forked from pool/tpm2-0-tss
1cb5b7a946
1 Commits
Author | SHA256 | Message | Date | |
---|---|---|---|---|
71131875bd |
Accepting request 987905 from home:aplanas:branches:security
- Update to 3.2.0 + Fixed * FAPI: fix curl_url_set call * FAPI: Fix usage of curl url (Should fix Ubuntu 22.04) * Fix buffer upcast leading to misalignment * Fix check whether SM3 is available * Update git.mk to support R/O src-dir * Fixed file descriptor leak when tcti initialization failed. * 32 Bit builds of the integration tests. * Primary key creation, in some cases the unique field was not cleared before calling create primary. * Primary keys was used for signing the object were cleared after loading. So access e.g. to the certificate did not work. * Primary keys created with Fapi_Create with an auth value, the auth_value was not used in inSensitive to recreate the primary key. Now the auth value callback is used to initialize inSensitive. * The not possible usage of policies for primary keys generated with Fapi_CreatePrimary has been fixed. * An infinite loop when parsing erroneous JSON was fixed in FAPI. * A buffer overflow in ESAPI xor parameter obfuscation was fixed. * Certificates could be read only once in one application The setting the init state of the state automaton for getting certificates was fixed. * A double free when executing policy action was fixed. * A leak in Fapi_Quote was fixed. * The wrong file locking in FAPI IO was fixed. * Enable creation of tss group and user on systems with busybox for fapi. * One fapi integration test did change the auth value of the storage hierarchy. * A leak in fapi crypto with ossl3 was fixed. * Add initial camelia support to FAPI * Fix tests of fapi PCR * Fix tests of ACT functionality if not supported by pTPM * Fix compiler (unused) warning when building without debug logging * Fix leaks in error cases of integration tests * Fix memory leak after ifapi_init_primary_finish failed * Fix double-close of stream in FAPI * Fix segfault when ESYS_TR_NONE is passed to Esys_TR_GetName * Fix the authorization of hierarchy objects used in policy secret. * Fix check of qualifying data in Fapi_VerifyQuote. * Fix some leaks in FAPI error cases. * Make scripts compatible with non-posix shells where test does not know -a and -o. * Fix usage of variable not initialized when fapi keystore is empty. + Added * Add additional IFX root CAs * Added support for SM2, SM3 and SM4. * Added support for OpenSSL 3.0.0. * Added authPolicy field to the TPMU_CAPABILITIES union. * Added actData field to the TPMU_CAPABILITIES union. * Added TPM2_CAP_AUTH_POLICIES * Added TPM2_CAP_ACT constants. * Added updates to the marshalling and unmarshalling of the TPMU_CAPABILITIES union. * Added updated to the FAPI serializations and deserializations of the TPMU_CAPABILITIES union and associated types. * Add CODE_OF_CONDUCT * tcti-mssim and tcti-swtpm gained support for UDX communication * Missing constant for TPM2_RH_PW + Removed * Removed support for OpenSSL < 1.1.0. * Marked TPMS_ALGORITHM_DESCRIPTION and corresponding MU routines as deprecated. * Those were errorous typedefs that are not use and not useful. So we will remove this with 3.3 * Marked TPM2_RS_PW as deprecated. Use TPM2_RH_PW instead. - Update to 3.1.1 + Fixed * Fixed file descriptor leak when tcti initialization failed. * Primary key creation, in some cases the unique field was not cleared before calling create primary. * Primary keys was used for signing the object were cleared after loading. So access e.g. to the certificate did not work. * Primary keys created with Fapi_Create with an auth value, the auth_value was not used in inSensitive to recreate the primary key. Now the auth value callback is used to initialize inSensitive. * The not possible usage of policies for primary keys generated with Fapi_CreatePrimary has been fixed. * An infinite loop when parsing erroneous JSON was fixed in FAPI. * A buffer overflow in ESAPI xor parameter obfuscation was fixed. * Certificates could be read only once in one application The setting the init state of the state automaton for getting certificates was fixed. * A double free when executing policy action was fixed. * A leak in Fapi_Quote was fixed. * The wrong file locking in FAPI IO was fixed. * One fapi integration test did change the auth value of the storage hierarchy. * Fix test of FAPI PCR * Fix leaks in error cases of integration tests * Fix segfault when ESYS_TR_NONE is passed to Esys_TR_GetName * Fix the authorization of hierarchy objects used in policy secret. * Fix check of qualifying data in Fapi_VerifyQuote. * Fix some leaks in FAPI error cases. * Fix usage of variable not initialized when fapi keystore is empty. + Added * Add additional IFX root CAs OBS-URL: https://build.opensuse.org/request/show/987905 OBS-URL: https://build.opensuse.org/package/show/security/tpm2-0-tss?expand=0&rev=119 |