[TrouSerS-users] TrouSerS 0.1.9 released

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 454-5900

The latest and greatest TrouSerS, version 0.1.9, has been released and
is available in tarball form at:

https://sourceforge.net/project/showfiles.php?group_id=126012

CVS has been tagged at this release as TROUSERS_0_1_9, which should be
reflected in the anonymous CVS in the next few hours.

The largest changes between 0.1.8 and 0.1.9 are the addition of access
controls to the TCSD (see the tcsd.conf file and manpage for tcsd for
details) and the exporting of the crypto and blob loading routines for
use by apps.  App writers can now include tss/trousers.h to get
trousers specific routines which will hopefully be helpful.  (All
trousers specific calls that have been exported are prefixed by
"Trspi_").

ChangeLog follows.

Thanks,
Kent

* TROUSERS_0_1_9

 - added tcsd manpage
 - added access control functionality so that sets of ordinals
   cannot be executed by non-local hosts. This is now a
   configurable option in tcsd.conf as "remote_ops".
 - Set Physical Presence now works from the TSP when the TCSD
   detects that it is running in single user mode. When not
   running in single user mode, the TCS_PhysicalPresence
   command returns TSS_E_NOTIMPL.
 - Changed an fprintf to LogError in gtk/support.c
 - TCP/IP server-side fixes in svrside.c
 - various compile warnings fixed
 - moved commonly used utility functions to trspi/trousers.c and
   exported these functions in the header file tss/trousers.h.
 - added new testcases for ChangeAuth of the TPM owner and SRK in
   tcg/highlevel/tspi.
 - added test tcg/highlevel/tpm/Tspi_TPM_PcrRead04.c
 - updated Tspi_TPM_GetCapability manpage.
 - added code to detect a 1.2 TPM and get auth sessions the 1.2 way.
 - added manpage for Tspi_TPM_GetPubEndorsementKey
 - Bugfixes
    - in crypto.c, encrypted data area should be RSA_size(rsa) bytes
    large, not always 256. This was keeping non-2048 bit keys from
    working with the TPM keyring app.
    - Fixed detection of an already closed Tddl.
    - Allow validating the entire TCPA_PUBKEY structure in
    Tspi_TPM_GetPubEndorsementKey, as National chips do this.
    - Added support for TSS_TPMCAP_ORD and TSS_TPMCAP_FLAG in
    Tspi_TPM_GetCapability, which required a call to
    TCSP_GetCapabilityOwner to fetch the TPM's internal flags. Added
    tcg/highlevel/tpm/Tspi_TPM_GetCapability0{4,5}.c to test.
    - When loading the SRK from TCS PS, the TCS key handle should now
    be 0x40000000 (TSS_SRK_KEY_HANDLE). There were checks for this in
    the ChangeAuth code paths, which caused failing of various sorts.
    - Bug fixed in roll over of TCS key handle generation. Previously we
    would have smashed the SRK's fixed value and we would have thought
    there were 2 SRK's loaded.
    - sf.net bug #1154611, old SRK was not being removed from mem cache,
    though disk cache was being deleted. This means that after re-taking
    ownership the mem cache was corrupted until a restart of the TCSD.
 - Feature Requests
    - sf.net RFE #1122608 completed. Several different device locations
    are now supported by default.  If /dev/tpm is created its assumed that
    the IBM Research device driver is being used and therefore ioctl's are
    sent to the driver, all others get read/write's. Updated README.