss2_tpm2_types.h + - Fixed build breakage when --with-maxloglevel is not 'trace' + - Fixed build breakage in generated configure script when CFLAGS is set + - Fixed configure scritp ERROR_IF_NO_PROG macro + - Changed TPM2B type unmarshal to use sizeof of the dest buffer instead of dest + - Fixed unmarshaling of the TPM2B type with invalid size + - Removed dead code defect detected by coverity from Esys_TRSess_GetNonceTPM + - changes from version 2.1.0: + - Fixed handling of the default TCTI + - Changed logging to be ISO-C99 compatible + - Fixed leak of dlopen handle + - Fixed logging of a response header tag in Tss2_Sys_Execute + - Fixed marshaling of TPM2B parameters in SAPI commands + - Fixed unnecessary warning in Esys_Startup + - Fixed warnings in doxygen documentation + - Added Esys_Free wrapper function for systems using different C runtime libraries + - Added Windows TBS TCTI + - Added non-blocking mode of operation in tcti-device + - Added tests for Esys_HMAC and Esys_Hash + - Enabled integration tests on physical TPM device + - Added openssl libcrypto backend + - Added Doxygen documentation to integration tests + - Refactored SetDecryptParam + - Enabled OpenSSL crypto backend by default + - changes from 2.0.2: + - Fixed NULL ptr issues in Esys_HMAC_Start, Esys_HierarchyChangeAuth and Esys_NV_ChangeAuth + - Fixed NULL ptr issue in sequenceHandleNode + - Fixed NULL ptr auth handling in Esys_TR_SetAuth + - Fixed NULL auth handling in iesys_compute_session_value + - Fixed marshaling of TPM2Bs with sub types. + - Fixed NULL ptr session handling in Esys_TRSess_SetAttributes + - Fixed the way size of the hmac value of a session without authorization + - Added missing MU functions for TPM2_NT type + - Added missing MU functions for TPMA_ID_OBJECT type + - Added missing type TPM2_NT into tss2_tpm2_types.h + - Fixed wrong typename _ID_OBJECT in tss2_tpm2_types.h + - Fixed build breakage when --with-maxloglevel is not 'trace' + - Fixed build breakage in generated configure script when CFLAGS is set + - Fixed configure scritp ERROR_IF_NO_PROG macro + - Changed TPM2B type unmarshal to use sizeof of the dest buffer instead of dest + - Fixed unmarshaling of the TPM2B type with invalid size + - Removed dead code defect detected by coverity from Esys_TRSess_GetNonceTPM +- introduce _service file for syncing with upstream tags + +------------------------------------------------------------------- +Wed Sep 26 15:41:27 UTC 2018 - matthias.gerstner@suse.com + +- update to upstream version 2.0.1 (FATE#324477): + - Fixed problems with doxygan failing make distcheck + - Fixed conversion of gcrypt mpi numbers to binary data + - Fixed an error in parsing socket address in MSSIM TCTI + - Fixed compilation error with --disable-tcti-mssim + - Added initialization function for gcrypt to suppress warning + - Fixed invalid type base type while marshaling TPMI_ECC_CURVE in Tss2_Sys_ECC_Parameters + - Fixed invalid RSA encryption with exponent equal to 0 + - Fixed checking of return codes in ESAPI commands + - Added checks for programs required by the test harness @ configure time + - Fixed warning on TPM2_RC_INITIALIZE rc after a Startup in Esys_Startup + - Checked for 1.2 TPM type response + - Changed constants values in esys header file to unsigned +------------------------------------------------------------------- +Tue Sep 18 09:04:31 UTC 2018 - matthias.gerstner@suse.com + +- also process udev triggers for tpmrm subsystem, otherwise /dev/tpmrm0 isn't + properly updated (at least on SLES-12-SP4) + +------------------------------------------------------------------- +Thu Jul 5 15:40:23 UTC 2018 - matthias.gerstner@suse.com + +- added all librares to baselibs.conf to satisfy 32-bit dependencies of esys0 + and sys0 + +------------------------------------------------------------------- +Tue Jul 3 07:56:18 UTC 2018 - matthias.gerstner@suse.com + +- Explicitly require udev to fix missing ownership for /usr/lib/udev. + +------------------------------------------------------------------- +Fri Jun 29 10:55:58 UTC 2018 - matthias.gerstner@suse.com + +- update to new major version 2.0.0: + - version_fix.patch: removed, we're now using the distribution tarballs + where this problem shouldn't happen + - this update introduces an incompatible ABI to the previous version. + all libraries have been renamed so there is not really a relation to + the old version any more. + - upstream changelog: + ## [2.0.0] - 2018-06-20 + ### Added + - Implementation of the Marshal/Unmarshal library (libtss2-mu) + - Implementation of the Enhanced System API (libtss2-esys aka ESAPI) + - New implemetation of the TPM Command Transmission Interface (TCTI) for: + - communication with Linux TPM2 device driver: libtss2-tcti-device + - communication with Microsoft software simulator: libtss2-tcti-mssim + - New directory layout (API break) + - Updated documentation with new doxygen and updated man pages + - Support for Windows build with Visual Studio and clang, currently limited + to libtss2-mu and libtss2-sys + - Implementation of the new Attached Component (AC) commands + - Implementation of the new TPM2_PolicyAuthorizeNV command + - Implementation of the new TPM2_CreateLoaded command + - Implementation of the new TPM2_PolicyTemplate command + - Addition of _Complete functions to all TPM commands + - New logging framework + - Added const qualifiers to API input pointers (API break) + - Cleaned up headers and remove implementation.h and tpm2.h (API break) + ### Changed + - Converted all cpp files to c, removed dependency on C++ compiler. + - Cleaned out a number of marshaling functions from the SAPI code. + - Update Linux / Unix OS detection to use non-obsolete macros. + - Changed TCTI macros to CamelCase (API break) + - Changed TPMA_types to unsigned int with defines instead of bitfield structs (API/ABI break) + - Changed Get/SetCmd/RspAuths to new parameter types (API/ABI break) + - Fixed order of parameters in AC commands: Input command authorizations + now come after the input handles, but still before the command parameters. + ### Removed + - Removed all sysapi/sysapi_utils/*arshal_TPM*.c files + ### Fixed + - Updated invalid number of handles in TPM2_PolicyNvWritten and TPM2_TestParms + - Updated PlatformCommand function from libtss2-tcti-mssim to no longer send + CANCEL_OFF before every command. + - Expanded TPM2B macros and removed TPM2B_TYPE1 and TPM2B_TYPE2 macros + - Fixed wrong return type for Tss2_Sys_Finalize (API break). + + ## [1.4.0] - 2018-03-02 + ### Added + - Attached Component commands from the last public review spec. + ### Fixed + - Essential files missing from release tarballs are now included. + - Version string generation has been moved from configure.ac to the + bootstrap script. It is now stored in a file named `VERSION` that is + shipped in the release tarball. + - We've stopped shipping the built man page for InitSocketTcti.3 and now + ship the source. + +------------------------------------------------------------------- +Wed Mar 7 14:48:50 UTC 2018 - matthias.gerstner@suse.com + +- removed leftover comment from dropped reproducable.patch + +------------------------------------------------------------------- +Thu Feb 22 09:41:46 UTC 2018 - matthias.gerstner@suse.com + +- update to upstream version 1.3.0: + - support for reproducable builds + - improved documentation / manual pages + - various stability bugfixes + - EncryptDecrypt2 command is now implemented +- removed reproducible.patch. This is now included upstream. +- added version_fix.patch to fix package config version numbers. + +------------------------------------------------------------------- +Fri Sep 1 14:27:33 UTC 2017 - matthias.gerstner@suse.com + +- fix the "fix", turns out only the unversioned symlink's supposed to go into + -devel. + +------------------------------------------------------------------- +Thu Jul 20 13:51:38 UTC 2017 - matthias.gerstner@suse.com + +- no longer install the udev rule, it's now part of the new tpm2.0-abrmd + package. +- fixed a warning regarding a missing dependency of the devel package to the + main package +- correctly package library symlinks only in the devel package, the library + itself only in the library package. Was mixed up before. + +------------------------------------------------------------------- +Wed Jul 19 14:10:02 UTC 2017 - matthias.gerstner@suse.com + +- removed tpm2-0-tss-configure.patch, it was just a hack, fixed by requiring + autoconf-archive, see https://github.com/01org/TPM2.0-TSS/issues/227. + +------------------------------------------------------------------- +Wed Jul 19 11:13:43 UTC 2017 - matthias.gerstner@suse.com + +- Updated to upstream version 1.1.0 + - With this version the resourcemgr daemon is dropped from this package. It + is replaced by a completely new implementation found in a new package + tpm2.0-abrmd. this package will only consist of the libraries any more. + + - Changed + - tpmclient, disabled all tests that rely on the old resourcemgr. + - Fixed + - Fixed definition of PCR_LAST AND TRANSIENT_LAST macros. + - Removed + - tpmtest + - resourcemgr, replacement is in new repo: https://github.com/01org/tpm2-abrmd + +------------------------------------------------------------------- +Sat May 27 05:07:22 UTC 2017 - bwiedemann@suse.com + +- Add reproducible.patch to sort input files to make build reproducible + (boo#1041090) + +------------------------------------------------------------------- +Thu May 11 15:13:49 UTC 2017 - matthias.gerstner@suse.com + +- create tss user account and install udev rule to fix startup of resourcemgr + (bnc#1038586) + +------------------------------------------------------------------- +Wed May 10 13:33:16 CEST 2017 - mgerstner@suse.com + +- remove unnecessary dependency of libsapi0 to trousers. trousers has nothing + to do with tpm2-tss. + +------------------------------------------------------------------- +Tue Apr 11 14:26:14 UTC 2017 - meissner@suse.com + +- fixed typo in resourcemgr.service (bsc#1031004) + +------------------------------------------------------------------- +Thu Feb 16 13:35:44 UTC 2017 - jengelh@inai.de + +- Remove --with-pic which is only for static libs. +- Fix an improper Requires line. +- Split libtcti* from libsapi0; these are independentlty + developable units. + +------------------------------------------------------------------- +Wed Feb 8 13:43:55 UTC 2017 - meissner@suse.com + +- Updated to 1.0 (FATE#321508) + - Added + - Travis-CI integration with GitHub + - Unit tests for primitive (un)?marshal functions. + - Example systemd unit for resourcemgr. + - Allow for unit tests to be enabled selectively. + - added pkg-config files for libraries + - Changed + - move simulator initialization code to socket TCTI init function. + - socket TCTI finalize no longer frees context + - rename libtss2 to libsapi + - rename libtcti_device to libtcti-device + - rename libtcti_socket to libtcti-socket + - move $(includedir)/tss to $(includedir)/sapi + - Move default compiler flags to config.site file. + - Fixed + - Fix run away resourcemgr threads by closing client sockets when resourcemgr recv() call returns 0. + - Set MSG_NOSIGNAL for client connections to avoid SIGPIPE killing resourcemgr. + - Fixes to handling of persistent objects by resourcemgr. + - Removed + - Semicolon from TPMA_* macros definitions. + - Windows build files. + - SAPI_CLIENT macro tests. + - Security + - Fix buffer overflow in resourcemgr. +- use sample resourcemanager.service +- tpm2-0-tss-configure.patch: fix weird error. + +------------------------------------------------------------------- +Thu Aug 25 14:09:35 UTC 2016 - meissner@suse.com + +- Remove type=forking from service file (bsc#995554) + +------------------------------------------------------------------- +Sat Aug 6 19:28:27 UTC 2016 - meissner@suse.com + +- added a systemd unit service file (FATE#315631) + +------------------------------------------------------------------- +Fri May 6 19:45:29 UTC 2016 - jengelh@inai.de + +- Correct package naming to be in line with shared library guideline +- Remove unused systemd build and runtime dependencies + (FATE#315631) + +------------------------------------------------------------------- +Fri Apr 8 07:54:36 UTC 2016 - dimstar@opensuse.org + +- Fix rpm group of library package: libs belong, per definition, to + the group "System/Libraries". (FATE#315631) + +------------------------------------------------------------------- +Wed Feb 24 10:22:38 UTC 2016 - meissner@suse.com + +- initial import of the tpm 2.0 tss stack (FATE#315631) + diff --git a/tpm2-0-tss.spec b/tpm2-0-tss.spec new file mode 100644 index 0000000..fa2f4b7 --- /dev/null +++ b/tpm2-0-tss.spec @@ -0,0 +1,336 @@ +# +# spec file for package tpm2-0-tss +# +# Copyright (c) 2023 SUSE LLC +# +# All modifications and additions to the file contributed by third parties +# remain the property of their copyright owners, unless otherwise agreed +# upon. The license for this file, and modifications and additions to the +# file, is the same license as for the pristine package itself (unless the +# license for the pristine package is not an Open Source License, in which +# case the license is the MIT License). An "Open Source License" is a +# license that conforms to the Open Source Definition (Version 1.9) +# published by the Open Source Initiative. + +# Please submit bugfixes or comments via https://bugs.opensuse.org/ +# + + +Name: tpm2-0-tss +Version: 4.0.1 +Release: 0 +Summary: Intel's TCG Software Stack access libraries for TPM 2.0 chips +License: BSD-2-Clause +Group: Productivity/Security +URL: https://github.com/tpm2-software/tpm2-tss +Source0: https://github.com/tpm2-software/tpm2-tss/releases/download/%{version}/tpm2-tss-%{version}.tar.gz +Source1: https://github.com/tpm2-software/tpm2-tss/releases/download/%{version}/tpm2-tss-%{version}.tar.gz.asc +# curl https://github.com/williamcroberts.gpg > tpm2-tss.keyring +Source2: tpm2-tss.keyring +Source3: baselibs.conf +BuildRequires: /usr/sbin/groupadd +BuildRequires: acl +BuildRequires: doxygen +BuildRequires: gcc-c++ +BuildRequires: libgcrypt-devel +BuildRequires: pkgconfig +BuildRequires: pkgconfig(json-c) +BuildRequires: pkgconfig(libcurl) +BuildRequires: pkgconfig(libopenssl) +BuildRequires: pkgconfig(udev) +BuildRequires: pkgconfig(uuid) +# The same user is employed by trousers (and was employed by the old +# resourcemgr shipped with the tpm2-0-tss package): +# +# trousers just needs those accounts for dropping privileges to. The service +# starts as root and uses set*id to drop to tss, after the tpm device has been +# opened. +# +# tpm2-abrmd has no set*id handling and thus requires /dev/tpm to be owned +# by the tss user. Therefore we also need to install a udev rule file. +# +# trousers was here first and created the user like this, also giving it a +# home in /var/lib/tpm. I don't think the home directory is used by either of +# the packages ATM. Trousers is keeping state there, but the directory is +# owned by root and files are opened before dropping privileges. The passwd +# entry seems not to be evaluated. +Requires(pre): user(tss) + +%description +The tpm2-0-tss package provides a TPM 2.0 TSS implementation. This +implementation is developed by INTEL. This package contains the libraries, +see the tpm2.0-abrmd package for the resource manager daemon, tpm2.0-tools for +utilities. + +%package devel +Summary: Development headers for the Intel TSS library for TPM 2.0 chips +Group: Development/Libraries/C and C++ +Requires: glibc-devel +Requires: libtss2-esys0 = %{version} +Requires: libtss2-fapi1 = %{version} +Requires: libtss2-mu0 = %{version} +Requires: libtss2-policy0 = %{version} +Requires: libtss2-rc0 = %{version} +Requires: libtss2-sys1 = %{version} +Requires: libtss2-tcti-cmd0 = %{version} +Requires: libtss2-tcti-device0 = %{version} +Requires: libtss2-tcti-mssim0 = %{version} +Requires: libtss2-tcti-pcap0 = %{version} +Requires: libtss2-tcti-spi-helper0 = %{version} +Requires: libtss2-tcti-swtpm0 = %{version} +Requires: libtss2-tctildr0 = %{version} +Requires: tpm2-0-tss = %{version} + +%description devel +This package provides the development files for the tpm2 stack's libraries for +accessing TPM 2.0 chips. + +%package -n libtss2-esys0 +Summary: TPM2 Enhanced System API (ESAPI) +Group: System/Libraries + +%description -n libtss2-esys0 +This API is a 1-to-1 mapping of the TPM2 commands documented in Part 3 of the +TPM2 specification. Additionally there are asynchronous versions of each +command. In addition to SAPI, the ESAPI performs tracking of meta data for +TPM object and automatic calculation of session based authorization and +encryption values. Both the synchronous and asynchronous API are exposed +through this library. + +%package -n libtss2-sys1 +Summary: TPM2 System API (SAPI) +Group: System/Libraries + +%description -n libtss2-sys1 +System API (SAPI) as described in the system level API and TPM command +transmission interface specification. This API is a 1-to-1 mapping of the TPM2 +commands documented in Part 3 of the TPM2 specification. Additionally there +are asynchronous versions of each command. These asynchronous variants may be +useful for integration into event-driven programming environments. Both the +synchronous and asynchronous API are exposed through this library. + +%package -n libtss2-mu0 +Summary: TPM2 marshaling/unmarshaling library +Group: System/Libraries + +%description -n libtss2-mu0 +Marshaling/Unmarshaling (MU) as described in the TCG TSS 2.0 +Marshaling/Unmarshaling API Specification. This API provides a set of +marshaling and unmarshaling functions for all data types defined by the TPM +library specification. + +%package -n libtss2-rc0 +Summary: TPM2 error code translation library +Group: System/Libraries + +%description -n libtss2-rc0 +This library can translate TPM error codes into human readable strings. + +%package -n libtss2-tctildr0 +Summary: TCTI interface loading library +Group: System/Libraries + +%description -n libtss2-tctildr0 +This is a helper library that simplifies loading other tcti libraries. It is +recommended over custom tcti loading code in applications. + +%package -n libtss2-tcti-device0 +Summary: TCTI interface library for using a native TPM device node +Group: System/Libraries + +%description -n libtss2-tcti-device0 +TPM Command Transmission Interface library for communicating with a +TPM device node. This provides direct access to the TPM through the Linux +kernel driver. + +%package -n libtss2-tcti-mssim0 +Summary: TCTI interface library for Microsoft software TPM2 simulator +Group: System/Libraries + +%description -n libtss2-tcti-mssim0 +TPM Command Transmission Interface library for communicating using the +protocol exposed by the Microsoft software TPM2 simulator. + +%package -n libtss2-fapi1 +Summary: FAPI interface library +Group: System/Libraries + +%description -n libtss2-fapi1 +This is the tpm2 Feature API (FAPI) library. This API is designed to be very +high-level API, intended to make programming with the TPM as simple as +possible. + +%package -n libtss2-policy0 +Summary: TPM2 FAPI policy library +Group: System/Libraries + +%description -n libtss2-policy0 +Library that exposes the internal FAPI policy engine as a consumable +library and stable API. Users can take arbitrary JSON policy strings +and implement the callbacks required to produce calculated policies +without a TPM as well as execute policies on an ESYS TR session for +satisfying access policies on an object. + +%package -n libtss2-tcti-cmd0 +Summary: TCTI cmd interface library +Group: System/Libraries + +%description -n libtss2-tcti-cmd0 +A TCTI for interaction with a subprocess. It abstracts the details of direct +communication with the interface and protocol exposed by a subprocess that can +receive and transmit raw TPM2 command and response buffers. + +%package -n libtss2-tcti-swtpm0 +Summary: TCTI swtpm interface library +Group: System/Libraries + +%description -n libtss2-tcti-swtpm0 +A TCTI for interaction with the TPM2 software simulator. It abstracts the +details of direct communication with the interface and protocol exposed by the +daemon hosting the TPM2 reference implementation. + +%package -n libtss2-tcti-pcap0 +Summary: TCTI pcap interface library +Group: System/Libraries + +%description -n libtss2-tcti-pcap0 +A TCTI which prints TPM commands and responses to a file in pcap-ng format. It abstracts the +details of direct communication with the interface and protocol exposed by the +daemon hosting the TPM2 reference implementation. + +%package -n libtss2-tcti-spi-helper0 +Summary: TCTI spi interface library +Group: System/Libraries + +%description -n libtss2-tcti-spi-helper0 +A TCTI module for communication via SPI TPM device driver. Abstracts +the details of communication with a TPM via SPI protocol. It uses user +supplied methods for SPI and timing operations in order to be platform +independent. + +%prep +%autosetup -n tpm2-tss-%{version} + +%build +# configure looks for groupadd on PATH +export PATH="$PATH:%{_sbindir}" +%configure --disable-static \ + --with-udevrulesdir=%{_udevrulesdir} \ + --with-runstatedir=%{_rundir} \ + --with-tmpfilesdir=%{_tmpfilesdir} \ + --with-sysusersdir=%{_sysusersdir} +%make_build PTHREAD_LDFLAGS=-pthread + +%install +%make_install +find %{buildroot} -type f -name "*.la" -delete -print +# rename the rules file to have a numbered prefix as all others have, too +%define udev_rule_file 90-tpm.rules +mv %{buildroot}%{_udevrulesdir}/tpm-udev.rules %{buildroot}%{_udevrulesdir}/%{udev_rule_file} +# Conflicts with system-users +rm %{buildroot}%{_sysusersdir}/tpm2-tss.conf + +%post +%{_bindir}/udevadm trigger -s tpm -s tpmrm || : + +%post -n libtss2-esys0 -p /sbin/ldconfig +%postun -n libtss2-esys0 -p /sbin/ldconfig +%post -n libtss2-sys1 -p /sbin/ldconfig +%postun -n libtss2-sys1 -p /sbin/ldconfig +%post -n libtss2-tctildr0 -p /sbin/ldconfig +%postun -n libtss2-tctildr0 -p /sbin/ldconfig +%post -n libtss2-tcti-device0 -p /sbin/ldconfig +%postun -n libtss2-tcti-device0 -p /sbin/ldconfig +%post -n libtss2-tcti-mssim0 -p /sbin/ldconfig +%postun -n libtss2-tcti-mssim0 -p /sbin/ldconfig +%post -n libtss2-mu0 -p /sbin/ldconfig +%postun -n libtss2-mu0 -p /sbin/ldconfig +%post -n libtss2-rc0 -p /sbin/ldconfig +%postun -n libtss2-rc0 -p /sbin/ldconfig + +%post -n libtss2-fapi1 +/sbin/ldconfig +%tmpfiles_create %{_tmpfilesdir}/tpm2-tss-fapi-%{version}.conf + +%postun -n libtss2-fapi1 -p /sbin/ldconfig +%post -n libtss2-policy0 -p /sbin/ldconfig +%postun -n libtss2-policy0 -p /sbin/ldconfig +%post -n libtss2-tcti-cmd0 -p /sbin/ldconfig +%postun -n libtss2-tcti-cmd0 -p /sbin/ldconfig +%post -n libtss2-tcti-swtpm0 -p /sbin/ldconfig +%postun -n libtss2-tcti-swtpm0 -p /sbin/ldconfig +%post -n libtss2-tcti-pcap0 -p /sbin/ldconfig +%postun -n libtss2-tcti-pcap0 -p /sbin/ldconfig +%post -n libtss2-tcti-spi-helper0 -p /sbin/ldconfig +%postun -n libtss2-tcti-spi-helper0 -p /sbin/ldconfig + +%files +%doc *.md +%license LICENSE +%{_mandir}/man3/* +%{_mandir}/man5/* +%{_mandir}/man7/tss2-* +%{_udevrulesdir}/%{udev_rule_file} +%dir %{_sysconfdir}/tpm2-tss/ +%config %{_sysconfdir}/tpm2-tss/fapi-config.json +%dir %{_sysconfdir}/tpm2-tss/fapi-profiles +%config %{_sysconfdir}/tpm2-tss/fapi-profiles/*.json + +%files devel +%{_includedir}/tss2 +%{_libdir}/*.so +%{_libdir}/pkgconfig/*.pc + +%files -n libtss2-esys0 +%{_libdir}/libtss2-esys.so.* + +%files -n libtss2-sys1 +%{_libdir}/libtss2-sys.so.* + +%files -n libtss2-mu0 +%{_libdir}/libtss2-mu.so.* + +%files -n libtss2-rc0 +%{_libdir}/libtss2-rc.so.* + +%files -n libtss2-tctildr0 +%{_libdir}/libtss2-tctildr.so.* + +%files -n libtss2-tcti-device0 +%{_libdir}/libtss2-tcti-device.so.* + +%files -n libtss2-tcti-mssim0 +%{_libdir}/libtss2-tcti-mssim.so.* + +%files -n libtss2-fapi1 +%{_libdir}/libtss2-fapi.so.* +%{_tmpfilesdir}/tpm2-tss-fapi.conf +# this would fix "tmpfile-not-in-filelist" warnings but when adding these +# entries then it complains about "directories not owned by a package:" for +# /run/tpm2-0-tss & friends. When adding them as %%ghost, too, then Leap15.1 +# complains about "found conflict of libtss2-fapi1-3.0.1-lp152.103.1.x86_64 +# with libtss2-fapi1-3.0.1-lp152.103.1.x86_64". Thus leave it be for the +# moment, some insane circle of errors is involved here. +# +# it seems the problem is that during `make install` the package runs +# systemd-tmpfiles --create, and the directories are created outside the +# package's install tree. It seems this is not expected by RPM. +# %%ghost %%{_sharedstatedir}/%%{name}/system/keystore +# %%ghost %%{_rundir}/%%{name}/eventlog + +%files -n libtss2-policy0 +%{_libdir}/libtss2-policy.so.* + +%files -n libtss2-tcti-cmd0 +%{_libdir}/libtss2-tcti-cmd.so.* + +%files -n libtss2-tcti-swtpm0 +%{_libdir}/libtss2-tcti-swtpm.so.* + +%files -n libtss2-tcti-pcap0 +%{_libdir}/libtss2-tcti-pcap.so.* + +%files -n libtss2-tcti-spi-helper0 +%{_libdir}/libtss2-tcti-spi-helper.so.* + +%changelog diff --git a/tpm2-tss-4.0.1.tar.gz b/tpm2-tss-4.0.1.tar.gz new file mode 100644 index 0000000..1aa8a39 --- /dev/null +++ b/tpm2-tss-4.0.1.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:532a70133910b6bd842289915b3f9423c0205c0ea009d65294ca18a74087c950 +size 1787139 diff --git a/tpm2-tss-4.0.1.tar.gz.asc b/tpm2-tss-4.0.1.tar.gz.asc new file mode 100644 index 0000000..4bed970 --- /dev/null +++ b/tpm2-tss-4.0.1.tar.gz.asc @@ -0,0 +1,16 @@ +-----BEGIN PGP SIGNATURE----- + +iQIzBAABCgAdFiEEW0grjj4Z2nyXjh0BbeLpB44fUMEFAmPO1PMACgkQbeLpB44f +UMFtQw/+IDx+P0RGWthfR3f4t/cfp9JBgiHfujNigWpv9LNG439Sew+8njEsmvEP +2yAHIiJGFMkwXadLNWgUnhvGYS628zqoPMLgDUW9PVAirrvo6XMf45wrBVLOZTX/ +1N6Bol9wT3TfcVUnSbL/0oZwgTAxSDQJB7I64788ujwGnrbBLTEirDB/sqVVFF5k +1g3rMMH95nTGBqm96PA8gKYutOdOpOH9Gn/CexX9NuDrb00Nqx906kybkCIYEkdy +2Fp03zNTEo+iRtSIhrDZVbab/1UUN2r0rc6T6gABePUHS2lxPth6tLX0tVpq3RLJ +1mi7XJuri2Mqw4APOnavrK5qpCgAqONOn92+QqzmPylUFsRM6mzalDALvDwwknp4 +sEohsiPyxCC+oSErm5Urh3yUlZ8c068zQ1OXGOdZPNM281bEGf3ORRemkI1gT7eI +cC4Y3YRuWBeQyoANAzrAJYttsOe9ia/PadnnQiWcMPH4o4hGjgvYPJuI6fePn2SS +dgC9Z1O1LOk17XnNQb3cAshiOPQo8BjQB89QUi4pJRCbpY6WEB6Wc9OmEEhUuWDT +3ECHeDZGPRg6G4xELT2SZ2QMDhlfORaV0hbU0lMoNMQrslrZALm8424bDt3Q7R9j +iPkpp4ArVdxYvbENkdVcZBZF0qAmPmolNv/PkLVK0o9mYEmXVp8= +=vwbh +-----END PGP SIGNATURE----- diff --git a/tpm2-tss.keyring b/tpm2-tss.keyring new file mode 100644 index 0000000..0f0421b --- /dev/null +++ b/tpm2-tss.keyring @@ -0,0 +1,51 @@ +-----BEGIN PGP PUBLIC KEY BLOCK----- + +mQINBFik3GUBEADYDYbSXH3UTr9oCNCI3UxC1hiLH7cM+QIbMtWiwfAbT3G8wrTa +NPj00qNvI4wQ/Xm3h0hB7kri7vP0FqIjIwsTdM6ZpFdVHHKW1m4P8fkOcxqmLN0g +V36MN5fgoGWf2K94aS7ItoweRMcuHnwWawe6aAtbKSYVqhWhoB/3grgd0xhE61AS +o8fJ7uRYNEAYVeOKlC2j+qKfoJbCa6yqZejFwOOzB6qxNRA7JYvckEf8yJ4+Y16m +qPyZ1ErHzpql3+b5ha+g+9g8WzxAbSfGYZTwaQxyePNjXuq2tdEXf9XnESvoaoN4 +pQhiu/0BJEkXPxl1zso65g4Mn22xEELhUnwPDo5YdLlWEZ8xhELLvdJc3Z0nTR5A +4/YaZvvzf7pOD1cwpB6IrRf8n9rOe1aDxh/A//zX9PpIOV25p5kqlE88Ya5VXrnA +Ayfs19RZmK3+FuaI0ij79CRokG9BrI6TXT0pRTDIRu7GvAo2q13MELRvFddyRT2G +mNjsHYcqEbraYTh3LHEiwfWp4ZgDtk8jj3iRabHQUHk9V8vSFzj+wp1E8HzO8Vp3 +BxMDIOG1VPdLi81DP+LbZI1h30ZG63ulqkKIhwx5/h2v4VCYPatVtGqVf37tLstj +Wrs0DkBykuZrecp+AJ5ZJ+UVvR8ajO2ncAoOugNwoj9Wuvz0fVTiJIhuNQARAQAB +tDxXaWxsaWFtIFJvYmVydHMgKEJpbGwgUm9iZXJ0cykgPHdpbGxpYW0uYy5yb2Jl +cnRzQGludGVsLmNvbT6JAjgEEwECACIFAlik3GUCGwMGCwkIBwMCBhUIAgkKCwQW +AgMBAh4BAheAAAoJEG3i6QeOH1DBibEQAL4EwEzegkc8NyHiW0mntwDoCv3tkUlG +fprp/g7GWfrP+L+pN5yexg3Zm/CgVN/tTNCEr5XtP+sdds8xBF6ReJ8QPO7EiMiM +asPXh8zlODrySXCGHmpa7IzuUC2wgD3Wq7WjniMvnBmqBdL0+8nqA6NFxOOklvK1 +ub7bqLrHKfUfciFOfYAi+C0Bh8kdZtMjfY9sqlJA3sVK2UxVXq9D+oHbL1o454N6 +VzV0rDtsK47GSSCXT75kulPdfOCopTgxPgNsK4VnXgMOL5JMURPJa3rBzmBRFed1 +ynrqwFdmYdMepsUgt/JS2I/23QChqp6AdVDjtGLKS71hox+vdE4S0DoRnMHwHkkt +B6bqQci3RlUP+wcHHRCUXUubxMSlYJqhBdEOclo6N0X0LseLcdAMGda8ZnqbHlyg +hPLmJrM3C5zTLjDb2YJXCy6RVNwqAnU3o33SZCnHqo/zUjEtR03Ztk1DzSeCjo5w +zLac1VFq5S3QdgZUwmPhyeoigqOvHu6Z1s2eL8Aw7Hn8i6MWLz5sOXAtyC9NPwK/ +qbp1a+GQXzNW4rvKl7ZEFKrBKyj8AiRoVLSRKcqZtFT56ltXQjrwKjsWDTEOzjnm +XCSM96xfay6asQH5fw+haC3RIErwyNV0uUDIVC0xDTZ6NgJEBkp8liwNeHE7eHoN +8qWSZZO2syf7uQINBFik3GUBEAC7V2o1kBsLFSKwmgsCuGfW0oBIQiaCcakT6D2X +rKBjmzBvh/UIdXQwl9+vPKtWX3T/7g6UBvezV3uc2ZqrigGmFemoQI3sW7wFk0L9 +/QTUWCMfZtyrWgqyetmPYS+i2PnsEPinsgsEHWf3iu/ew1A7npZwINwMdOSOVw2u +JqYyW2tZCErWKVe31ziYUpXA+HaRm9zoVr0F0sE2GYGWbMVYtqxN9TSYcIAHxB71 +Y31dcY77ln/1JAH4Yzqc063w/lNYogEbbQY7WNgcKdPP+aovpV7kS3TKwsdb9/xT +pj67nnlvjLTMRoW3Ez0PcIDFhuube9uOQupYG4rC4grLeVLwL/ekVmn6TxRN1hG7 +6zYXWiwWi16uAO++eBNt127FwCOVZsPO0ye3/XpOpCdpUadguxF2gGt6xY0gtetj +Vdv6S4kCdSx8NMrO2epS/1pgklxN9R/xl7Wu+JPUuVX4Jy0ycmw7TCWxdK2fuFy6 +6aLCXWWEjRSp06oeVJoVV2py+rYaoau7JG7Zgx1A3gYTm6MLFysfROaQgmfRozIH +0boYh3IA1WWzk4I6ew129ynC5zGXg/+UCnKKwn8Tsh9neq9noRDAonWI7jOCipwF +l51py82093M87zjz9o/qxnB8p00jByQ+MunUykaZrkQKHAsiyIF6cUIeQiy/AL7n +wwSPQQARAQABiQIfBBgBAgAJBQJYpNxlAhsMAAoJEG3i6QeOH1DBtO8P/1D98sl3 +oz/0oSSz0u9nzgOh93UkLbXpjSR4U+g7Wl2ppxQyGSFeWwRwT5BT74EVP2IcrraX +V9c7l+s8PYqnUdX2XAqGMv06523cCrNUU93kUUNjAo3FxGSn7i2kHIvMkDbUoeVk +jyWKfIvyy2sKcVB9GQxfMrbnTR5/Z6fCyGHNqMFb9e9TUWclLzMIhvtkvLuKmf52 +TKKxKQt/wero5zb0fynOttIjuhmOP9CFTiYjdj7qSmQapW8VFdYjyzL+OOFk9gCL +S3mIk1LdkfWah7trmMUTXdmiEibvARAQ3Yjr+Hz9yU1gzEJSPUUugNguqgS5kN+T +3TdwUHAP9whVD2IvN/Mfn29bmFFVfzu3ftJIa1zJmOdZy7KWb6MWVhw3SJ65luPB +qxKWRqFDOSpqzBm6bYQ/Oka49Jl7/dCImSm+7bCC7LDK9hXa3AIlDtWvG4iiL18T +wUOrgXPysB/D/NQaRxT/vSPUOB4WrQzIKIf4vJdyuPdtOtIWm97KUw8r/jDqd4I3 +B62qknrrR+FPcz8ACM9fXkpbBEcjFV8EkoOae106Vxjo/lu5LVBbwiKviMMwoK5o +YE7FfCwLBbLTYMeetHo8jGBRonTEOKMtPlp/fCMOp9w7CgMDuvfEwuTsA1ux4uAb +tZZIbipcKcZmsU7Su4+oeyh61giG++M5rL2D +=xdFJ +-----END PGP PUBLIC KEY BLOCK----- \ No newline at end of file