pool/pcr-oracle
SHA256
12
0
Fork 1
Code Issues Pull Requests Activity

Commit Graph

  • 688c2225ab Accepting request 1281086 from Base:System factory slfo-main slfo-1.2 Dominique Leuenberger 2025-06-01 19:36:11 +00:00
  • 6570119150 - Update to 0.5.7 + Support ppc64 events + Fix the string comparison for the alternative event (bsc#1241957) - Add the new BuildRequires: libelf-devel and libfdisk-devel devel Alberto Planas Dominguez 2025-05-29 08:49:17 +00:00
  • 2d95392753 Accepting request 1277028 from Base:System Ana Guerrero 2025-05-20 07:30:59 +00:00
  • de0b83190f - Update to 0.5.6 + rsa: adopt OpenSSL 3.0 API to generate RSA key + Drop the code for openSSL < 3.0.0 + Look for signing authority in alternative database (bsc#1241957) - Bump the requirement of libopenssl-devel to 3.0.0 Alberto Planas Dominguez 2025-05-13 06:57:45 +00:00
  • 69528f8e7e Accepting request 1266581 from Base:System Ana Guerrero 2025-04-03 16:43:05 +00:00
  • ced8963ad8 - Update to 0.5.5 + Merge of pending patches into the project + No new feature since last release - Change source to the openSUSE project - Remove patches (merged) + fix-bsc1230316-make-pcr4-hard-requirement.patch + fix-bsc1230316-predict-sbatlevelrt.patch + fix-bsc1230316-predict-sbatlevelrt-sb-off.patch + fix_efi_measure_and_shim.patch + fix-event-reshash-for-cryptouuid.patch + fix_grub_bls_cmdline.patch + fix_grub_bls_entry.patch + fix_loader_conf.patch + fix-testcase-empty-efi-variables.patch + support-ecc-srk.patch - Add fix-bsc1230316-predict-sbatlevelrt-sb-off.patch to fix the prediction of SbatLevelRT when Secure Boot is disabled (bsc#1230316) - Add fix-bsc1230316-make-pcr4-hard-requirement.patch to make PCR4 a hard requirement for SbatLevelRT prediction (bsc#1230316) - Add fix-bsc1230316-predict-sbatlevelrt.patch to predict SbatLevelRT for the next boot (bsc#1230316) - Update the License tag to GPL-2.0-or-later to match the license declaration in the source files - Add fix-event-reshash-for-cryptouuid.patch to detect the crypto device with the 'cryptouuid' prefix - Add support-ecc-srk.patch to support ECC SRK - Add fix-testcase-empty-efi-variables.patch to fix the testcase playback on empty EFI variables - Add fix_grub_bls_cmdline.patch to include the measurements of the cmdline and the linux and initrd grub commands - Add fix_grub_bls_entry.patch to measure boot entries in GRUB BLS - Remove fix_efi_measure.patch - Add fix_efi_measure_and_shim.patch (bsc#1219807) - Add fix_loader_conf.patch to measure the systemd-boot loader.conf file - Add fix_efi_measure.patch to fix the measurement of EFI binaries - Update to 0.5.4 - Improve systemd-boot support - Add --boot-entry for systemd-boot - Manpage fixes - Fix PCR index in JSON file - Fix GrubPcrSnapshot parsing - Drop upstreamed patches: boot_entry.patch and fix_pcr_index.patch - Update to 0.5.3 - Improve documentation - Detect key format store via extension - Replace --key-format and --policy-format options with a single --target-platform option - The json file can contain multiple predictions - Remove fix_rsa.patch as is already upstream - Add boot_entry.patch to add new parameter to point to a new systemd boot entry - Add fix_pcr_index.patch to fix the PCR index number in the JSON file - Add fix_rsa.patch to support the export in PEM format of the public key - FAPI is not present until tpm2-tss >= 2.4.0. Express that in the BuildRequirement - Update to 0.5.2 - Support EV_EVENT_TAG events from the kernel (PCR9 for the cmdline and the kernel) - Fix cmdline measurements - Update to 0.5.1 - Measure the kernel as an EFI binary (PCR4) - Update to 0.5.0 - Support systemd-cryptenroll JSON files - Generate RSA keys in more scenarios - Select RSA key size - Drop systemd-boot.patch (already present in upstream) - Add systemd-boot.patch to support systemd-cryptenroll JSON files - Add libtss2-tcti-device0 as the default TCTI interface to avoid the following error: Esys_Initialize() Initialize default tcti. ErrorCode (0x000a000a) - Added a _service file - BuildRequire libopenssl-devel rather than openssl - Updated to version 0.4.6: - recognize SOURCE_DATE_EPOCH for reproducible builds - Remove authorized policy file from the unseal action - Unseal the data without calling __pcr_policy_make() - Skip the variable event with 0 length (#26) - Add the new parameter: policy-name (#27) - Skip the leading operators when matching grub2 commands (#28) - microconf change: force rebuilding the sed script - Update to version 0.4.5 - update manpage to reflect added support of unseal w/ tpm2.0 key format - Implement unseal for TPM 2.0 Key File - Update manpage to describe the new key-format switch - Add TPM 2.0 Key File support to 'seal-secret' and 'sign' - Add comment to SRK template regarding NODA flag. - pcr-oracle.8: add a section on pcr policy sealing - Add self-test subcommand to pcr-oracle - Rename __tss_check_error -> tss_check_error - Moved two tss related functions to a file of their own - Add test-pcr.sh script - Use the same SRK template as the one in grub2 - Implement seal/unseal using a regular PCR policy - When displaying the DevicePath, print ACPI PNP ids - Handle failure to read EFI variables more gracefully - Gracefully handle AUTHORITY events for eg driver BSAs that reside in ROM - efi-variable rehash: break out the code to detect how the firmware hashed the event - build with optflags, remove unneeded clean section, macro bindir - Updated to version 0.4.2 - Fix project URL - add --rsa-generate-key option - Updated to version 0.4.1: - disable debug messages from authenticode PECOFF parser - add --tpm-eventlog option - add manpage - Updated to version 0.4: - drop the dependency on tss2 fapi - introduce authorized policies - Establish pcr-oracle as standalone package, apart from fde-tools Alberto Planas Dominguez 2025-04-02 15:04:15 +00:00
  • 825822e9bb - Change source to the openSUSE project - Update to 0.5.5 - Remove patches (merged) + fix-bsc1230316-make-pcr4-hard-requirement.patch + fix-bsc1230316-predict-sbatlevelrt.patch + fix-bsc1230316-predict-sbatlevelrt-sb-off.patch + fix_efi_measure_and_shim.patch + fix-event-reshash-for-cryptouuid.patch + fix_grub_bls_cmdline.patch + fix_grub_bls_entry.patch + fix_loader_conf.patch + fix-testcase-empty-efi-variables.patch + support-ecc-srk.patch - Add fix-bsc1230316-predict-sbatlevelrt-sb-off.patch to fix the prediction of SbatLevelRT when Secure Boot is disabled (bsc#1230316) - Add fix-bsc1230316-make-pcr4-hard-requirement.patch to make PCR4 a hard requirement for SbatLevelRT prediction (bsc#1230316) - Add fix-bsc1230316-predict-sbatlevelrt.patch to predict SbatLevelRT for the next boot (bsc#1230316) - Update the License tag to GPL-2.0-or-later to match the license declaration in the source files - Add fix-event-reshash-for-cryptouuid.patch to detect the crypto device with the 'cryptouuid' prefix - Add support-ecc-srk.patch to support ECC SRK - Add fix-testcase-empty-efi-variables.patch to fix the testcase playback on empty EFI variables - Add fix_grub_bls_cmdline.patch to include the measurements of the cmdline and the linux and initrd grub commands - Add fix_grub_bls_entry.patch to measure boot entries in GRUB BLS - Remove fix_efi_measure.patch - Add fix_efi_measure_and_shim.patch (bsc#1219807) - Add fix_loader_conf.patch to measure the systemd-boot loader.conf file - Add fix_efi_measure.patch to fix the measurement of EFI binaries - Update to 0.5.4 - Improve systemd-boot support - Add --boot-entry for systemd-boot - Manpage fixes - Fix PCR index in JSON file - Fix GrubPcrSnapshot parsing - Drop upstreamed patches: boot_entry.patch and fix_pcr_index.patch - Update to 0.5.3 - Improve documentation - Detect key format store via extension - Replace --key-format and --policy-format options with a single --target-platform option - The json file can contain multiple predictions - Remove fix_rsa.patch as is already upstream - Add boot_entry.patch to add new parameter to point to a new systemd boot entry - Add fix_pcr_index.patch to fix the PCR index number in the JSON file - Add fix_rsa.patch to support the export in PEM format of the public key - FAPI is not present until tpm2-tss >= 2.4.0. Express that in the BuildRequirement - Update to 0.5.2 - Support EV_EVENT_TAG events from the kernel (PCR9 for the cmdline and the kernel) - Fix cmdline measurements - Update to 0.5.1 - Measure the kernel as an EFI binary (PCR4) - Update to 0.5.0 - Support systemd-cryptenroll JSON files - Generate RSA keys in more scenarios - Select RSA key size - Drop systemd-boot.patch (already present in upstream) - Add systemd-boot.patch to support systemd-cryptenroll JSON files - Add libtss2-tcti-device0 as the default TCTI interface to avoid the following error: Esys_Initialize() Initialize default tcti. ErrorCode (0x000a000a) - Added a _service file - BuildRequire libopenssl-devel rather than openssl - Updated to version 0.4.6: - recognize SOURCE_DATE_EPOCH for reproducible builds - Remove authorized policy file from the unseal action - Unseal the data without calling __pcr_policy_make() - Skip the variable event with 0 length (#26) - Add the new parameter: policy-name (#27) - Skip the leading operators when matching grub2 commands (#28) - microconf change: force rebuilding the sed script - Update to version 0.4.5 - update manpage to reflect added support of unseal w/ tpm2.0 key format - Implement unseal for TPM 2.0 Key File - Update manpage to describe the new key-format switch - Add TPM 2.0 Key File support to 'seal-secret' and 'sign' - Add comment to SRK template regarding NODA flag. - pcr-oracle.8: add a section on pcr policy sealing - Add self-test subcommand to pcr-oracle - Rename __tss_check_error -> tss_check_error - Moved two tss related functions to a file of their own - Add test-pcr.sh script - Use the same SRK template as the one in grub2 - Implement seal/unseal using a regular PCR policy - When displaying the DevicePath, print ACPI PNP ids - Handle failure to read EFI variables more gracefully - Gracefully handle AUTHORITY events for eg driver BSAs that reside in ROM - efi-variable rehash: break out the code to detect how the firmware hashed the event - build with optflags, remove unneeded clean section, macro bindir - Updated to version 0.4.2 - Fix project URL - add --rsa-generate-key option - Updated to version 0.4.1: - disable debug messages from authenticode PECOFF parser - add --tpm-eventlog option - add manpage - Updated to version 0.4: - drop the dependency on tss2 fapi - introduce authorized policies - Establish pcr-oracle as standalone package, apart from fde-tools Alberto Planas Dominguez 2025-04-02 06:33:23 +00:00
  • 8a0f76e4e3 - Change source to the openSUSE project - Remove patches (merged) + fix-bsc1230316-make-pcr4-hard-requirement.patch + fix-bsc1230316-predict-sbatlevelrt.patch + fix-bsc1230316-predict-sbatlevelrt-sb-off.patch + fix_efi_measure_and_shim.patch + fix-event-reshash-for-cryptouuid.patch + fix_grub_bls_cmdline.patch + fix_grub_bls_entry.patch + fix_loader_conf.patch + fix-testcase-empty-efi-variables.patch + support-ecc-srk.patch Alberto Planas Dominguez 2025-04-01 20:04:06 +00:00
  • 34510ba1ec Accepting request 1251154 from Base:System Ana Guerrero 2025-03-07 15:39:40 +00:00
  • 41ba24edaf - Add fix-bsc1230316-predict-sbatlevelrt-sb-off.patch to fix the prediction of SbatLevelRT when Secure Boot is disabled (bsc#1230316) - Add fix-bsc1230316-make-pcr4-hard-requirement.patch to make PCR4 a hard requirement for SbatLevelRT prediction (bsc#1230316) Alberto Planas Dominguez 2025-03-07 09:56:33 +00:00
  • c3a080f6f8 Accepting request 1248601 from Base:System Dominique Leuenberger 2025-02-27 13:49:49 +00:00
  • 69dc577df1 - Add fix-bsc1230316-predict-sbatlevelrt.patch to predict SbatLevelRT for the next boot (bsc#1230316) Alberto Planas Dominguez 2025-02-26 09:36:46 +00:00
  • 356f288230 Accepting request 1247567 from Base:System Dominique Leuenberger 2025-02-21 20:35:20 +00:00
  • 94085ce4bf Update the License tag to GPL-2.0-or-later to match the license declaration in the source files Alberto Planas Dominguez 2025-02-21 07:35:59 +00:00
  • a18732fa3e Accepting request 1233794 from Base:System Ana Guerrero 2024-12-30 11:50:46 +00:00
  • f604fd8668 - Add fix-event-reshash-for-cryptouuid.patch to detect the crypto device with the 'cryptouuid' prefix Alberto Planas Dominguez 2024-12-29 16:22:08 +00:00
  • 7c7e9fe35b Accepting request 1192055 from Base:System Dominique Leuenberger 2024-08-08 08:57:03 +00:00
  • 48bd67e6f2 - Add support-ecc-srk.patch to support ECC SRK - Add fix-testcase-empty-efi-variables.patch to fix the testcase playback on empty EFI variables Alberto Planas Dominguez 2024-08-07 06:20:05 +00:00
  • 1790411994 Accepting request 1161556 from Base:System Ana Guerrero 2024-03-26 18:25:32 +00:00
  • 4eb2926a47 Accepting request 1161555 from home:aplanas:branches:Base:System Alberto Planas Dominguez 2024-03-25 20:42:46 +00:00
  • 7834539dac Accepting request 1158068 from Base:System Ana Guerrero 2024-03-17 21:10:35 +00:00
  • 35a9565808 Accepting request 1158064 from home:aplanas:branches:Base:System Alberto Planas Dominguez 2024-03-14 17:32:29 +00:00
  • b1b6d47435 Accepting request 1157968 from home:aplanas:branches:Base:System Alberto Planas Dominguez 2024-03-14 10:57:17 +00:00
  • 246045e36c Accepting request 1154010 from Base:System Dominique Leuenberger 2024-03-03 19:18:57 +00:00
  • 9228f7c5da Accepting request 1152283 from home:aplanas:branches:Base:System Marcus Meissner 2024-03-01 13:08:43 +00:00
  • ce0c7b4d23 Accepting request 1148729 from Base:System Ana Guerrero 2024-02-23 15:40:24 +00:00
  • d02e4f852b Accepting request 1148728 from home:aplanas:branches:Base:System Alberto Planas Dominguez 2024-02-21 14:07:38 +00:00
  • ca20a1e932 Accepting request 1138227 from Base:System Ana Guerrero 2024-01-12 22:44:48 +00:00
  • 64e374e9eb Accepting request 1138226 from home:aplanas:branches:Base:System Alberto Planas Dominguez 2024-01-12 07:37:04 +00:00
  • a5ac97965f Accepting request 1132461 from Base:System Ana Guerrero 2023-12-11 20:49:57 +00:00
  • 3d40a4e426 Accepting request 1132038 from home:gary_lin:branches:Base:System Alberto Planas Dominguez 2023-12-11 10:15:33 +00:00
  • 9002765e42 Accepting request 1130958 from Base:System Ana Guerrero 2023-12-07 18:08:51 +00:00
  • 07fa94a1ef Accepting request 1130043 from home:aplanas:branches:Base:System Marcus Meissner 2023-12-05 10:46:40 +00:00
  • e05dc895ab Accepting request 1127695 from Base:System Ana Guerrero 2023-11-21 20:31:26 +00:00
  • 2c84831601 Accepting request 1127659 from home:aplanas:branches:Base:System Olaf Kirch 2023-11-20 12:28:48 +00:00
  • ad947a615d Accepting request 1120268 from Base:System Ana Guerrero 2023-10-26 15:11:46 +00:00
  • 9df1c87f90 Accepting request 1118891 from home:aplanas:branches:Base:System Marcus Meissner 2023-10-25 12:36:45 +00:00
  • e70764a3f9 Accepting request 1101305 from Base:System Dominique Leuenberger 2023-07-29 18:10:38 +00:00
  • 3ad693c87e Accepting request 1100949 from home:gary_lin:branches:Base:System Dirk Mueller 2023-07-29 08:41:33 +00:00
  • 3fc7a58b04 Accepting request 1096766 from Base:System Dominique Leuenberger 2023-07-04 13:23:14 +00:00
  • 49e6bbc33c Accepting request 1096688 from home:okir:branches:Base:System Olaf Kirch 2023-07-04 11:45:50 +00:00
  • 89cd3b9216 Accepting request 1096527 from Base:System Dominique Leuenberger 2023-07-03 15:44:11 +00:00
  • 10f6f31e6f Accepting request 1091183 from home:gary_lin:branches:Base:System Marcus Meissner 2023-07-03 10:26:52 +00:00
  • 73961a43fe Accepting request 1090915 from Base:System Dominique Leuenberger 2023-06-05 16:06:16 +00:00
  • ff8df83650 OBS-URL: https://build.opensuse.org/package/show/Base:System/pcr-oracle?expand=0&rev=5 Marcus Meissner 2023-06-05 11:27:49 +00:00
  • d76e3a088c - build with optflags, remove unneeded clean section, macro bindir Marcus Meissner 2023-06-05 11:15:29 +00:00
  • 1093b87607 OBS-URL: https://build.opensuse.org/package/show/Base:System/pcr-oracle?expand=0&rev=3 Marcus Meissner 2023-06-05 11:15:13 +00:00
  • e5e3f71945 Accepting request 1090164 from home:msmeissn:branches:Base:System Marcus Meissner 2023-06-02 15:17:25 +00:00
  • 47716611e2 Accepting request 1090117 from SUSE:ALP Marcus Meissner 2023-06-01 06:58:04 +00:00