|
1 | 1 | # Release Notes |
2 | 2 |
|
| 3 | +## wolfTPM Release 3.9.2 (July 30, 2025) |
| 4 | + |
| 5 | +**Summary** |
| 6 | + |
| 7 | +This release includes a security fix for possible buffer overflow in RSA key export functionality. It also adds new key wrapping API's to support exporting the encrypted private key along with crypto callback improvements. Fixes to support TPM2 signing/verification with smaller digest input sizes. Addition of a new HMAC example. Switch to GPLv3. |
| 8 | + |
| 9 | +**Vulnerabilities** |
| 10 | + |
| 11 | +[Medium CVE-2025-7844]: wolfTPM library wrapper function `wolfTPM2_RsaKey_TpmToWolf` copies external data to a fixed-size stack buffer without length validation potentially causing stack-based buffer overflow |
| 12 | + |
| 13 | +Exporting a TPM based RSA key larger than 2048 bits from the TPM could overrun a stack buffer if the default `MAX_RSA_KEY_BITS=2048` is used. If your TPM 2.0 module supports RSA key sizes larger than 2048 bit and your applications supports creating or importing an RSA private or public key larger than 2048 bits and your application calls `wolfTPM2_RsaKey_TpmToWolf` on that key, then a stack buffer could be overrun. If the `MAX_RSA_KEY_BITS` build-time macro is set correctly (RSA bits match what TPM hardware is capable of) for the hardware target, then a stack overrun is not possible. |
| 14 | + |
| 15 | +Fixed in PR #427 (https://github.com/wolfSSL/wolfTPM/pull/427) |
| 16 | + |
| 17 | +**Detail** |
| 18 | + |
| 19 | +* Improvements for key creation and exporting encrypted private key (PR #428) |
| 20 | + - Added helpers for importing external private keys and creating encrypted key blobs (see `wolfTPM2_CreateRsaKeyBlob` and `wolfTPM2_CreateEccKeyBlob`) |
| 21 | + - Added support for crypto callback key generation that exports encrypted private portion (see `TpmCryptoDevCtx.ecdsaKey`) |
| 22 | + - Added a few missing FIPS unlock/lock on private key access (required with wolfCrypt FIPS) |
| 23 | + - Improved crypto callback key generation hash algorithm selection |
| 24 | + - Fixed `WOLFTPM2_USE_SW_ECDHE` build option and added CI tests |
| 25 | + - Cleaned up the user_settings.h logic between wolfTPM and wolfSSL. |
| 26 | +* Fixed buffer overrun and security issues (PR #427) |
| 27 | + - Fixed possible buffer overrun issues with RSA key export where wolfCrypt max key size doesn't match TPM support (see CVE-2025-7844) |
| 28 | + - Fixed RSA encrypt/decrypt buffer size check logic |
| 29 | + - Fixed `TPM2_GetWolfRng` to ensure NULL is set on RNG init error |
| 30 | + - Added better defaults for SLB9672/SLB9673 |
| 31 | + - Fixed LABEL_MAX_BUFFER and removed duplicate `MAX_ECC_KEY_BYTES` |
| 32 | + - Implemented address sanitizer CI test |
| 33 | +* Improved the detection of maximum HASH_COUNT (PR #426 and #427) |
| 34 | +* Enhanced HMAC support with persistent keys (PR #422) |
| 35 | + - Added example for HMAC with persistent key (see `examples/wrap/hmac`) |
| 36 | +* Improved crypto callback functionality (PR #421) |
| 37 | + - Added support for crypto callback `WC_PK_TYPE_RSA_GET_SIZE` |
| 38 | + - Fixed crypto callback fallback to software when no TPM key is setup |
| 39 | + - Fixed for WC_RNG change to add `pid_t` and added detection of `HAVE_GETPID` |
| 40 | +* Enhanced thread safety and CMake support (PR #417, #420) |
| 41 | + - Fixed missing `TPM2_ReleaseLock` in `TPM2_GetProductInfo` |
| 42 | + - Refactored `TPM2_GetNonce` to support non-locking version for internal use |
| 43 | + - Improved CMake support for single threading, mutex locking and active thread local storage |
| 44 | + - Fixed CMake logic for `WOLFTPM_NO_ACTIVE_THREAD_LS` |
| 45 | + - Improved `gActiveTPM` detection for needing thread local |
| 46 | +* Improved TPM signing and verification (PR #418) |
| 47 | + - Fixed logic for signing with input digest smaller than key size |
| 48 | + - Improved input digest size logic for TPM2_Sign and TPM2_Verify |
| 49 | + - Added test case with interop for signing |
| 50 | + - Exposed `TPM2_ASN_TrimZeros` |
| 51 | +* Enhanced parsing and testing (PR #419) |
| 52 | + - Fixed `TPM2_ParsePublic` size argument |
| 53 | +* Improved documentation (PR #424, #425) |
| 54 | + - Added TCG TPM to the SWTPM documentation |
| 55 | +* Fixed build system issues (PR #423) |
| 56 | + - Fixed bug in configure.ac which breaks in Alpine |
| 57 | + |
| 58 | + |
3 | 59 | ## wolfTPM Release 3.9.1 (May 21, 2025) |
4 | 60 |
|
5 | 61 | * Post release fixes (PR #415) |
|
0 commit comments