|
 |
e56592 |
From 70e9fae7ef535e7cf27a72ddbc818dfefcbdbdbb Mon Sep 17 00:00:00 2001
|
|
|
e56592 |
From: William Roberts <william.c.roberts@intel.com>
|
|
|
e56592 |
Date: Wed, 18 Sep 2019 11:29:57 -0700
|
|
|
e56592 |
Subject: [PATCH] Esys_CreateLoaded: fix resource name calculation
|
|
|
e56592 |
|
|
|
e56592 |
The name calculated and cached for the ESYS_TR resource object was based
|
|
|
e56592 |
on the user supplied TPMT_PUBLIC. However, this template is often
|
|
|
e56592 |
missing data that the TPM fills in and returns in the TPM2B_PUBLIC
|
|
|
e56592 |
structure. Because of this, the cached name returned from
|
|
|
e56592 |
Esys_TR_GetName() and the name read from Esys_ReadPublic() would differ.
|
|
|
e56592 |
|
|
|
e56592 |
Add a test to detect this condition and correct it by copying the
|
|
|
e56592 |
returned TPM2B_PUBLIC to the ESYS_TR resource nodes TPM2B_PUBLIC cache
|
|
|
e56592 |
and calculate the name off of that.
|
|
|
e56592 |
|
|
|
e56592 |
Fixes: #1516
|
|
|
e56592 |
|
|
|
e56592 |
Signed-off-by: William Roberts <william.c.roberts@intel.com>
|
|
|
e56592 |
---
|
|
|
e56592 |
src/tss2-esys/api/Esys_CreateLoaded.c | 14 ++++-----
|
|
|
e56592 |
test/integration/esys-createloaded.int.c | 37 ++++++++++++++++++++++++
|
|
|
e56592 |
2 files changed, 42 insertions(+), 9 deletions(-)
|
|
|
e56592 |
|
|
|
e56592 |
diff --git a/src/tss2-esys/api/Esys_CreateLoaded.c b/src/tss2-esys/api/Esys_CreateLoaded.c
|
|
|
e56592 |
index a92649cade27..44c4400fcff9 100644
|
|
|
e56592 |
--- a/src/tss2-esys/api/Esys_CreateLoaded.c
|
|
|
e56592 |
+++ b/src/tss2-esys/api/Esys_CreateLoaded.c
|
|
|
e56592 |
@@ -317,14 +317,6 @@ Esys_CreateLoaded_Finish(
|
|
|
e56592 |
goto_error(r, TSS2_ESYS_RC_MEMORY, "Out of memory", error_cleanup);
|
|
|
e56592 |
}
|
|
|
e56592 |
|
|
|
e56592 |
- /* Update the meta data of the ESYS_TR object */
|
|
|
e56592 |
- objectHandleNode->rsrc.rsrcType = IESYSC_KEY_RSRC;
|
|
|
e56592 |
- size_t offset = 0;
|
|
|
e56592 |
- r = Tss2_MU_TPMT_PUBLIC_Unmarshal(&esysContext->in.CreateLoaded.inPublic->buffer[0],
|
|
|
e56592 |
- sizeof(TPMT_PUBLIC), &offset ,
|
|
|
e56592 |
- &objectHandleNode->rsrc.misc.rsrc_key_pub.publicArea);
|
|
|
e56592 |
- goto_if_error(r, "Unmarshal TPMT_PUBULIC", error_cleanup);
|
|
|
e56592 |
-
|
|
|
e56592 |
/*Receive the TPM response and handle resubmissions if necessary. */
|
|
|
e56592 |
r = Tss2_Sys_ExecuteFinish(esysContext->sys, esysContext->timeout);
|
|
|
e56592 |
if ((r & ~TSS2_RC_LAYER_MASK) == TSS2_BASE_RC_TRY_AGAIN) {
|
|
|
e56592 |
@@ -386,8 +378,12 @@ Esys_CreateLoaded_Finish(
|
|
|
e56592 |
error_cleanup);
|
|
|
e56592 |
|
|
|
e56592 |
|
|
|
e56592 |
+ /* Update the meta data of the ESYS_TR object */
|
|
|
e56592 |
+ objectHandleNode->rsrc.rsrcType = IESYSC_KEY_RSRC;
|
|
|
e56592 |
+ objectHandleNode->rsrc.misc.rsrc_key_pub = *loutPublic;
|
|
|
e56592 |
+
|
|
|
e56592 |
/* Check name and outPublic for consistency */
|
|
|
e56592 |
- if (!iesys_compare_name(loutPublic, &name))
|
|
|
e56592 |
+ if (!iesys_compare_name(&objectHandleNode->rsrc.misc.rsrc_key_pub, &name))
|
|
|
e56592 |
goto_error(r, TSS2_ESYS_RC_MALFORMED_RESPONSE,
|
|
|
e56592 |
"in Public name not equal name in response", error_cleanup);
|
|
|
e56592 |
|
|
|
e56592 |
diff --git a/test/integration/esys-createloaded.int.c b/test/integration/esys-createloaded.int.c
|
|
|
e56592 |
index ec8d68a0d43d..118f2a3bb1ff 100644
|
|
|
e56592 |
--- a/test/integration/esys-createloaded.int.c
|
|
|
e56592 |
+++ b/test/integration/esys-createloaded.int.c
|
|
|
e56592 |
@@ -8,6 +8,7 @@
|
|
|
e56592 |
#include <config.h>
|
|
|
e56592 |
#endif
|
|
|
e56592 |
|
|
|
e56592 |
+#include <stdbool.h>
|
|
|
e56592 |
#include <stdlib.h>
|
|
|
e56592 |
|
|
|
e56592 |
#include "tss2_esys.h"
|
|
|
e56592 |
@@ -19,6 +20,35 @@
|
|
|
e56592 |
#include "util/log.h"
|
|
|
e56592 |
#include "util/aux_util.h"
|
|
|
e56592 |
|
|
|
e56592 |
+static bool check_name(ESYS_CONTEXT * esys_context, ESYS_TR object_handle)
|
|
|
e56592 |
+{
|
|
|
e56592 |
+ bool result = false;
|
|
|
e56592 |
+
|
|
|
e56592 |
+ TPM2B_NAME *read_name = NULL;
|
|
|
e56592 |
+ TPM2B_NAME *get_name = NULL;
|
|
|
e56592 |
+
|
|
|
e56592 |
+ TSS2_RC r = Esys_ReadPublic(esys_context, object_handle,
|
|
|
e56592 |
+ ESYS_TR_NONE, ESYS_TR_NONE, ESYS_TR_NONE,
|
|
|
e56592 |
+ NULL, &read_name, NULL);
|
|
|
e56592 |
+ goto_if_error(r, "Error esys readpublic", out);
|
|
|
e56592 |
+
|
|
|
e56592 |
+ r = Esys_TR_GetName(esys_context, object_handle, &get_name);
|
|
|
e56592 |
+ goto_if_error(r, "Error esys getname", out);
|
|
|
e56592 |
+
|
|
|
e56592 |
+ if (read_name->size != get_name->size) {
|
|
|
e56592 |
+ LOG_ERROR("name size mismatch %u != %u",
|
|
|
e56592 |
+ read_name->size, get_name->size);
|
|
|
e56592 |
+ goto out;
|
|
|
e56592 |
+ }
|
|
|
e56592 |
+
|
|
|
e56592 |
+ result = memcmp(read_name->name, get_name->name, get_name->size) == 0;
|
|
|
e56592 |
+
|
|
|
e56592 |
+out:
|
|
|
e56592 |
+ free(read_name);
|
|
|
e56592 |
+ free(get_name);
|
|
|
e56592 |
+
|
|
|
e56592 |
+ return result;
|
|
|
e56592 |
+}
|
|
|
e56592 |
/** This test is intended to test the ESAPI command CreateLoaded.
|
|
|
e56592 |
*
|
|
|
e56592 |
* We start by creating a primary key (Esys_CreatePrimary).
|
|
|
e56592 |
@@ -29,6 +59,8 @@
|
|
|
e56592 |
* - Esys_CreatePrimary() (M)
|
|
|
e56592 |
* - Esys_FlushContext() (M)
|
|
|
e56592 |
* - Esys_StartAuthSession() (M)
|
|
|
e56592 |
+ * - Esys_TR_GetName() (M)
|
|
|
e56592 |
+ * - Esys_TR_ReadPublic() (M)
|
|
|
e56592 |
*
|
|
|
e56592 |
* Used compiler defines: TEST_SESSION
|
|
|
e56592 |
*
|
|
|
e56592 |
@@ -239,6 +271,11 @@ test_esys_createloaded(ESYS_CONTEXT * esys_context)
|
|
|
e56592 |
|
|
|
e56592 |
goto_if_error(r, "Error During CreateLoaded", error);
|
|
|
e56592 |
|
|
|
e56592 |
+ bool names_match = check_name(esys_context, objectHandle);
|
|
|
e56592 |
+ if (!names_match) {
|
|
|
e56592 |
+ goto error;
|
|
|
e56592 |
+ }
|
|
|
e56592 |
+
|
|
|
e56592 |
r = Esys_FlushContext(esys_context, primaryHandle);
|
|
|
e56592 |
goto_if_error(r, "Flushing context", error);
|
|
|
e56592 |
|
|
|
e56592 |
--
|
|
|
e56592 |
2.27.0
|
|
|
e56592 |
|