WolfSSL
/
wolfTPM
mirror of https://github.com/wolfSSL/wolfTPM.git
1
0
Fork 0
Code Issues Releases Wiki Activity

Merge pull request #419 from dgarske/parsepubsz 

Fix `TPM2_ParsePublic` size argument
pull/420/head
Eric Blankenhorn 2025-06-06 15:07:26 -05:00 committed by GitHub
parent bd682553ac 47193894e8
commit 33a532f58c
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
6 changed files with 18 additions and 22 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
examples/attestation/make_credential.c
View File

@ -49,8 +49,8 @@ static void usage(void)
printf("Notes:\n"); printf("Notes:\n");
printf("\tName digest is loaded from \"ak.name\" file\n"); printf("\tName digest is loaded from \"ak.name\" file\n");
printf("\tPublic key is loaded from a file containing TPM2B_PUBLIC\n"); printf("\tPublic key is loaded from a file containing TPM2B_PUBLIC\n");
printf("\t\"tek.pub\" for EK pub"); printf("\t\"ek.pub\" for EK pub\n");
printf("\t\"tsrk.pub\" for SRK pub"); printf("\t\"srk.pub\" for SRK pub\n");
printf("\tOutput is stored in \"cred.blob\"\n"); printf("\tOutput is stored in \"cred.blob\"\n");
printf("Demo usage without parameters, uses SRK pub\n"); printf("Demo usage without parameters, uses SRK pub\n");
} }

2
examples/nvram/read.c
View File

@ -221,7 +221,7 @@ int TPM2_NVRAM_Read_Example(void* userCtx, int argc, char *argv[])
/* Necessary for storing the publicArea with the correct encoding */ /* Necessary for storing the publicArea with the correct encoding */
rc = TPM2_ParsePublic(&keyBlob.pub, pubAreaBuffer, rc = TPM2_ParsePublic(&keyBlob.pub, pubAreaBuffer,
(word32)sizeof(pubAreaBuffer), &pubAreaSize); readSize, &pubAreaSize);
if (rc != TPM_RC_SUCCESS) { if (rc != TPM_RC_SUCCESS) {
printf("Decoding of PublicArea failed. Unable to extract correctly.\n"); printf("Decoding of PublicArea failed. Unable to extract correctly.\n");
goto exit; goto exit;

23
examples/run_examples.sh
View File

@ -493,17 +493,9 @@ if [ $WOLFCRYPT_ENABLE -eq 1 ]; then
fi fi
if [ $WOLFCRYPT_ENABLE -eq 1 ] && [ $NO_FILESYSTEM -eq 0 ]; then if [ $WOLFCRYPT_ENABLE -eq 1 ] && [ $NO_FILESYSTEM -eq 0 ]; then
./examples/keygen/keygen keyblob.bin -rsa >> $TPMPWD/run.out 2>&1 rm -f keyblob.bin
RESULT=$?
[ $RESULT -ne 0 ] && echo -e "keygen rsa failed! $RESULT" && exit 1
./examples/attestation/make_credential >> $TPMPWD/run.out 2>&1
RESULT=$?
[ $RESULT -ne 0 ] && echo -e "make_credential failed! $RESULT" && exit 1
./examples/attestation/activate_credential >> $TPMPWD/run.out 2>&1
RESULT=$?
[ $RESULT -ne 0 ] && echo -e "activate_credential failed! $RESULT" && exit 1
# Endorsement hierarchy # Endorsement hierarchy (assumes keyblob.bin for key)
./examples/keygen/keygen keyblob.bin -rsa -eh >> $TPMPWD/run.out 2>&1 ./examples/keygen/keygen keyblob.bin -rsa -eh >> $TPMPWD/run.out 2>&1
RESULT=$? RESULT=$?
[ $RESULT -ne 0 ] && echo -e "keygen rsa endorsement failed! $RESULT" && exit 1 [ $RESULT -ne 0 ] && echo -e "keygen rsa endorsement failed! $RESULT" && exit 1
@ -514,10 +506,21 @@ if [ $WOLFCRYPT_ENABLE -eq 1 ] && [ $NO_FILESYSTEM -eq 0 ]; then
RESULT=$? RESULT=$?
[ $RESULT -ne 0 ] && echo -e "activate_credential endorsement failed! $RESULT" && exit 1 [ $RESULT -ne 0 ] && echo -e "activate_credential endorsement failed! $RESULT" && exit 1
./examples/keygen/keygen keyblob.bin -rsa >> $TPMPWD/run.out 2>&1
RESULT=$?
[ $RESULT -ne 0 ] && echo -e "keygen rsa failed! $RESULT" && exit 1
./examples/attestation/make_credential >> $TPMPWD/run.out 2>&1
RESULT=$?
[ $RESULT -ne 0 ] && echo -e "make_credential failed! $RESULT" && exit 1
./examples/attestation/activate_credential >> $TPMPWD/run.out 2>&1
RESULT=$?
[ $RESULT -ne 0 ] && echo -e "activate_credential failed! $RESULT" && exit 1
rm -f cred.blob rm -f cred.blob
rm -f ek.pub rm -f ek.pub
rm -f srk.pub rm -f srk.pub
rm -f ak.name rm -f ak.name
# Keeping keyblob.bin for tests later
fi fi
# PCR Quote Tests # PCR Quote Tests

2
examples/tpm_test_keys.c
View File

@ -216,7 +216,7 @@ int readKeyBlob(const char* filename, WOLFTPM2_KEYBLOB* key)
/* Decode the byte stream into a publicArea structure ready for use */ /* Decode the byte stream into a publicArea structure ready for use */
rc = TPM2_ParsePublic(&key->pub, pubAreaBuffer, rc = TPM2_ParsePublic(&key->pub, pubAreaBuffer,
(word32)sizeof(pubAreaBuffer), &pubAreaSize); sizeof(UINT16) + key->pub.size, &pubAreaSize);
if (rc != TPM_RC_SUCCESS) { if (rc != TPM_RC_SUCCESS) {
goto exit; goto exit;
} }

7
src/tpm2.c
View File

@ -6465,13 +6465,6 @@ int TPM2_ParsePublic(TPM2B_PUBLIC* pub, byte* buf, word32 size, int* sizeUsed)
if (buf == NULL || pub == NULL || sizeUsed == NULL) if (buf == NULL || pub == NULL || sizeUsed == NULL)
return BAD_FUNC_ARG; return BAD_FUNC_ARG;
if (size < sizeof(TPM2B_PUBLIC)) {
#ifdef DEBUG_WOLFTPM
printf("Insufficient buffer size for TPM2B_PUBLIC operations\n");
#endif
return TPM_RC_FAILURE;
}
/* Prepare temporary buffer */ /* Prepare temporary buffer */
packet.buf = buf; packet.buf = buf;
packet.pos = 0; packet.pos = 0;

2
src/tpm2_wrap.c
View File

@ -481,7 +481,7 @@ int wolfTPM2_SetKeyBlobFromBuffer(WOLFTPM2_KEYBLOB* key, byte *buffer,
/* Decode the byte stream into a publicArea structure ready for use */ /* Decode the byte stream into a publicArea structure ready for use */
rc = TPM2_ParsePublic(&key->pub, pubAreaBuffer, rc = TPM2_ParsePublic(&key->pub, pubAreaBuffer,
(word32)sizeof(pubAreaBuffer), &pubAreaSize); (word32)(sizeof(UINT16) + key->pub.size), &pubAreaSize);
if (rc != TPM_RC_SUCCESS) { if (rc != TPM_RC_SUCCESS) {
return rc; return rc;
} }