Alberto Planas Dominguez
f604fd8668
device with the 'cryptouuid' prefix OBS-URL: https://build.opensuse.org/package/show/Base:System/pcr-oracle?expand=0&rev=34
186 lines
7.1 KiB
Plaintext
186 lines
7.1 KiB
Plaintext
-------------------------------------------------------------------
|
|
Thu Dec 26 05:57:07 UTC 2024 - Gary Ching-Pang Lin <glin@suse.com>
|
|
|
|
- Add fix-event-reshash-for-cryptouuid.patch to detect the crypto
|
|
device with the 'cryptouuid' prefix
|
|
|
|
-------------------------------------------------------------------
|
|
Mon Aug 5 06:11:52 UTC 2024 - Gary Ching-Pang Lin <glin@suse.com>
|
|
|
|
- Add support-ecc-srk.patch to support ECC SRK
|
|
- Add fix-testcase-empty-efi-variables.patch to fix the testcase
|
|
playback on empty EFI variables
|
|
|
|
-------------------------------------------------------------------
|
|
Mon Mar 25 20:16:53 UTC 2024 - Alberto Planas Dominguez <aplanas@suse.com>
|
|
|
|
- Add fix_grub_bls_cmdline.patch to include the measurements of the
|
|
cmdline and the linux and initrd grub commands
|
|
|
|
-------------------------------------------------------------------
|
|
Thu Mar 14 10:33:23 UTC 2024 - Alberto Planas Dominguez <aplanas@suse.com>
|
|
|
|
- Add fix_grub_bls_entry.patch to measure boot entries in GRUB BLS
|
|
|
|
-------------------------------------------------------------------
|
|
Mon Feb 26 15:14:37 UTC 2024 - Alberto Planas Dominguez <aplanas@suse.com>
|
|
|
|
- Remove fix_efi_measure.patch
|
|
- Add fix_efi_measure_and_shim.patch (bsc#1219807)
|
|
|
|
-------------------------------------------------------------------
|
|
Tue Feb 20 18:16:53 UTC 2024 - Alberto Planas Dominguez <aplanas@suse.com>
|
|
|
|
- Add fix_loader_conf.patch to measure the systemd-boot loader.conf file
|
|
|
|
-------------------------------------------------------------------
|
|
Fri Jan 12 07:28:55 UTC 2024 - Alberto Planas Dominguez <aplanas@suse.com>
|
|
|
|
- Add fix_efi_measure.patch to fix the measurement of EFI binaries
|
|
|
|
-------------------------------------------------------------------
|
|
Fri Dec 8 07:17:35 UTC 2023 - Gary Ching-Pang Lin <glin@suse.com>
|
|
|
|
- Update to 0.5.4
|
|
- Improve systemd-boot support
|
|
- Add --boot-entry for systemd-boot
|
|
- Manpage fixes
|
|
- Fix PCR index in JSON file
|
|
- Fix GrubPcrSnapshot parsing
|
|
- Drop upstreamed patches: boot_entry.patch and fix_pcr_index.patch
|
|
|
|
-------------------------------------------------------------------
|
|
Wed Nov 29 15:56:39 UTC 2023 - Alberto Planas Dominguez <aplanas@suse.com>
|
|
|
|
- Update to 0.5.3
|
|
- Improve documentation
|
|
- Detect key format store via extension
|
|
- Replace --key-format and --policy-format options with a single
|
|
--target-platform option
|
|
- The json file can contain multiple predictions
|
|
- Remove fix_rsa.patch as is already upstream
|
|
- Add boot_entry.patch to add new parameter to point to a new systemd
|
|
boot entry
|
|
- Add fix_pcr_index.patch to fix the PCR index number in the JSON file
|
|
|
|
-------------------------------------------------------------------
|
|
Mon Nov 20 10:24:32 UTC 2023 - Alberto Planas Dominguez <aplanas@suse.com>
|
|
|
|
- Add fix_rsa.patch to support the export in PEM format of the public
|
|
key
|
|
|
|
-------------------------------------------------------------------
|
|
Mon Nov 20 10:16:20 UTC 2023 - Alberto Planas Dominguez <aplanas@suse.com>
|
|
|
|
- FAPI is not present until tpm2-tss >= 2.4.0. Express that in the
|
|
BuildRequirement
|
|
|
|
-------------------------------------------------------------------
|
|
Wed Nov 15 20:54:57 UTC 2023 - Alberto Planas Dominguez <aplanas@suse.com>
|
|
|
|
- Update to 0.5.2
|
|
- Support EV_EVENT_TAG events from the kernel (PCR9 for the cmdline
|
|
and the kernel)
|
|
- Fix cmdline measurements
|
|
- Update to 0.5.1
|
|
- Measure the kernel as an EFI binary (PCR4)
|
|
|
|
-------------------------------------------------------------------
|
|
Mon Nov 13 10:53:20 UTC 2023 - Alberto Planas Dominguez <aplanas@suse.com>
|
|
|
|
- Update to 0.5.0
|
|
- Support systemd-cryptenroll JSON files
|
|
- Generate RSA keys in more scenarios
|
|
- Select RSA key size
|
|
- Drop systemd-boot.patch (already present in upstream)
|
|
|
|
-------------------------------------------------------------------
|
|
Thu Oct 19 11:01:10 UTC 2023 - Alberto Planas Dominguez <aplanas@suse.com>
|
|
|
|
- Add systemd-boot.patch to support systemd-cryptenroll JSON files
|
|
|
|
-------------------------------------------------------------------
|
|
Wed Jul 26 14:06:43 UTC 2023 - Gary Ching-Pang Lin <glin@suse.com>
|
|
|
|
- Add libtss2-tcti-device0 as the default TCTI interface to avoid
|
|
the following error:
|
|
Esys_Initialize() Initialize default tcti. ErrorCode (0x000a000a)
|
|
|
|
-------------------------------------------------------------------
|
|
Tue Jul 4 07:44:10 UTC 2023 - Olaf Kirch <okir@suse.com>
|
|
|
|
- Added a _service file
|
|
- BuildRequire libopenssl-devel rather than openssl
|
|
- Updated to version 0.4.6:
|
|
- recognize SOURCE_DATE_EPOCH for reproducible builds
|
|
- Remove authorized policy file from the unseal action
|
|
- Unseal the data without calling __pcr_policy_make()
|
|
- Skip the variable event with 0 length (#26)
|
|
- Add the new parameter: policy-name (#27)
|
|
- Skip the leading operators when matching grub2 commands (#28)
|
|
- microconf change: force rebuilding the sed script
|
|
|
|
-------------------------------------------------------------------
|
|
Mon Jun 5 07:45:13 UTC 2023 - Gary Ching-Pang Lin <glin@suse.com>
|
|
|
|
- Update to version 0.4.5
|
|
- update manpage to reflect added support of unseal w/ tpm2.0 key
|
|
format
|
|
- Implement unseal for TPM 2.0 Key File
|
|
- Update manpage to describe the new key-format switch
|
|
- Add TPM 2.0 Key File support to 'seal-secret' and 'sign'
|
|
- Add comment to SRK template regarding NODA flag.
|
|
- pcr-oracle.8: add a section on pcr policy sealing
|
|
- Add self-test subcommand to pcr-oracle
|
|
- Rename __tss_check_error -> tss_check_error
|
|
- Moved two tss related functions to a file of their own
|
|
- Add test-pcr.sh script
|
|
- Use the same SRK template as the one in grub2
|
|
- Implement seal/unseal using a regular PCR policy
|
|
- When displaying the DevicePath, print ACPI PNP ids
|
|
- Handle failure to read EFI variables more gracefully
|
|
- Gracefully handle AUTHORITY events for eg driver BSAs that
|
|
reside in ROM
|
|
- efi-variable rehash: break out the code to detect how the
|
|
firmware hashed the event
|
|
|
|
-------------------------------------------------------------------
|
|
Thu Jun 1 07:07:04 UTC 2023 - Marcus Meissner <meissner@suse.com>
|
|
|
|
- build with optflags, remove unneeded clean section, macro bindir
|
|
|
|
-------------------------------------------------------------------
|
|
Mon Jan 16 08:52:50 UTC 2023 - Olaf Kirch <okir@suse.com>
|
|
|
|
- Updated to version 0.4.2
|
|
|
|
-------------------------------------------------------------------
|
|
Thu Jan 5 13:54:40 UTC 2023 - Michal Suchanek <msuchanek@suse.com>
|
|
|
|
- Fix project URL
|
|
|
|
-------------------------------------------------------------------
|
|
Wed Jan 4 11:50:54 UTC 2023 - Olaf Kirch <okir@suse.com>
|
|
|
|
- add --rsa-generate-key option
|
|
|
|
-------------------------------------------------------------------
|
|
Tue Jan 3 15:00:08 UTC 2023 - Olaf Kirch <okir@suse.com>
|
|
|
|
- Updated to version 0.4.1:
|
|
- disable debug messages from authenticode PECOFF parser
|
|
- add --tpm-eventlog option
|
|
- add manpage
|
|
|
|
-------------------------------------------------------------------
|
|
Mon Jan 2 16:36:29 UTC 2023 - Olaf Kirch <okir@suse.com>
|
|
|
|
- Updated to version 0.4:
|
|
- drop the dependency on tss2 fapi
|
|
- introduce authorized policies
|
|
|
|
-------------------------------------------------------------------
|
|
Tue Nov 8 11:18:07 UTC 2022 - Olaf Kirch <okir@suse.com>
|
|
|
|
- Establish pcr-oracle as standalone package, apart from fde-tools
|