- Update to 1.7.0
+ DB Schema Change from 5 to 7.
* Backup your DB before upgrading
+ Fixed compilation issues with GCC11.
+ Fixed errors on releases due to newer compilers from failing by
only adding -Werror for non-release builds.
+ Fixed error message when the DB is too new in tpm2_ptool.
+ Added support for tpm2_ptool import with ssh-keygen format
keys. Note: Requires cryptography >= 3.0.
+ Changed default long level from error to warning.
+ Added better error message for FAPI backend errors along with
docs/FAPI.md document.
+ Changed tpm2_ptool make --algorithm optional.
+ Fixed error message of wrong attribute name on expected attribute
check to be false.
+ Added support for ECDSA 256, 384 and 512.
+ Fixed a bug in the Python code DB upgrade path from 4 to 5 where
it didn't add AES mode CTR to CKA_ALLOWED_MECHANISMS.
+ Added tpm2_ptool support for ECC key size 192.
+ Added support passwordless login for tokens, ie not setting
CKF_LOGIN_REQUIRED.
+ Fixed Running integration tests when Java version has the -ea,
like on Debian 11 and OpenJDK 17.
+ Added support for HMAC keys using tpm2_ptool and the C_Sign and
C_Verify interfaces. The following interfaces in ptool have
support:
* addkey: previous working versions of tpm2-tools will support
this.
* link: previous working versions of tpm2-tools will support this.
* import: requires tpm2-tools 5.2+ for support.
+ Fixed leaking of temp file descriptors in tpm2_ptool.
+ Fixed wrong free in tpm code, should use Esys_Free.
+ Fixed a space formatting issue in tpm2_ptool verify.
+ Fixed leaked file descriptor in tpm2_ptool.
+ Fixed a few suspicious sizeof usages in str_padded_copy
+ Fixed a memory leak of the token list on a failure condition in
initialization.