[libsecret: 1/2] TPM2: Fix primary key generation in decrypting

From: Daiki Ueno <dueno src gnome org>
To: commits-list gnome org
Cc:
Subject: [libsecret: 1/2] TPM2: Fix primary key generation in decrypting
Date: Thu, 12 Aug 2021 15:00:20 +0000 (UTC)


commit ebb18f7885c918f056cae26b286dc6b42cf1191b
Author: Dhanuka Warusadura <csx tuta io>
Date:   Thu Aug 12 18:10:59 2021 +0530

    TPM2: Fix primary key generation in decrypting
    
    These changes fix TPM2 primary key generation in decrypting
    when there is no primary key is present.
    
    Also, fixes a memory issue.

 egg/egg-tpm2.c  | 15 ++++++++-------
 egg/test-tpm2.c |  3 +++
 2 files changed, 11 insertions(+), 7 deletions(-)
---
diff --git a/egg/egg-tpm2.c b/egg/egg-tpm2.c
index 2812aea..5d36ca2 100644
--- a/egg/egg-tpm2.c
+++ b/egg/egg-tpm2.c
@@ -130,15 +130,10 @@ static GBytes *
 egg_tpm2_generate_random_data(EggTpm2Context *context,
                               GError **error)
 {
-       gboolean status = FALSE;
        TSS2_RC ret;
        TPM2B_DIGEST *random_data;
        GBytes *bytes;
 
-       status = egg_tpm2_generate_primary_key(context, error);
-       if (!status)
-               return NULL;
-
        ret = Esys_GetRandom(context->esys_context, ESYS_TR_NONE,
                             ESYS_TR_NONE, ESYS_TR_NONE, MAX_BYTE_SIZE,
                             &random_data);
@@ -164,6 +159,7 @@ egg_tpm2_initialize(GError **error)
        EggTpm2Context *context;
        gsize n_context;
        const gchar *tcti_conf;
+       gboolean status;
 
        n_context = 1;
        context = g_new(EggTpm2Context, n_context);
@@ -201,6 +197,12 @@ egg_tpm2_initialize(GError **error)
                return NULL;
        }
 
+       status = egg_tpm2_generate_primary_key(context, error);
+       if (!status) {
+               egg_tpm2_finalize(context);
+               return NULL;
+       }
+
        return context;
 }
 
@@ -286,8 +288,6 @@ egg_tpm2_generate_master_password(EggTpm2Context *context,
        }
 
        data = g_bytes_get_data(input, &size);
-       g_bytes_unref(input);
-
        if (size > sizeof(in_sensitive.sensitive.data.buffer)) {
                g_set_error_literal(error,
                                    G_IO_ERROR,
@@ -298,6 +298,7 @@ egg_tpm2_generate_master_password(EggTpm2Context *context,
 
        memcpy(in_sensitive.sensitive.data.buffer, data, size);
        in_sensitive.sensitive.data.size = size;
+       g_bytes_unref(input);
 
        ret = Esys_Create(context->esys_context, context->primary_key,
                          ESYS_TR_PASSWORD, ESYS_TR_NONE, ESYS_TR_NONE,
diff --git a/egg/test-tpm2.c b/egg/test-tpm2.c
index 218c310..ac82a6b 100644
--- a/egg/test-tpm2.c
+++ b/egg/test-tpm2.c
@@ -50,6 +50,9 @@ test_egg_tpm2_decrypt_master_password(void)
        g_assert_nonnull(context);
        result = egg_tpm2_generate_master_password(context, &error);
        g_assert_nonnull(result);
+       egg_tpm2_finalize(context);
+
+       context = egg_tpm2_initialize(&error);
        decrypted1 = egg_tpm2_decrypt_master_password(context, result,
                                                      &error);
        g_assert_nonnull(decrypted1);

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]