)]}' { "log": [ { "commit": "eac806874f9c969a91dd1cdfa67f51b59667d011", "tree": "cbe2a025455a97ff1c48791b47b0aa279a17fb5b", "parents": [ "68262ffd14c32705bf9a9dcb7cff085b675df055" ], "author": { "name": "James Bottomley", "email": "James.Bottomley@HansenPartnership.com", "time": "Tue Dec 16 21:31:02 2025 -0500" }, "committer": { "name": "James Bottomley", "email": "James.Bottomley@HansenPartnership.com", "time": "Thu Feb 19 10:41:56 2026 -0500" }, "message": "tools: add ability to specify creation data and pcrs\n\nAdd a --creation-data \u003cpcrs\u003e option that specifies a possibly empty\nlist of PCRs to be embedded in the greation data stored in the key\nfile.\n\nSigned-off-by: James Bottomley \u003cJames.Bottomley@HansenPartnership.com\u003e\n" }, { "commit": "68262ffd14c32705bf9a9dcb7cff085b675df055", "tree": "90f1eb2a8a130b2f9adfbb949a8e704ba848ce7a", "parents": [ "d62a97a0c43fa2497b8fe4e229e2e36701fc0a14" ], "author": { "name": "James Bottomley", "email": "James.Bottomley@HansenPartnership.com", "time": "Tue Dec 16 21:16:10 2025 +0100" }, "committer": { "name": "James Bottomley", "email": "James.Bottomley@HansenPartnership.com", "time": "Thu Feb 19 10:41:56 2026 -0500" }, "message": "tpm2-common: break out pcr handling functions\n\nTo process creation data, the policy routines which collect PCR values\nare broken out into a new function: tpm2_pcrs_get_digest(), which gets\nall the selected PCRs into a TPML_DIGEST_VALUES structure (if not\nNULL) and also returns the pcrDigest hash of all of them (for\ncomparison against the creationData.pcrDigest). Also add ability to\nspecify empty PCR range (as \"-\") to tpm2_get_pcr_lock().\n\nSigned-off-by: James Bottomley \u003cJames.Bottomley@HansenPartnership.com\u003e\n" }, { "commit": "d62a97a0c43fa2497b8fe4e229e2e36701fc0a14", "tree": "a91b4c71532f9462cc333196a148cf1b47ecb175", "parents": [ "f285b7b11a472cb10ed55b0efb32c08d1cb5e7d1" ], "author": { "name": "James Bottomley", "email": "James.Bottomley@HansenPartnership.com", "time": "Tue Dec 16 14:50:31 2025 +0100" }, "committer": { "name": "James Bottomley", "email": "James.Bottomley@HansenPartnership.com", "time": "Thu Feb 19 10:41:56 2026 -0500" }, "message": "Add creation data ASN.1 and ability to process it\n\nExpand tpm2-common to add creation data to file write\n\nSigned-off-by: James Bottomley \u003cJames.Bottomley@HansenPartnership.com\u003e\n" }, { "commit": "f285b7b11a472cb10ed55b0efb32c08d1cb5e7d1", "tree": "a57901eb5f88d856d5c255d491426b87962e804c", "parents": [ "3e8b0edc90891ae440bdb43e57243a1d6dc4904b" ], "author": { "name": "James Bottomley", "email": "James.Bottomley@HansenPartnership.com", "time": "Tue Dec 16 11:40:08 2025 +0100" }, "committer": { "name": "James Bottomley", "email": "James.Bottomley@HansenPartnership.com", "time": "Thu Feb 19 10:41:56 2026 -0500" }, "message": "tss: add creation data to tpm2_Create\n\nSigned-off-by: James Bottomley \u003cJames.Bottomley@HansenPartnership.com\u003e\n" }, { "commit": "3e8b0edc90891ae440bdb43e57243a1d6dc4904b", "tree": "eeede0f838d2cb6ea2d661e061da66a6fd2d281f", "parents": [ "7457a726e506f85ffd252726d1ceb9611ccab456" ], "author": { "name": "James Bottomley", "email": "James.Bottomley@HansenPartnership.com", "time": "Sun Dec 07 14:18:43 2025 +0900" }, "committer": { "name": "James Bottomley", "email": "James.Bottomley@HansenPartnership.com", "time": "Thu Feb 19 10:41:30 2026 -0500" }, "message": "doc: add creation data\n\nTPM2_Create and TPM2_CreatePrimary always output creation data and\ntickets and it has been suggested that saving this may be of interest\nto certain key attestation use cases so add an optional field allowing\nthe saving of enough information to fully validate the creation data\nfields.\n\nSigned-off-by: James Bottomley \u003cJames.Bottomley@HansenPartnership.com\u003e\n\n---\nv2: Add implementation section specifying what to do on PCR mismatch\n and document outsideData\n" }, { "commit": "7457a726e506f85ffd252726d1ceb9611ccab456", "tree": "433a17a43d891238cfa039ae8ee92d9b2692e8e4", "parents": [ "d43a6182e112891e085410cbdbfa4c0568efb2fb" ], "author": { "name": "James Bottomley", "email": "James.Bottomley@HansenPartnership.com", "time": "Fri Nov 07 17:28:04 2025 -0500" }, "committer": { "name": "James Bottomley", "email": "James.Bottomley@HansenPartnership.com", "time": "Wed Nov 12 14:40:04 2025 -0500" }, "message": "tpm2-common: process and reject RSA parent flag\n\nSince EC keys are much easier and faster for TPMs to generate, we\ndon\u0027t want to encourage anyone to generate RSA parent keys. However,\nthe processor should understand the flag and error out if it is seen.\n\nSigned-off-by: James Bottomley \u003cJames.Bottomley@HansenPartnership.com\u003e\n" }, { "commit": "d43a6182e112891e085410cbdbfa4c0568efb2fb", "tree": "e3cf96f815653c7f61b520442da8339cf33271fd", "parents": [ "ecd36a8c4e09ab0d74d4239c94411aacebcbae0c" ], "author": { "name": "James Bottomley", "email": "James.Bottomley@HansenPartnership.com", "time": "Fri Nov 07 12:27:32 2025 -0500" }, "committer": { "name": "James Bottomley", "email": "James.Bottomley@HansenPartnership.com", "time": "Wed Nov 12 14:40:04 2025 -0500" }, "message": "load_tpm2_key: add output of description field\n\nIf a description field exists, store it in the app_data to be\ndisplayed if asked in load_tpm2_key.\n\nSigned-off-by: James Bottomley \u003cJames.Bottomley@HansenPartnership.com\u003e\n" }, { "commit": "ecd36a8c4e09ab0d74d4239c94411aacebcbae0c", "tree": "e40343de55f39a6e3a97bd7417e2793703f8e534", "parents": [ "49d94c9735400b4d65ae313cc96a6b6bc5abd919" ], "author": { "name": "James Bottomley", "email": "James.Bottomley@HansenPartnership.com", "time": "Fri Oct 17 12:27:29 2025 -0400" }, "committer": { "name": "James Bottomley", "email": "James.Bottomley@HansenPartnership.com", "time": "Wed Nov 12 14:40:04 2025 -0500" }, "message": "Add description field to all file production commands\n\nUse the --description option to allow a user to specify a key description.\n\nSigned-off-by: James Bottomley \u003cJames.Bottomley@HansenPartnership.com\u003e\n" }, { "commit": "49d94c9735400b4d65ae313cc96a6b6bc5abd919", "tree": "f5b683321a781a6e78a64be414c9ebc77c3e65cb", "parents": [ "7f02319577d7760ab30f1bf11db98df554fae5a3" ], "author": { "name": "James Bottomley", "email": "James.Bottomley@HansenPartnership.com", "time": "Wed Nov 05 15:03:06 2025 -0500" }, "committer": { "name": "James Bottomley", "email": "James.Bottomley@HansenPartnership.com", "time": "Wed Nov 12 14:40:04 2025 -0500" }, "message": "load_tpm2_key: add ability to print out details of key file\n\nMake the nv index optional so if left out, the tool loads the key and\nsimply prints out high level details about it such as type and parent.\n\nSigned-off-by: James Bottomley \u003cJames.Bottomley@HansenPartnership.com\u003e\n" }, { "commit": "7f02319577d7760ab30f1bf11db98df554fae5a3", "tree": "c8b26994de2ee9b483a0623e03dc447b9d365a72", "parents": [ "1d678e9bba9366f4001370056b9e77a664426f54" ], "author": { "name": "James Bottomley", "email": "James.Bottomley@HansenPartnership.com", "time": "Wed Nov 12 10:16:09 2025 -0500" }, "committer": { "name": "James Bottomley", "email": "James.Bottomley@HansenPartnership.com", "time": "Wed Nov 12 10:16:09 2025 -0500" }, "message": "Version 4.4.3\n\n* Fix openssl-3.0 support (for Ubuntu)\n* Fix tests for older Ubuntu systems\n\nSigned-off-by: James Bottomley \u003cJames.Bottomley@HansenPartnership.com\u003e\n" }, { "commit": "1d678e9bba9366f4001370056b9e77a664426f54", "tree": "c5ac6bcde4759a5a933000197060163dc97a2a66", "parents": [ "1330daf901adc96d0d343540cdbb2351708d1155" ], "author": { "name": "James Bottomley", "email": "James.Bottomley@HansenPartnership.com", "time": "Wed Oct 15 16:27:10 2025 -0400" }, "committer": { "name": "James Bottomley", "email": "James.Bottomley@HansenPartnership.com", "time": "Wed Oct 15 16:27:10 2025 -0400" }, "message": "tests: fix tests for Ubuntu\n\nIt turns out that Ubuntu has a really old version of the ibmtss, so\nold that some of the command line parameters are wrong, so detect and\ncorrect or skip for this case.\n\nAdditionally, for some reason, the Intel TSS on ubuntu crashes in the\nTSS if a software TPM is specified but not running. Since this is the\nessence of the fail_connect.sh test, skip that on Ubuntu as well.\n\nSigned-off-by: James Bottomley \u003cJames.Bottomley@HansenPartnership.com\u003e\n" }, { "commit": "1330daf901adc96d0d343540cdbb2351708d1155", "tree": "c9a302ab6e425afcba3ea643720e02b8a4506fea", "parents": [ "b2bd69680377bdbe926e2eaf5b1fcfbc14a9b230" ], "author": { "name": "James Bottomley", "email": "James.Bottomley@HansenPartnership.com", "time": "Wed Oct 15 16:25:45 2025 -0400" }, "committer": { "name": "James Bottomley", "email": "James.Bottomley@HansenPartnership.com", "time": "Wed Oct 15 16:25:45 2025 -0400" }, "message": "configure: separate out building the provider from openssl-3\n\nIt turns out Ubuntu 22.04 is based on openssl-3.0 but the providers it\nbuilds don\u0027t really function. The libcrtypo.pc has an empty provider\ndirectory, so key off this being absent to disable the provider build.\n\nSigned-off-by: James Bottomley \u003cJames.Bottomley@HansenPartnership.com\u003e\n" }, { "commit": "b2bd69680377bdbe926e2eaf5b1fcfbc14a9b230", "tree": "ba7fd0cff07195edd1c655e3b43cd651f3200fe3", "parents": [ "54cfccd750655dcfca631be220a46ff147edbe52" ], "author": { "name": "James Bottomley", "email": "James.Bottomley@HansenPartnership.com", "time": "Wed Oct 15 16:01:58 2025 -0400" }, "committer": { "name": "James Bottomley", "email": "James.Bottomley@HansenPartnership.com", "time": "Wed Oct 15 16:24:45 2025 -0400" }, "message": "Fix testing for boxes with both software tpms\n\nAt the moment, the Intel TSS keys off two environment variables:\nTPM_INTERFACE_TYPE and SWTPM to decide which software tpm tcti to use\n(mssim or swtpm). If autoconf finds both software tpms installed, it\nwill set both environment variables but still execute the ibmswtpm2\n... unfortunately, finding both variables set the Intel TSS shim\nconfigures tcti for swtpm, which results in a hang. Fix this by only\nsetting the variables of the software tpm the tests will actually launch.\n\nSigned-off-by: James Bottomley \u003cJames.Bottomley@HansenPartnership.com\u003e\n" }, { "commit": "54cfccd750655dcfca631be220a46ff147edbe52", "tree": "df96b94b01b2d1a892cfb24be133866ffab5b5eb", "parents": [ "a20723ba548ec14809be789411e2074fdda405fa" ], "author": { "name": "James Bottomley", "email": "James.Bottomley@HansenPartnership.com", "time": "Tue Oct 14 15:12:07 2025 -0400" }, "committer": { "name": "James Bottomley", "email": "James.Bottomley@HansenPartnership.com", "time": "Tue Oct 14 15:12:07 2025 -0400" }, "message": "opensslmissing: fix openssl-3.0 doesn\u0027t have auto-digestmax\n\nMake the parameter checking conditional on it being defined. Also add\ntests that run through the types defined in openssl-3.0.\n\nSigned-off-by: James Bottomley \u003cJames.Bottomley@HansenPartnership.com\u003e\n" }, { "commit": "a20723ba548ec14809be789411e2074fdda405fa", "tree": "5c01cec77a090d98c80089a263c897fbfffb0fac", "parents": [ "1649151f3cf7bde683ea8d771be92e94038d5c4d" ], "author": { "name": "James Bottomley", "email": "James.Bottomley@HansenPartnership.com", "time": "Fri Feb 28 10:04:33 2025 -0500" }, "committer": { "name": "James Bottomley", "email": "James.Bottomley@HansenPartnership.com", "time": "Fri Feb 28 10:04:33 2025 -0500" }, "message": "Version 4.4.2\n\n* Fix TLS certificate signing challenges\n* Fix openvpn using the tpm2 provider\n\nSigned-off-by: James Bottomley \u003cJames.Bottomley@HansenPartnership.com\u003e\n" }, { "commit": "1649151f3cf7bde683ea8d771be92e94038d5c4d", "tree": "3b1fe88621d816b2903d3c0b2e0da1c00bc1e1cb", "parents": [ "31eabd998b0820f04581cfcd1b8be87a02b364af" ], "author": { "name": "James Bottomley", "email": "James.Bottomley@HansenPartnership.com", "time": "Thu Feb 27 15:45:16 2025 -0500" }, "committer": { "name": "James Bottomley", "email": "James.Bottomley@HansenPartnership.com", "time": "Thu Feb 27 15:45:16 2025 -0500" }, "message": "Fix problem with openvpn and the tpm2 provider\n\nWhen compiled with loadable modules, openvpn uses the -rdynamic flag\nwhich exports all of its symbols for dynamic resolution. Some of\nthese symbols have generic names like \u0027signatures\u0027 which clash with\nexported symbols from the provider causing key loading to fail.\n\nFix this by adding a tpm2_ prefix to all dynamically exported symbols\nfrom the provider to lessen the chances of an accidental name clash.\n\nSigned-off-by: James Bottomley \u003cJames.Bottomley@HansenPartnership.com\u003e\n" }, { "commit": "31eabd998b0820f04581cfcd1b8be87a02b364af", "tree": "c1f7307062e4b1b91c45d6a6577a0e12ffaf4a5e", "parents": [ "84a25d89522de1efc234e195a18514e253feb061" ], "author": { "name": "James Bottomley", "email": "James.Bottomley@HansenPartnership.com", "time": "Thu Feb 27 15:41:57 2025 -0500" }, "committer": { "name": "James Bottomley", "email": "James.Bottomley@HansenPartnership.com", "time": "Thu Feb 27 15:41:57 2025 -0500" }, "message": "Fix TLS certificate generation with TPM key\n\nIn addition to the numeric salt lengths, which are currently processed\ncorrectly, the TLS certificate code uses the string \"digest\" to get\nthe salt to be the length of the digest. This currently fails and\ncauses certificate signature construction to fail.\n\nFix by adding parsers for the allowed salt length strings of \"digest\",\n\"max\" and \"auto\".\n\nSigned-off-by: James Bottomley \u003cJames.Bottomley@HansenPartnership.com\u003e\n" }, { "commit": "84a25d89522de1efc234e195a18514e253feb061", "tree": "47bed7d4efcd6120366104614ea045a864b29dfb", "parents": [ "98d8beff41f759394f71c27acae96fdf8b04705a" ], "author": { "name": "James Bottomley", "email": "James.Bottomley@HansenPartnership.com", "time": "Tue Nov 05 09:15:24 2024 -0500" }, "committer": { "name": "James Bottomley", "email": "James.Bottomley@HansenPartnership.com", "time": "Tue Nov 05 09:15:24 2024 -0500" }, "message": "Version 4.4.1\n\n* Fix OBS Build\n\nSigned-off-by: James Bottomley \u003cJames.Bottomley@HansenPartnership.com\u003e\n" }, { "commit": "98d8beff41f759394f71c27acae96fdf8b04705a", "tree": "0f285ecec8bdea807c362beb8eb3269e751079f2", "parents": [ "6ae7fe991123c2e7366d2a613db993957bd8577c" ], "author": { "name": "James Bottomley", "email": "James.Bottomley@HansenPartnership.com", "time": "Sun Nov 03 13:00:38 2024 -0500" }, "committer": { "name": "James Bottomley", "email": "James.Bottomley@HansenPartnership.com", "time": "Mon Nov 04 15:51:57 2024 -0500" }, "message": "Fix OBS build\n\nThe hang in the test suites was finally traced to the later IBM tool\nkit bringing in libcrypto, which was trying to initialize the provider\nand thus trying to generate the primary and check it against the seed\n(which fails because the TPM is uninitialized). Fix this by unsetting\nOPENSSL_CONF in start_sw_tpm.sh so we can start the TPM without\ngetting into this chicken and egg problem.\n\nSigned-off-by: James Bottomley \u003cJames.Bottomley@HansenPartnership.com\u003e\n" }, { "commit": "6ae7fe991123c2e7366d2a613db993957bd8577c", "tree": "2a484b88c4387af691f946626a4b4e4b0479042a", "parents": [ "508060a88b6e928b534a53bc0363d1017babc94e" ], "author": { "name": "James Bottomley", "email": "James.Bottomley@HansenPartnership.com", "time": "Fri Nov 01 18:37:18 2024 -0500" }, "committer": { "name": "James Bottomley", "email": "James.Bottomley@HansenPartnership.com", "time": "Fri Nov 01 18:37:18 2024 -0500" }, "message": "Version 4.4.0\n\n* Use the NULL seed for salting sessions (and check against the kernel/file)\n* close weaknesses in key certification using the qualified name\n* 32 bit fixes\n\nSigned-off-by: James Bottomley \u003cJames.Bottomley@HansenPartnership.com\u003e\n" }, { "commit": "508060a88b6e928b534a53bc0363d1017babc94e", "tree": "3f60f804aa2dda7b9bb158d336245e90efcb833f", "parents": [ "19846a672f2737300406f6af8bea00078f7656f2" ], "author": { "name": "James Bottomley", "email": "James.Bottomley@HansenPartnership.com", "time": "Fri Nov 01 17:49:22 2024 -0500" }, "committer": { "name": "James Bottomley", "email": "James.Bottomley@HansenPartnership.com", "time": "Fri Nov 01 17:53:39 2024 -0500" }, "message": "Fix 32 bit errors\n\nOne formatting problem with UINT64 and a must check annotation on\nread that only seems to exist in the 32 bit builds.\n\nSigned-off-by: James Bottomley \u003cJames.Bottomley@HansenPartnership.com\u003e\n" }, { "commit": "19846a672f2737300406f6af8bea00078f7656f2", "tree": "95badbfdc1c119d54c9d482e2b8a22ac59115aee", "parents": [ "6676f28cf7d1c15480a6e584db4879107eae63ec" ], "author": { "name": "James Bottomley", "email": "James.Bottomley@HansenPartnership.com", "time": "Wed Oct 23 15:02:32 2024 -0400" }, "committer": { "name": "James Bottomley", "email": "James.Bottomley@HansenPartnership.com", "time": "Thu Oct 31 15:34:09 2024 +0900" }, "message": "attest_tpm2_primary: check qualified name\n\nSimply being a certified object and having primary object attributes\nisn\u0027t sufficient for checking the key is correct. For instance an\nattacker could present a non-NULL primary as the NULL primary to\ndefeat reset attack detection and it would still certify correctly.\nCheck for this by comparing the qualified name of the key against what\nis expected: the qualified name goes all the way back to the root of\nthe key chain and thus validates the hierarchy to which the key\nbelongs and that it is actually a primary.\n\nSigned-off-by: James Bottomley \u003cJames.Bottomley@HansenPartnership.com\u003e\n" }, { "commit": "6676f28cf7d1c15480a6e584db4879107eae63ec", "tree": "eb810ad620c0b3b6c7c14185314d8a5054b32529", "parents": [ "43c78d1d9cf7a552c3a340a2fb97384297817040" ], "author": { "name": "James Bottomley", "email": "James.Bottomley@HansenPartnership.com", "time": "Wed Oct 23 15:00:55 2024 -0400" }, "committer": { "name": "James Bottomley", "email": "James.Bottomley@HansenPartnership.com", "time": "Thu Oct 31 15:33:32 2024 +0900" }, "message": "tss: add VALT() macro\n\nThis is needed for handling TPM2B_NAME and NAME_2B conversions in the\nqualified name calculation and comparison code.\n\nSigned-off-by: James Bottomley \u003cJames.Bottomley@HansenPartnership.com\u003e\n" }, { "commit": "43c78d1d9cf7a552c3a340a2fb97384297817040", "tree": "f4582da726b15f9bd06814ed5ebb82c0cde4000b", "parents": [ "99583d7a55b1490ea29c7eb709bf4b94ea203381" ], "author": { "name": "James Bottomley", "email": "James.Bottomley@HansenPartnership.com", "time": "Wed Oct 23 15:01:48 2024 -0400" }, "committer": { "name": "James Bottomley", "email": "James.Bottomley@HansenPartnership.com", "time": "Thu Oct 31 15:26:34 2024 +0900" }, "message": "lib: check key properties on every create primary\n\nJust in case an interposer creates an object in the TPM for which it\nholds the private key and then tries to pass it off as a primary for\ncertification, make sure that the attributes of the returned key match\nthe essential ones for a TPM primary and thus guarantee restriction\nand TPM generation. This still isn\u0027t enough to verify that the\nreturned key is an actual primary key, but it verifies the returned\nobject can\u0027t be used to decrypt the salt for an attacker.\n\nSigned-off-by: James Bottomley \u003cJames.Bottomley@HansenPartnership.com\u003e\n" }, { "commit": "99583d7a55b1490ea29c7eb709bf4b94ea203381", "tree": "9730d3192f0b5a8b8baa833328c18b2cc1dfc222", "parents": [ "90eecdf64d9f1fd6deac5e53403bd254d3fe137e" ], "author": { "name": "James Bottomley", "email": "James.Bottomley@HansenPartnership.com", "time": "Wed Oct 23 15:46:34 2024 -0400" }, "committer": { "name": "James Bottomley", "email": "James.Bottomley@HansenPartnership.com", "time": "Thu Oct 24 11:48:36 2024 -0400" }, "message": "lib: return public area for non-permanent handles\n\nIf tpm2_load_srk is called for a non-permanent handle it does a\ntpm2_ReadPublic but then fails to return the public area which causes\nthe tools to calculate the incorrect name and fail certification.\n\nFix this by returning the actual public area of the key from\ntpm2_ReadPublic.\n\nSigned-off-by: James Bottomley \u003cJames.Bottomley@HansenPartnership.com\u003e\n" }, { "commit": "90eecdf64d9f1fd6deac5e53403bd254d3fe137e", "tree": "dbf07dce914f36751eff89d004754cdcf2421f09", "parents": [ "a137f584ab4d931f98d8bfd6027bf5364c667e94" ], "author": { "name": "James Bottomley", "email": "James.Bottomley@HansenPartnership.com", "time": "Wed Jul 24 10:54:40 2024 -0400" }, "committer": { "name": "James Bottomley", "email": "James.Bottomley@HansenPartnership.com", "time": "Tue Oct 22 14:37:21 2024 -0400" }, "message": "Use the NULL seed for salting every session\n\nPrior to this, the convention had been that we salt the session with\nthe parent key when we have it. However, it\u0027s quite complex to check\nin the TPM that something hasn\u0027t replaced the parent\u0027s public key, so\nalways salt sessions with a key we can check (the NULL key).\n\nSigned-off-by: James Bottomley \u003cJames.Bottomley@HansenPartnership.com\u003e\n" }, { "commit": "a137f584ab4d931f98d8bfd6027bf5364c667e94", "tree": "6fb04ea6b4b4253005673482e6f5577681238cd4", "parents": [ "d382b5f69b42b22baa743ba3d1f0ec524fe5c0fa" ], "author": { "name": "James Bottomley", "email": "James.Bottomley@HansenPartnership.com", "time": "Wed Jul 24 10:11:32 2024 -0400" }, "committer": { "name": "James Bottomley", "email": "James.Bottomley@HansenPartnership.com", "time": "Tue Oct 22 14:34:19 2024 -0400" }, "message": "Consolidate non-permanent handle handling in tpm2_load_srk\n\nThere\u0027s not much point having four separate places where we check the\nhandle type and only run a create primary if it\u0027s permanent.\n\nInstead have tpm2_load_srk do this check in a single place and simply\npass through non-permanent handles.\n\nSigned-off-by: James Bottomley \u003cJames.Bottomley@HansenPartnership.com\u003e\n" }, { "commit": "d382b5f69b42b22baa743ba3d1f0ec524fe5c0fa", "tree": "03c5456052964e5300e7aa38f44766ee67e01ecd", "parents": [ "2fb6b5d8b113f333d31d520f3a1b9d7a05199e6c" ], "author": { "name": "James Bottomley", "email": "James.Bottomley@HansenPartnership.com", "time": "Mon Jul 22 16:57:26 2024 -0400" }, "committer": { "name": "James Bottomley", "email": "James.Bottomley@HansenPartnership.com", "time": "Tue Oct 22 14:33:37 2024 -0400" }, "message": "libcommon: SECURITY: check null name for sessions\n\nNow that we have the ability to certify and attest the ek signing\ncertificate and the names of the primary storage keys, check the null\nname against what is returned for salted sessions (ensures TPM\ninterposers can\u0027t lie about primary names to intercept the salt).\n\nUpdate the test that starts the vTPM to capture the null name and put\nit in a file to test this feature (and avoid test failures because the\nreal /sys/class/tpm0/tpm/null_name isn\u0027t that of the vTPM).\n\nSigned-off-by: James Bottomley \u003cJames.Bottomley@HansenPartnership.com\u003e\n" }, { "commit": "2fb6b5d8b113f333d31d520f3a1b9d7a05199e6c", "tree": "b42623cbc3b2fc626c00de16cbf742ac89a2e3de", "parents": [ "9f75cf0510fe932c4db51496f201c7e1b239b1bd" ], "author": { "name": "James Bottomley", "email": "James.Bottomley@HansenPartnership.com", "time": "Tue Aug 06 13:45:51 2024 -0400" }, "committer": { "name": "James Bottomley", "email": "James.Bottomley@HansenPartnership.com", "time": "Tue Aug 06 13:45:51 2024 -0400" }, "message": "Version 4.3.0\n\n* Add primary attestation commands\n* Add man page about the engine and its parameters\n\nSigned-off-by: James Bottomley \u003cJames.Bottomley@HansenPartnership.com\u003e\n" }, { "commit": "9f75cf0510fe932c4db51496f201c7e1b239b1bd", "tree": "a55557eac25a474074e96f5292fce9b5fa211792", "parents": [ "94a69f43727bbc4779c1e538eba983dc08c393d0" ], "author": { "name": "James Bottomley", "email": "James.Bottomley@HansenPartnership.com", "time": "Thu Jul 25 10:41:18 2024 -0400" }, "committer": { "name": "James Bottomley", "email": "James.Bottomley@HansenPartnership.com", "time": "Sun Aug 04 11:39:08 2024 -0400" }, "message": "tests: add tests for attest_tpm2_primary\n\nSigned-off-by: James Bottomley \u003cJames.Bottomley@HansenPartnership.com\u003e\n" }, { "commit": "94a69f43727bbc4779c1e538eba983dc08c393d0", "tree": "66f0048dc005416a7e4ca0c32970856c648d671b", "parents": [ "29ab409e544d7329e29f54b43bf4c1a0d68b79b7" ], "author": { "name": "James Bottomley", "email": "James.Bottomley@HansenPartnership.com", "time": "Wed Jul 24 16:42:42 2024 -0400" }, "committer": { "name": "James Bottomley", "email": "James.Bottomley@HansenPartnership.com", "time": "Sun Aug 04 11:39:08 2024 -0400" }, "message": "attest_tpm2_primary: add man page\n\nSigned-off-by: James Bottomley \u003cJames.Bottomley@HansenPartnership.com\u003e\n" }, { "commit": "29ab409e544d7329e29f54b43bf4c1a0d68b79b7", "tree": "57f44f4d76e9a612189414103fb73b2324597823", "parents": [ "d0209099e80212cd96d181654da88cf6bfcb40b0" ], "author": { "name": "James Bottomley", "email": "James.Bottomley@HansenPartnership.com", "time": "Wed Jul 17 16:07:19 2024 -0400" }, "committer": { "name": "James Bottomley", "email": "James.Bottomley@HansenPartnership.com", "time": "Sun Aug 04 11:39:08 2024 -0400" }, "message": "tools: add new attest_tpm2_primary command\n\nThis command can be used for three things which allow a system to\nbuild an ongoing trust relationship with the TPM. For TPMs which\ndon\u0027t have EK certificates (most fTPMs) it allows a trust on first use\nmodel where the EK is squirreled away in a permanent location on the\nfilesystem as:\n\nattest_tpm2_primary --ek \u003e /etc/eksign.name\n\nWhich generates a signing EK that can be used to certify other objects\nand permanently stores the name in /etc (ideally this should be stored\nin an immutable location on OS install).\n\nIf the TPM does have a signing certificate, the next step is to verify\nthe cert back to the manufacturer and bind it to the signing EK by\ndoing\n\nattest_tpm2_primary --attest --name /etc/eksign.name \u003cek cert file\u003e\n\nThis will run a local makecredential/activatecredential on the signing\nEK using the public key in the \u003cek cert file\u003e. Once this happens the\nTPM is proven to be a genuine discrete TPM.\n\nFinally, having the permanent name file allows the signing EK to\ncertify the NULL key used by the kernel on every boot via\n\nattest_tpm2_primary --certify null --name /etc/eksign.name /sys/class/tpm/tpm0/null_name\n\nSince the null_name changes on every boot this allows a user\nconfidence that the TPM booted up correctly and isn\u0027t being snooped.\n\nAdditionally, the command can generate the public SRK for importable\nkeys by running a certification against the signing EK to verify it\nisn\u0027t being spoofed:\n\nattest_tpm2_primary --certify owner --name /etc/eksign.name --file srk.pub\n\nSigned-off-by: James Bottomley \u003cJames.Bottomley@HansenPartnership.com\u003e\n" }, { "commit": "d0209099e80212cd96d181654da88cf6bfcb40b0", "tree": "f149c9d2f695075636767e857d323ae67803674e", "parents": [ "be24ff3b56fc8d6c8437d25f4b857ca3c1088f79" ], "author": { "name": "James Bottomley", "email": "James.Bottomley@HansenPartnership.com", "time": "Wed Jul 17 16:05:17 2024 -0400" }, "committer": { "name": "James Bottomley", "email": "James.Bottomley@HansenPartnership.com", "time": "Sun Aug 04 11:39:08 2024 -0400" }, "message": "tss: add tpm2_Certify, tpm2_ActivateCredential and tpm2_PolicyOR\n\ntpm2_Certify is used to verify that a given object is resident in the\nTPM. tpm2_ActivateCredential is used to decrypt a challenge from a\nprivacyCA and constructing the high template for the EK to use with\nthis requires PolicyOR.\n\nSigned-off-by: James Bottomley \u003cJames.Bottomley@HansenPartnership.com\u003e\n" }, { "commit": "be24ff3b56fc8d6c8437d25f4b857ca3c1088f79", "tree": "3a2fc74f7fab0603ee30d84a36eb305278657c33", "parents": [ "102496b92557607b70119876c253a3d171a66e8e" ], "author": { "name": "James Bottomley", "email": "James.Bottomley@HansenPartnership.com", "time": "Fri Jul 19 10:01:04 2024 -0400" }, "committer": { "name": "James Bottomley", "email": "James.Bottomley@HansenPartnership.com", "time": "Sun Aug 04 11:39:08 2024 -0400" }, "message": "libcommon: add primary creation from template\n\nAlthough for usual operation we only need the standard template to\ncreate the keys, for EK operations we need to create the EK from the\nexact EK template (of which there are a few), so add a new function to\nallow the creation of a primary from any given template.\n\nSigned-off-by: James Bottomley \u003cJames.Bottomley@HansenPartnership.com\u003e\n" }, { "commit": "102496b92557607b70119876c253a3d171a66e8e", "tree": "5f864523cc62d047fc49bb6957adff9a86a22df2", "parents": [ "558107eb0d8b2c979ef874ee3263b9b8be44d9e5" ], "author": { "name": "James Bottomley", "email": "James.Bottomley@HansenPartnership.com", "time": "Wed Jul 17 16:04:41 2024 -0400" }, "committer": { "name": "James Bottomley", "email": "James.Bottomley@HansenPartnership.com", "time": "Sun Aug 04 11:39:08 2024 -0400" }, "message": "libcommon: add bin2hex and tmp2_get_hexname\n\nSigned-off-by: James Bottomley \u003cJames.Bottomley@HansenPartnership.com\u003e\n" }, { "commit": "558107eb0d8b2c979ef874ee3263b9b8be44d9e5", "tree": "af4ff8e9bc73906f3d7904bf97d310593a161a46", "parents": [ "122cf5179f5d4f37daf8de73a36e06cf0ed96606" ], "author": { "name": "James Bottomley", "email": "James.Bottomley@HansenPartnership.com", "time": "Wed Jul 17 16:02:43 2024 -0400" }, "committer": { "name": "James Bottomley", "email": "James.Bottomley@HansenPartnership.com", "time": "Sun Aug 04 11:39:08 2024 -0400" }, "message": "libcommon: add ability to create a signing primary key\n\nHaving a primary key that can sign things is useful for conducting\ncertification and quoting operations without having to go through the\nmakecredential/activatecredential dance, which is unnecessary for a\nlocal TPM where you don\u0027t need privacy separated attestation keys.\nAdd the ability to use the signing key template to tpm2_load_srk().\n\nSigned-off-by: James Bottomley \u003cJames.Bottomley@HansenPartnership.com\u003e\n" }, { "commit": "122cf5179f5d4f37daf8de73a36e06cf0ed96606", "tree": "03ee535800550f5bbd311c3ddb681398572f1366", "parents": [ "5bab978c836e4a04d48ad95a08fb3c120f5d3585" ], "author": { "name": "James Bottomley", "email": "James.Bottomley@HansenPartnership.com", "time": "Tue Jul 23 15:29:53 2024 -0400" }, "committer": { "name": "James Bottomley", "email": "James.Bottomley@HansenPartnership.com", "time": "Sun Aug 04 11:38:14 2024 -0400" }, "message": "tss: Fix handling of TPM_RH_NULL in intel-tss\n\nThe design of the intel-tss shim is to hide the difference between the\ninternal and the external handles by doing the internal to external\ntransform on entry. Unfortunately, the NULL handle (TPM_RH_NULL,\n40000007) has two possible internal representations depending on\nwhether it\u0027s used to indicate no session or the null hierarcy.\n\nThere is a bug in the intel-tss in that it uses the wrong internal\nNULL handle to try to create the NULL seed primary (and thus fails).\nNow that we\u0027re going to be using the NULL primary to salt sessions,\nthe Intel TSS shim needs fixing to cope with thi correctly.\n\nThe fix is to do the correct transform to the internal hierarchy\nrepresentation on NULL hierarchy creation and to do the session handle\nconversion everywhere else. Additionally remove the intel_handle()\ncode which was supposed to do this: it\u0027s unused because 0 is never\npassed in as a handle number.\n\nSigned-off-by: James Bottomley \u003cJames.Bottomley@HansenPartnership.com\u003e\n" }, { "commit": "5bab978c836e4a04d48ad95a08fb3c120f5d3585", "tree": "8b056eeae646cfd533aa665d7f66dfbd90cb0449", "parents": [ "880b66c6bea5cdfaeb5f1253bd4bbd89107ff9d1" ], "author": { "name": "James Bottomley", "email": "James.Bottomley@HansenPartnership.com", "time": "Mon Jul 29 10:08:41 2024 -0400" }, "committer": { "name": "James Bottomley", "email": "James.Bottomley@HansenPartnership.com", "time": "Wed Jul 31 13:33:27 2024 -0400" }, "message": "Add man page for engine/provider\n\nThe engine and provider both have config driven options and some\npieces of the TSS shim respond to environment variables. This should\nbe documented.\n\nSigned-off-by: James Bottomley \u003cJames.Bottomley@HansenPartnership.com\u003e\n" }, { "commit": "880b66c6bea5cdfaeb5f1253bd4bbd89107ff9d1", "tree": "c50b61f384d3eba426be4095276b64a5b0197010", "parents": [ "dd44017dc23fd313bb9588684c76a9c9c76f4d2d" ], "author": { "name": "James Bottomley", "email": "James.Bottomley@HansenPartnership.com", "time": "Tue Jul 23 15:53:23 2024 -0400" }, "committer": { "name": "James Bottomley", "email": "James.Bottomley@HansenPartnership.com", "time": "Tue Jul 23 15:53:23 2024 -0400" }, "message": "Version 4.2.0\n\n* doc updates: typo fix, clarify boolean parsing rules and secret parameter\n\n* fix bug with no visible effect in the handling of wrapped secrets\n* SECURITY fix to salt all sessions\n\n* add ability to import RSA wrapped keys and sealed objects\n\nSigned-off-by: James Bottomley \u003cJames.Bottomley@HansenPartnership.com\u003e\n" }, { "commit": "dd44017dc23fd313bb9588684c76a9c9c76f4d2d", "tree": "2703a3f9c13998f65a58a8f2064115338ccce0e8", "parents": [ "10b3ddea996215600f8097511f461fdb86a56959" ], "author": { "name": "Morten Linderud", "email": "morten@linderud.pw", "time": "Tue Jul 23 21:25:35 2024 +0200" }, "committer": { "name": "James Bottomley", "email": "James.Bottomley@HansenPartnership.com", "time": "Tue Jul 23 15:34:26 2024 -0400" }, "message": "doc: clarify boolean parsing rules\n\nAlso fix a \"MUST BE\" typo\n\nCo-Authored-By: James Bottomley \u003cJames.Bottomley@HansenPartnership.com\u003e\nSigned-off-by: Morten Linderud \u003cmorten@linderud.pw\u003e\nSigned-off-by: James Bottomley \u003cJames.Bottomley@HansenPartnership.com\u003e\n" }, { "commit": "10b3ddea996215600f8097511f461fdb86a56959", "tree": "602df73ab0fe1d00a97ecd07b4acc8d1533f40e7", "parents": [ "56ada6d0e6a660375014022d6ab119e966dcafee" ], "author": { "name": "James Bottomley", "email": "James.Bottomley@HansenPartnership.com", "time": "Mon Jul 22 13:53:17 2024 +0000" }, "committer": { "name": "James Bottomley", "email": "James.Bottomley@HansenPartnership.com", "time": "Mon Jul 22 13:21:10 2024 -0400" }, "message": "libcommon: SECURITY: always salt sessions\n\nTHe problem with unsalted sessions is that the session key is derived\npurely from two observable nonces and the authority. This means that\nin the case of no authority (policy with no password) the encryption\nkey is trivially derivable. However even with a password, the session\nkey is fast to compute meaning an observer who captures the nonces,\nthe command and its hmac can run a very fast offline brute force\nattempt to crack the password. Salting the session defeats this\nbecause the unencrypted salt value is also used to derive the session\nkey.\n\nSigned-off-by: James Bottomley \u003cJames.Bottomley@HansenPartnership.com\u003e\n" }, { "commit": "56ada6d0e6a660375014022d6ab119e966dcafee", "tree": "ab5c27a9a598f64308ce44807054a92cf517b0d4", "parents": [ "c9700ede6581af7ac3a576152bc8d0dcf7424624" ], "author": { "name": "James Bottomley", "email": "James.Bottomley@HansenPartnership.com", "time": "Mon Jul 22 13:51:27 2024 +0000" }, "committer": { "name": "James Bottomley", "email": "James.Bottomley@HansenPartnership.com", "time": "Mon Jul 22 13:21:08 2024 -0400" }, "message": "libcommon: don\u0027t use a bound session if we have no shared secret\n\nThere is no utility to a bound session with an empty secret, so don\u0027t\nbother creating one.\n\nSigned-off-by: James Bottomley \u003cJames.Bottomley@HansenPartnership.com\u003e\n" }, { "commit": "c9700ede6581af7ac3a576152bc8d0dcf7424624", "tree": "fe43a54ecf520ba4c662c82b14c5b1e05990b98d", "parents": [ "07beeb061145ecd7b6d7594ac9177c17a66ac2ea" ], "author": { "name": "James Bottomley", "email": "James.Bottomley@HansenPartnership.com", "time": "Mon Jul 22 17:07:50 2024 +0000" }, "committer": { "name": "James Bottomley", "email": "James.Bottomley@HansenPartnership.com", "time": "Mon Jul 22 13:19:38 2024 -0400" }, "message": "tss: add TPM_RS_PW to Intel TSS for empty auth primaries\n\nSigned-off-by: James Bottomley \u003cJames.Bottomley@HansenPartnership.com\u003e\n" }, { "commit": "07beeb061145ecd7b6d7594ac9177c17a66ac2ea", "tree": "9f1fc78a459f81278c46eda0d0fe34e699a000bc", "parents": [ "3b6df1ad87229f41a74d75f0fead243cdd946884" ], "author": { "name": "James Bottomley", "email": "James.Bottomley@HansenPartnership.com", "time": "Mon Jul 22 09:17:13 2024 -0400" }, "committer": { "name": "James Bottomley", "email": "James.Bottomley@HansenPartnership.com", "time": "Mon Jul 22 13:19:38 2024 -0400" }, "message": "libcommon: consolidate session handling code\n\nIn preparation for making all sessions salted, combine the bound and\nsalted session handling into a single central session function.\n\nSigned-off-by: James Bottomley \u003cJames.Bottomley@HansenPartnership.com\u003e\n" }, { "commit": "3b6df1ad87229f41a74d75f0fead243cdd946884", "tree": "0540962a21b09e1c6b0ae9aab4ac73cb24b9a918", "parents": [ "93f6a13ba7dcdbc3e8e8258e489c80f5f1d10486" ], "author": { "name": "James Bottomley", "email": "James.Bottomley@HansenPartnership.com", "time": "Thu Jul 11 11:44:24 2024 -0700" }, "committer": { "name": "James Bottomley", "email": "James.Bottomley@HansenPartnership.com", "time": "Fri Jul 19 14:27:55 2024 -0400" }, "message": "tests: add tests for RSA parent wrapped importable keys\n\nSigned-off-by: James Bottomley \u003cJames.Bottomley@HansenPartnership.com\u003e\n" }, { "commit": "93f6a13ba7dcdbc3e8e8258e489c80f5f1d10486", "tree": "94298be5c6c3877de4f9cb25dc674023c8c22698", "parents": [ "6478543bd3100c3e0bc18492019f892d2b340c73" ], "author": { "name": "James Bottomley", "email": "James.Bottomley@HansenPartnership.com", "time": "Thu Jul 11 11:42:15 2024 -0700" }, "committer": { "name": "James Bottomley", "email": "James.Bottomley@HansenPartnership.com", "time": "Fri Jul 19 14:27:55 2024 -0400" }, "message": "libcommon: add RSA wrapping for imported keys\n\nThis allows us to wrap to an RSA parent as well as an EC one. The\nrestriction on only having EC imported parents in create_tpm2_key is\nalso removed.\n\nSigned-off-by: James Bottomley \u003cJames.Bottomley@HansenPartnership.com\u003e\n" }, { "commit": "6478543bd3100c3e0bc18492019f892d2b340c73", "tree": "9a3a62dec71944d9711fc583f2c196e9c5f94603", "parents": [ "2c1976cd78ec34b9241dfb97eebc4ac6dca61073" ], "author": { "name": "James Bottomley", "email": "James.Bottomley@HansenPartnership.com", "time": "Wed Jul 10 12:48:12 2024 -0700" }, "committer": { "name": "James Bottomley", "email": "James.Bottomley@HansenPartnership.com", "time": "Fri Jul 19 14:27:55 2024 -0400" }, "message": "libcommon: split out ECC wrap handing\n\nIn preparation for adding RSA wrapping as a separate routine in a\nswitch statement.\n\nSigned-off-by: James Bottomley \u003cJames.Bottomley@HansenPartnership.com\u003e\n" }, { "commit": "2c1976cd78ec34b9241dfb97eebc4ac6dca61073", "tree": "80d5059a51bbc309ec27703f5cf9f5217429b1ad", "parents": [ "33b64f7f8ab21975324ed30ef76062677bd794e6" ], "author": { "name": "James Bottomley", "email": "James.Bottomley@HansenPartnership.com", "time": "Wed Jul 10 11:08:23 2024 -0700" }, "committer": { "name": "James Bottomley", "email": "James.Bottomley@HansenPartnership.com", "time": "Fri Jul 19 14:27:55 2024 -0400" }, "message": "libcommon: split out tpm2_hmacwrap\n\nThis can be used to wrap non duplicate structures like credentials\n(for tpm2_MakeCredential).\n\nSigned-off-by: James Bottomley \u003cJames.Bottomley@HansenPartnership.com\u003e\n" }, { "commit": "33b64f7f8ab21975324ed30ef76062677bd794e6", "tree": "7c7b6ebb66b54fde1acc092168ef5df4bd72eedc", "parents": [ "61e59f61c3d978bfdfdae64af641af8521353161" ], "author": { "name": "James Bottomley", "email": "James.Bottomley@HansenPartnership.com", "time": "Fri Jul 19 14:23:14 2024 -0400" }, "committer": { "name": "James Bottomley", "email": "James.Bottomley@HansenPartnership.com", "time": "Fri Jul 19 14:27:55 2024 -0400" }, "message": "tss: Allow permanent handles as policy secrets\n\nYou can specify a permanent handle for a policy secret, meaning use\nthe hierarchy password described by the handle. In that case, there\u0027s\nno public key to load, so don\u0027t.\n\nSigned-off-by: James Bottomley \u003cJames.Bottomley@HansenPartnership.com\u003e\n" }, { "commit": "61e59f61c3d978bfdfdae64af641af8521353161", "tree": "16088920aecbb0df08a6f0f8f2fb43f78066909a", "parents": [ "534cff0ceca9bf3e6778d0c875240ed623ec6165" ], "author": { "name": "James Bottomley", "email": "James.Bottomley@HansenPartnership.com", "time": "Thu Jul 11 11:37:00 2024 -0700" }, "committer": { "name": "James Bottomley", "email": "James.Bottomley@HansenPartnership.com", "time": "Fri Jul 12 11:28:36 2024 -0700" }, "message": "Fix bug in handling wrapping of the secret component\n\nThe spec says we should insert the entire marshalled\nTPM2B_ENCRYPTED_SECRET as the ASN.1 secret component, however we are\nmarshalling only the secret part not the initial length. However, we\nare unmarshalling a TPM2B_ENCRYPTED_SECRET correctly. This works\nbecause there\u0027s a bug in the way we marshal the elliptic curve public\npoint into the secret-\u003esecret. We\u0027re actually marshalling it as\nTPM2B_ECC_POINT instead of what it should be, a TPMS_ECC_POINT. This\naccidentally makes secret-\u003esecret a fully marshalled\nTPM2B_ENCRYPTED_SECRET and so we obey the actual letter of the\nstandard (albeit accidentally).\n\nFix this by correctly marshalling the TPM2B_ENCRYPTED_SECRET and\nputting the correct TPMS_ECC_POINT into the secret-\u003esecret area.\n\nSigned-off-by: James Bottomley \u003cJames.Bottomley@HansenPartnership.com\u003e\n" }, { "commit": "534cff0ceca9bf3e6778d0c875240ed623ec6165", "tree": "ca9f75d257782e53e8640935abe9233a3bcd1173", "parents": [ "c21df7273dba805317b0a8daa0296bace4d55fc2" ], "author": { "name": "James Bottomley", "email": "James.Bottomley@HansenPartnership.com", "time": "Fri Jul 05 16:36:40 2024 -0400" }, "committer": { "name": "James Bottomley", "email": "James.Bottomley@HansenPartnership.com", "time": "Fri Jul 12 11:28:29 2024 -0700" }, "message": "doc: clarify use of the secret parameter\n\nIn the original OID allocation for TPM keys, there is a separate OID\nfor a loadable and an importable key. However, as the standard\nevolved it was realised that simply the presence or absence of the\nsecret optional parameter is sufficient to distinguish the key types,\nso for sealed keys. Update the secret section to make this distinction.\n\nReviewed-by: Morten Linderud \u003cmorten@linderud.pw\u003e\nSigned-off-by: James Bottomley \u003cJames.Bottomley@HansenPartnership.com\u003e\n" }, { "commit": "c21df7273dba805317b0a8daa0296bace4d55fc2", "tree": "5506d63b0163cf14d30795136be249d09262b7c6", "parents": [ "21cc607b1915399c9fd4b87d4cf3561fb55f9d00" ], "author": { "name": "James Bottomley", "email": "James.Bottomley@HansenPartnership.com", "time": "Fri Apr 19 11:30:48 2024 -0400" }, "committer": { "name": "James Bottomley", "email": "James.Bottomley@HansenPartnership.com", "time": "Fri Apr 19 11:40:47 2024 -0400" }, "message": "Version 4.1.2\n\n* doc updates to add new fields and clarify primary template\n* test fixes for newer tpm emulators\n\nSigned-off-by: James Bottomley \u003cJames.Bottomley@HansenPartnership.com\u003e\n" }, { "commit": "21cc607b1915399c9fd4b87d4cf3561fb55f9d00", "tree": "b464156ae13a4f7dc4079d26b05ba05c02cfc9ea", "parents": [ "b029e2eb9b78709a8a7c758bb5f255ed9382fec9" ], "author": { "name": "James Bottomley", "email": "James.Bottomley@HansenPartnership.com", "time": "Fri Apr 19 08:24:42 2024 -0400" }, "committer": { "name": "James Bottomley", "email": "James.Bottomley@HansenPartnership.com", "time": "Fri Apr 19 11:15:54 2024 -0400" }, "message": "doc: set the RFC date to when generated\n\nuntil it goes on to datatracker, this keeps me from having to bump the\ndate periodically to prevent it from expiring.\n\nSigned-off-by: James Bottomley \u003cJames.Bottomley@HansenPartnership.com\u003e\n" }, { "commit": "b029e2eb9b78709a8a7c758bb5f255ed9382fec9", "tree": "67f16b4c1b7e36ea569a8f9dd9aa097838be8e9e", "parents": [ "24c012620da53ba71df2f703c7cc21247db11c72" ], "author": { "name": "James Bottomley", "email": "James.Bottomley@HansenPartnership.com", "time": "Thu Apr 18 14:27:02 2024 -0400" }, "committer": { "name": "James Bottomley", "email": "James.Bottomley@HansenPartnership.com", "time": "Thu Apr 18 15:14:40 2024 -0400" }, "message": "tests: fix checks for illegal curves\n\nThe openssl check for unknown curve names simply looks for a specific\nstring. Old openssl printed this but didn\u0027t error, but new openssl\nerrors out. Update the check firstly to fail on error then check the\nstring.\n\nAdditionally some vTPMs have started supporting the SM2 curve. When\nit works in openssl it has the problem that it\u0027s only allowed with the\nSM3 hash, which won\u0027t work with any of the generic hash looping tests,\nso disable testing the SM2 curve.\n\nSigned-off-by: James Bottomley \u003cJames.Bottomley@HansenPartnership.com\u003e\n" }, { "commit": "24c012620da53ba71df2f703c7cc21247db11c72", "tree": "91c63bf3180521c1049a911aad1938ce706e5aad", "parents": [ "a9d52c05faf1509cf45c97834fbd14a5268b8d6f" ], "author": { "name": "James Bottomley", "email": "James.Bottomley@HansenPartnership.com", "time": "Thu Apr 18 14:21:11 2024 -0400" }, "committer": { "name": "James Bottomley", "email": "James.Bottomley@HansenPartnership.com", "time": "Thu Apr 18 15:14:40 2024 -0400" }, "message": "tests: enable sha1 bank if the vtpm comes with it disabled\n\nSome vTPM implementations are shipping with the TCG recommendation to\ndisable the SHA1 bank. This will cause some PCR based policy tests\nwhich depend on it to fail, so re-enable the sha1 bank if this is\ndetected.\n\nSigned-off-by: James Bottomley \u003cJames.Bottomley@HansenPartnership.com\u003e\n" }, { "commit": "a9d52c05faf1509cf45c97834fbd14a5268b8d6f", "tree": "6e244298a85467ad60837806958fe3d878b63feb", "parents": [ "897d73fca93c2d8cb3b60f929978145cdbb95dcb" ], "author": { "name": "James Bottomley", "email": "James.Bottomley@HansenPartnership.com", "time": "Thu Apr 18 09:56:44 2024 -0400" }, "committer": { "name": "James Bottomley", "email": "James.Bottomley@HansenPartnership.com", "time": "Thu Apr 18 15:14:24 2024 -0400" }, "message": "doc: update draft RFC to specify the template exactly\n\nThe TCG created some confusion with primary templates over what should\nbe in the unique value. All implementations so far have taken the\nview that it should be two zero size points. However, the L template\nand earlier TCG drafts required two 32 byte zero filled points. To\nclear this up entirely, specify that the P-256 key must use the H-2\ntemplate (matching what everyone currently does) and that the RSA2048\nkey must use the H-1 template.\n\nSigned-off-by: James Bottomley \u003cJames.Bottomley@HansenPartnership.com\u003e\nReviewed-by: David Woodhouse \u003cdwmw@amazon.co.uk\u003e\n" }, { "commit": "897d73fca93c2d8cb3b60f929978145cdbb95dcb", "tree": "6d1ce435b668ce392bdd9f3e4896ada616375c6a", "parents": [ "b89fe440c71be0ea5a3ee60f58cd6e703bbfc8a1" ], "author": { "name": "Gary Lin via groups.io", "email": "glin\u003dsuse.com@groups.io", "time": "Fri Mar 29 22:27:52 2024 +0800" }, "committer": { "name": "James Bottomley", "email": "James.Bottomley@HansenPartnership.com", "time": "Wed Apr 17 16:46:43 2024 -0400" }, "message": "doc: add optional rsaParent\n\nSome implementation such as pcr-oracle prefers RSA 2048 to ECC NIST-P256\nfor the primary key. This commit introduces a new option, rsaParent, to\nmake it flexible to choose the assymetric algorithm for the primary key.\n\nSigned-off-by: Gary Lin \u003cglin@suse.com\u003e\n[jejb: update option to number 5]\nSigned-off-by: James Bottomley \u003cJames.Bottomley@HansenPartnership.com\u003e\n" }, { "commit": "b89fe440c71be0ea5a3ee60f58cd6e703bbfc8a1", "tree": "d5a66fd680028891ac159aa87faf76a28fab5313", "parents": [ "0daef68db054aa825623646a37faa2ab5fdd9a22" ], "author": { "name": "Morten Linderud", "email": "morten@linderud.pw", "time": "Sat Feb 24 13:49:47 2024 +0100" }, "committer": { "name": "James Bottomley", "email": "James.Bottomley@HansenPartnership.com", "time": "Wed Apr 17 16:41:49 2024 -0400" }, "message": "doc: update draft RFC with an optional description\n\nUseful for application that displays a user visible string to go along\nwith the key.\n\nSigned-off-by: Morten Linderud \u003cmorten@linderud.pw\u003e\nSigned-off-by: James Bottomley \u003cJames.Bottomley@HansenPartnership.com\u003e\n" }, { "commit": "0daef68db054aa825623646a37faa2ab5fdd9a22", "tree": "d5711febd4c4e9044c441580fd9e45ba4481a2d0", "parents": [ "32620ef273481b16e6d197cf980f8c58abdf50ea" ], "author": { "name": "Morten Linderud", "email": "morten@linderud.pw", "time": "Mon Feb 19 19:36:22 2024 +0100" }, "committer": { "name": "James Bottomley", "email": "James.Bottomley@HansenPartnership.com", "time": "Wed Apr 17 16:40:52 2024 -0400" }, "message": "tpm2-common: remove misleading comment from the ECC template\n\nTPM2_Sign is actually used for ECC keys.\n\nSigned-off-by: Morten Linderud \u003cmorten@linderud.pw\u003e\nSigned-off-by: James Bottomley \u003cJames.Bottomley@HansenPartnership.com\u003e\n" }, { "commit": "32620ef273481b16e6d197cf980f8c58abdf50ea", "tree": "4d2ba57aa3ffe37a482b24adeb7540bf724b3d0d", "parents": [ "65987b66d5ce96f4264f84ee31601c37e0ae2873" ], "author": { "name": "Morten Linderud", "email": "morten@linderud.pw", "time": "Mon Feb 12 19:16:17 2024 +0100" }, "committer": { "name": "James Bottomley", "email": "James.Bottomley@HansenPartnership.com", "time": "Wed Apr 17 16:39:49 2024 -0400" }, "message": "create_tpm2_key: fix missing tabs in --help\n\nThe blocks are not aligned properly making the output less readable.\n\nSigned-off-by: Morten Linderud \u003cmorten@linderud.pw\u003e\nSigned-off-by: James Bottomley \u003cJames.Bottomley@HansenPartnership.com\u003e\n" }, { "commit": "65987b66d5ce96f4264f84ee31601c37e0ae2873", "tree": "6be747a0150afa472470b7d1168ab2b10d98de19", "parents": [ "3d5cdfebb73e291ff2007b4e800101e73dbdb94f" ], "author": { "name": "James Bottomley", "email": "James.Bottomley@HansenPartnership.com", "time": "Tue Jan 02 10:52:46 2024 -0500" }, "committer": { "name": "James Bottomley", "email": "James.Bottomley@HansenPartnership.com", "time": "Tue Jan 02 10:52:46 2024 -0500" }, "message": "Version 4.1.1\n\n* fix 32 bit build\n\nSigned-off-by: James Bottomley \u003cJames.Bottomley@HansenPartnership.com\u003e\n" }, { "commit": "3d5cdfebb73e291ff2007b4e800101e73dbdb94f", "tree": "05636c25051adb8a4488a307ceaa2834aba36845", "parents": [ "e7fb66b6a702e31cb24f51ec1e2d4d7187b2462e" ], "author": { "name": "James Bottomley", "email": "James.Bottomley@HansenPartnership.com", "time": "Tue Jan 02 10:28:27 2024 -0500" }, "committer": { "name": "James Bottomley", "email": "James.Bottomley@HansenPartnership.com", "time": "Tue Jan 02 10:37:38 2024 -0500" }, "message": "Fix 32 bit signed conversion\n\nOn 32 bits strtol can\u0027t be used to convert a hex number with the high\nbit set (as happens for persistent handles) because it will overflow\nand return LONG_MAX, strtoul must be used instead.\n\nSigned-off-by: James Bottomley \u003cJames.Bottomley@HansenPartnership.com\u003e\n" }, { "commit": "e7fb66b6a702e31cb24f51ec1e2d4d7187b2462e", "tree": "0bb21a46a4487aafdc72d98968d67a4b289474f6", "parents": [ "cc6cc1e686bb75299a5567eddeb5cd6d37d89d62" ], "author": { "name": "James Bottomley", "email": "James.Bottomley@HansenPartnership.com", "time": "Sat Dec 30 15:11:39 2023 -0500" }, "committer": { "name": "James Bottomley", "email": "James.Bottomley@HansenPartnership.com", "time": "Sat Dec 30 15:11:39 2023 -0500" }, "message": "Version 4.1.0\n\n* implement tpm2_PolicySecret\n\nSigned-off-by: James Bottomley \u003cJames.Bottomley@HansenPartnership.com\u003e\n" }, { "commit": "cc6cc1e686bb75299a5567eddeb5cd6d37d89d62", "tree": "4d50485809aa942621abc67b5c852d116d1723aa", "parents": [ "2fb0548e4065df2e2683e0937cd1402deee1c8d9" ], "author": { "name": "James Bottomley", "email": "James.Bottomley@HansenPartnership.com", "time": "Sun Dec 17 15:35:24 2023 -0500" }, "committer": { "name": "James Bottomley", "email": "James.Bottomley@HansenPartnership.com", "time": "Sun Dec 17 15:39:38 2023 -0500" }, "message": "doc: update draft RFC with TPM2_PolicySecret implementation\n\nAlso update the recommendations for Authorization to make it clear\nthat more than one password per key would cause issues for most crypto\nsystems and should be avoided.\n\nSigned-off-by: James Bottomley \u003cJames.Bottomley@HansenPartnership.com\u003e\n" }, { "commit": "2fb0548e4065df2e2683e0937cd1402deee1c8d9", "tree": "ba951dc2ee37e41ed7036bdea56285c635876658", "parents": [ "5721b68a89100ca42565a686df332c06f5754c4a" ], "author": { "name": "James Bottomley", "email": "James.Bottomley@HansenPartnership.com", "time": "Sat Dec 16 15:25:44 2023 -0500" }, "committer": { "name": "James Bottomley", "email": "James.Bottomley@HansenPartnership.com", "time": "Sun Dec 17 10:49:38 2023 -0500" }, "message": "tests: add check for signed policies\n\nSigned-off-by: James Bottomley \u003cJames.Bottomley@HansenPartnership.com\u003e\n" }, { "commit": "5721b68a89100ca42565a686df332c06f5754c4a", "tree": "6f1ef341038e49c3ace571e4e6ce7d3831e861fa", "parents": [ "3ec82b70ac2985cbf97a2b3ae7d4cec17a3a5c17" ], "author": { "name": "James Bottomley", "email": "James.Bottomley@HansenPartnership.com", "time": "Fri Dec 15 17:56:26 2023 -0500" }, "committer": { "name": "James Bottomley", "email": "James.Bottomley@HansenPartnership.com", "time": "Sun Dec 17 10:49:38 2023 -0500" }, "message": "tools: add policy secret option\n\nAdds the option --secret \u003chandle\u003e to insert a reliance on the\nauthorization of the object named by \u003chandle\u003e in the policy. This has\nimplications for emptyAuth because if the PolicySecret statement\nappears in the policy, it must be set (meaning we can no longer\ncondition this on auth being NULL).\n\nSigned-off-by: James Bottomley \u003cJames.Bottomley@HansenPartnership.com\u003e\n" }, { "commit": "3ec82b70ac2985cbf97a2b3ae7d4cec17a3a5c17", "tree": "a39243b5d2bcc60817572bf539de89825de66899", "parents": [ "12c06b5555aff1edc4cf3007d5ce9cc3f55b722d" ], "author": { "name": "James Bottomley", "email": "James.Bottomley@HansenPartnership.com", "time": "Fri Dec 15 17:52:09 2023 -0500" }, "committer": { "name": "James Bottomley", "email": "James.Bottomley@HansenPartnership.com", "time": "Sun Dec 17 10:48:53 2023 -0500" }, "message": "tpm2-common: add processing of TPM2_PolicySecret\n\nThis uses the consumable authorization scheme where if PolicySecret is\nspecified, it consumes the password in app_data-\u003eauth and no password\nis passed in to the main command. Although TPM2_PolicySecret has many\noptions, the only ones that really matter to the policy hash are the\nname of the object and the policyRef. We also add a possibly zero\nhandle hint at the beginning to identify persistent objects easily,\nsince finding by name is hard.\n\nSigned-off-by: James Bottomley \u003cJames.Bottomley@HansenPartnership.com\u003e\n" }, { "commit": "12c06b5555aff1edc4cf3007d5ce9cc3f55b722d", "tree": "a25bf754ea417f926c7efd1f4e250e2b63b57f8e", "parents": [ "d5eeceff61adfc529670359808424c7e811865f4" ], "author": { "name": "James Bottomley", "email": "James.Bottomley@HansenPartnership.com", "time": "Fri Dec 15 17:43:48 2023 -0500" }, "committer": { "name": "James Bottomley", "email": "James.Bottomley@HansenPartnership.com", "time": "Sun Dec 17 10:36:10 2023 -0500" }, "message": "Rethread handling of authorizations for TPM2_PolicySecret\n\nIn theory, TPM2_PolicySecret allows multiple different passwords to be\nspecified to use an object. However, this is incompatible with the\nsingle password model of openssl (and all other crypto systems), so we\nmake the rule that if a policy contains TPM2_PolicySecret, meaning the\nauth has to be passed in to the policy session, then it can\u0027t also be\nrequired to authorize the main command as well (i.e. only a single\nauthorization string per policy). We implement this by making the\nauthorization string a return from tpm2_init_session. If\nauthorization hasn\u0027t been consumed by policy sessions, it will be the\nvalue of app_data-\u003eauth otherwise if it has been consumed, it will be\nNULL.\n\nSigned-off-by: James Bottomley \u003cJames.Bottomley@HansenPartnership.com\u003e\n" }, { "commit": "d5eeceff61adfc529670359808424c7e811865f4", "tree": "23229f7db474bfedbe54548923987131f1541bff", "parents": [ "2b85ef8efa2f6e1d8fb2466b68f66febe4da4d30" ], "author": { "name": "James Bottomley", "email": "James.Bottomley@HansenPartnership.com", "time": "Fri Dec 15 17:36:38 2023 -0500" }, "committer": { "name": "James Bottomley", "email": "James.Bottomley@HansenPartnership.com", "time": "Sun Dec 17 09:51:44 2023 -0500" }, "message": "tss: add tpm2_PolicySecret\n\nAdd a cut down version of PolicySecret (with no nonceTPM, cpHashA or\nexpiry and thus no returned timeout or ticket) for use with a\nPolicySecret statement in the encoded policy statements.\n\nFor simplicity the authorization string is passed in and the internal\nroutine constructs the necessary HMAC session for encoding it in the\ncommand (this saves the calling code from having to worry about\nmultiple sessions).\n\nSigned-off-by: James Bottomley \u003cJames.Bottomley@HansenPartnership.com\u003e\n" }, { "commit": "2b85ef8efa2f6e1d8fb2466b68f66febe4da4d30", "tree": "e9078b73c168ee42cf29afce57c65ddffffffefa", "parents": [ "76aec723ebf4d7238808479163535de84caca8cc" ], "author": { "name": "James Bottomley", "email": "James.Bottomley@HansenPartnership.com", "time": "Fri Dec 15 17:26:44 2023 -0500" }, "committer": { "name": "James Bottomley", "email": "James.Bottomley@HansenPartnership.com", "time": "Fri Dec 15 17:35:12 2023 -0500" }, "message": "tss: add support for getting the names of objects (including NV objects)\n\nThis is a precursor to supporting TPM2_PolicySecret. The essential\ncomponent of this policy is the name of the object being used for\nauthorization. The most common elements for names are persistent and\nNV objects. In each case the hash is that of the public area, but the\nNV object also has to have a special call to retrieve the public area\n(TPM2_NV_ReadPublic instead of TPM2_ReadPublic). Add a name option to\ntpm2_ReadPublic to allow it to retrieve the name and add\ntpm2_NV_ReadPublic to retrieve the name of and NV index.\n\nSigned-off-by: James Bottomley \u003cJames.Bottomley@HansenPartnership.com\u003e\n" }, { "commit": "76aec723ebf4d7238808479163535de84caca8cc", "tree": "63ff0285a54e3ded95093c5861f6aca6cedc756e", "parents": [ "8cbc00ce2535dcb864f6ccf7c07f3fc1b6f39f27" ], "author": { "name": "James Bottomley", "email": "James.Bottomley@HansenPartnership.com", "time": "Thu Nov 23 13:53:02 2023 +0000" }, "committer": { "name": "James Bottomley", "email": "James.Bottomley@HansenPartnership.com", "time": "Thu Dec 14 10:41:29 2023 -0500" }, "message": "tests: Add testing for the new locality flag\n\nFairly simple since the emulator only runs at locality zero.\n\nSigned-off-by: James Bottomley \u003cJames.Bottomley@HansenPartnership.com\u003e\n" }, { "commit": "8cbc00ce2535dcb864f6ccf7c07f3fc1b6f39f27", "tree": "1fd57f0e7ba463f3e3ab43d8508e92103c110c9c", "parents": [ "f5f7a3dde4bdb9b781d9f9026d36817385f1b5e4" ], "author": { "name": "James Bottomley", "email": "James.Bottomley@HansenPartnership.com", "time": "Thu Nov 23 13:50:48 2023 +0000" }, "committer": { "name": "James Bottomley", "email": "James.Bottomley@HansenPartnership.com", "time": "Thu Dec 14 10:41:29 2023 -0500" }, "message": "Add locality policy\n\nThis allows the tools to bind to a locality using the policy flag\n--locality. The locality is a bitmap. The usual localities are 0-4.\nOn kernels which support executing the kernel at a different locality\nfrom userspace, this allows things like the creation of sealed data\nthat can only be unsealed in the kernel (or never unsealed in the\nkernel).\n\nSigned-off-by: James Bottomley \u003cJames.Bottomley@HansenPartnership.com\u003e\n" }, { "commit": "f5f7a3dde4bdb9b781d9f9026d36817385f1b5e4", "tree": "6de8deb9d4632c99585917052238ece6b4d6ee46", "parents": [ "7ec73c40c36f8d75b416293da287a0603b89cf68" ], "author": { "name": "James Bottomley", "email": "James.Bottomley@HansenPartnership.com", "time": "Thu Nov 23 08:47:20 2023 -0500" }, "committer": { "name": "James Bottomley", "email": "James.Bottomley@HansenPartnership.com", "time": "Thu Dec 14 10:41:29 2023 -0500" }, "message": "TSS: add locality policy\n\nUpdate both TSSs to add the ability to do locality policy.\n\nSigned-off-by: James Bottomley \u003cJames.Bottomley@HansenPartnership.com\u003e\n" }, { "commit": "7ec73c40c36f8d75b416293da287a0603b89cf68", "tree": "1a72c624cfb59c3dcda751bbcd0aff79a1af028d", "parents": [ "555ab08363c6cdf706a8366c3aa01c628d5cfb09" ], "author": { "name": "James Bottomley", "email": "James.Bottomley@HansenPartnership.com", "time": "Fri Dec 08 11:02:21 2023 -0500" }, "committer": { "name": "James Bottomley", "email": "James.Bottomley@HansenPartnership.com", "time": "Fri Dec 08 11:02:21 2023 -0500" }, "message": "doc: add clarity around policyRef in TPM2_PolicyAuthorize\n\nWhen the same policy signing key is used for different TPM objects\nwith signed policy, the policyRef must be unique to prevent policy\nswapping, so document this in the implementation considerations for\nsigned policies.\n\nSigned-off-by: James Bottomley \u003cJames.Bottomley@HansenPartnership.com\u003e\n" }, { "commit": "555ab08363c6cdf706a8366c3aa01c628d5cfb09", "tree": "e9ef78845996a5b35125b1590a9bc472df38afa4", "parents": [ "999faa790220ec94aacc66d5880f20d3719aadd1" ], "author": { "name": "James Bottomley", "email": "James.Bottomley@HansenPartnership.com", "time": "Mon Dec 04 22:47:13 2023 -0500" }, "committer": { "name": "James Bottomley", "email": "James.Bottomley@HansenPartnership.com", "time": "Mon Dec 04 22:47:13 2023 -0500" }, "message": "Version 4.0.2\n\n* Fixes for openssl 3.2\n* fix for encrypted secret size\n* fix for swtpm and swtpm2 simultaneous install\n* gcc-13 fix\n* make signed_tpm2_policy match man page\n\nSigned-off-by: James Bottomley \u003cJames.Bottomley@HansenPartnership.com\u003e\n" }, { "commit": "999faa790220ec94aacc66d5880f20d3719aadd1", "tree": "e8a2be49c9d5720153ef634a470e840bbe4747c8", "parents": [ "ef3de36732ce9ec5299806695f01159435a2ba3d" ], "author": { "name": "James Bottomley", "email": "James.Bottomley@HansenPartnership.com", "time": "Mon Dec 04 18:30:48 2023 -0500" }, "committer": { "name": "James Bottomley", "email": "James.Bottomley@HansenPartnership.com", "time": "Mon Dec 04 18:30:48 2023 -0500" }, "message": "provider: fix reference counting\n\nThe provider originally didn\u0027t take references in the context to the\npeer and standard key for EC derivation. Openssl 3.2 broke this\nassumption by freeing the peer key early. Fix this by taking the\ncorrect references.\n\nSigned-off-by: James Bottomley \u003cJames.Bottomley@HansenPartnership.com\u003e\n" }, { "commit": "ef3de36732ce9ec5299806695f01159435a2ba3d", "tree": "c038d5bc6a0a21ed4fc4ae69ae63f26adb74d150", "parents": [ "871f37517d53b35432dd076236d12eb451275ed8" ], "author": { "name": "James Bottomley", "email": "James.Bottomley@HansenPartnership.com", "time": "Mon Dec 04 18:28:16 2023 -0500" }, "committer": { "name": "James Bottomley", "email": "James.Bottomley@HansenPartnership.com", "time": "Mon Dec 04 18:28:16 2023 -0500" }, "message": "fix the pkcs12 wrapping test for openssl 3.2\n\nOpenssl 3.2 has two problems with this test. The first is that it\nwill no longer use a CA certificate unless it has the CA constraint\nset and the second is that it seems the pkcs12 required parameters are\nincompatible with the local openssl.cnf. Fix both by not using the\nlocal openssl.cnf when generating non-TPM openssl files and use the\nv3_ca section of the global openssl.cnf to add the CA constraint.\n\nSigned-off-by: James Bottomley \u003cJames.Bottomley@HansenPartnership.com\u003e\n" }, { "commit": "871f37517d53b35432dd076236d12eb451275ed8", "tree": "3ae5725481535bdfd9e8b7a0966aba382ff9d4d9", "parents": [ "2ca1b46b68dc7b8ab8a42e315d49857a2c0a868d" ], "author": { "name": "James Bottomley", "email": "James.Bottomley@HansenPartnership.com", "time": "Mon Dec 04 18:26:39 2023 -0500" }, "committer": { "name": "James Bottomley", "email": "James.Bottomley@HansenPartnership.com", "time": "Mon Dec 04 18:26:39 2023 -0500" }, "message": "Fix dynamic_engine tests for openssl 3.2\n\nApparently openssl 3.2 no longer accepts the OPENSSL_ENGINE\nenvironment variable for the location of the engines directory. This\nbreaks the dynamic engine test, so work around this by adding the\nengine location to LD_LIBRARY_PATH.\n\nSigned-off-by: James Bottomley \u003cJames.Bottomley@HansenPartnership.com\u003e\n" }, { "commit": "2ca1b46b68dc7b8ab8a42e315d49857a2c0a868d", "tree": "4c70ea95dc28b960d2e911bf8726c6e32c60b7de", "parents": [ "36b4d7d447593831d3addf358a5921ec8947b1f1" ], "author": { "name": "James Bottomley", "email": "James.Bottomley@HansenPartnership.com", "time": "Tue Nov 28 18:05:38 2023 -0500" }, "committer": { "name": "James Bottomley", "email": "James.Bottomley@HansenPartnership.com", "time": "Tue Nov 28 18:11:02 2023 -0500" }, "message": "tpm2-common: fix encrypted secret size\n\nIt\u0027s been reported that the ASN.1 representation of the encrypted\nsecret is always two bytes too big and zero padded at the end. This\nis because the written parameter isn\u0027t reset to zero when the secret\nwas Marshalled and is in fact left at 2 from a previous use. Fix by\ninitializing to zero before marshalling.\n\nSigned-off-by: James Bottomley \u003cJames.Bottomley@HansenPartnership.com\u003e\n" }, { "commit": "36b4d7d447593831d3addf358a5921ec8947b1f1", "tree": "40978bcc650b61049f990e6afdaece3d52b0084d", "parents": [ "df71996a0107b4ac931040206f4808af71da13c2" ], "author": { "name": "James Bottomley", "email": "James.Bottomley@HansenPartnership.com", "time": "Wed Nov 22 10:58:31 2023 -0500" }, "committer": { "name": "James Bottomley", "email": "James.Bottomley@HansenPartnership.com", "time": "Wed Nov 22 16:44:32 2023 -0500" }, "message": "signed_tpm2_policy: match the man page\n\nThe man page says we implement three commands: add, ls and rm; but we\ndon\u0027t, we only implement add. So fix signed_tpm2_policy to match its\nman page.\n\nSigned-off-by: James Bottomley \u003cJames.Bottomley@HansenPartnership.com\u003e\n" }, { "commit": "df71996a0107b4ac931040206f4808af71da13c2", "tree": "842e9bdacb7f88ab6724627f16cfd92b3fd154c5", "parents": [ "e3d119271d266d165b88fba402d742185a5f406b" ], "author": { "name": "James Bottomley", "email": "James.Bottomley@HansenPartnership.com", "time": "Wed Nov 22 10:57:35 2023 -0500" }, "committer": { "name": "James Bottomley", "email": "James.Bottomley@HansenPartnership.com", "time": "Wed Nov 22 16:44:24 2023 -0500" }, "message": "tpm2-common: add helpers for querying and removing key policy\n\nThese helpers will be used to implement the ls and rm functions\nof signed_tpm2_policy.\n\nSigned-off-by: James Bottomley \u003cJames.Bottomley@HansenPartnership.com\u003e\n" }, { "commit": "e3d119271d266d165b88fba402d742185a5f406b", "tree": "67294f65fdff1a4913c144e92e8e6de8d5080240", "parents": [ "cd38afd8f47900bd2002bf905cc57944d6030ccc" ], "author": { "name": "James Bottomley", "email": "James.Bottomley@HansenPartnership.com", "time": "Wed Nov 22 16:23:21 2023 -0500" }, "committer": { "name": "James Bottomley", "email": "James.Bottomley@HansenPartnership.com", "time": "Wed Nov 22 21:25:18 2023 +0000" }, "message": "gcc-13 fix\n\ngcc-13 started giving an uninitialized variable error in\nunseal_tpm2_data.c even though reason would be initialized in every\nerror leg. Fix it by initializing to NULL.\n\nSigned-off-by: James Bottomley \u003cJames.Bottomley@HansenPartnership.com\u003e\n" }, { "commit": "cd38afd8f47900bd2002bf905cc57944d6030ccc", "tree": "2196772d0a2bee349e3a50eab5fe31d666809aa2", "parents": [ "d9433dc6be201d6c71a7decbecc482dce879b67b" ], "author": { "name": "James Bottomley", "email": "James.Bottomley@HansenPartnership.com", "time": "Wed Nov 22 09:27:41 2023 -0500" }, "committer": { "name": "James Bottomley", "email": "James.Bottomley@HansenPartnership.com", "time": "Wed Nov 22 21:25:04 2023 +0000" }, "message": "tests: fix for swtpm and tpm_server being installed simultaneously\n\nIf both are installed, we will prefer the IBM swtpm2 (tpm_server), so\nwe are still able to run the nonopenssl_ecc test that swtpm fails.\n\nSigned-off-by: James Bottomley \u003cJames.Bottomley@HansenPartnership.com\u003e\n" }, { "commit": "d9433dc6be201d6c71a7decbecc482dce879b67b", "tree": "fb92093908ae869b2490e468b79a90b07deed699", "parents": [ "cd2b01cd05bd1e77e1bfaa47796fb27f283bf60e" ], "author": { "name": "James Bottomley", "email": "James.Bottomley@HansenPartnership.com", "time": "Wed Jul 05 15:32:10 2023 -0400" }, "committer": { "name": "James Bottomley", "email": "James.Bottomley@HansenPartnership.com", "time": "Wed Jul 05 15:32:10 2023 -0400" }, "message": "Version 4.0.1\n\n* Fixes for intel-tss and openssl \u003c 3\n* Fix support for the non-reference swtpm (although you should use the\n reference implementation for testing)\n* Doc updates to the draft RFC to make it ready for ietf submission\n* Fix openssl BOOLEAN issues\n\nSigned-off-by: James Bottomley \u003cJames.Bottomley@HansenPartnership.com\u003e\n" }, { "commit": "cd2b01cd05bd1e77e1bfaa47796fb27f283bf60e", "tree": "855dcc4afbc7e35e07f0078c80e2f548b59266ed", "parents": [ "ccf5b65b8e7842b40c5ff759a8846e16d040b3d0" ], "author": { "name": "James Bottomley", "email": "James.Bottomley@HansenPartnership.com", "time": "Thu Jun 29 16:31:22 2023 -0400" }, "committer": { "name": "James Bottomley", "email": "James.Bottomley@HansenPartnership.com", "time": "Thu Jun 29 16:50:52 2023 -0400" }, "message": "intel-tss: more openssl-3 fixes\n\nUpdate incorrect use of macro to OPENSSL_VERSION_NUMBER\n\nSigned-off-by: James Bottomley \u003cJames.Bottomley@HansenPartnership.com\u003e\n" }, { "commit": "ccf5b65b8e7842b40c5ff759a8846e16d040b3d0", "tree": "78cae8eb5fdd62176dbf442e1e6a1df80149f1e7", "parents": [ "a813f3db695d0d5d889474d203722d9f9641998b" ], "author": { "name": "James Bottomley", "email": "James.Bottomley@HansenPartnership.com", "time": "Thu Jun 29 10:04:54 2023 -0400" }, "committer": { "name": "James Bottomley", "email": "James.Bottomley@HansenPartnership.com", "time": "Thu Jun 29 10:07:27 2023 -0400" }, "message": "tpm2-common: fix for openssl Boolean problems\n\nThe ASN.1 standard strictly requires a Boolean to be 0xff for true or\n0 for false. Apparently openssl simply writes the value it was given\nwithout checking (which is usually a C value true or false), so a lot\nof our BOOLEANS are ending up with the illegal value 1. Redo the\nsetting of this variable to be either 0xff for true or absent for\nfalse (as the standard recommends).\n\nSigned-off-by: James Bottomley \u003cJames.Bottomley@HansenPartnership.com\u003e\n" }, { "commit": "a813f3db695d0d5d889474d203722d9f9641998b", "tree": "2d93a4260c9864955fc6fa4fe70a3c98fb4e2919", "parents": [ "504ef29ddb545487d77934fb4f93ab4ab24e1347" ], "author": { "name": "James Bottomley", "email": "James.Bottomley@HansenPartnership.com", "time": "Thu Jun 29 10:03:26 2023 -0400" }, "committer": { "name": "James Bottomley", "email": "James.Bottomley@HansenPartnership.com", "time": "Thu Jun 29 10:07:27 2023 -0400" }, "message": "configure.ac: always use the reference tpm if available\n\nThe current formulation of the if clause would use swtpm first if\nfound and then the ibmswtpm2. Since the latter is the reference\nimplementation and the former has deviated from it to the extent that\nsome tests have to be skipped to prevent spurious failures, always\nprefer testing with the reference implementation.\n\nSigned-off-by: James Bottomley \u003cJames.Bottomley@HansenPartnership.com\u003e\n" }, { "commit": "504ef29ddb545487d77934fb4f93ab4ab24e1347", "tree": "ba2ceaf3edb4f6179e48d60974dc7ace7640eee0", "parents": [ "5e84535fcf9905776145769d97bc56dd948ed7ae" ], "author": { "name": "James Bottomley", "email": "James.Bottomley@HansenPartnership.com", "time": "Wed Jun 28 15:06:24 2023 -0400" }, "committer": { "name": "James Bottomley", "email": "James.Bottomley@HansenPartnership.com", "time": "Wed Jun 28 16:05:44 2023 -0400" }, "message": "doc: convert to sourcecode tag and add ASN.1 module\n\nDavid Woodhouse suggested converting from \u003cartwork\u003e to \u003csourcecode\u003e\nfor the ASN.1 code and Russ Housley suggested adding an ASN.1 module.\n\nThe ASN.1 module now passes the syntax checker at\n\nhttps://osystest.site/webtools2/asn1SyntaxCheck.php\n\nWhich necessitated quite a few changes like the addition of commas and\nthe changing of value names to start with lower case\n\nSigned-off-by: James Bottomley \u003cJames.Bottomley@HansenPartnership.com\u003e\n" }, { "commit": "5e84535fcf9905776145769d97bc56dd948ed7ae", "tree": "db6164219e44cb22f2ee43ed96a5cd905a18c14e", "parents": [ "85d1401b98b9348e34b8a3be7fefd8aebee467c5" ], "author": { "name": "James Bottomley", "email": "James.Bottomley@HansenPartnership.com", "time": "Mon Jun 26 11:16:52 2023 -0400" }, "committer": { "name": "James Bottomley", "email": "James.Bottomley@HansenPartnership.com", "time": "Mon Jun 26 11:16:52 2023 -0400" }, "message": "doc: make references to the TCG template explicit\n\nAnd add a pointer to the actual provisioning document where the\ntemplate is specified.\n\nSigned-off-by: James Bottomley \u003cJames.Bottomley@HansenPartnership.com\u003e\n" }, { "commit": "85d1401b98b9348e34b8a3be7fefd8aebee467c5", "tree": "c742f37f6a321259aa8ee1b34abc6c79d47c46b6", "parents": [ "fdbab95dc58c30095da8c2d542fbc612b1fa3689" ], "author": { "name": "James Bottomley", "email": "James.Bottomley@HansenPartnership.com", "time": "Mon Jun 26 10:11:10 2023 -0400" }, "committer": { "name": "James Bottomley", "email": "James.Bottomley@HansenPartnership.com", "time": "Mon Jun 26 10:13:45 2023 -0400" }, "message": "tests: skip known test failures for swtpm\n\nApparently swtpm has deviated from the TPM2 reference implementation\nand one consequence of this is that it no longer handles parametrised\nEC curves correctly. Skip the non openssl curve tests to prevent this\ncausing spurious test failures.\n\nSigned-off-by: James Bottomley \u003cJames.Bottomley@HansenPartnership.com\u003e\n" }, { "commit": "fdbab95dc58c30095da8c2d542fbc612b1fa3689", "tree": "1f7889868b711daa112e0e8a3318608234623e32", "parents": [ "c07bc504269211f88beca012dad934de8cc6027b" ], "author": { "name": "James Bottomley", "email": "James.Bottomley@HansenPartnership.com", "time": "Sun Jun 25 08:56:15 2023 -0400" }, "committer": { "name": "James Bottomley", "email": "James.Bottomley@HansenPartnership.com", "time": "Mon Jun 26 10:13:45 2023 -0400" }, "message": "intel-tss: fix Intel TSS for swtpm\n\nApparently the Intel TSS insists on sending a command to the control\nsocket for the mssim tcti backend. This fails for swtpm (because it\nisn\u0027t listening), so set the swtpm backend for this case.\n\nSigned-off-by: James Bottomley \u003cJames.Bottomley@HansenPartnership.com\u003e\n" }, { "commit": "c07bc504269211f88beca012dad934de8cc6027b", "tree": "8d02c2d29f78d06d55829accb0987f660f7fa4bf", "parents": [ "058fdde98ce658d1d3f67e08f55fce6e68c38319" ], "author": { "name": "James Bottomley", "email": "James.Bottomley@HansenPartnership.com", "time": "Mon Jun 26 10:07:39 2023 -0400" }, "committer": { "name": "James Bottomley", "email": "James.Bottomley@HansenPartnership.com", "time": "Mon Jun 26 10:13:45 2023 -0400" }, "message": "tpm-common: remove support for \u003c 256 bit elliptic curves\n\nNo shipping TPM actually supports these curves and OpenSSL doesn\u0027t\nproduce the correct certificate signatures for them (pads to key\nlength, so signature length check can\u0027t determine hash type). Rather\nthan work around this, simply remove the curves.\n\nSigned-off-by: James Bottomley \u003cJames.Bottomley@HansenPartnership.com\u003e\n" }, { "commit": "058fdde98ce658d1d3f67e08f55fce6e68c38319", "tree": "7bd15059a28ed8c99c70b2f32d19dc26b01fbb5e", "parents": [ "196d7a43297885ca86cb44adcfcc8cc3b2f7bd24" ], "author": { "name": "James Bottomley", "email": "James.Bottomley@HansenPartnership.com", "time": "Sun Jun 25 08:53:35 2023 -0400" }, "committer": { "name": "James Bottomley", "email": "James.Bottomley@HansenPartnership.com", "time": "Mon Jun 26 10:13:45 2023 -0400" }, "message": "intel-tss: fix openssl3 code\n\nThe correct format of an else if in CPP is #elif not #elsif (not sure\nwhy the CPP didn\u0027t error).\n\nSigned-off-by: James Bottomley \u003cJames.Bottomley@HansenPartnership.com\u003e\n" }, { "commit": "196d7a43297885ca86cb44adcfcc8cc3b2f7bd24", "tree": "c6cffc16c15cb948fa682025e552276dff6f5898", "parents": [ "a3368236effc8309d139b570c603ce60e3ab4d95" ], "author": { "name": "Gary Lin via groups.io", "email": "glin\u003dsuse.com@groups.io", "time": "Thu Apr 13 15:14:47 2023 +0800" }, "committer": { "name": "James Bottomley", "email": "James.Bottomley@HansenPartnership.com", "time": "Mon Apr 17 08:10:39 2023 -0400" }, "message": "doc: fix a typo in draft-bottomley-tpm2-keys.xml\n\nFix \"auth{olicy\" \u003d\u003d\u003e \"authPolicy\"\n\nSigned-off-by: Gary Lin \u003cglin@suse.com\u003e\n" }, { "commit": "a3368236effc8309d139b570c603ce60e3ab4d95", "tree": "cbe651bf2383849bc75b6f3561e78789c8230415", "parents": [ "5f7c8a7abdd622d18379cd3a8742b00a4f82f486" ], "author": { "name": "James Bottomley", "email": "James.Bottomley@HansenPartnership.com", "time": "Wed Mar 29 09:05:46 2023 -0400" }, "committer": { "name": "James Bottomley", "email": "James.Bottomley@HansenPartnership.com", "time": "Wed Mar 29 09:05:46 2023 -0400" }, "message": "Version 4.0.0\n\n* New openssl-3 provider\n* update intel-tss for openssl-3\n* gcc-13 fix for enum/int confusion in prototypes\n\nSigned-off-by: James Bottomley \u003cJames.Bottomley@HansenPartnership.com\u003e\n" }, { "commit": "5f7c8a7abdd622d18379cd3a8742b00a4f82f486", "tree": "3401284b631d18fc32ab70d914d9f3ceb0529177", "parents": [ "ebd7ed47000caa972be7ba5d7392be9d8020137d" ], "author": { "name": "James Bottomley", "email": "James.Bottomley@HansenPartnership.com", "time": "Fri Mar 24 15:30:49 2023 +0000" }, "committer": { "name": "James Bottomley", "email": "James.Bottomley@HansenPartnership.com", "time": "Fri Mar 24 11:35:35 2023 -0400" }, "message": "tpm2-common.c: Fix gcc-13 being picky about int to enum conversion\n\nSigned-off-by: James Bottomley \u003cJames.Bottomley@HansenPartnership.com\u003e\n" }, { "commit": "ebd7ed47000caa972be7ba5d7392be9d8020137d", "tree": "256b8d2d7f1b36527cfcf7e9625ef68b7235b2f5", "parents": [ "e718104c9aaf79c192cccd6f2cdfd56875145797" ], "author": { "name": "James Bottomley", "email": "James.Bottomley@HansenPartnership.com", "time": "Wed Mar 22 22:48:45 2023 -0400" }, "committer": { "name": "James Bottomley", "email": "James.Bottomley@HansenPartnership.com", "time": "Wed Mar 22 22:59:44 2023 -0400" }, "message": "decode_encode: fix the provider recursion problem\n\nNormally providers are selected in order, so specifying\n\n--provider default --provider tpm2\n\nis enough to ensure that the default provider is used for all routines\nthe tpm2 provider doesn\u0027t actually provide. However, there is an\nexception to this ordering in that openssl will search the cache first\nbefore going in provider order, so when the implementation beneath\nthis provider also needs to use openssl (as all tss\u0027s do) then you get\ninto a situation where the first use of a tpm2 routine will populate\nthe cache for tpm2 only and then all subsequent uses will find tpm2\nbefore default. This is a serious recursion problem in the tss\nbecause it uses elliptic curve derivation to obtain the encrypted salt\nfor sessions but it can\u0027t go back around and use this providers\nroutines for EC because they\u0027ll eventually need to derive the\nencrypted salt ...\n\nThe fix is to artificially populate the cache with the default\nprovider before the tpm2 also gets added.\n\nSigned-off-by: James Bottomley \u003cJames.Bottomley@HansenPartnership.com\u003e\n" }, { "commit": "e718104c9aaf79c192cccd6f2cdfd56875145797", "tree": "2b8abc36c724e0c10f77133ad2a0a309c4e61cb4", "parents": [ "184d8dda5c317536ab40ec90b008849c23c67246" ], "author": { "name": "James Bottomley", "email": "James.Bottomley@HansenPartnership.com", "time": "Fri Mar 17 11:56:11 2023 -0400" }, "committer": { "name": "James Bottomley", "email": "James.Bottomley@HansenPartnership.com", "time": "Wed Mar 22 22:59:44 2023 -0400" }, "message": "tests: add provider tests\n\nGate tests on openssl3, but re-run all the engine tests (except the\ndynamic engine one) using the provider.\n\nSigned-off-by: James Bottomley \u003cJames.Bottomley@HansenPartnership.com\u003e\n" }, { "commit": "184d8dda5c317536ab40ec90b008849c23c67246", "tree": "5b0563b586e0841fb1c4e76b5c97a88bfb4f7460", "parents": [ "5fe4ac30a30bc8fa1693dbbf4ca6a3ab2b57bff6" ], "author": { "name": "James Bottomley", "email": "James.Bottomley@HansenPartnership.com", "time": "Thu Mar 16 13:47:15 2023 -0400" }, "committer": { "name": "James Bottomley", "email": "James.Bottomley@HansenPartnership.com", "time": "Wed Mar 22 22:59:44 2023 -0400" }, "message": "provider: add nv key handling with store\n\nSigned-off-by: James Bottomley \u003cJames.Bottomley@HansenPartnership.com\u003e\n" }, { "commit": "5fe4ac30a30bc8fa1693dbbf4ca6a3ab2b57bff6", "tree": "b6874800c258b897937258637e7170bc19970fdd", "parents": [ "f6fae5fb6b3cba927e8cf49ad9d1f2d9a2a801da" ], "author": { "name": "James Bottomley", "email": "James.Bottomley@HansenPartnership.com", "time": "Mon Mar 06 16:17:55 2023 -0500" }, "committer": { "name": "James Bottomley", "email": "James.Bottomley@HansenPartnership.com", "time": "Wed Mar 22 22:59:44 2023 -0400" }, "message": "provider: add decryption functions\n\nThese take different forms: RSA is a simple RSA padded decryption but\nfor EC it\u0027s an ECDH key derivation.\n\nSigned-off-by: James Bottomley \u003cJames.Bottomley@HansenPartnership.com\u003e\n" } ], "next": "f6fae5fb6b3cba927e8cf49ad9d1f2d9a2a801da" }