Skip to content

Fix TPM2_ParsePublic size argument #419

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
embhorn merged 2 commits into from
Jun 6, 2025
Merged

Fix TPM2_ParsePublic size argument #419

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
d587222
Fix `TPM2_ParsePublic` size argument.
dgarske May 31, 2025
4719389
Cleanups for make_credential and `keygen -rsa` test case
dgarske Jun 4, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 2 additions & 2 deletions examples/attestation/make_credential.c
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -49,8 +49,8 @@ static void usage(void)
printf("Notes:\n");
printf("\tName digest is loaded from \"ak.name\" file\n");
printf("\tPublic key is loaded from a file containing TPM2B_PUBLIC\n");
printf("\t\"tek.pub\" for EK pub");
printf("\t\"tsrk.pub\" for SRK pub");
printf("\t\"ek.pub\" for EK pub\n");
printf("\t\"srk.pub\" for SRK pub\n");
printf("\tOutput is stored in \"cred.blob\"\n");
printf("Demo usage without parameters, uses SRK pub\n");
}
Expand Down
2 changes: 1 addition & 1 deletion examples/nvram/read.c
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -221,7 +221,7 @@ int TPM2_NVRAM_Read_Example(void* userCtx, int argc, char *argv[])

/* Necessary for storing the publicArea with the correct encoding */
rc = TPM2_ParsePublic(&keyBlob.pub, pubAreaBuffer,
(word32)sizeof(pubAreaBuffer), &pubAreaSize);
readSize, &pubAreaSize);
if (rc != TPM_RC_SUCCESS) {
printf("Decoding of PublicArea failed. Unable to extract correctly.\n");
goto exit;
Expand Down
23 changes: 13 additions & 10 deletions examples/run_examples.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -493,17 +493,9 @@ if [ $WOLFCRYPT_ENABLE -eq 1 ]; then
fi

if [ $WOLFCRYPT_ENABLE -eq 1 ] && [ $NO_FILESYSTEM -eq 0 ]; then
./examples/keygen/keygen keyblob.bin -rsa >> $TPMPWD/run.out 2>&1
RESULT=$?
[ $RESULT -ne 0 ] && echo -e "keygen rsa failed! $RESULT" && exit 1
./examples/attestation/make_credential >> $TPMPWD/run.out 2>&1
RESULT=$?
[ $RESULT -ne 0 ] && echo -e "make_credential failed! $RESULT" && exit 1
./examples/attestation/activate_credential >> $TPMPWD/run.out 2>&1
RESULT=$?
[ $RESULT -ne 0 ] && echo -e "activate_credential failed! $RESULT" && exit 1
rm -f keyblob.bin

# Endorsement hierarchy
# Endorsement hierarchy (assumes keyblob.bin for key)
./examples/keygen/keygen keyblob.bin -rsa -eh >> $TPMPWD/run.out 2>&1
RESULT=$?
[ $RESULT -ne 0 ] && echo -e "keygen rsa endorsement failed! $RESULT" && exit 1
Expand All @@ -514,10 +506,21 @@ if [ $WOLFCRYPT_ENABLE -eq 1 ] && [ $NO_FILESYSTEM -eq 0 ]; then
RESULT=$?
[ $RESULT -ne 0 ] && echo -e "activate_credential endorsement failed! $RESULT" && exit 1

./examples/keygen/keygen keyblob.bin -rsa >> $TPMPWD/run.out 2>&1
RESULT=$?
[ $RESULT -ne 0 ] && echo -e "keygen rsa failed! $RESULT" && exit 1
./examples/attestation/make_credential >> $TPMPWD/run.out 2>&1
RESULT=$?
[ $RESULT -ne 0 ] && echo -e "make_credential failed! $RESULT" && exit 1
./examples/attestation/activate_credential >> $TPMPWD/run.out 2>&1
RESULT=$?
[ $RESULT -ne 0 ] && echo -e "activate_credential failed! $RESULT" && exit 1

rm -f cred.blob
rm -f ek.pub
rm -f srk.pub
rm -f ak.name
# Keeping keyblob.bin for tests later
fi

# PCR Quote Tests
Expand Down
2 changes: 1 addition & 1 deletion examples/tpm_test_keys.c
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -216,7 +216,7 @@ int readKeyBlob(const char* filename, WOLFTPM2_KEYBLOB* key)

/* Decode the byte stream into a publicArea structure ready for use */
rc = TPM2_ParsePublic(&key->pub, pubAreaBuffer,
(word32)sizeof(pubAreaBuffer), &pubAreaSize);
sizeof(UINT16) + key->pub.size, &pubAreaSize);
if (rc != TPM_RC_SUCCESS) {
goto exit;
}
Expand Down
7 changes: 0 additions & 7 deletions src/tpm2.c
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -6465,13 +6465,6 @@ int TPM2_ParsePublic(TPM2B_PUBLIC* pub, byte* buf, word32 size, int* sizeUsed)
if (buf == NULL || pub == NULL || sizeUsed == NULL)
return BAD_FUNC_ARG;

if (size < sizeof(TPM2B_PUBLIC)) {
#ifdef DEBUG_WOLFTPM
printf("Insufficient buffer size for TPM2B_PUBLIC operations\n");
#endif
return TPM_RC_FAILURE;
}

/* Prepare temporary buffer */
packet.buf = buf;
packet.pos = 0;
Expand Down
2 changes: 1 addition & 1 deletion src/tpm2_wrap.c
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -481,7 +481,7 @@ int wolfTPM2_SetKeyBlobFromBuffer(WOLFTPM2_KEYBLOB* key, byte *buffer,

/* Decode the byte stream into a publicArea structure ready for use */
rc = TPM2_ParsePublic(&key->pub, pubAreaBuffer,
(word32)sizeof(pubAreaBuffer), &pubAreaSize);
(word32)(sizeof(UINT16) + key->pub.size), &pubAreaSize);
if (rc != TPM_RC_SUCCESS) {
return rc;
}
Expand Down