[libsecret: 1/2] TPM2: Fix primary key generation in decrypting
- From: Daiki Ueno <dueno src gnome org>
- To: commits-list gnome org
- Cc:
- Subject: [libsecret: 1/2] TPM2: Fix primary key generation in decrypting
- Date: Thu, 12 Aug 2021 15:00:20 +0000 (UTC)
commit ebb18f7885c918f056cae26b286dc6b42cf1191b
Author: Dhanuka Warusadura <csx tuta io>
Date: Thu Aug 12 18:10:59 2021 +0530
TPM2: Fix primary key generation in decrypting
These changes fix TPM2 primary key generation in decrypting
when there is no primary key is present.
Also, fixes a memory issue.
egg/egg-tpm2.c | 15 ++++++++-------
egg/test-tpm2.c | 3 +++
2 files changed, 11 insertions(+), 7 deletions(-)
---
diff --git a/egg/egg-tpm2.c b/egg/egg-tpm2.c
index 2812aea..5d36ca2 100644
--- a/egg/egg-tpm2.c
+++ b/egg/egg-tpm2.c
@@ -130,15 +130,10 @@ static GBytes *
egg_tpm2_generate_random_data(EggTpm2Context *context,
GError **error)
{
- gboolean status = FALSE;
TSS2_RC ret;
TPM2B_DIGEST *random_data;
GBytes *bytes;
- status = egg_tpm2_generate_primary_key(context, error);
- if (!status)
- return NULL;
-
ret = Esys_GetRandom(context->esys_context, ESYS_TR_NONE,
ESYS_TR_NONE, ESYS_TR_NONE, MAX_BYTE_SIZE,
&random_data);
@@ -164,6 +159,7 @@ egg_tpm2_initialize(GError **error)
EggTpm2Context *context;
gsize n_context;
const gchar *tcti_conf;
+ gboolean status;
n_context = 1;
context = g_new(EggTpm2Context, n_context);
@@ -201,6 +197,12 @@ egg_tpm2_initialize(GError **error)
return NULL;
}
+ status = egg_tpm2_generate_primary_key(context, error);
+ if (!status) {
+ egg_tpm2_finalize(context);
+ return NULL;
+ }
+
return context;
}
@@ -286,8 +288,6 @@ egg_tpm2_generate_master_password(EggTpm2Context *context,
}
data = g_bytes_get_data(input, &size);
- g_bytes_unref(input);
-
if (size > sizeof(in_sensitive.sensitive.data.buffer)) {
g_set_error_literal(error,
G_IO_ERROR,
@@ -298,6 +298,7 @@ egg_tpm2_generate_master_password(EggTpm2Context *context,
memcpy(in_sensitive.sensitive.data.buffer, data, size);
in_sensitive.sensitive.data.size = size;
+ g_bytes_unref(input);
ret = Esys_Create(context->esys_context, context->primary_key,
ESYS_TR_PASSWORD, ESYS_TR_NONE, ESYS_TR_NONE,
diff --git a/egg/test-tpm2.c b/egg/test-tpm2.c
index 218c310..ac82a6b 100644
--- a/egg/test-tpm2.c
+++ b/egg/test-tpm2.c
@@ -50,6 +50,9 @@ test_egg_tpm2_decrypt_master_password(void)
g_assert_nonnull(context);
result = egg_tpm2_generate_master_password(context, &error);
g_assert_nonnull(result);
+ egg_tpm2_finalize(context);
+
+ context = egg_tpm2_initialize(&error);
decrypted1 = egg_tpm2_decrypt_master_password(context, result,
&error);
g_assert_nonnull(decrypted1);
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]