Merge branch 'tpm-issue' into 'master'

TPM2: Fix primary key generation in decrypting

See merge request GNOME/libsecret!91
This commit is contained in:
Daiki Ueno 2021-08-12 15:00:19 +00:00
commit 2f0558fe57
2 changed files with 11 additions and 7 deletions

View File

@ -130,15 +130,10 @@ static GBytes *
egg_tpm2_generate_random_data(EggTpm2Context *context, egg_tpm2_generate_random_data(EggTpm2Context *context,
GError **error) GError **error)
{ {
gboolean status = FALSE;
TSS2_RC ret; TSS2_RC ret;
TPM2B_DIGEST *random_data; TPM2B_DIGEST *random_data;
GBytes *bytes; GBytes *bytes;
status = egg_tpm2_generate_primary_key(context, error);
if (!status)
return NULL;
ret = Esys_GetRandom(context->esys_context, ESYS_TR_NONE, ret = Esys_GetRandom(context->esys_context, ESYS_TR_NONE,
ESYS_TR_NONE, ESYS_TR_NONE, MAX_BYTE_SIZE, ESYS_TR_NONE, ESYS_TR_NONE, MAX_BYTE_SIZE,
&random_data); &random_data);
@ -164,6 +159,7 @@ egg_tpm2_initialize(GError **error)
EggTpm2Context *context; EggTpm2Context *context;
gsize n_context; gsize n_context;
const gchar *tcti_conf; const gchar *tcti_conf;
gboolean status;
n_context = 1; n_context = 1;
context = g_new(EggTpm2Context, n_context); context = g_new(EggTpm2Context, n_context);
@ -201,6 +197,12 @@ egg_tpm2_initialize(GError **error)
return NULL; return NULL;
} }
status = egg_tpm2_generate_primary_key(context, error);
if (!status) {
egg_tpm2_finalize(context);
return NULL;
}
return context; return context;
} }
@ -286,8 +288,6 @@ egg_tpm2_generate_master_password(EggTpm2Context *context,
} }
data = g_bytes_get_data(input, &size); data = g_bytes_get_data(input, &size);
g_bytes_unref(input);
if (size > sizeof(in_sensitive.sensitive.data.buffer)) { if (size > sizeof(in_sensitive.sensitive.data.buffer)) {
g_set_error_literal(error, g_set_error_literal(error,
G_IO_ERROR, G_IO_ERROR,
@ -298,6 +298,7 @@ egg_tpm2_generate_master_password(EggTpm2Context *context,
memcpy(in_sensitive.sensitive.data.buffer, data, size); memcpy(in_sensitive.sensitive.data.buffer, data, size);
in_sensitive.sensitive.data.size = size; in_sensitive.sensitive.data.size = size;
g_bytes_unref(input);
ret = Esys_Create(context->esys_context, context->primary_key, ret = Esys_Create(context->esys_context, context->primary_key,
ESYS_TR_PASSWORD, ESYS_TR_NONE, ESYS_TR_NONE, ESYS_TR_PASSWORD, ESYS_TR_NONE, ESYS_TR_NONE,

View File

@ -50,6 +50,9 @@ test_egg_tpm2_decrypt_master_password(void)
g_assert_nonnull(context); g_assert_nonnull(context);
result = egg_tpm2_generate_master_password(context, &error); result = egg_tpm2_generate_master_password(context, &error);
g_assert_nonnull(result); g_assert_nonnull(result);
egg_tpm2_finalize(context);
context = egg_tpm2_initialize(&error);
decrypted1 = egg_tpm2_decrypt_master_password(context, result, decrypted1 = egg_tpm2_decrypt_master_password(context, result,
&error); &error);
g_assert_nonnull(decrypted1); g_assert_nonnull(decrypted1);