- Update to 3.2.0
+ Fixed
* FAPI: fix curl_url_set call
* FAPI: Fix usage of curl url (Should fix Ubuntu 22.04)
* Fix buffer upcast leading to misalignment
* Fix check whether SM3 is available
* Update git.mk to support R/O src-dir
* Fixed file descriptor leak when tcti initialization failed.
* 32 Bit builds of the integration tests.
* Primary key creation, in some cases the unique field was not
cleared before calling create primary.
* Primary keys was used for signing the object were cleared after
loading. So access e.g. to the certificate did not work.
* Primary keys created with Fapi_Create with an auth value, the
auth_value was not used in inSensitive to recreate the primary
key. Now the auth value callback is used to initialize
inSensitive.
* The not possible usage of policies for primary keys generated
with Fapi_CreatePrimary has been fixed.
* An infinite loop when parsing erroneous JSON was fixed in FAPI.
* A buffer overflow in ESAPI xor parameter obfuscation was fixed.
* Certificates could be read only once in one application The
setting the init state of the state automaton for getting
certificates was fixed.
* A double free when executing policy action was fixed.
* A leak in Fapi_Quote was fixed.
* The wrong file locking in FAPI IO was fixed.
* Enable creation of tss group and user on systems with busybox
for fapi.
* One fapi integration test did change the auth value of the
storage hierarchy.
* A leak in fapi crypto with ossl3 was fixed.
* Add initial camelia support to FAPI
* Fix tests of fapi PCR
* Fix tests of ACT functionality if not supported by pTPM
* Fix compiler (unused) warning when building without debug
logging
* Fix leaks in error cases of integration tests
* Fix memory leak after ifapi_init_primary_finish failed
* Fix double-close of stream in FAPI
* Fix segfault when ESYS_TR_NONE is passed to Esys_TR_GetName
* Fix the authorization of hierarchy objects used in policy
secret.
* Fix check of qualifying data in Fapi_VerifyQuote.
* Fix some leaks in FAPI error cases.
* Make scripts compatible with non-posix shells where test does
not know -a and -o.
* Fix usage of variable not initialized when fapi keystore is
empty.
+ Added
* Add additional IFX root CAs
* Added support for SM2, SM3 and SM4.
* Added support for OpenSSL 3.0.0.
* Added authPolicy field to the TPMU_CAPABILITIES union.
* Added actData field to the TPMU_CAPABILITIES union.
* Added TPM2_CAP_AUTH_POLICIES
* Added TPM2_CAP_ACT constants.
* Added updates to the marshalling and unmarshalling of the
TPMU_CAPABILITIES union.
* Added updated to the FAPI serializations and deserializations of
the TPMU_CAPABILITIES union and associated types.
* Add CODE_OF_CONDUCT
* tcti-mssim and tcti-swtpm gained support for UDX communication
* Missing constant for TPM2_RH_PW
+ Removed
* Removed support for OpenSSL < 1.1.0.
* Marked TPMS_ALGORITHM_DESCRIPTION and corresponding MU routines
as deprecated.
* Those were errorous typedefs that are not use and not useful. So
we will remove this with 3.3
* Marked TPM2_RS_PW as deprecated. Use TPM2_RH_PW instead.
- Update to 3.1.1
+ Fixed
* Fixed file descriptor leak when tcti initialization failed.
* Primary key creation, in some cases the unique field was not
cleared before calling create primary.
* Primary keys was used for signing the object were cleared after
loading. So access e.g. to the certificate did not work.
* Primary keys created with Fapi_Create with an auth value, the
auth_value was not used in inSensitive to recreate the primary
key. Now the auth value callback is used to initialize
inSensitive.
* The not possible usage of policies for primary keys generated
with Fapi_CreatePrimary has been fixed.
* An infinite loop when parsing erroneous JSON was fixed in FAPI.
* A buffer overflow in ESAPI xor parameter obfuscation was fixed.
* Certificates could be read only once in one application The
setting the init state of the state automaton for getting
certificates was fixed.
* A double free when executing policy action was fixed.
* A leak in Fapi_Quote was fixed.
* The wrong file locking in FAPI IO was fixed.
* One fapi integration test did change the auth value of the
storage hierarchy.
* Fix test of FAPI PCR
* Fix leaks in error cases of integration tests
* Fix segfault when ESYS_TR_NONE is passed to Esys_TR_GetName
* Fix the authorization of hierarchy objects used in policy
secret.
* Fix check of qualifying data in Fapi_VerifyQuote.
* Fix some leaks in FAPI error cases.
* Fix usage of variable not initialized when fapi keystore is
empty.
+ Added
* Add additional IFX root CAs
OBS-URL: https://build.opensuse.org/request/show/987905
OBS-URL: https://build.opensuse.org/package/show/security/tpm2-0-tss?expand=0&rev=119
Alberto Planas Dominguez
71131875bd