Merge pull request #419 from dgarske/parsepubsz

Fix `TPM2_ParsePublic` size argument

examples/attestation/make_credential.c

@@ -49,8 +49,8 @@ static void usage(void)
     printf("Notes:\n");
     printf("\tName digest is loaded from \"ak.name\" file\n");
     printf("\tPublic key is loaded from a file containing TPM2B_PUBLIC\n");
-    printf("\t\"tek.pub\" for EK pub");
-    printf("\t\"tsrk.pub\" for SRK pub");
+    printf("\t\"ek.pub\" for EK pub\n");
+    printf("\t\"srk.pub\" for SRK pub\n");
     printf("\tOutput is stored in \"cred.blob\"\n");
     printf("Demo usage without parameters, uses SRK pub\n");
 }

examples/nvram/read.c

@@ -221,7 +221,7 @@ int TPM2_NVRAM_Read_Example(void* userCtx, int argc, char *argv[])
 
             /* Necessary for storing the publicArea with the correct encoding */
             rc = TPM2_ParsePublic(&keyBlob.pub, pubAreaBuffer,
-                (word32)sizeof(pubAreaBuffer), &pubAreaSize);
+                readSize, &pubAreaSize);
             if (rc != TPM_RC_SUCCESS) {
                 printf("Decoding of PublicArea failed. Unable to extract correctly.\n");
                 goto exit;

examples/run_examples.sh

@@ -493,17 +493,9 @@ if [ $WOLFCRYPT_ENABLE -eq 1 ]; then
 fi
 
 if [ $WOLFCRYPT_ENABLE -eq 1 ] && [ $NO_FILESYSTEM -eq 0 ]; then
-    ./examples/keygen/keygen keyblob.bin -rsa >> $TPMPWD/run.out 2>&1
-    RESULT=$?
-    [ $RESULT -ne 0 ] && echo -e "keygen rsa failed! $RESULT" && exit 1
-    ./examples/attestation/make_credential >> $TPMPWD/run.out 2>&1
-    RESULT=$?
-    [ $RESULT -ne 0 ] && echo -e "make_credential failed! $RESULT" && exit 1
-    ./examples/attestation/activate_credential >> $TPMPWD/run.out 2>&1
-    RESULT=$?
-    [ $RESULT -ne 0 ] && echo -e "activate_credential failed! $RESULT" && exit 1
+    rm -f keyblob.bin
 
-    # Endorsement hierarchy
+    # Endorsement hierarchy (assumes keyblob.bin for key)
     ./examples/keygen/keygen keyblob.bin -rsa -eh >> $TPMPWD/run.out 2>&1
     RESULT=$?
     [ $RESULT -ne 0 ] && echo -e "keygen rsa endorsement failed! $RESULT" && exit 1
@@ -514,10 +506,21 @@ if [ $WOLFCRYPT_ENABLE -eq 1 ] && [ $NO_FILESYSTEM -eq 0 ]; then
     RESULT=$?
     [ $RESULT -ne 0 ] && echo -e "activate_credential endorsement failed! $RESULT" && exit 1
 
+    ./examples/keygen/keygen keyblob.bin -rsa >> $TPMPWD/run.out 2>&1
+    RESULT=$?
+    [ $RESULT -ne 0 ] && echo -e "keygen rsa failed! $RESULT" && exit 1
+    ./examples/attestation/make_credential >> $TPMPWD/run.out 2>&1
+    RESULT=$?
+    [ $RESULT -ne 0 ] && echo -e "make_credential failed! $RESULT" && exit 1
+    ./examples/attestation/activate_credential >> $TPMPWD/run.out 2>&1
+    RESULT=$?
+    [ $RESULT -ne 0 ] && echo -e "activate_credential failed! $RESULT" && exit 1
+
     rm -f cred.blob
     rm -f ek.pub
     rm -f srk.pub
     rm -f ak.name
+    # Keeping keyblob.bin for tests later
 fi
 
 # PCR Quote Tests

examples/tpm_test_keys.c

@@ -216,7 +216,7 @@ int readKeyBlob(const char* filename, WOLFTPM2_KEYBLOB* key)
 
         /* Decode the byte stream into a publicArea structure ready for use */
         rc = TPM2_ParsePublic(&key->pub, pubAreaBuffer,
-            (word32)sizeof(pubAreaBuffer), &pubAreaSize);
+            sizeof(UINT16) + key->pub.size, &pubAreaSize);
         if (rc != TPM_RC_SUCCESS) {
             goto exit;
         }

src/tpm2.c

@@ -6465,13 +6465,6 @@ int TPM2_ParsePublic(TPM2B_PUBLIC* pub, byte* buf, word32 size, int* sizeUsed)
     if (buf == NULL || pub == NULL || sizeUsed == NULL)
         return BAD_FUNC_ARG;
 
-    if (size < sizeof(TPM2B_PUBLIC)) {
-    #ifdef DEBUG_WOLFTPM
-        printf("Insufficient buffer size for TPM2B_PUBLIC operations\n");
-    #endif
-        return TPM_RC_FAILURE;
-    }
-
     /* Prepare temporary buffer */
     packet.buf = buf;
     packet.pos = 0;

src/tpm2_wrap.c

@@ -481,7 +481,7 @@ int wolfTPM2_SetKeyBlobFromBuffer(WOLFTPM2_KEYBLOB* key, byte *buffer,
 
     /* Decode the byte stream into a publicArea structure ready for use */
     rc = TPM2_ParsePublic(&key->pub, pubAreaBuffer,
-        (word32)sizeof(pubAreaBuffer), &pubAreaSize);
+        (word32)(sizeof(UINT16) + key->pub.size), &pubAreaSize);
     if (rc != TPM_RC_SUCCESS) {
         return rc;
     }