Cypher_Stack/libsecret
2
0
Fork 0
mirror of https://gitlab.gnome.org/GNOME/libsecret.git synced 2024-12-22 04:38:55 +00:00
Code Issues Packages Projects Releases Wiki Activity

TPM2: Fix primary key generation in decrypting

Browse Source 
These changes fix TPM2 primary key generation in decrypting
when there is no primary key is present.

Also, fixes a memory issue.
This commit is contained in:
Dhanuka Warusadura 2021-08-12 18:10:59 +05:30
parent b3a7468f06
commit ebb18f7885
2 changed files with 11 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
egg/egg-tpm2.c
View File

@ -130,15 +130,10 @@ static GBytes *
egg_tpm2_generate_random_data(EggTpm2Context *context, egg_tpm2_generate_random_data(EggTpm2Context *context,
GError **error) GError **error)
{ {
gboolean status = FALSE;
TSS2_RC ret; TSS2_RC ret;
TPM2B_DIGEST *random_data; TPM2B_DIGEST *random_data;
GBytes *bytes; GBytes *bytes;
status = egg_tpm2_generate_primary_key(context, error);
if (!status)
return NULL;
ret = Esys_GetRandom(context->esys_context, ESYS_TR_NONE, ret = Esys_GetRandom(context->esys_context, ESYS_TR_NONE,
ESYS_TR_NONE, ESYS_TR_NONE, MAX_BYTE_SIZE, ESYS_TR_NONE, ESYS_TR_NONE, MAX_BYTE_SIZE,
&random_data); &random_data);
@ -164,6 +159,7 @@ egg_tpm2_initialize(GError **error)
EggTpm2Context *context; EggTpm2Context *context;
gsize n_context; gsize n_context;
const gchar *tcti_conf; const gchar *tcti_conf;
gboolean status;
n_context = 1; n_context = 1;
context = g_new(EggTpm2Context, n_context); context = g_new(EggTpm2Context, n_context);
@ -201,6 +197,12 @@ egg_tpm2_initialize(GError **error)
return NULL; return NULL;
} }
status = egg_tpm2_generate_primary_key(context, error);
if (!status) {
egg_tpm2_finalize(context);
return NULL;
}
return context; return context;
} }
@ -286,8 +288,6 @@ egg_tpm2_generate_master_password(EggTpm2Context *context,
} }
data = g_bytes_get_data(input, &size); data = g_bytes_get_data(input, &size);
g_bytes_unref(input);
if (size > sizeof(in_sensitive.sensitive.data.buffer)) { if (size > sizeof(in_sensitive.sensitive.data.buffer)) {
g_set_error_literal(error, g_set_error_literal(error,
G_IO_ERROR, G_IO_ERROR,
@ -298,6 +298,7 @@ egg_tpm2_generate_master_password(EggTpm2Context *context,
memcpy(in_sensitive.sensitive.data.buffer, data, size); memcpy(in_sensitive.sensitive.data.buffer, data, size);
in_sensitive.sensitive.data.size = size; in_sensitive.sensitive.data.size = size;
g_bytes_unref(input);
ret = Esys_Create(context->esys_context, context->primary_key, ret = Esys_Create(context->esys_context, context->primary_key,
ESYS_TR_PASSWORD, ESYS_TR_NONE, ESYS_TR_NONE, ESYS_TR_PASSWORD, ESYS_TR_NONE, ESYS_TR_NONE,

3
egg/test-tpm2.c
View File

@ -50,6 +50,9 @@ test_egg_tpm2_decrypt_master_password(void)
g_assert_nonnull(context); g_assert_nonnull(context);
result = egg_tpm2_generate_master_password(context, &error); result = egg_tpm2_generate_master_password(context, &error);
g_assert_nonnull(result); g_assert_nonnull(result);
egg_tpm2_finalize(context);
context = egg_tpm2_initialize(&error);
decrypted1 = egg_tpm2_decrypt_master_password(context, result, decrypted1 = egg_tpm2_decrypt_master_password(context, result,
&error); &error);
g_assert_nonnull(decrypted1); g_assert_nonnull(decrypted1);