Fixes for CI. Refactors for small stack and coding patterns. Adds SHA1 support. Copilot peer review fixes.

Author: dgarske

.github/workflows/fwtpm-test.yml

@@ -46,6 +46,14 @@ jobs:
             wolfssl_config: --enable-wolftpm --enable-pkcallbacks --enable-keygen --disable-sha384
             build_only: true
 
+          # Build-only: fwTPM with SHA-1 disabled (verifies !NO_SHA gating
+          # for SHA-1 PCR bank and RSA hash conversion)
+          - name: fwtpm-no-sha1
+            wolftpm_config: --enable-fwtpm --enable-swtpm
+            wolfssl_config: --enable-wolftpm --enable-pkcallbacks --enable-keygen --disable-sha
+            build_only: true
+            extra_cflags: -DNO_SHA
+
           # Build-only: fwTPM server only (no client library)
           - name: fwtpm-only
             wolftpm_config: --enable-fwtpm-only --enable-swtpm
@@ -329,3 +337,73 @@ jobs:
             /tmp/fwtpm_emu_build.log
           retention-days: 5
 
+  # ----------------------------------------------------------------
+  # Valgrind memory-safety check
+  # Runs the unit test under valgrind for three FWTPM_DECLARE_VAR
+  # configurations (default, SMALL_STACK, NO_HEAP) so the
+  # stack-vs-heap allocation paths are all exercised.
+  # ----------------------------------------------------------------
+  fwtpm-valgrind:
+    runs-on: ubuntu-latest
+    timeout-minutes: 30
+    strategy:
+      fail-fast: false
+      matrix:
+        include:
+          - name: fwtpm-valgrind-default
+            extra_cflags: ""
+          - name: fwtpm-valgrind-smallstack
+            extra_cflags: "-DWOLFTPM_SMALL_STACK"
+          - name: fwtpm-valgrind-noheap
+            extra_cflags: "-DWOLFTPM2_NO_HEAP"
+
+    steps:
+      - name: Checkout wolfTPM
+        uses: actions/checkout@v4
+
+      - name: Checkout wolfSSL
+        uses: actions/checkout@v4
+        with:
+          repository: wolfssl/wolfssl
+          path: wolfssl
+
+      - name: Install valgrind + tpm2-tools
+        run: |
+          sudo apt-get update
+          sudo apt-get install -y valgrind tpm2-tools libtss2-tcti-mssim0
+
+      - name: Build wolfSSL
+        working-directory: ./wolfssl
+        run: |
+          ./autogen.sh
+          ./configure --enable-wolftpm --enable-pkcallbacks --enable-keygen \
+              CFLAGS="-DWC_RSA_NO_PADDING -g -O1"
+          make
+          sudo make install
+          sudo ldconfig
+
+      - name: Build wolfTPM (${{ matrix.name }})
+        run: |
+          ./autogen.sh
+          ./configure --enable-fwtpm --enable-swtpm --enable-debug \
+              CFLAGS="${{ matrix.extra_cflags }} -g -O1"
+          make
+
+      - name: Run unit.test under valgrind
+        run: |
+          valgrind --error-exitcode=1 --leak-check=full \
+                   --errors-for-leak-kinds=definite \
+                   --show-leak-kinds=definite \
+                   ./tests/unit.test
+
+      - name: Upload failure logs
+        if: failure()
+        uses: actions/upload-artifact@v4
+        with:
+          name: fwtpm-valgrind-logs-${{ matrix.name }}
+          path: |
+            /tmp/fwtpm_check_*.log
+            test-suite.log
+            tests/*.log
+            config.log
+          retention-days: 5

.github/workflows/sanitizer.yml

@@ -71,7 +71,10 @@ jobs:
 
       - name: Run tests (make check)
         env:
-          WOLFSSL_PATH: /tmp/wolfssl-install
+          # WOLFSSL_PATH must point at the wolfSSL *source tree* (with built
+          # examples/server/server), not the install prefix — run_examples.sh
+          # `pushd $WOLFSSL_PATH && ./examples/server/server ...` for TLS tests.
+          WOLFSSL_PATH: ${{ github.workspace }}/wolfssl
           LD_LIBRARY_PATH: /tmp/wolfssl-install/lib
           ASAN_OPTIONS: ${{ matrix.asan_options }}
           UBSAN_OPTIONS: ${{ matrix.ubsan_options }}

CMakeLists.txt

@@ -446,9 +446,12 @@ else()
     endif()
 endif()
 
-# Link wolftpm library to wolfSSL
+# Link wolftpm library to wolfSSL.
+# PRIVATE so the wolftpm_wolfssl_dep INTERFACE helper does not become part
+# of wolftpm's export set (it is build-tree-only). Downstream consumers of
+# wolftpm should `find_package(wolfssl)` themselves before find_package(wolftpm).
 if(BUILD_WOLFTPM_LIB)
-    target_link_libraries(wolftpm PUBLIC wolftpm_wolfssl_dep)
+    target_link_libraries(wolftpm PRIVATE wolftpm_wolfssl_dep)
 endif()
 
 # fwTPM requires wolfCrypt
@@ -719,7 +722,11 @@ endif()
 include(GNUInstallDirs)
 
 if(BUILD_WOLFTPM_LIB)
-    install(TARGETS wolftpm wolftpm_wolfssl_dep
+    # Note: wolftpm_wolfssl_dep is an INTERFACE helper used only at build
+    # time to share wolfSSL include/link settings. It is intentionally NOT
+    # installed/exported — downstream `find_package(wolftpm)` should only
+    # see the real wolftpm target and discover wolfSSL via its own config.
+    install(TARGETS wolftpm
             EXPORT  wolftpm-targets
             LIBRARY DESTINATION lib
             ARCHIVE DESTINATION lib

configure.ac

@@ -225,29 +225,16 @@ then
     AM_CFLAGS="$AM_CFLAGS -DWOLFTPM_LINUX_DEV"
 fi
 
-# Native host defaults — auto-enable fwTPM and swTPM on Linux/BSD x86_64 / aarch64
-# so `make check` provides full coverage out of the box. Users can still
-# explicitly disable with --disable-fwtpm / --disable-swtpm.
+# Defaults: fwTPM and swTPM are opt-in via --enable-fwtpm / --enable-swtpm.
+# Auto-enabling them on Linux/BSD changed default behavior for downstream
+# builders (new optional dependencies, different `make check`), so keep the
+# safer opt-in default. CI scripts pass these flags explicitly.
 WOLFTPM_DEFAULT_FWTPM=no
 WOLFTPM_DEFAULT_SWTPM=no
-case $host_cpu in
-    x86_64|amd64|aarch64)
-        # Defensive exclusion: fwtpm_server uses POSIX sockets and is not
-        # currently portable to Windows / Darwin. Auto-enable on Linux/BSD only.
-        case $host_os in
-            *mingw*|*cygwin*|*msys*|*darwin*|*win32*)
-                ;;
-            *)
-                WOLFTPM_DEFAULT_FWTPM=yes
-                WOLFTPM_DEFAULT_SWTPM=yes
-                ;;
-        esac
-        ;;
-esac
 
 # SW TPM device Support
 AC_ARG_ENABLE([swtpm],
-    [AS_HELP_STRING([--enable-swtpm],[Enable use of TPM through the SW socket driver (default: enabled on Linux x86_64/aarch64, disabled elsewhere)])],
+    [AS_HELP_STRING([--enable-swtpm],[Enable use of TPM through the SW socket driver (default: disabled)])],
     [ ENABLED_SWTPM=$enableval ],
     [ ENABLED_SWTPM=$WOLFTPM_DEFAULT_SWTPM ]
     )
@@ -299,7 +286,7 @@ AC_SUBST([DISTCHECK_SWTPM_PORT_FLAG])
 
 # Firmware TPM (fwTPM) - software TPM 2.0 simulator
 AC_ARG_ENABLE([fwtpm],
-    [AS_HELP_STRING([--enable-fwtpm],[Enable firmware TPM (fwTPM) server (default: enabled on Linux x86_64/aarch64, disabled elsewhere)])],
+    [AS_HELP_STRING([--enable-fwtpm],[Enable firmware TPM (fwTPM) server (default: disabled)])],
     [ ENABLED_FWTPM=$enableval ],
     [ ENABLED_FWTPM=$WOLFTPM_DEFAULT_FWTPM ]
     )

examples/tpm_test.h

@@ -174,7 +174,7 @@ static const byte kRsaKeyPubModulus[] = {
     0xAE, 0xF5, 0xFC, 0x5B, 0xE5, 0xFB, 0xA1, 0xBA, 0xD3
 };
 
-static const word32 kRsaKeyPubExponent = 0x10001; /* {0x01, 0x00, 0x01} */
+static const word32 kRsaKeyPubExponent = WC_RSA_EXPONENT; /* 0x10001 */
 
 static const byte kRsaKeyPrivQ[] = {
     0xD5, 0x38, 0x1B, 0xC3, 0x8F, 0xC5, 0x93, 0x0C, 0x47, 0x0B, 0x6F, 0x35, 0x92,

hal/tpm_io_fwtpm.c

@@ -67,15 +67,30 @@ int FWTPM_TIS_ClientConnect(FWTPM_TIS_CLIENT_CTX* client)
     XMEMSET(client, 0, sizeof(FWTPM_TIS_CLIENT_CTX));
     client->shmFd = -1;
 
-    /* Open existing shared memory file */
-    fd = open(FWTPM_TIS_SHM_PATH, O_RDWR | O_NOFOLLOW | O_CLOEXEC);
+    /* Open existing shared memory file. O_NOFOLLOW and O_CLOEXEC are not
+     * universally available across POSIX targets — guard at compile time
+     * and fall back to fcntl(FD_CLOEXEC) for the close-on-exec semantics. */
+    {
+        int openFlags = O_RDWR;
+    #ifdef O_NOFOLLOW
+        openFlags |= O_NOFOLLOW;
+    #endif
+    #ifdef O_CLOEXEC
+        openFlags |= O_CLOEXEC;
+    #endif
+        fd = open(FWTPM_TIS_SHM_PATH, openFlags);
+    }
     if (fd < 0) {
     #ifdef DEBUG_WOLFTPM
         printf("fwTPM HAL: open(%s) failed: %d (%s)\n",
             FWTPM_TIS_SHM_PATH, errno, strerror(errno));
     #endif
         return TPM_RC_FAILURE;
     }
+#ifndef O_CLOEXEC
+    /* Fallback for platforms without O_CLOEXEC */
+    (void)fcntl(fd, F_SETFD, FD_CLOEXEC);
+#endif
 
     /* Verify file is large enough before mapping */
     if (fstat(fd, &st) != 0 ||

scripts/tpm2_tools_test.sh

@@ -1193,10 +1193,65 @@ if check_tool tpm2_certifycreation; then
             -g sha256 -o "$TEST_TMPDIR/cc_sig.bin" \
             --attestation "$TEST_TMPDIR/cc_attest.bin" \
             -f plain -s rsassa
+
+    # Negative: tamper with the creation ticket and confirm the TPM rejects
+    # it with TPM_RC_TICKET (HMAC verification fails). Flip a byte in the
+    # middle of the ticket so headers/sizes stay valid.
+    cp "$TEST_TMPDIR/cc_creation.ticket" "$TEST_TMPDIR/cc_creation.ticket.bad"
+    # The TPMT_TK_CREATION layout starts with tag(2)+hierarchy(4); tamper
+    # at offset 16 which lands inside the digest body.
+    printf '\xAA' | dd of="$TEST_TMPDIR/cc_creation.ticket.bad" \
+        bs=1 count=1 seek=16 conv=notrunc 2>/dev/null
+    run_test_fail "certifycreation rejects tampered ticket (TPM_RC_TICKET)" \
+        tpm2_certifycreation -C "$TEST_TMPDIR/cc_sign.ctx" \
+            -c "$TEST_TMPDIR/cc_primary.ctx" \
+            -d "$TEST_TMPDIR/cc_creation.digest" \
+            -t "$TEST_TMPDIR/cc_creation.ticket.bad" \
+            -g sha256 -o "$TEST_TMPDIR/cc_sig_bad.bin" \
+            --attestation "$TEST_TMPDIR/cc_attest_bad.bin" \
+            -f plain -s rsassa
 else
     skip_test "certifycreation" "tpm2_certifycreation not available"
 fi
 
+# ----------------------------------------------------------------
+hdr "Hash + Sign (TK_HASHCHECK ticket)"
+# Generate a hash with ticket via TPM2_Hash, then sign the hashed digest
+# using the ticket as proof the TPM produced the hash. Exercises the
+# TK_HASHCHECK ticket generate→consume flow that PolicyAuthorize/Sign rely on.
+flush_transient
+
+run_test "createprimary for hash+sign" \
+    tpm2_createprimary -C o -c "$TEST_TMPDIR/hs_primary.ctx"
+
+run_test "create signing key for hash+sign" \
+    tpm2_create -G rsa -C "$TEST_TMPDIR/hs_primary.ctx" \
+        -u "$TEST_TMPDIR/hs_sign.pub" -r "$TEST_TMPDIR/hs_sign.priv" \
+        -c "$TEST_TMPDIR/hs_sign.ctx"
+
+echo -n "ticket-data-to-sign" > "$TEST_TMPDIR/hs_data.bin"
+run_test "tpm2_hash with TK_HASHCHECK output" \
+    tpm2_hash -C o -g sha256 \
+        -o "$TEST_TMPDIR/hs_digest.bin" \
+        -t "$TEST_TMPDIR/hs_ticket.bin" \
+        "$TEST_TMPDIR/hs_data.bin"
+
+run_test "tpm2_sign consumes TK_HASHCHECK ticket" \
+    tpm2_sign -c "$TEST_TMPDIR/hs_sign.ctx" \
+        -g sha256 -d -t "$TEST_TMPDIR/hs_ticket.bin" \
+        -o "$TEST_TMPDIR/hs_sig.bin" \
+        "$TEST_TMPDIR/hs_digest.bin"
+
+# Negative: tamper ticket bytes; sign should reject (TPM_RC_TICKET).
+cp "$TEST_TMPDIR/hs_ticket.bin" "$TEST_TMPDIR/hs_ticket.bad"
+printf '\x55' | dd of="$TEST_TMPDIR/hs_ticket.bad" \
+    bs=1 count=1 seek=16 conv=notrunc 2>/dev/null
+run_test_fail "tpm2_sign rejects tampered TK_HASHCHECK (TPM_RC_TICKET)" \
+    tpm2_sign -c "$TEST_TMPDIR/hs_sign.ctx" \
+        -g sha256 -d -t "$TEST_TMPDIR/hs_ticket.bad" \
+        -o "$TEST_TMPDIR/hs_sig_bad.bin" \
+        "$TEST_TMPDIR/hs_digest.bin"
+
 # ----------------------------------------------------------------
 hdr "Duplicate"
 # Flush transient objects