Date   
Re: [PATCH] move to TCG defined OIDs for the key types

David Woodhouse
 

On Mon, 2018-11-05 at 10:52 +0100, Fredrik Ternerot wrote:
Is something missing here? version seems not to be declared anywhere.
This is based on my earlier patch series adding the new TSS2 PRIVATE
KEY format.

Re: [PATCH] move to TCG defined OIDs for the key types

Fredrik Ternerot
 

On Sun, Nov 4, 2018 at 11:12 PM James Bottomley
<James.Bottomley@...> wrote:

We previously stole an OID in the TCG space to use to identify our
keys. With the shift to a new key format, we've also taken the
opportunity to clarify with the TCG which OIDs we can use. It turns
out the ones we initially chose were non-leaf nodes, so we now finally
have a couple of leaf nodes allocated and thus we take advantage of
the new key format to switch to using them.

Signed-off-by: James Bottomley <James.Bottomley@...>

diff --git a/e_tpm2.c b/e_tpm2.c
index fd0ed1c..833dc7c 100644
--- a/e_tpm2.c
+++ b/e_tpm2.c
@@ -400,10 +400,15 @@ static int tpm2_engine_load_key_core(ENGINE *e, EVP_PKEY **ppkey,
}

if (strcmp(OID_loadableKey, oid) == 0) {
- ;
- } else if (strcmp(OID_12Key, oid) == 0) {
- fprintf(stderr, "TPM1.2 key is not importable by TPM2.0\n");
- goto err;
+ if (version != 1) {
Is something missing here? version seems not to be declared anywhere.

Fredrik

+ fprintf(stderr, "New type found in old format key\n");
+ goto err;
+ }
+ } else if (strcmp(OID_OldloadableKey, oid) == 0) {
+ if (version != 0) {
+ fprintf(stderr, "Old type found in new format key\n");
+ goto err;
+ }
} else if (strcmp(OID_importableKey, oid) == 0) {
fprintf(stderr, "Importable keys currently unsupported\n");
goto err;
diff --git a/tpm2-asn.h b/tpm2-asn.h
index 341edb5..15e0f84 100644
--- a/tpm2-asn.h
+++ b/tpm2-asn.h
@@ -49,7 +49,7 @@ DEFINE_STACK_OF(TSSOPTPOLICY);
* contains things like the policy but which is cryptographically tied
* to the private key.
*
- * TPMKey ::= SEQUENCE {
+ * OldTPMKey ::= SEQUENCE {
* type OBJECT IDENTIFIER
* emptyAuth [0] EXPLICIT BOOLEAN OPTIONAL
* parent [1] EXPLICIT INTEGER OPTIONAL
@@ -57,6 +57,18 @@ DEFINE_STACK_OF(TSSOPTPOLICY);
* policy [3] EXPLICIT SEQUENCE OF TPMPolicy OPTIONAL
* privkey OCTET STRING
* }
+ *
+ * This is the newer form of the key file. It no-longer covers TPM
+ * 1.2 keys and thus the parent and pubkey are no-longer optional
+ *
+ * TPMKey ::= SEQUENCE {
+ * type OBJECT IDENTIFIER
+ * emptyAuth [0] EXPLICIT BOOLEAN OPTIONAL
+ * policy [1] EXPLICIT SEQUENCE OF TPMPolicy OPTIONAL
+ * parent INTEGER
+ * pubkey OCTET STRING
+ * privkey OCTET STRING
+ * }
*/

typedef struct {
@@ -81,10 +93,17 @@ typedef struct {
* unoccupied child (10) for keytype file and two values:
* 1 : Key that is directly loadable
* 2 : Key that must first be imported then loaded
+ *
+ * the TCG actually gave us some OIDs which turn out to be different
+ * from the ones we chose, so keep OID_Oldloadablekey for backwards
+ * compatibility, but add the new loadable and importable key types on
+ * the new OIDs
*/
-#define OID_12Key "2.23.133.10.1"
-#define OID_loadableKey "2.23.133.10.2"
-#define OID_importableKey "2.23.133.10.3"
+#define OID_OldloadableKey "2.23.133.10.2"
+
+#define OID_loadableKey "2.23.133.10.1.3"
+#define OID_importableKey "2.23.133.10.1.4"
+

ASN1_SEQUENCE(TSSLOADABLE) = {
ASN1_SIMPLE(TSSLOADABLE, type, ASN1_OBJECT),


Re: [PATCH] add tests for old keys

David Woodhouse
 

On Sun, 2018-11-04 at 14:13 -0800, James Bottomley wrote:
To check that old format keys still work, we add a --deprecated option
to create_tpm2_key that allows us to create them still. The test is
to create an old format key and prove the engine still accepts it.

Signed-off-by: James Bottomley <James.Bottomley@...>
These patches look sane enough; thanks. They should interoperate with
the current OpenConnect git HEAD (which should take both old and new
forms; you only need to point it at any HTTPS server to test that
much)... and also with the TCG engine with the patch in
https://github.com/tpm2-software/tpm2-tss-engine/pull/40

I'm travelling at the moment but will try to do those tests... unless
you've already done them?

Re: [PATCH 1/1] Add possibility to disable ECC at compile time

Fredrik Ternerot <fredrik.ternerot@...>
 

On Wed, Oct 31, 2018 at 14:40:57 +0000, James Bottomley wrote:
On Wed, 2018-10-31 at 14:48 +0100, Fredrik Ternerot wrote:
Add possibility to disable Elliptic Curve Cryptography at compile
time. This allows compilation for systems where ECC is not supported
by openssl.
OK, so if there are such systems I'd rather they built automatically by
keying off the openssl capabilities, which means OPENSSL_NO_EC ... but
I really think this is the wrong config to look at. If you disable EC
you must have a specifiable parent because we use EC routines to create
them.
I agree it's better to use OPENSSL_NO_EC instead, I will change and
post a new patch. You will need to create a parent by other means,
true.


I actually think it's much more likely (because the mathematics is
easier) that we'd get an openssl for embedded that has EC but no RSA.
I can not tell what is more likely, but I need to disable EC. If/when
there is similar need for RSA, I guess this needs to be handled as
well.


Similar compile time flag is already present in ibmtss2
library.
In general we should really not allow user chosen compile time options
if we can avoid it ... it causes confusion and makes for a huge test
matrix (this is one of the lessons from linux kernel kconfig). If we
have to have config options, they should be driven by a solid use case.
I understand the problem with this kind of configuration, but I need
it because the system I work on does not support EC, and this is not
something I can change.

--
Fredrik Ternerot

Re: [PATCH 1/1] Add possibility to disable ECC at compile time

Fredrik Ternerot <fredrik.ternerot@...>
 

On Wed, Oct 31, 2018 at 14:40:57 +0000, James Bottomley wrote:
On Wed, 2018-10-31 at 14:48 +0100, Fredrik Ternerot wrote:
Add possibility to disable Elliptic Curve Cryptography at compile
time. This allows compilation for systems where ECC is not supported
by openssl.
OK, so if there are such systems I'd rather they built automatically by
keying off the openssl capabilities, which means OPENSSL_NO_EC ... but
I really think this is the wrong config to look at. If you disable EC
you must have a specifiable parent because we use EC routines to create
them.
Sure, I could probably change to use OPENSSL_NO_EC instead. You will
need to create a parent by other means, true.


I actually think it's much more likely (because the mathematics is
easier) that we'd get an openssl for embedded that has EC but no RSA.
I can not tell what is most likely, but I need to disable EC. If/when
there is similar need for RSA, I guess this needs to be handled as
well.


Similar compile time flag is already present in ibmtss2
library.
In general we should really not allow user chosen compile time options
if we can avoid it ... it causes confusion and makes for a huge test
matrix (this is one of the lessons from linux kernel kconfig). If we
have to have config options, they should be driven by a solid use case.
I understand the problem with this kind of configuration, but I need
it because the system do not support EC due to patent issues, and it's
not much I can do about that.

--
Fredrik Ternerot

[PATCH] add tests for old keys

James Bottomley
 

To check that old format keys still work, we add a --deprecated option
to create_tpm2_key that allows us to create them still. The test is
to create an old format key and prove the engine still accepts it.

Signed-off-by: James Bottomley <James.Bottomley@...>

diff --git a/create_tpm2_key.c b/create_tpm2_key.c
index 06bcb84..f95f70c 100644
--- a/create_tpm2_key.c
+++ b/create_tpm2_key.c
@@ -38,6 +38,8 @@
* not a TPM error, so don't process the rc as one */
#define NOT_TPM_ERROR (0xffffffff)

+#define OPT_DEPRECATED 0x1ff
+
static struct option long_options[] = {
{"auth", 0, 0, 'a'},
{"auth-parent", 1, 0, 'b'},
@@ -53,6 +55,12 @@ static struct option long_options[] = {
{"list-curves", 0, 0, 'l'},
{"da", 0, 0, 'd'},
{"key-policy", 1, 0, 'c'},
+ /*
+ * The option --deprecated allows us to create old format keys
+ * for the purposes of testing. It should never be used in
+ * the field so is an undocumented option
+ */
+ {"deprecated", 0, 0, OPT_DEPRECATED},
{0, 0, 0, 0}
};

@@ -234,29 +242,49 @@ out:
int
openssl_write_tpmfile(const char *file, BYTE *pubkey, int pubkey_len,
BYTE *privkey, int privkey_len, int empty_auth,
- TPM_HANDLE parent, STACK_OF(TSSOPTPOLICY) *sk)
+ TPM_HANDLE parent, STACK_OF(TSSOPTPOLICY) *sk,
+ int version)
{
- TSSPRIVKEY tssl;
+ union {
+ TSSLOADABLE tssl;
+ TSSPRIVKEY tpk;
+ } k;
BIO *outb;

/* clear structure so as not to have to set optional parameters */
- memset(&tssl, 0, sizeof(tssl));
+ memset(&k, 0, sizeof(k));
if ((outb = BIO_new_file(file, "w")) == NULL) {
fprintf(stderr, "Error opening file for write: %s\n", file);
return 1;
}
- tssl.type = OBJ_txt2obj(OID_loadableKey, 1);
- tssl.emptyAuth = empty_auth;
- tssl.parent = ASN1_INTEGER_new();
- ASN1_INTEGER_set(tssl.parent, parent);
-
- tssl.pubkey = ASN1_OCTET_STRING_new();
- ASN1_STRING_set(tssl.pubkey, pubkey, pubkey_len);
- tssl.privkey = ASN1_OCTET_STRING_new();
- ASN1_STRING_set(tssl.privkey, privkey, privkey_len);
- tssl.policy = sk;
+ if (version == 0) {
+ k.tssl.type = OBJ_txt2obj(OID_OldloadableKey, 1);
+ k.tssl.emptyAuth = empty_auth;
+ k.tssl.parent = ASN1_INTEGER_new();
+ ASN1_INTEGER_set(k.tssl.parent, parent);
+
+ k.tssl.pubkey = ASN1_OCTET_STRING_new();
+ ASN1_STRING_set(k.tssl.pubkey, pubkey, pubkey_len);
+ k.tssl.privkey = ASN1_OCTET_STRING_new();
+ ASN1_STRING_set(k.tssl.privkey, privkey, privkey_len);
+ k.tssl.policy = sk;
+
+ PEM_write_bio_TSSLOADABLE(outb, &k.tssl);
+ } else {
+ k.tpk.type = OBJ_txt2obj(OID_loadableKey, 1);
+ k.tpk.emptyAuth = empty_auth;
+ k.tpk.parent = ASN1_INTEGER_new();
+ ASN1_INTEGER_set(k.tpk.parent, parent);
+
+ k.tpk.pubkey = ASN1_OCTET_STRING_new();
+ ASN1_STRING_set(k.tpk.pubkey, pubkey, pubkey_len);
+ k.tpk.privkey = ASN1_OCTET_STRING_new();
+ ASN1_STRING_set(k.tpk.privkey, privkey, privkey_len);
+ k.tpk.policy = sk;
+
+ PEM_write_bio_TSSPRIVKEY(outb, &k.tpk);
+ }

- PEM_write_bio_TSSPRIVKEY(outb, &tssl);
BIO_free(outb);
return 0;
}
@@ -624,7 +652,7 @@ int main(int argc, char **argv)
TPM_HANDLE authHandle;
const char *dir;
STACK_OF(TSSOPTPOLICY) *sk = NULL;
-
+ int version = 1;
uint32_t sizeInBytes;
TPMT_HA digest;

@@ -709,6 +737,9 @@ int main(int argc, char **argv)
case 'c':
policyFilename = optarg;
break;
+ case OPT_DEPRECATED:
+ version = 0;
+ break;
default:
printf("Unknown option '%c'\n", c);
usage(argv[0]);
@@ -751,7 +782,7 @@ int main(int argc, char **argv)
}

if ((parent & 0xff000000) == 0x40000000) {
- rc = tpm2_load_srk(tssContext, &phandle, parent_auth, NULL, parent, 1);
+ rc = tpm2_load_srk(tssContext, &phandle, parent_auth, NULL, parent, version);
if (rc) {
reason = "tpm2_load_srk";
goto out_delete;
@@ -967,7 +998,8 @@ int main(int argc, char **argv)
size = sizeof(privkey);
TSS_TPM2B_PRIVATE_Marshal(priv, &privkey_len, &buffer, &size);
openssl_write_tpmfile(filename, pubkey, pubkey_len,
- privkey, privkey_len, auth == NULL, parent, sk);
+ privkey, privkey_len, auth == NULL, parent, sk,
+ version);
free_policy(sk);
TSS_Delete(tssContext);
tpm2_rm_tssdir(dir, 0);
diff --git a/tests/Makefile.am b/tests/Makefile.am
index 499ba20..dc07284 100644
--- a/tests/Makefile.am
+++ b/tests/Makefile.am
@@ -7,6 +7,7 @@ TESTS = fail_connect.sh \
check_auth.sh \
wrap_tpm_key.sh \
check_wrap_auth.sh \
+ check_old_keys.sh \
create_ecc.sh \
wrap_ecc.sh \
wrap_generic_ecc.sh \
diff --git a/tests/check_old_keys.sh b/tests/check_old_keys.sh
new file mode 100755
index 0000000..799ad25
--- /dev/null
+++ b/tests/check_old_keys.sh
@@ -0,0 +1,19 @@
+#!/bin/bash
+
+
+bindir=${srcdir}/..
+
+##
+# test is
+# 1. Create an openssl private key
+# 2. Wrap it to a TPM internal private key in deprecated format
+# 3. get the corresponding public key from the engine
+# 4. encode a message using the TPM key
+# 5. verify the message through the public key
+##
+openssl genrsa 2048 > key1.priv && \
+ ${bindir}/create_tpm2_key --deprecated -a -k passw0rd -p 81000001 -w key1.priv key1.tpm && \
+grep -e "-----BEGIN TSS2 KEY BLOB-----" key1.tpm && \
+openssl rsa -engine tpm2 -inform engine -passin pass:passw0rd -in key1.tpm -pubout -out key1.pub && \
+echo "This is another message" | openssl rsautl -sign -engine tpm2 -engine tpm2 -keyform engine -inkey key1.tpm -passin pass:passw0rd -out tmp.msg && \
+openssl rsautl -verify -in tmp.msg -inkey key1.pub -pubin

[PATCH] move to TCG defined OIDs for the key types

James Bottomley
 

We previously stole an OID in the TCG space to use to identify our
keys. With the shift to a new key format, we've also taken the
opportunity to clarify with the TCG which OIDs we can use. It turns
out the ones we initially chose were non-leaf nodes, so we now finally
have a couple of leaf nodes allocated and thus we take advantage of
the new key format to switch to using them.

Signed-off-by: James Bottomley <James.Bottomley@...>

diff --git a/e_tpm2.c b/e_tpm2.c
index fd0ed1c..833dc7c 100644
--- a/e_tpm2.c
+++ b/e_tpm2.c
@@ -400,10 +400,15 @@ static int tpm2_engine_load_key_core(ENGINE *e, EVP_PKEY **ppkey,
}

if (strcmp(OID_loadableKey, oid) == 0) {
- ;
- } else if (strcmp(OID_12Key, oid) == 0) {
- fprintf(stderr, "TPM1.2 key is not importable by TPM2.0\n");
- goto err;
+ if (version != 1) {
+ fprintf(stderr, "New type found in old format key\n");
+ goto err;
+ }
+ } else if (strcmp(OID_OldloadableKey, oid) == 0) {
+ if (version != 0) {
+ fprintf(stderr, "Old type found in new format key\n");
+ goto err;
+ }
} else if (strcmp(OID_importableKey, oid) == 0) {
fprintf(stderr, "Importable keys currently unsupported\n");
goto err;
diff --git a/tpm2-asn.h b/tpm2-asn.h
index 341edb5..15e0f84 100644
--- a/tpm2-asn.h
+++ b/tpm2-asn.h
@@ -49,7 +49,7 @@ DEFINE_STACK_OF(TSSOPTPOLICY);
* contains things like the policy but which is cryptographically tied
* to the private key.
*
- * TPMKey ::= SEQUENCE {
+ * OldTPMKey ::= SEQUENCE {
* type OBJECT IDENTIFIER
* emptyAuth [0] EXPLICIT BOOLEAN OPTIONAL
* parent [1] EXPLICIT INTEGER OPTIONAL
@@ -57,6 +57,18 @@ DEFINE_STACK_OF(TSSOPTPOLICY);
* policy [3] EXPLICIT SEQUENCE OF TPMPolicy OPTIONAL
* privkey OCTET STRING
* }
+ *
+ * This is the newer form of the key file. It no-longer covers TPM
+ * 1.2 keys and thus the parent and pubkey are no-longer optional
+ *
+ * TPMKey ::= SEQUENCE {
+ * type OBJECT IDENTIFIER
+ * emptyAuth [0] EXPLICIT BOOLEAN OPTIONAL
+ * policy [1] EXPLICIT SEQUENCE OF TPMPolicy OPTIONAL
+ * parent INTEGER
+ * pubkey OCTET STRING
+ * privkey OCTET STRING
+ * }
*/

typedef struct {
@@ -81,10 +93,17 @@ typedef struct {
* unoccupied child (10) for keytype file and two values:
* 1 : Key that is directly loadable
* 2 : Key that must first be imported then loaded
+ *
+ * the TCG actually gave us some OIDs which turn out to be different
+ * from the ones we chose, so keep OID_Oldloadablekey for backwards
+ * compatibility, but add the new loadable and importable key types on
+ * the new OIDs
*/
-#define OID_12Key "2.23.133.10.1"
-#define OID_loadableKey "2.23.133.10.2"
-#define OID_importableKey "2.23.133.10.3"
+#define OID_OldloadableKey "2.23.133.10.2"
+
+#define OID_loadableKey "2.23.133.10.1.3"
+#define OID_importableKey "2.23.133.10.1.4"
+

ASN1_SEQUENCE(TSSLOADABLE) = {
ASN1_SIMPLE(TSSLOADABLE, type, ASN1_OBJECT),

Re: [PATCH 3/3] Allow TSS2 PRIVATE KEY and TSS2 KEY BLOB ASN.1 to diverge

James Bottomley
 

On Fri, 2018-10-12 at 01:01 +0100, David Woodhouse wrote:
... and indeed do so. Make the pubkey and parent non-optional, for
a start, but leave the type field alone for now. The explicit tag
of the policy field can change because it's harmles to do so.

Signed-off-by: David Woodhouse <dwmw2@...>
This actually caused a couple of policy based tests to fail; it turns
out you forgot to plumb policy in, so I've added the following diff
fragment to fix this.

James

---

diff -u b/e_tpm2.c b/e_tpm2.c
--- b/e_tpm2.c
+++ b/e_tpm2.c
@@ -365,6 +365,7 @@
parent = tpk->parent;
pubkey = tpk->pubkey;
privkey = tpk->privkey;
+ policy = tpk->policy;
} else {
BIO_seek(bf, 0);
tssl = PEM_read_bio_TSSLOADABLE(bf, NULL, NULL, NULL);
@@ -374,6 +375,7 @@
parent = tssl->parent;
pubkey = tssl->pubkey;
privkey = tssl->privkey;
+ policy = tssl->policy;
}
}

Re: [PATCH 1/1] create_tpm2_key: remove usage of TPM2B_SEED no longer defined

Fredrik Ternerot <fredrik.ternerot@...>
 

On Wed, Oct 31, 2018 at 14:31:09 +0000, James Bottomley wrote:
On Wed, 2018-10-31 at 14:46 +0100, Fredrik Ternerot wrote:
Remove usage of TPM2B_SEED by updating to newer version of
SensitiveToDuplicate prototype. TPM2B_SEED is no longer defined by
ibmtss2 library.
I've already got something like this queued up in the staging tree.
The only difference really is that I remove the seed argument because
it's unused. It's in there because the TPM emulator has it, but it's
not used for simple inner wrapping like we do. I think we get it back
again when we do importable keys which are going to have outer
wrappings, but they're not even on the radar yet.

the transformation TPM2B_NAME->TPM2B is also unnecessary because
TPM2B_NAME is defined by standard and has to be present in the TSS (not
sure why the emulator made that change)
I changed the name type because it has been changed in "Part 4
Supporting Routines 7.6.3.13". Now the prototype follows rev. 01.38.

--
Fredrik Ternerot

Re: [PATCH 1/1] Add possibility to disable ECC at compile time

James Bottomley
 

On Wed, 2018-10-31 at 14:48 +0100, Fredrik Ternerot wrote:
Add possibility to disable Elliptic Curve Cryptography at compile
time. This allows compilation for systems where ECC is not supported
by openssl.
OK, so if there are such systems I'd rather they built automatically by
keying off the openssl capabilities, which means OPENSSL_NO_EC ... but
I really think this is the wrong config to look at. If you disable EC
you must have a specifiable parent because we use EC routines to create
them.

I actually think it's much more likely (because the mathematics is
easier) that we'd get an openssl for embedded that has EC but no RSA.

Similar compile time flag is already present in ibmtss2
library.
In general we should really not allow user chosen compile time options
if we can avoid it ... it causes confusion and makes for a huge test
matrix (this is one of the lessons from linux kernel kconfig). If we
have to have config options, they should be driven by a solid use case.

James

Re: [PATCH 1/1] create_tpm2_key: remove usage of TPM2B_SEED no longer defined

James Bottomley
 

On Wed, 2018-10-31 at 14:46 +0100, Fredrik Ternerot wrote:
Remove usage of TPM2B_SEED by updating to newer version of
SensitiveToDuplicate prototype. TPM2B_SEED is no longer defined by
ibmtss2 library.
I've already got something like this queued up in the staging tree.
The only difference really is that I remove the seed argument because
it's unused. It's in there because the TPM emulator has it, but it's
not used for simple inner wrapping like we do. I think we get it back
again when we do importable keys which are going to have outer
wrappings, but they're not even on the radar yet.

the transformation TPM2B_NAME->TPM2B is also unnecessary because
TPM2B_NAME is defined by standard and has to be present in the TSS (not
sure why the emulator made that change)

James

[PATCH 1/1] create_tpm2_key: remove usage of TPM2B_SEED no longer defined

Fredrik Ternerot <fredrik.ternerot@...>
 

Remove usage of TPM2B_SEED by updating to newer version of
SensitiveToDuplicate prototype. TPM2B_SEED is no longer defined by
ibmtss2 library.

Signed-off-by: Fredrik Ternerot <fredrikt@...>
---
create_tpm2_key.c | 2 +-
tpm2-common.c | 8 ++++----
tpm2-common.h | 4 ++--
3 files changed, 7 insertions(+), 7 deletions(-)

diff --git a/create_tpm2_key.c b/create_tpm2_key.c
index 41b738e..b7c3167 100644
--- a/create_tpm2_key.c
+++ b/create_tpm2_key.c
@@ -856,7 +856,7 @@ int main(int argc, char **argv)
goto out_flush;
}

- rc = tpm2_SensitiveToDuplicate(&s, &name, name_alg, NULL,
+ rc = tpm2_SensitiveToDuplicate(&s, &name.b, name_alg, NULL,
&iin.symmetricAlg,
&iin.encryptionKey,
&iin.duplicate);
diff --git a/tpm2-common.c b/tpm2-common.c
index a39c90b..ee3eb4c 100644
--- a/tpm2-common.c
+++ b/tpm2-common.c
@@ -732,16 +732,16 @@ TPM_RC tpm2_init_session(TSS_CONTEXT *tssContext, TPM_HANDLE handle,
}

/*
- * Cut down version of Part 4 Supporting Routines 7.6.3.10
+ * Cut down version of Part 4 Supporting Routines 7.6.3.13 (rev. 01.38)
*
* Hard coded to symmetrically encrypt with aes128 as the inner
* wrapper and no outer wrapper but with a prototype that allows
* drop in replacement with a tss equivalent
*/
TPM_RC tpm2_SensitiveToDuplicate(TPMT_SENSITIVE *s,
- TPM2B_NAME *name,
+ TPM2B *name,
TPM_ALG_ID nalg,
- TPM2B_SEED *seed,
+ TPM2B *seed,
TPMT_SYM_DEF_OBJECT *symdef,
TPM2B_DATA *innerkey,
TPM2B_PRIVATE *p)
@@ -794,7 +794,7 @@ TPM_RC tpm2_SensitiveToDuplicate(TPMT_SENSITIVE *s,
* write to the digest buffer */
hash.hashAlg = nalg;
TSS_Hash_Generate(&hash, bsize, s2b,
- name->t.size, name->t.name,
+ name->size, name->buffer,
0, NULL);
memcpy(digest->buffer, &hash.digest, hlen);

diff --git a/tpm2-common.h b/tpm2-common.h
index 1eed54b..dd46f0a 100644
--- a/tpm2-common.h
+++ b/tpm2-common.h
@@ -22,9 +22,9 @@ TPM_RC tpm2_init_session(TSS_CONTEXT *tssContext, TPM_HANDLE handle,
TPM_RC tpm2_get_bound_handle(TSS_CONTEXT *tssContext, TPM_HANDLE *handle,
TPM_HANDLE bind, const char *auth);
TPM_RC tpm2_SensitiveToDuplicate(TPMT_SENSITIVE *s,
- TPM2B_NAME *name,
+ TPM2B *name,
TPM_ALG_ID nalg,
- TPM2B_SEED *seed,
+ TPM2B *seed,
TPMT_SYM_DEF_OBJECT *symdef,
TPM2B_DATA *innerkey,
TPM2B_PRIVATE *p);
--
2.11.0

[PATCH 1/1] Add possibility to disable ECC at compile time

Fredrik Ternerot <fredrik.ternerot@...>
 

Add possibility to disable Elliptic Curve Cryptography at compile time.
This allows compilation for systems where ECC is not supported by
openssl. Similar compile time flag is already present in ibmtss2
library.

Signed-off-by: Fredrik Ternerot <fredrikt@...>
---
configure.ac | 6 ++++++
create_tpm2_key.c | 32 ++++++++++++++++++++++++++++++++
e_tpm2-ecc.c | 4 ++++
e_tpm2-rsa.c | 2 ++
e_tpm2.c | 4 ++++
e_tpm2.h | 2 ++
tpm2-common.c | 32 +++++++++++++++++++++++++++++++-
tpm2-common.h | 2 ++
8 files changed, 83 insertions(+), 1 deletion(-)

diff --git a/configure.ac b/configure.ac
index b4c369c..ae26a0d 100644
--- a/configure.ac
+++ b/configure.ac
@@ -27,6 +27,12 @@ fi
# ibmtss >= 1234 now requires TPM_POSIX be set
CFLAGS="$CFLAGS -DTPM_POSIX"

+# Optional support for elliptic curve cryptography
+AC_ARG_ENABLE(ecc,
+ AC_HELP_STRING([--disable-ecc], [disable support for elliptic curve cryptography [default is enabled]]),
+ [CFLAGS="$CFLAGS -DTPM_NO_ECC -DTPM_TSS_NOECC"
+ AC_MSG_RESULT([*** Disabling elliptic curve cryptography at user request ***])],)
+
#if test "${OPENSSL_LIB_DIR+set}" != set; then
# OPENSSL_LIB_DIR="/usr/local/ssl/lib"
#fi
diff --git a/create_tpm2_key.c b/create_tpm2_key.c
index b7c3167..e096703 100644
--- a/create_tpm2_key.c
+++ b/create_tpm2_key.c
@@ -297,6 +297,8 @@ void tpm2_public_template_rsa(TPMT_PUBLIC *pub)
pub->parameters.rsaDetail.scheme.scheme = TPM_ALG_NULL;
}

+#ifndef TPM_NO_ECC
+
void tpm2_public_template_ecc(TPMT_PUBLIC *pub, TPMI_ECC_CURVE curve)
{
pub->type = TPM_ALG_ECC;
@@ -372,6 +374,8 @@ TPM_RC openssl_to_tpm_public_ecc(TPMT_PUBLIC *pub, EVP_PKEY *pkey)
return rc;
}

+#endif /* TPM_NO_ECC */
+
TPM_RC openssl_to_tpm_public_rsa(TPMT_PUBLIC *pub, EVP_PKEY *pkey)
{
RSA *rsa = EVP_PKEY_get1_RSA(pkey);
@@ -419,14 +423,18 @@ TPM_RC openssl_to_tpm_public(TPM2B_PUBLIC *pub, EVP_PKEY *pkey)
switch (EVP_PKEY_type(EVP_PKEY_id(pkey))) {
case EVP_PKEY_RSA:
return openssl_to_tpm_public_rsa(tpub, pkey);
+#ifndef TPM_NO_ECC
case EVP_PKEY_EC:
return openssl_to_tpm_public_ecc(tpub, pkey);
+#endif
default:
break;
}
return TPM_RC_ASYMMETRIC;
}

+#ifndef TPM_NO_ECC
+
TPM_RC openssl_to_tpm_private_ecc(TPMT_SENSITIVE *s, EVP_PKEY *pkey)
{
const BIGNUM *pk;
@@ -458,6 +466,8 @@ TPM_RC openssl_to_tpm_private_ecc(TPMT_SENSITIVE *s, EVP_PKEY *pkey)
return rc;
}

+#endif /* TPM_NO_ECC */
+
TPM_RC openssl_to_tpm_private_rsa(TPMT_SENSITIVE *s, EVP_PKEY *pkey)
{
const BIGNUM *q;
@@ -487,8 +497,10 @@ TPM_RC openssl_to_tpm_private(TPMT_SENSITIVE *priv, EVP_PKEY *pkey)
switch (EVP_PKEY_type(EVP_PKEY_id(pkey))) {
case EVP_PKEY_RSA:
return openssl_to_tpm_private_rsa(priv, pkey);
+#ifndef TPM_NO_ECC
case EVP_PKEY_EC:
return openssl_to_tpm_private_ecc(priv, pkey);
+#endif
default:
break;
}
@@ -516,6 +528,8 @@ TPM_RC wrap_key(TPMT_SENSITIVE *s, const char *password, EVP_PKEY *pkey)
return TPM_RC_SUCCESS;
}

+#ifndef TPM_NO_ECC
+
static void list_curves(void)
{
TSS_CONTEXT *tssContext;
@@ -566,6 +580,8 @@ static void list_curves(void)
exit(1);
}

+#endif /* TPM_NO_ECC */
+
static TPM_HANDLE get_parent(const char *pstr)
{
TPM_HANDLE p;
@@ -618,7 +634,9 @@ int main(int argc, char **argv)
TPM2B_PUBLIC *pub;
TPM2B_PRIVATE *priv;
char *key = NULL, *parent_auth = NULL;
+#ifndef TPM_NO_ECC
TPMI_ECC_CURVE ecc = TPM_ECC_NONE;
+#endif
int rsa = -1;
uint32_t noda = TPMA_OBJECT_NODA;
TPM_HANDLE authHandle;
@@ -694,15 +712,25 @@ int main(int argc, char **argv)
rsa = 1;
break;
case 'e':
+#ifndef TPM_NO_ECC
ecc = tpm2_curve_name_to_TPMI(optarg);
if (ecc == TPM_ECC_NONE) {
printf("Unknown Curve\n");
exit(1);
}
+#else
+ printf("ECC not supported\n");
+ exit(1);
+#endif
break;
case 'l':
+#ifndef TPM_NO_ECC
list_curves();
exit(0);
+#else
+ printf("ECC not supported\n");
+ exit(1);
+#endif
case 'd':
noda = 0;
break;
@@ -736,12 +764,14 @@ int main(int argc, char **argv)
key_size = 2048;
}

+#ifndef TPM_NO_ECC
if (rsa == 1 && ecc != TPM_ECC_NONE) {
fprintf(stderr, "Cannot specify both --rsa and --ecc\n");
exit(1);
} else if (ecc != TPM_ECC_NONE) {
rsa = 0;
}
+#endif

dir = tpm2_set_unique_tssdir();
rc = tpm2_create(&tssContext, dir);
@@ -899,8 +929,10 @@ int main(int argc, char **argv)
cin.inPublic.publicArea.parameters.rsaDetail.exponent = 0;
cin.inPublic.publicArea.unique.rsa.t.size = 0;

+#ifndef TPM_NO_ECC
} else {
tpm2_public_template_ecc(&cin.inPublic.publicArea, ecc);
+#endif
}

if (policyFilename) {
diff --git a/e_tpm2-ecc.c b/e_tpm2-ecc.c
index e35b730..ad7af59 100644
--- a/e_tpm2-ecc.c
+++ b/e_tpm2-ecc.c
@@ -5,6 +5,8 @@
*
*/

+#ifndef TPM_NO_ECC
+
#include <stdio.h>
#include <string.h>

@@ -358,3 +360,5 @@ int tpm2_setup_ecc_methods(void)

return 1;
}
+
+#endif /* TPM_NO_ECC */
diff --git a/e_tpm2-rsa.c b/e_tpm2-rsa.c
index 50c2cac..52fd1ba 100644
--- a/e_tpm2-rsa.c
+++ b/e_tpm2-rsa.c
@@ -9,7 +9,9 @@
#include <string.h>

#include <openssl/crypto.h>
+#ifndef TPM_NO_ECC
#include <openssl/ec.h>
+#endif
#include <openssl/engine.h>
#include <openssl/evp.h>
#include <openssl/objects.h>
diff --git a/e_tpm2.c b/e_tpm2.c
index ed2bbc2..b8fd7c5 100644
--- a/e_tpm2.c
+++ b/e_tpm2.c
@@ -180,9 +180,11 @@ void tpm2_bind_key_to_engine(EVP_PKEY *pkey, void *data)
case EVP_PKEY_RSA:
tpm2_bind_key_to_engine_rsa(pkey, data);
break;
+#ifndef TPM_NO_ECC
case EVP_PKEY_EC:
tpm2_bind_key_to_engine_ecc(pkey, data);
break;
+#endif
default:
break;
}
@@ -485,7 +487,9 @@ static int tpm2_bind_helper(ENGINE * e)
!ENGINE_set_load_pubkey_function(e, tpm2_engine_load_key) ||
!ENGINE_set_load_privkey_function(e, tpm2_engine_load_key) ||
!ENGINE_set_cmd_defns(e, tpm2_cmd_defns) ||
+#ifndef TPM_NO_ECC
!tpm2_setup_ecc_methods() ||
+#endif
!tpm2_setup_rsa_methods())
return 0;

diff --git a/e_tpm2.h b/e_tpm2.h
index ef9fd38..5fe9698 100644
--- a/e_tpm2.h
+++ b/e_tpm2.h
@@ -2,7 +2,9 @@
#define _E_TPM2_COMMON_H

#include "e_tpm2-rsa.h"
+#ifndef TPM_NO_ECC
#include "e_tpm2-ecc.h"
+#endif

#define TPM2_ENGINE_EX_DATA_UNINIT -1

diff --git a/tpm2-common.c b/tpm2-common.c
index ee3eb4c..077b178 100644
--- a/tpm2-common.c
+++ b/tpm2-common.c
@@ -27,6 +27,9 @@ struct myTPM2B {
UINT16 s;
BYTE *const b;
};
+
+#ifndef TPM_NO_ECC
+
struct tpm2_ECC_Curves {
const char *name;
int nid;
@@ -220,6 +223,8 @@ struct tpm2_ECC_Curves tpm2_supported_curves[] = {
{ .name = NULL, }
};

+#endif /* TPM_NO_ECC */
+
void tpm2_error(TPM_RC rc, const char *reason)
{
const char *msg, *submsg, *num;
@@ -253,8 +258,12 @@ TPM_RC tpm2_load_srk(TSS_CONTEXT *tssContext, TPM_HANDLE *h, const char *auth,TP
/* no PCR state */
in.creationPCR.count = 0;

- /* public parameters for an RSA2048 key */
+ /* public parameters for an ECC/RSA key */
+#ifdef TPM_NO_ECC
+ in.inPublic.publicArea.type = TPM_ALG_RSA;
+#else
in.inPublic.publicArea.type = TPM_ALG_ECC;
+#endif
in.inPublic.publicArea.nameAlg = TPM_ALG_SHA256;
in.inPublic.publicArea.objectAttributes.val =
TPMA_OBJECT_NODA |
@@ -262,6 +271,16 @@ TPM_RC tpm2_load_srk(TSS_CONTEXT *tssContext, TPM_HANDLE *h, const char *auth,TP
TPMA_OBJECT_USERWITHAUTH |
TPMA_OBJECT_DECRYPT |
TPMA_OBJECT_RESTRICTED;
+#ifdef TPM_NO_ECC
+ in.inPublic.publicArea.parameters.rsaDetail.symmetric.algorithm = TPM_ALG_AES;
+ in.inPublic.publicArea.parameters.rsaDetail.symmetric.keyBits.aes = 128;
+ in.inPublic.publicArea.parameters.rsaDetail.symmetric.mode.aes = TPM_ALG_CFB;
+ in.inPublic.publicArea.parameters.rsaDetail.scheme.scheme = TPM_ALG_NULL;
+ in.inPublic.publicArea.parameters.rsaDetail.keyBits = 2048;
+ in.inPublic.publicArea.parameters.rsaDetail.exponent = 0;
+
+ in.inPublic.publicArea.unique.rsa.t.size = 0;
+#else
in.inPublic.publicArea.parameters.eccDetail.symmetric.algorithm = TPM_ALG_AES;
in.inPublic.publicArea.parameters.eccDetail.symmetric.keyBits.aes = 128;
in.inPublic.publicArea.parameters.eccDetail.symmetric.mode.aes = TPM_ALG_CFB;
@@ -271,6 +290,7 @@ TPM_RC tpm2_load_srk(TSS_CONTEXT *tssContext, TPM_HANDLE *h, const char *auth,TP

in.inPublic.publicArea.unique.ecc.x.t.size = 0;
in.inPublic.publicArea.unique.ecc.y.t.size = 0;
+#endif
in.inPublic.publicArea.authPolicy.t.size = 0;

/* use a bound session here because we have no known key objects
@@ -322,6 +342,8 @@ void tpm2_flush_handle(TSS_CONTEXT *tssContext, TPM_HANDLE h)
TPM_RH_NULL, NULL, 0);
}

+#ifndef TPM_NO_ECC
+
int tpm2_get_ecc_group(EC_KEY *eck, TPMI_ECC_CURVE curveID)
{
const int nid = tpm2_curve_name_to_nid(curveID);
@@ -444,6 +466,8 @@ static EVP_PKEY *tpm2_to_openssl_public_ecc(TPMT_PUBLIC *pub)
return NULL;
}

+#endif /* TPM_NO_ECC */
+
static EVP_PKEY *tpm2_to_openssl_public_rsa(TPMT_PUBLIC *pub)
{
RSA *rsa = RSA_new();
@@ -498,8 +522,10 @@ EVP_PKEY *tpm2_to_openssl_public(TPMT_PUBLIC *pub)
switch (pub->type) {
case TPM_ALG_RSA:
return tpm2_to_openssl_public_rsa(pub);
+#ifndef TPM_NO_ECC
case TPM_ALG_ECC:
return tpm2_to_openssl_public_ecc(pub);
+#endif
default:
break;
}
@@ -863,6 +889,8 @@ TPM_RC tpm2_ObjectPublic_GetName(TPM2B_NAME *name,
return rc;
}

+#ifndef TPM_NO_ECC
+
TPMI_ECC_CURVE tpm2_curve_name_to_TPMI(const char *name)
{
int i;
@@ -955,6 +983,8 @@ const char *tpm2_curve_name_to_text(TPMI_ECC_CURVE curve)
return NULL;
}

+#endif /* TPM_NO_ECC */
+
const char *tpm2_set_unique_tssdir(void)
{
char *prefix = getenv("XDG_RUNTIME_DIR"), *template,
diff --git a/tpm2-common.h b/tpm2-common.h
index dd46f0a..692c845 100644
--- a/tpm2-common.h
+++ b/tpm2-common.h
@@ -30,11 +30,13 @@ TPM_RC tpm2_SensitiveToDuplicate(TPMT_SENSITIVE *s,
TPM2B_PRIVATE *p);
TPM_RC tpm2_ObjectPublic_GetName(TPM2B_NAME *name,
TPMT_PUBLIC *tpmtPublic);
+#ifndef TPM_NO_ECC
TPMI_ECC_CURVE tpm2_curve_name_to_TPMI(const char *name);
int tpm2_curve_name_to_nid(TPMI_ECC_CURVE curve);
TPMI_ECC_CURVE tpm2_nid_to_curve_name(int nid);
TPMI_ECC_CURVE tpm2_get_curve_name(const EC_GROUP *g);
const char *tpm2_curve_name_to_text(TPMI_ECC_CURVE curve);
+#endif
const char *tpm2_set_unique_tssdir(void);
TPM_RC tpm2_create(TSS_CONTEXT **tsscp, const char *dir);
TPM_RC tpm2_readpublic(TSS_CONTEXT *tssContext, TPM_HANDLE handle,
--
2.11.0

[PATCH 1/1] create_tpm2_key: correct size of public area

Fredrik Ternerot <fredrik.ternerot@...>
 

TPM2B_PUBLIC.size should be the size of TPM2B_PUBLIC.publicArea and not
the size of TPM2B_PUBLIC itself.

Signed-off-by: Fredrik Ternerot <fredrikt@...>
---
create_tpm2_key.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/create_tpm2_key.c b/create_tpm2_key.c
index 0be8e43..41b738e 100644
--- a/create_tpm2_key.c
+++ b/create_tpm2_key.c
@@ -414,7 +414,7 @@ TPM_RC openssl_to_tpm_public_rsa(TPMT_PUBLIC *pub, EVP_PKEY *pkey)
TPM_RC openssl_to_tpm_public(TPM2B_PUBLIC *pub, EVP_PKEY *pkey)
{
TPMT_PUBLIC *tpub = &pub->publicArea;
- pub->size = sizeof(*pub);
+ pub->size = sizeof(*tpub);

switch (EVP_PKEY_type(EVP_PKEY_id(pkey))) {
case EVP_PKEY_RSA:
--
2.11.0

Re: [PATCH 1/1] LICENCE: Change from GPLv2 to LGPLv2.1

Fredrik Ternerot
 

On Wed, Oct 17, 2018 at 8:20 PM James Bottomley
<James.Bottomley@...> wrote:

On Tue, 2018-10-16 at 08:54 -0700, David Woodhouse wrote:
On Tue, 2018-10-16 at 11:43 +0200, Fredrik Ternerot wrote:
On Wed, Oct 10, 2018 at 4:59 PM James Bottomley
<James.Bottomley@...> wrote:

There are two problems being solved here: the first is
integration with the OpenSSL licence, which usually requires an
exception and also a request from gnutls to reuse some of the
engine code. The solution to both of these is to relicense to
LGPLv2.1 and then move pieces which might be re-used to a proper
library instead of a loadable object. This commit is the
precursor licence change. The signoff and acks below represent
all the authors of copyrightable code as required by a licence
change.

Cc: Roberto Sassu <roberto.sassu@...>
Signed-off-by: James Bottomley <James.Bottomley@HansenPartnership
.com>
---
LICENSE | 514 ++++++++++++++++++---------------------
---------------
create_tpm2_key.c | 2 +-
2 files changed, 169 insertions(+), 347 deletions(-)
Hi James,

it still says "GPLv2" in the top of all .c files and also in tpm2-
asn.h.

... and we still can't collaborate on the ENGINE side (for STORE
integration, etc.) with the "other" TPM2 ENGINE implementation. Can
we go straight to a BSD-compatible licence instead?
I tend to go for copyleft licences because they're the ones that
promote ecosystem fairness, not just to users but also to corporations
because it guarantees no-one can get a leg up with a proprietary
implementation. If you work at small companies, this is a huge
advantage because it means big ones get the same rights as you do
(since that's what I did for most of my career, it colours my
thinking). Martin Fink did a nice talk about the governance issues
with permissive licences:

https://lwn.net/Articles/660428/

So my preference is still copyleft, but if this choice is going to
cause an ecosystem schism, then I could be persuaded to do a BSD 2
clause.
Could you please publish the commit to tidy up remaining GPLv2 tags
even if you will change the license again later?

Both LGPL and BSD are fine for me, and I agree on your comment on
licenses. I've worked a bit on this engine and will send some patches
soon.

--
Fredrik Ternerot

Re: [PATCH 1/1] LICENCE: Change from GPLv2 to LGPLv2.1

David Woodhouse
 

(Apologies for top-posted HTML)

My general preference is also for copyleft but for this case I'd settle for BSD. I would actually love to have a single implementation of all the ENGINE parts with just two backends for ibmtss vs. esys. But if we continue with two I would probably work on the other one on the basis that you can then lift what you like, rather than the LGPL one which can't be shared.

--
dwmw2

Re: [PATCH 1/1] LICENCE: Change from GPLv2 to LGPLv2.1

James Bottomley
 

On Tue, 2018-10-16 at 08:54 -0700, David Woodhouse wrote:
On Tue, 2018-10-16 at 11:43 +0200, Fredrik Ternerot wrote:
On Wed, Oct 10, 2018 at 4:59 PM James Bottomley
<James.Bottomley@...> wrote:

There are two problems being solved here: the first is
integration with the OpenSSL licence, which usually requires an
exception and also a request from gnutls to reuse some of the
engine code. The solution to both of these is to relicense to
LGPLv2.1 and then move pieces which might be re-used to a proper
library instead of a loadable object. This commit is the
precursor licence change. The signoff and acks below represent
all the authors of copyrightable code as required by a licence
change.

Cc: Roberto Sassu <roberto.sassu@...>
Signed-off-by: James Bottomley <James.Bottomley@HansenPartnership
.com>
---
LICENSE | 514 ++++++++++++++++++---------------------
---------------
create_tpm2_key.c | 2 +-
2 files changed, 169 insertions(+), 347 deletions(-)
Hi James,

it still says "GPLv2" in the top of all .c files and also in tpm2-
asn.h.

... and we still can't collaborate on the ENGINE side (for STORE
integration, etc.) with the "other" TPM2 ENGINE implementation. Can
we go straight to a BSD-compatible licence instead?
I tend to go for copyleft licences because they're the ones that
promote ecosystem fairness, not just to users but also to corporations
because it guarantees no-one can get a leg up with a proprietary
implementation. If you work at small companies, this is a huge
advantage because it means big ones get the same rights as you do
(since that's what I did for most of my career, it colours my
thinking). Martin Fink did a nice talk about the governance issues
with permissive licences:

https://lwn.net/Articles/660428/

So my preference is still copyleft, but if this choice is going to
cause an ecosystem schism, then I could be persuaded to do a BSD 2
clause.

James

Re: [PATCH 1/1] LICENCE: Change from GPLv2 to LGPLv2.1

Fredrik Ternerot
 

On Tue, Oct 16, 2018 at 5:49 PM James Bottomley
<James.Bottomley@...> wrote:

On Tue, 2018-10-16 at 11:43 +0200, Fredrik Ternerot wrote:
On Wed, Oct 10, 2018 at 4:59 PM James Bottomley
<James.Bottomley@...> wrote:

There are two problems being solved here: the first is integration
with the OpenSSL licence, which usually requires an exception and
also a request from gnutls to reuse some of the engine code. The
solution to both of these is to relicense to LGPLv2.1 and then move
pieces which might be re-used to a proper library instead of a
loadable object. This commit is the precursor licence change. The
signoff and acks below represent all the authors of copyrightable
code as required by a licence change.

Cc: Roberto Sassu <roberto.sassu@...>
Signed-off-by: James Bottomley <James.Bottomley@...
om>
---
LICENSE | 514 ++++++++++++++++++----------------------
--------------
create_tpm2_key.c | 2 +-
2 files changed, 169 insertions(+), 347 deletions(-)
Hi James,

it still says "GPLv2" in the top of all .c files and also in tpm2-
asn.h.
OK, how about this?
Looks good to me!

--
Fredrik Ternerot


James

---

From f0f2c060b404889cf06ff16207e28c5ea46b1e31 Mon Sep 17 00:00:00 2001
From: James Bottomley <James.Bottomley@...>
Date: Tue, 16 Oct 2018 08:44:26 -0700
Subject: [PATCH] LICENCE: tidy up remaining GPLv2 tags and clarify ASN.1 fair
use

After the licence switch to LGPL2.1 there were still some stray GPLv2
tags in the code, so swap these for SPDX tags identifying the chosen
LGPL licence.

Additionally, since the key format needs to be standardised, clarify
that the ASN.1 code defining the key format may be copied under fair
use criteria.

Reported-by: Fredrik Ternerot <fredrik.trot@...>
Signed-off-by: James Bottomley <James.Bottomley@...>
---
create_tpm2_key.c | 2 +-
e_tpm2-ecc.c | 2 +-
e_tpm2-rsa.c | 2 +-
e_tpm2.c | 2 +-
tpm2-asn.h | 6 +++++-
tpm2-common.c | 2 +-
6 files changed, 10 insertions(+), 6 deletions(-)

diff --git a/create_tpm2_key.c b/create_tpm2_key.c
index 5631880..0be8e43 100644
--- a/create_tpm2_key.c
+++ b/create_tpm2_key.c
@@ -2,7 +2,7 @@
*
* Copyright (C) 2016 James Bottomley <James.Bottomley@...>
*
- * GPLv2
+ * SPDX-License-Identifier: LGPL-2.1-only
*/


diff --git a/e_tpm2-ecc.c b/e_tpm2-ecc.c
index 833cc0a..e35b730 100644
--- a/e_tpm2-ecc.c
+++ b/e_tpm2-ecc.c
@@ -1,7 +1,7 @@
/*
* Copyright (C) 2017 James.Bottomley@...
*
- * GPLv2
+ * SPDX-License-Identifier: LGPL-2.1-only
*
*/

diff --git a/e_tpm2-rsa.c b/e_tpm2-rsa.c
index 3177624..50c2cac 100644
--- a/e_tpm2-rsa.c
+++ b/e_tpm2-rsa.c
@@ -1,7 +1,7 @@
/*
* Copyright (C) 2017 James.Bottomley@...
*
- * GPLv2
+ * SPDX-License-Identifier: LGPL-2.1-only
*
*/

diff --git a/e_tpm2.c b/e_tpm2.c
index 75030b8..ed2bbc2 100644
--- a/e_tpm2.c
+++ b/e_tpm2.c
@@ -2,7 +2,7 @@
/*
* Copyright (C) 2016 James.Bottomley@...
*
- * GPLv2
+ * SPDX-License-Identifier: LGPL-2.1-only
*
*/

diff --git a/tpm2-asn.h b/tpm2-asn.h
index 8bcc596..74a55a6 100644
--- a/tpm2-asn.h
+++ b/tpm2-asn.h
@@ -1,6 +1,10 @@
/* Copyright (C) 2016 James Bottomley <James.Bottomley@...>
*
- * GPLv2
+ * SPDX-License-Identifier: LGPL-2.1-only
+ *
+ * Note: The ASN.1 defines constitute an interface specification for
+ * the openssl key format which may be copied by other implementations
+ * as fair use regardless of licence
*/
#ifndef _TPM2_ASN_H
#define _TPM2_ASN_H
diff --git a/tpm2-common.c b/tpm2-common.c
index 7bef099..a39c90b 100644
--- a/tpm2-common.c
+++ b/tpm2-common.c
@@ -1,7 +1,7 @@
/*
* Copyright (C) 2016 James Bottomley <James.Bottomley@...>
*
- * GPLv2
+ * SPDX-License-Identifier: LGPL-2.1-only
*/

#include <stdio.h>
--
2.16.4



Re: [PATCH 1/1] LICENCE: Change from GPLv2 to LGPLv2.1

David Woodhouse
 

On Tue, 2018-10-16 at 11:43 +0200, Fredrik Ternerot wrote:
On Wed, Oct 10, 2018 at 4:59 PM James Bottomley
<James.Bottomley@...> wrote:

There are two problems being solved here: the first is integration with the
OpenSSL licence, which usually requires an exception and also a request from
gnutls to reuse some of the engine code. The solution to both of these is to
relicense to LGPLv2.1 and then move pieces which might be re-used to a proper
library instead of a loadable object. This commit is the precursor licence
change. The signoff and acks below represent all the authors of copyrightable
code as required by a licence change.

Cc: Roberto Sassu <roberto.sassu@...>
Signed-off-by: James Bottomley <James.Bottomley@...>
---
LICENSE | 514 ++++++++++++++++++------------------------------------
create_tpm2_key.c | 2 +-
2 files changed, 169 insertions(+), 347 deletions(-)
Hi James,

it still says "GPLv2" in the top of all .c files and also in tpm2-asn.h.

... and we still can't collaborate on the ENGINE side (for STORE
integration, etc.) with the "other" TPM2 ENGINE implementation. Can we
go straight to a BSD-compatible licence instead?

Re: [PATCH 1/1] LICENCE: Change from GPLv2 to LGPLv2.1

James Bottomley
 

On Tue, 2018-10-16 at 11:43 +0200, Fredrik Ternerot wrote:
On Wed, Oct 10, 2018 at 4:59 PM James Bottomley
<James.Bottomley@...> wrote:

There are two problems being solved here: the first is integration
with the OpenSSL licence, which usually requires an exception and
also a request from gnutls to reuse some of the engine code. The
solution to both of these is to relicense to LGPLv2.1 and then move
pieces which might be re-used to a proper library instead of a
loadable object. This commit is the precursor licence change. The
signoff and acks below represent all the authors of copyrightable
code as required by a licence change.

Cc: Roberto Sassu <roberto.sassu@...>
Signed-off-by: James Bottomley <James.Bottomley@...
om>
---
LICENSE | 514 ++++++++++++++++++----------------------
--------------
create_tpm2_key.c | 2 +-
2 files changed, 169 insertions(+), 347 deletions(-)
Hi James,

it still says "GPLv2" in the top of all .c files and also in tpm2-
asn.h.
OK, how about this?

James

---

From f0f2c060b404889cf06ff16207e28c5ea46b1e31 Mon Sep 17 00:00:00 2001
From: James Bottomley <James.Bottomley@...>
Date: Tue, 16 Oct 2018 08:44:26 -0700
Subject: [PATCH] LICENCE: tidy up remaining GPLv2 tags and clarify ASN.1 fair
use

After the licence switch to LGPL2.1 there were still some stray GPLv2
tags in the code, so swap these for SPDX tags identifying the chosen
LGPL licence.

Additionally, since the key format needs to be standardised, clarify
that the ASN.1 code defining the key format may be copied under fair
use criteria.

Reported-by: Fredrik Ternerot <fredrik.trot@...>
Signed-off-by: James Bottomley <James.Bottomley@...>
---
create_tpm2_key.c | 2 +-
e_tpm2-ecc.c | 2 +-
e_tpm2-rsa.c | 2 +-
e_tpm2.c | 2 +-
tpm2-asn.h | 6 +++++-
tpm2-common.c | 2 +-
6 files changed, 10 insertions(+), 6 deletions(-)

diff --git a/create_tpm2_key.c b/create_tpm2_key.c
index 5631880..0be8e43 100644
--- a/create_tpm2_key.c
+++ b/create_tpm2_key.c
@@ -2,7 +2,7 @@
*
* Copyright (C) 2016 James Bottomley <James.Bottomley@...>
*
- * GPLv2
+ * SPDX-License-Identifier: LGPL-2.1-only
*/


diff --git a/e_tpm2-ecc.c b/e_tpm2-ecc.c
index 833cc0a..e35b730 100644
--- a/e_tpm2-ecc.c
+++ b/e_tpm2-ecc.c
@@ -1,7 +1,7 @@
/*
* Copyright (C) 2017 James.Bottomley@...
*
- * GPLv2
+ * SPDX-License-Identifier: LGPL-2.1-only
*
*/

diff --git a/e_tpm2-rsa.c b/e_tpm2-rsa.c
index 3177624..50c2cac 100644
--- a/e_tpm2-rsa.c
+++ b/e_tpm2-rsa.c
@@ -1,7 +1,7 @@
/*
* Copyright (C) 2017 James.Bottomley@...
*
- * GPLv2
+ * SPDX-License-Identifier: LGPL-2.1-only
*
*/

diff --git a/e_tpm2.c b/e_tpm2.c
index 75030b8..ed2bbc2 100644
--- a/e_tpm2.c
+++ b/e_tpm2.c
@@ -2,7 +2,7 @@
/*
* Copyright (C) 2016 James.Bottomley@...
*
- * GPLv2
+ * SPDX-License-Identifier: LGPL-2.1-only
*
*/

diff --git a/tpm2-asn.h b/tpm2-asn.h
index 8bcc596..74a55a6 100644
--- a/tpm2-asn.h
+++ b/tpm2-asn.h
@@ -1,6 +1,10 @@
/* Copyright (C) 2016 James Bottomley <James.Bottomley@...>
*
- * GPLv2
+ * SPDX-License-Identifier: LGPL-2.1-only
+ *
+ * Note: The ASN.1 defines constitute an interface specification for
+ * the openssl key format which may be copied by other implementations
+ * as fair use regardless of licence
*/
#ifndef _TPM2_ASN_H
#define _TPM2_ASN_H
diff --git a/tpm2-common.c b/tpm2-common.c
index 7bef099..a39c90b 100644
--- a/tpm2-common.c
+++ b/tpm2-common.c
@@ -1,7 +1,7 @@
/*
* Copyright (C) 2016 James Bottomley <James.Bottomley@...>
*
- * GPLv2
+ * SPDX-License-Identifier: LGPL-2.1-only
*/

#include <stdio.h>
--
2.16.4