Skip to content

5.6 - 2023-11-08

Compare
Choose a tag to compare
@ajaykish ajaykish released this 08 Nov 16:08
· 57 commits to master since this release
5.6
a36f8e2
  • tpm2_eventlog:
    - add H-CRTM event support
    - add support of efivar versions less than 38
    - Add support to check for efivar/efivar.h manually
    - Minor formatting fixes
    - tpm2_eventlog: add support for replay with different StartupLocality
    - Fix pcr extension for EV_NO_ACTION
    - Extend test of yaml string representation
    - Use helper for printing a string dump
    - Fix upper bound on unique data size
    - Fix YAML string formatting

  • tpm2_policy:

    • Add support for parsing forward seal TPM values
    • Use forward seal values in creating policies
    • Move dgst_size in evaluate_populate_pcr_digests()
    • Allow more than 8 PCRs for sealing
    • Move dgst_size in evaluate_populate_pcr_digests
    • Allow more than 8 PCRs for sealing
    • Make __wrap_Esys_PCR_Read() more dynamic to enable testing more PCRs
  • tpm2_encryptdecrypt: Fix pkcs7 padding stripping

  • tpm2_duplicate:

    • Support -a option for attributes
    • Add --key-algorithm option
  • tpm2_encodeobject: Use the correct -O option instead of -C

  • tpm2_unseal: Add qualifier static to enhance the privacy of unseal function

  • tpm2_sign:

    • Remove -m option which was added mistakenly
    • Revert sm2 sign and verifysignature
  • tpm2_createek:
    - Correct man page example

    • Fix usage of nonce
    • Fix integrating nonce
  • tpm2_clear: add more details about the action

  • tpm2_startauthsession: allow the file attribute for policy authorization.

  • tpm2_getekcertificate: Add AMD EK support

  • tpm2_ecdhzgen: Add public-key parameter

  • tpm2_nvreadpublic: Prevent free of unallocated pointers on failure

  • Bug-fixes:

    • The readthedocs build failed with module 'jinja2' has no attribute 'contextfilter'
      a requirement file was added to fix this problem

    • An error caused by the flags -flto -_FORTIFY_SOURCE=3 in kdfa implementation.
      This error can be avoided by switching off the optimization with pragma

    • Changed wrong function name of "Esys_Load" to "Esys_Load"

    • Function names beginning with Esys_ are wrongly written as Eys_

    • Reading and writing a serialized persistent ESYS_TR handles

    • cirrus-ci update image-family to freebsd-13-2 from 13-1

  • misc:

    • Change the default Python version to Python3 in the helper's code

    • Skip test which uses the sign operator for comparison in abrmd_policynv.sh

    • tools/tr_encode: Add a tool that can encode serialized ESYS_TR for persistent handles
      from the TPM2B_PUBLIC and the raw persistent TPM2_HANDLE

    • Add safe directory in config