- Update to 3.2.0
+ Fixed
* FAPI: fix curl_url_set call
* FAPI: Fix usage of curl url (Should fix Ubuntu 22.04)
* Fix buffer upcast leading to misalignment
* Fix check whether SM3 is available
* Update git.mk to support R/O src-dir
* Fixed file descriptor leak when tcti initialization failed.
* 32 Bit builds of the integration tests.
* Primary key creation, in some cases the unique field was not
cleared before calling create primary.
* Primary keys was used for signing the object were cleared after
loading. So access e.g. to the certificate did not work.
* Primary keys created with Fapi_Create with an auth value, the
auth_value was not used in inSensitive to recreate the primary
key. Now the auth value callback is used to initialize
inSensitive.
* The not possible usage of policies for primary keys generated
with Fapi_CreatePrimary has been fixed.
* An infinite loop when parsing erroneous JSON was fixed in FAPI.
* A buffer overflow in ESAPI xor parameter obfuscation was fixed.
* Certificates could be read only once in one application The
setting the init state of the state automaton for getting
certificates was fixed.
* A double free when executing policy action was fixed.
* A leak in Fapi_Quote was fixed.
* The wrong file locking in FAPI IO was fixed.
* Enable creation of tss group and user on systems with busybox
for fapi.
* One fapi integration test did change the auth value of the
storage hierarchy.
* A leak in fapi crypto with ossl3 was fixed.
* Add initial camelia support to FAPI
* Fix tests of fapi PCR
* Fix tests of ACT functionality if not supported by pTPM
* Fix compiler (unused) warning when building without debug
logging
* Fix leaks in error cases of integration tests
* Fix memory leak after ifapi_init_primary_finish failed
* Fix double-close of stream in FAPI
* Fix segfault when ESYS_TR_NONE is passed to Esys_TR_GetName
* Fix the authorization of hierarchy objects used in policy
secret.
* Fix check of qualifying data in Fapi_VerifyQuote.
* Fix some leaks in FAPI error cases.
* Make scripts compatible with non-posix shells where test does
not know -a and -o.
* Fix usage of variable not initialized when fapi keystore is
empty.
+ Added
* Add additional IFX root CAs
* Added support for SM2, SM3 and SM4.
* Added support for OpenSSL 3.0.0.
* Added authPolicy field to the TPMU_CAPABILITIES union.
* Added actData field to the TPMU_CAPABILITIES union.
* Added TPM2_CAP_AUTH_POLICIES
* Added TPM2_CAP_ACT constants.
* Added updates to the marshalling and unmarshalling of the
TPMU_CAPABILITIES union.
* Added updated to the FAPI serializations and deserializations of
the TPMU_CAPABILITIES union and associated types.
* Add CODE_OF_CONDUCT
* tcti-mssim and tcti-swtpm gained support for UDX communication
* Missing constant for TPM2_RH_PW
+ Removed
* Removed support for OpenSSL < 1.1.0.
* Marked TPMS_ALGORITHM_DESCRIPTION and corresponding MU routines
as deprecated.
* Those were errorous typedefs that are not use and not useful. So
we will remove this with 3.3
* Marked TPM2_RS_PW as deprecated. Use TPM2_RH_PW instead.
- Update to 3.1.1
+ Fixed
* Fixed file descriptor leak when tcti initialization failed.
* Primary key creation, in some cases the unique field was not
cleared before calling create primary.
* Primary keys was used for signing the object were cleared after
loading. So access e.g. to the certificate did not work.
* Primary keys created with Fapi_Create with an auth value, the
auth_value was not used in inSensitive to recreate the primary
key. Now the auth value callback is used to initialize
inSensitive.
* The not possible usage of policies for primary keys generated
with Fapi_CreatePrimary has been fixed.
* An infinite loop when parsing erroneous JSON was fixed in FAPI.
* A buffer overflow in ESAPI xor parameter obfuscation was fixed.
* Certificates could be read only once in one application The
setting the init state of the state automaton for getting
certificates was fixed.
* A double free when executing policy action was fixed.
* A leak in Fapi_Quote was fixed.
* The wrong file locking in FAPI IO was fixed.
* One fapi integration test did change the auth value of the
storage hierarchy.
* Fix test of FAPI PCR
* Fix leaks in error cases of integration tests
* Fix segfault when ESYS_TR_NONE is passed to Esys_TR_GetName
* Fix the authorization of hierarchy objects used in policy
secret.
* Fix check of qualifying data in Fapi_VerifyQuote.
* Fix some leaks in FAPI error cases.
* Fix usage of variable not initialized when fapi keystore is
empty.
+ Added
* Add additional IFX root CAs
OBS-URL: https://build.opensuse.org/request/show/987905
OBS-URL: https://build.opensuse.org/package/show/security/tpm2-0-tss?expand=0&rev=119
- Version 3.1.0 includes:
+ cover update to 2.4.5 (jsc#SLE-17366)
+ cover update to 2.3.0 (jsc#SLE-9515)
+ fix policy session for TPM2_PolicyAuthValue (bsc#1160736)
- Add version the configuration file tpm2-tss-fapi.conf
- Remove conflicting sysusers.d file
- Clean spec file
- Add new library libtss2-tcti-pcap0
- Update to 3.1.0:
* Fix FAPI PolicyPCR not instatiating correctly (CVE-2020-24455)
* Fixed possible access outside the array in ifapi_calculate_tree
* Added pcap TCTI
* Added GlobalSign TPM Root CA certs to FAPI cert store
* Changed EncryptDecrypt mode type to align with TPM2.0 spec 1.59
* Added two new TPM commands TPM2_CC_CertifyX509,
and TPM2_CC_ACT_SetTimeout
- small services fixes and comments
- update to 3.0.3:
- changes in 3.0.3:
* Fix Regression in Fapi_List
* Fix memory leak in policy calculation
- changes in 3.0.2:
* FAPI: Fix setting of the system flag of NV objects
* This will let NV object metadata be created system-wide always instead of
* locally in the user. Existing metadata will remain in the user directory.
* It can be moved to the corresponding systemstore manually if needed.
* FAPI: Fix policy searching, when a policyRef was provided
* FAPI: Accept EK-Certs without CRL dist point
* FAPI: Fix return codes of Fapi_List
* FAPI: Fix memleak in policy execution
* FAPI: Fix coverity NULL-pointer check
* FAPI: Set the written flag of NV objects in FAPI PolicyNV commands
* FAPI: Fix deleting of policy files.
* FAPI: Fix wrong file loading during object search.
* Fapi: Fix memory leak
* Fapi: Fix potential NULL-Dereference
* Fapi: Remove superfluous NULL check
* Fix a memory leak in async keystore load.
- move the tcti-fapi tmpfiles.d config file into the libtss2-fapi1 sub-package.
- improve the descriptions of new libraries (fapi1, cmd0, swtpm0)
- adjust baselibs.conf to match new library versions and added libraries
- Update to 3.0.1, changelog at:
https://github.com/tpm2-software/tpm2-tss/blob/3.0.x/CHANGELOG.md
- Update libtss2-sys0 to libtss2-sys1
- Add new libs:
* libtss2-fapi1
* libtss2-tcti-cmd0
* libtss2-tcti-swtpm0
- Update to version 2.3.3
* Fixed mixing salted and unsalted sessions in the same ESAPI
context
* Removed use of VLAs from TPML marshal code
* Added check for object node before calling compute_session_value
function
* Fixed auth calculation in Esys_StartAuthSession called with
optional parameters
* Fixed compute_encrypted_salt error handling in
Esys_StartAuthSession
* Fixed exported symbols map for libtss2-mu
- Use system-users for tss user creation (boo#1162360).
- BuildRequire pkgconfig(udev) instead of udev: allow OBS to
shortcut through the -mini flavor.
- update to upstream version 2.3.2:
- changes since version 2.3.0:
- Fix unit tests on S390 architectures
- Fixed HMAC generation for policy sessions
- update to upstream version 2.3.0:
- changes in version 2.3.0:
- tss2-tctildr: A new library that helps with tcti initialization
Recommend to use this in place of custom tcti loading code now !
- tss2-rc: A new library that provides textual representations for return
codes
- Option to disable NIST-deprecated crypto (--disable-weak-crypto)
- Support Esys_TR_FromTPMPublic on sessions (for use in Esys_FlushContext)
- map-files with correct symbol lists for tss2-sys and tss2-esys
This may lead to unresolved symbols in linked applications
- Support to call Tss2_Sys_Execute repeatedly on certain errors
- Reduced RAM consumption in Esys due to Tss2_Sys_Execute change
- Automated session attribution clearing for esys (decrypt and encrypt)
per cmd
- Removed libtss2-mu from "Requires" field of libtss2-esys.pc
Needs to be added explicitely now
- All fixes from 2.2.1, 2.2.2 and 2.2.3
- Fixed SPDX License Identifiers
- Fixed Null-pointer problems in tcti-tbs
- Fixed Default locality for tcti-mssim set to LOC_0
- Fixed coverity and valgrind leaks detected in test programs (not library
code)
- update to upstream version 2.2.3:
- changes in version 2.2.3:
* Fix computation of session name
* Fixed PolicyPassword handling of session Attributes
* Fixed windows build from dist ball
* Fixed default tcti configure option
* Fixed nonce size calculation in ESYS sessions
- changes in version 2.2.2:
* Fixed wrong encryption flag in EncryptDecrypt
* Fixing openssl engine invocation
- bsc#1130588: Require shadow instead of old pwdutils
- update to upstream version 2.2.1:
- changes from version 2.2.0:
- Fixed leak of hkey on success in iesys_cryptossl_hmac_start
- Fixed NULL ptr issues in Esys_HMAC_Start, Esys_HierarchyChangeAuth and Esys_NV_ChangeAuth
- Fixed NULL ptr issue in sequenceHandleNode
- Fixed NULL ptr auth handling in Esys_TR_SetAuth
- Fixed NULL auth handling in iesys_compute_session_value
- Fixed marshaling of TPM2Bs with sub types.
- Fixed NULL ptr session handling in Esys_TRSess_SetAttributes
- Fixed the way size of the hmac value of a session without authorization
- Added missing MU functions for TPM2_NT type
- Added missing MU functions for TPMA_ID_OBJECT type
- Added missing type TPM2_NT into tss2_tpm2_types.h
- Fixed wrong typename _ID_OBJECT in tss2_tpm2_types.h
- Fixed build breakage when --with-maxloglevel is not 'trace'
- Fixed build breakage in generated configure script when CFLAGS is set
- Fixed configure scritp ERROR_IF_NO_PROG macro
- Changed TPM2B type unmarshal to use sizeof of the dest buffer instead of dest
- Fixed unmarshaling of the TPM2B type with invalid size
- Removed dead code defect detected by coverity from Esys_TRSess_GetNonceTPM
- Added support for QNX build
- Added support for partial reads in device TCTI
- changes from version 2.1.1:
- Fixed leak of hkey on success in iesys_cryptossl_hmac_start
- Fixed NULL ptr issues in Esys_HMAC_Start, Esys_HierarchyChangeAuth and Esys_NV_ChangeAuth
- Fixed NULL ptr issue in sequenceHandleNode
- Fixed NULL ptr auth handling in Esys_TR_SetAuth
- Fixed NULL auth handling in iesys_compute_session_value
- Fixed marshaling of TPM2Bs with sub types.
- Fixed NULL ptr session handling in Esys_TRSess_SetAttributes
- Fixed the way size of the hmac value of a session without authorization
- Added missing MU functions for TPM2_NT type
- Added missing MU functions for TPMA_ID_OBJECT type
- Added missing type TPM2_NT into tss2_tpm2_types.h
- Fixed wrong typename _ID_OBJECT in tss2_tpm2_types.h
- Fixed build breakage when --with-maxloglevel is not 'trace'
- Fixed build breakage in generated configure script when CFLAGS is set
- Fixed configure scritp ERROR_IF_NO_PROG macro
- Changed TPM2B type unmarshal to use sizeof of the dest buffer instead of dest
- Fixed unmarshaling of the TPM2B type with invalid size
- Removed dead code defect detected by coverity from Esys_TRSess_GetNonceTPM
- changes from version 2.1.0:
- Fixed handling of the default TCTI
- Changed logging to be ISO-C99 compatible
- Fixed leak of dlopen handle
- Fixed logging of a response header tag in Tss2_Sys_Execute
- Fixed marshaling of TPM2B parameters in SAPI commands
- Fixed unnecessary warning in Esys_Startup
- Fixed warnings in doxygen documentation
- Added Esys_Free wrapper function for systems using different C runtime libraries
- Added Windows TBS TCTI
- Added non-blocking mode of operation in tcti-device
- Added tests for Esys_HMAC and Esys_Hash
- Enabled integration tests on physical TPM device
- Added openssl libcrypto backend
- Added Doxygen documentation to integration tests
- Refactored SetDecryptParam
- Enabled OpenSSL crypto backend by default
- changes from 2.0.2:
- Fixed NULL ptr issues in Esys_HMAC_Start, Esys_HierarchyChangeAuth and Esys_NV_ChangeAuth
- Fixed NULL ptr issue in sequenceHandleNode
- Fixed NULL ptr auth handling in Esys_TR_SetAuth
- Fixed NULL auth handling in iesys_compute_session_value
- Fixed marshaling of TPM2Bs with sub types.
- Fixed NULL ptr session handling in Esys_TRSess_SetAttributes
- Fixed the way size of the hmac value of a session without authorization
- Added missing MU functions for TPM2_NT type
- Added missing MU functions for TPMA_ID_OBJECT type
- Added missing type TPM2_NT into tss2_tpm2_types.h
- Fixed wrong typename _ID_OBJECT in tss2_tpm2_types.h
- Fixed build breakage when --with-maxloglevel is not 'trace'
- Fixed build breakage in generated configure script when CFLAGS is set
- Fixed configure scritp ERROR_IF_NO_PROG macro
- Changed TPM2B type unmarshal to use sizeof of the dest buffer instead of dest
- Fixed unmarshaling of the TPM2B type with invalid size
- Removed dead code defect detected by coverity from Esys_TRSess_GetNonceTPM
- introduce _service file for syncing with upstream tags
- update to upstream version 2.0.1 (FATE#324477):
- Fixed problems with doxygan failing make distcheck
- Fixed conversion of gcrypt mpi numbers to binary data
- Fixed an error in parsing socket address in MSSIM TCTI
- Fixed compilation error with --disable-tcti-mssim
- Added initialization function for gcrypt to suppress warning
- Fixed invalid type base type while marshaling TPMI_ECC_CURVE in Tss2_Sys_ECC_Parameters
- Fixed invalid RSA encryption with exponent equal to 0
- Fixed checking of return codes in ESAPI commands
- Added checks for programs required by the test harness @ configure time
- Fixed warning on TPM2_RC_INITIALIZE rc after a Startup in Esys_Startup
- Checked for 1.2 TPM type response
- Changed constants values in esys header file to unsigned
- also process udev triggers for tpmrm subsystem, otherwise /dev/tpmrm0 isn't
properly updated (at least on SLES-12-SP4)
- added all librares to baselibs.conf to satisfy 32-bit dependencies of esys0
and sys0
- Explicitly require udev to fix missing ownership for /usr/lib/udev.
- update to new major version 2.0.0:
- version_fix.patch: removed, we're now using the distribution tarballs
where this problem shouldn't happen
- this update introduces an incompatible ABI to the previous version.
all libraries have been renamed so there is not really a relation to
the old version any more.
- upstream changelog:
## [2.0.0] - 2018-06-20
### Added
- Implementation of the Marshal/Unmarshal library (libtss2-mu)
- Implementation of the Enhanced System API (libtss2-esys aka ESAPI)
- New implemetation of the TPM Command Transmission Interface (TCTI) for:
- communication with Linux TPM2 device driver: libtss2-tcti-device
- communication with Microsoft software simulator: libtss2-tcti-mssim
- New directory layout (API break)
- Updated documentation with new doxygen and updated man pages
- Support for Windows build with Visual Studio and clang, currently limited
to libtss2-mu and libtss2-sys
- Implementation of the new Attached Component (AC) commands
- Implementation of the new TPM2_PolicyAuthorizeNV command
- Implementation of the new TPM2_CreateLoaded command
- Implementation of the new TPM2_PolicyTemplate command
- Addition of _Complete functions to all TPM commands
- New logging framework
- Added const qualifiers to API input pointers (API break)
- Cleaned up headers and remove implementation.h and tpm2.h (API break)
### Changed
- Converted all cpp files to c, removed dependency on C++ compiler.
- Cleaned out a number of marshaling functions from the SAPI code.
- Update Linux / Unix OS detection to use non-obsolete macros.
- Changed TCTI macros to CamelCase (API break)
- Changed TPMA_types to unsigned int with defines instead of bitfield structs (API/ABI break)
- Changed Get/SetCmd/RspAuths to new parameter types (API/ABI break)
- Fixed order of parameters in AC commands: Input command authorizations
now come after the input handles, but still before the command parameters.
### Removed
- Removed all sysapi/sysapi_utils/*arshal_TPM*.c files
### Fixed
- Updated invalid number of handles in TPM2_PolicyNvWritten and TPM2_TestParms
- Updated PlatformCommand function from libtss2-tcti-mssim to no longer send
CANCEL_OFF before every command.
- Expanded TPM2B macros and removed TPM2B_TYPE1 and TPM2B_TYPE2 macros
- Fixed wrong return type for Tss2_Sys_Finalize (API break).
## [1.4.0] - 2018-03-02
### Added
- Attached Component commands from the last public review spec.
### Fixed
- Essential files missing from release tarballs are now included.
- Version string generation has been moved from configure.ac to the
bootstrap script. It is now stored in a file named `VERSION` that is
shipped in the release tarball.
- We've stopped shipping the built man page for InitSocketTcti.3 and now
ship the source.
- removed leftover comment from dropped reproducable.patch
- update to upstream version 1.3.0:
- support for reproducable builds
- improved documentation / manual pages
- various stability bugfixes
- EncryptDecrypt2 command is now implemented
- removed reproducible.patch. This is now included upstream.
- added version_fix.patch to fix package config version numbers.
- fix the "fix", turns out only the unversioned symlink's supposed to go into
-devel.
- no longer install the udev rule, it's now part of the new tpm2.0-abrmd
package.
- fixed a warning regarding a missing dependency of the devel package to the
main package
- correctly package library symlinks only in the devel package, the library
itself only in the library package. Was mixed up before.
- removed tpm2-0-tss-configure.patch, it was just a hack, fixed by requiring
autoconf-archive, see https://github.com/01org/TPM2.0-TSS/issues/227.
- Updated to upstream version 1.1.0
- With this version the resourcemgr daemon is dropped from this package. It
is replaced by a completely new implementation found in a new package
tpm2.0-abrmd. this package will only consist of the libraries any more.
- Changed
- tpmclient, disabled all tests that rely on the old resourcemgr.
- Fixed
- Fixed definition of PCR_LAST AND TRANSIENT_LAST macros.
- Removed
- tpmtest
- resourcemgr, replacement is in new repo: https://github.com/01org/tpm2-abrmd
- Add reproducible.patch to sort input files to make build reproducible
(boo#1041090)
- create tss user account and install udev rule to fix startup of resourcemgr
(bnc#1038586)
- remove unnecessary dependency of libsapi0 to trousers. trousers has nothing
to do with tpm2-tss.
- fixed typo in resourcemgr.service (bsc#1031004)
- Remove --with-pic which is only for static libs.
- Fix an improper Requires line.
- Split libtcti* from libsapi0; these are independentlty
developable units.
- Updated to 1.0 (FATE#321508)
- Added
- Travis-CI integration with GitHub
- Unit tests for primitive (un)?marshal functions.
- Example systemd unit for resourcemgr.
- Allow for unit tests to be enabled selectively.
- added pkg-config files for libraries
- Changed
- move simulator initialization code to socket TCTI init function.
- socket TCTI finalize no longer frees context
- rename libtss2 to libsapi
- rename libtcti_device to libtcti-device
- rename libtcti_socket to libtcti-socket
- move $(includedir)/tss to $(includedir)/sapi
- Move default compiler flags to config.site file.
- Fixed
- Fix run away resourcemgr threads by closing client sockets when resourcemgr recv() call returns 0.
- Set MSG_NOSIGNAL for client connections to avoid SIGPIPE killing resourcemgr.
- Fixes to handling of persistent objects by resourcemgr.
- Removed
- Semicolon from TPMA_* macros definitions.
- Windows build files.
- SAPI_CLIENT macro tests.
- Security
- Fix buffer overflow in resourcemgr.
- use sample resourcemanager.service
- tpm2-0-tss-configure.patch: fix weird error.
- Remove type=forking from service file (bsc#995554)
- added a systemd unit service file (FATE#315631)
- Correct package naming to be in line with shared library guideline
- Remove unused systemd build and runtime dependencies
(FATE#315631)
- Fix rpm group of library package: libs belong, per definition, to
the group "System/Libraries". (FATE#315631)
- initial import of the tpm 2.0 tss stack (FATE#315631)
OBS-URL: https://build.opensuse.org/request/show/937743
OBS-URL: https://build.opensuse.org/package/show/security/tpm2-0-tss?expand=0&rev=117
- Clean spec file
- Add new library libtss2-tcti-pcap0
- Update to 3.1.0:
* Fix FAPI PolicyPCR not instatiating correctly (CVE-2020-24455)
* Fixed possible access outside the array in ifapi_calculate_tree
* Added pcap TCTI
* Added GlobalSign TPM Root CA certs to FAPI cert store
* Changed EncryptDecrypt mode type to align with TPM2.0 spec 1.59
* Added two new TPM commands TPM2_CC_CertifyX509,
and TPM2_CC_ACT_SetTimeout
OBS-URL: https://build.opensuse.org/request/show/906442
OBS-URL: https://build.opensuse.org/package/show/security/tpm2-0-tss?expand=0&rev=111
- changes in 3.0.3:
* Fix Regression in Fapi_List
* Fix memory leak in policy calculation
- changes in 3.0.2:
* FAPI: Fix setting of the system flag of NV objects
* This will let NV object metadata be created system-wide always instead of
* locally in the user. Existing metadata will remain in the user directory.
* It can be moved to the corresponding systemstore manually if needed.
* FAPI: Fix policy searching, when a policyRef was provided
* FAPI: Accept EK-Certs without CRL dist point
* FAPI: Fix return codes of Fapi_List
* FAPI: Fix memleak in policy execution
* FAPI: Fix coverity NULL-pointer check
* FAPI: Set the written flag of NV objects in FAPI PolicyNV commands
* FAPI: Fix deleting of policy files.
* FAPI: Fix wrong file loading during object search.
* Fapi: Fix memory leak
* Fapi: Fix potential NULL-Dereference
* Fapi: Remove superfluous NULL check
* Fix a memory leak in async keystore load.
OBS-URL: https://build.opensuse.org/package/show/security/tpm2-0-tss?expand=0&rev=105
- Update to version 2.3.3
* Fixed mixing salted and unsalted sessions in the same ESAPI
context
* Removed use of VLAs from TPML marshal code
* Added check for object node before calling compute_session_value
function
* Fixed auth calculation in Esys_StartAuthSession called with
optional parameters
* Fixed compute_encrypted_salt error handling in
Esys_StartAuthSession
* Fixed exported symbols map for libtss2-mu
OBS-URL: https://build.opensuse.org/request/show/778034
OBS-URL: https://build.opensuse.org/package/show/security/tpm2-0-tss?expand=0&rev=94
- changes in version 2.3.0:
- tss2-tctildr: A new library that helps with tcti initialization
Recommend to use this in place of custom tcti loading code now !
- tss2-rc: A new library that provides textual representations for return
codes
- Option to disable NIST-deprecated crypto (--disable-weak-crypto)
- Support Esys_TR_FromTPMPublic on sessions (for use in Esys_FlushContext)
- map-files with correct symbol lists for tss2-sys and tss2-esys
This may lead to unresolved symbols in linked applications
- Support to call Tss2_Sys_Execute repeatedly on certain errors
- Reduced RAM consumption in Esys due to Tss2_Sys_Execute change
- Automated session attribution clearing for esys (decrypt and encrypt)
per cmd
- Removed libtss2-mu from "Requires" field of libtss2-esys.pc
Needs to be added explicitely now
- All fixes from 2.2.1, 2.2.2 and 2.2.3
- Fixed SPDX License Identifiers
- Fixed Null-pointer problems in tcti-tbs
- Fixed Default locality for tcti-mssim set to LOC_0
- Fixed coverity and valgrind leaks detected in test programs (not library
code)
OBS-URL: https://build.opensuse.org/package/show/security/tpm2-0-tss?expand=0&rev=85
- changes from version 2.2.3:
* Fix computation of session name
* Fixed PolicyPassword handling of session Attributes
* Fixed windows build from dist ball
* Fixed default tcti configure option
* Fixed nonce size calculation in ESYS sessions
- changes from version 2.2.2:
* Fixed wrong encryption flag in EncryptDecrypt
* Fixing openssl engine invocation
OBS-URL: https://build.opensuse.org/package/show/security/tpm2-0-tss?expand=0&rev=82
- changes from version 2.2.0:
- Fixed leak of hkey on success in iesys_cryptossl_hmac_start
- Fixed NULL ptr issues in Esys_HMAC_Start, Esys_HierarchyChangeAuth and Esys_NV_ChangeAuth
- Fixed NULL ptr issue in sequenceHandleNode
- Fixed NULL ptr auth handling in Esys_TR_SetAuth
- Fixed NULL auth handling in iesys_compute_session_value
- Fixed marshaling of TPM2Bs with sub types.
- Fixed NULL ptr session handling in Esys_TRSess_SetAttributes
- Fixed the way size of the hmac value of a session without authorization
- Added missing MU functions for TPM2_NT type
- Added missing MU functions for TPMA_ID_OBJECT type
- Added missing type TPM2_NT into tss2_tpm2_types.h
- Fixed wrong typename _ID_OBJECT in tss2_tpm2_types.h
- Fixed build breakage when --with-maxloglevel is not 'trace'
- Fixed build breakage in generated configure script when CFLAGS is set
- Fixed configure scritp ERROR_IF_NO_PROG macro
- Changed TPM2B type unmarshal to use sizeof of the dest buffer instead of dest
- Fixed unmarshaling of the TPM2B type with invalid size
- Removed dead code defect detected by coverity from Esys_TRSess_GetNonceTPM
- Added support for QNX build
- Added support for partial reads in device TCTI
- changes from version 2.1.1:
- Fixed leak of hkey on success in iesys_cryptossl_hmac_start
- Fixed NULL ptr issues in Esys_HMAC_Start, Esys_HierarchyChangeAuth and Esys_NV_ChangeAuth
- Fixed NULL ptr issue in sequenceHandleNode
- Fixed NULL ptr auth handling in Esys_TR_SetAuth
- Fixed NULL auth handling in iesys_compute_session_value
- Fixed marshaling of TPM2Bs with sub types.
- Fixed NULL ptr session handling in Esys_TRSess_SetAttributes
OBS-URL: https://build.opensuse.org/package/show/security/tpm2-0-tss?expand=0&rev=76
- Fixed problems with doxygan failing make distcheck
- Fixed conversion of gcrypt mpi numbers to binary data
- Fixed an error in parsing socket address in MSSIM TCTI
- Fixed compilation error with --disable-tcti-mssim
- Added initialization function for gcrypt to suppress warning
- Fixed invalid type base type while marshaling TPMI_ECC_CURVE in Tss2_Sys_ECC_Parameters
- Fixed invalid RSA encryption with exponent equal to 0
- Fixed checking of return codes in ESAPI commands
- Added checks for programs required by the test harness @ configure time
- Fixed warning on TPM2_RC_INITIALIZE rc after a Startup in Esys_Startup
- Checked for 1.2 TPM type response
- Changed constants values in esys header file to unsigned
OBS-URL: https://build.opensuse.org/package/show/security/tpm2-0-tss?expand=0&rev=72
this submission is coupled with sr#514156 and an update for tpm2.0-tools which
I will submit right after.
- no longer install the udev rule, it's now part of the new tpm2.0-abrmd
package.
- fixed a warning regarding a missing dependency of the devel package to the
main package
- correctly package library symlinks only in the devel package, the library
itself only in the library package. Was mixed up before.
- removed tpm2-0-tss-configure.patch, it was just a hack, fixed by requiring
autoconf-archive, see https://github.com/01org/TPM2.0-TSS/issues/227.
- Updated to upstream version 1.1.0
- With this version the resourcemgr daemon is dropped from this package. It
is replaced by a completely new implementation found in a new package
tpm2.0-abrmd. this package will only consist of the libraries any more.
- Changed
- tpmclient, disabled all tests that rely on the old resourcemgr.
- Fixed
- Fixed definition of PCR_LAST AND TRANSIENT_LAST macros.
- Removed
- tpmtest
- resourcemgr, replacement is in new repo: https://github.com/01org/tpm2-abrmd
OBS-URL: https://build.opensuse.org/request/show/514157
OBS-URL: https://build.opensuse.org/package/show/security/tpm2-0-tss?expand=0&rev=47
- Added
- Travis-CI integration with GitHub
- Unit tests for primitive (un)?marshal functions.
- Example systemd unit for resourcemgr.
- Allow for unit tests to be enabled selectively.
- added pkg-config files for libraries
- Changed
- move simulator initialization code to socket TCTI init function.
- socket TCTI finalize no longer frees context
- rename libtss2 to libsapi
- rename libtcti_device to libtcti-device
- rename libtcti_socket to libtcti-socket
- move $(includedir)/tss to $(includedir)/sapi
- Move default compiler flags to config.site file.
- Fixed
- Fix run away resourcemgr threads by closing client sockets when resourcemgr recv() call returns 0.
- Set MSG_NOSIGNAL for client connections to avoid SIGPIPE killing resourcemgr.
- Fixes to handling of persistent objects by resourcemgr.
- Removed
- Semicolon from TPMA_* macros definitions.
- Windows build files.
- SAPI_CLIENT macro tests.
- Security
- Fix buffer overflow in resourcemgr.
- use sample resourcemanager.service
OBS-URL: https://build.opensuse.org/package/show/security/tpm2-0-tss?expand=0&rev=25
