Merge pull request #207 from elms/release/prep_v2.4.0

v2.4.0 release preparation

CMakeLists.txt

@@ -21,7 +21,7 @@
 
 cmake_minimum_required(VERSION 3.16)
 
-project(wolfTPM VERSION 2.3.1 LANGUAGES C)
+project(wolfTPM VERSION 2.4.0 LANGUAGES C)
 
 set(CMAKE_RUNTIME_OUTPUT_DIRECTORY ${CMAKE_BINARY_DIR}/bin)
 

ChangeLog.md

@@ -10,6 +10,25 @@ Fix for `make install`
 
 * Fix for installing example code on linux builds (PR #196)
 
+## wolfTPM Release 2.4 (05/06/2022)
+
+**Summary**
+
+Add CMake support. Add C# wrappers. Add ST33 GetRandom2. Improve
+`TPM2_SetupPCRSel`. Fixes for C++ compilers, example install and writing PEM.
+
+**Detail**
+
+* Fixes for c++ compiler (PR #206)
+* Adding a C# wrappers (PR #203)
+* CMake support (PR #202, #204, #205)
+* Add support for ST33 vendor specific command `TPM_CC_GetRandom2` (PR #200)
+* Fix writing PEM in `wolfTPM2_RsaKey_TpmToPemPub` (PR #201)
+* Improve `TPM2_SetupPCRSel` (multiple calls) (PR #198)
+* Fix for a few spelling errors and whitespace cleanup (PR #199)
+* v2.3.1 updates (PR #197)
+* Fix make install by renaming pcr example read.c (PR #196)
+
 ## wolfTPM Release 2.3 (11/08/2021)
 
 **Summary**

configure.ac

@@ -3,7 +3,7 @@
 # All right reserved.
 
 AC_COPYRIGHT([Copyright (C) 2014-2021 wolfSSL Inc.])
-AC_INIT([wolftpm],[2.3.1],[https://github.com/wolfssl/wolfTPM/issues],[wolftpm],[http://www.wolfssl.com])
+AC_INIT([wolftpm],[2.4.0],[https://github.com/wolfssl/wolfTPM/issues],[wolftpm],[http://www.wolfssl.com])
 
 AC_PREREQ([2.63])
 AC_CONFIG_AUX_DIR([build-aux])
@@ -23,7 +23,7 @@ AC_ARG_PROGRAM
 AC_CONFIG_MACRO_DIR([m4])
 AC_CONFIG_HEADERS([src/config.h])
 
-WOLFTPM_LIBRARY_VERSION=12:1:0
+WOLFTPM_LIBRARY_VERSION=13:0:0
 #                        | | |
 #                 +------+ | +---+
 #                 |        |     |

examples/wrap/wrap_test.c

@@ -442,7 +442,6 @@ int TPM2_Wrapper_TestArgs(void* userCtx, int argc, char *argv[])
     wc_FreeRsaKey(&wolfRsaPrivKey);
     rc = wolfTPM2_UnloadHandle(&dev, &rsaKey.handle);
     if (rc != 0) goto exit;
-#endif /* !WOLFTPM2_NO_WOLFCRYPT && !NO_RSA */
 
     /* Load raw RSA private key into TPM */
     rc = wolfTPM2_LoadRsaPrivateKey(&dev, &storageKey, &rsaKey,
@@ -455,12 +454,12 @@ int TPM2_Wrapper_TestArgs(void* userCtx, int argc, char *argv[])
         (word32)rsaKey.handle.hndl);
     rc = wolfTPM2_UnloadHandle(&dev, &rsaKey.handle);
     if (rc != 0) goto exit;
+#endif /* !WOLFTPM2_NO_WOLFCRYPT && !NO_RSA */
 
     /* Close TPM session based on RSA storage key */
     wolfTPM2_UnloadHandle(&dev, &tpmSession.handle);
     wolfTPM2_SetAuthSession(&dev, 1, NULL, 0); /* clear auth session */
 
-
     /*------------------------------------------------------------------------*/
     /* ECC TESTS */
     /*------------------------------------------------------------------------*/
@@ -662,7 +661,6 @@ int TPM2_Wrapper_TestArgs(void* userCtx, int argc, char *argv[])
     wc_ecc_free(&wolfEccPrivKey);
     rc = wolfTPM2_UnloadHandle(&dev, &eccKey.handle);
     if (rc != 0) goto exit;
-#endif /* !WOLFTPM2_NO_WOLFCRYPT && HAVE_ECC */
 
     /* Load raw ECC private key into TPM */
     rc = wolfTPM2_LoadEccPrivateKey(&dev, &storageKey, &eccKey, TPM_ECC_NIST_P256,
@@ -675,6 +673,7 @@ int TPM2_Wrapper_TestArgs(void* userCtx, int argc, char *argv[])
         (word32)eccKey.handle.hndl);
     rc = wolfTPM2_UnloadHandle(&dev, &eccKey.handle);
     if (rc != 0) goto exit;
+#endif /* !WOLFTPM2_NO_WOLFCRYPT && HAVE_ECC */
 
 #if 0 /* disabled until ECC Encrypted salt is added */
     /* Close TPM session based on ECC storage key */
@@ -841,6 +840,7 @@ int TPM2_Wrapper_TestArgs(void* userCtx, int argc, char *argv[])
     /*------------------------------------------------------------------------*/
     /* ENCRYPT/DECRYPT TESTS */
     /*------------------------------------------------------------------------*/
+#ifndef WOLFTPM2_NO_WOLFCRYPT
     rc = wolfTPM2_LoadSymmetricKey(&dev, &aesKey, TEST_AES_MODE,
         TEST_AES_KEY, (word32)sizeof(TEST_AES_KEY));
     if (rc != 0) goto exit;
@@ -878,7 +878,9 @@ int TPM2_Wrapper_TestArgs(void* userCtx, int argc, char *argv[])
         goto exit;
     }
     if (rc != 0) goto exit;
-
+#else
+    (void)aesIv;
+#endif /* !WOLFTPM2_NO_WOLFCRYPT */
 
     rc = wolfTPM2_GetKeyTemplate_Symmetric(&publicTemplate, 128, TEST_AES_MODE,
         YES, YES);

src/tpm2_wrap.c

@@ -287,7 +287,7 @@ int wolfTPM2_FreeSession(WOLFTPM2_SESSION* session)
     }
     return TPM_RC_SUCCESS;
 }
-#endif /* WOLFTPM2_NO_HEAP */
+#endif /* !WOLFTPM2_NO_HEAP */
 
 WOLFTPM2_HANDLE* wolfTPM2_GetHandleRefFromKey(WOLFTPM2_KEY* key)
 {
@@ -416,9 +416,15 @@ int wolfTPM2_SetKeyBlobFromBuffer(WOLFTPM2_KEYBLOB* key, byte *buffer,
     }
 
     XMEMCPY(key->priv.buffer, runner, key->priv.size);
-    runner += key->priv.size;
     done_reading += key->priv.size;
 
+    if (done_reading != bufferSz) {
+#ifdef DEBUG_WOLFTPM
+        printf("Extra data left in buffer (%d!=%d)\n",  bufferSz, done_reading);
+#endif
+        return BUFFER_E;
+    }
+
     return TPM_RC_SUCCESS;
 }
 
@@ -429,13 +435,18 @@ int wolfTPM2_SetKeyAuthPassword(WOLFTPM2_KEY *key, const byte* auth,
         return BAD_FUNC_ARG;
     }
 
-    if ((auth != NULL) && (authSz == 0)) {
+    if ( ((auth != NULL) && (authSz == 0))
+         || ((auth == NULL) && (authSz != 0))
+        ) {
         return BAD_FUNC_ARG;
     }
 
     /* specify auth password for storage key */
     key->handle.auth.size = authSz;
-    XMEMCPY(key->handle.auth.buffer, auth, authSz);
+    if (auth != NULL) {
+        XMEMCPY(key->handle.auth.buffer, auth, authSz);
+    }
+
     return TPM_RC_SUCCESS;
 }
 
@@ -1519,14 +1530,16 @@ int wolfTPM2_SensitiveToPrivate(TPM2B_SENSITIVE* sens, TPM2B_PRIVATE* priv,
     TPMI_ALG_HASH innerAlg, outerAlg;
     TPM2_Packet packet;
     int pos = 0;
-    int digestSz, innerSz, outerSz, sensSz;
+    int digestSz =0;
+    int innerSz = 0;
+    int outerSz = 0;
+    int sensSz = 0;
 
     if (sens == NULL || priv == NULL)
         return BAD_FUNC_ARG;
 
     digestSz = TPM2_GetHashDigestSize(nameAlg);
 
-    innerSz = outerSz = sensSz = 0;
     if (sym && sym->algorithm != TPM_ALG_NULL) {
         innerWrap = 1;
 

tests/unit_tests.c

@@ -274,15 +274,21 @@ static void test_TPM2_KDFa(void)
         .size = 8,
         .buffer = {0xDA, 0x50, 0x40, 0x31, 0xDD, 0xF1, 0x2E, 0x83}
     };
+    byte key[TEST_KDFA_KEYSZ];
+
+#ifndef WOLFTPM2_NO_WOLFCRYPT
     const byte keyExp[TEST_KDFA_KEYSZ] = {
         0xbb, 0x02, 0x59, 0xe1, 0xc8, 0xba, 0x60, 0x7e, 0x6a, 0x2c,
         0xd7, 0x04, 0xb6, 0x9a, 0x90, 0x2e, 0x9a, 0xde, 0x84, 0xc4};
-    byte key[TEST_KDFA_KEYSZ];
+#endif
 
     rc = TPM2_KDFa(TPM_ALG_SHA256, &keyIn, label, &contextU, &contextV, key, keyIn.size);
+#ifdef WOLFTPM2_NO_WOLFCRYPT
+    AssertIntEQ(NOT_COMPILED_IN, rc);
+#else
     AssertIntEQ(sizeof(keyExp), rc);
-
     AssertIntEQ(XMEMCMP(key, keyExp, sizeof(keyExp)), 0);
+#endif
 }
 
 #endif /* !WOLFTPM2_NO_WRAPPER */

wolftpm/tpm2_types.h

@@ -119,6 +119,7 @@ typedef int64_t  INT64;
 #else
 
     #include <stdio.h>
+    #include <stdlib.h>
     #include <string.h>
 
     typedef uint8_t  byte;
@@ -137,6 +138,8 @@ typedef int64_t  INT64;
     #define SOCKET_ERROR_E        -308  /* error state on socket    */
 
 #ifndef WOLFTPM_CUSTOM_TYPES
+    #define XMALLOC(s, h, t)     malloc((size_t)(s))
+    #define XFREE(p, h, t)       free(p)
     #define XMEMCPY(d,s,l)    memcpy((d),(s),(l))
     #define XMEMSET(b,c,l)    memset((b),(c),(l))
     #define XMEMCMP(s1,s2,n)  memcmp((s1),(s2),(n))