tpm: Improve error handling and check returned lengths.

* tpm2d/command.c (cmd_pkdecrypt): Handle unknown algo. Also slightly rework error handling. * tpm2d/tpm2.c (sexp_to_tpm2_public_ecc): Check length before checking for 0x04. Rework error handling. (tpm2_ObjectPublic_GetName): Check the return value of TSS_GetDigestSize before use. Erro handling rework. (tpm2_SensitiveToDuplicate): Ditto. (tpm2_import_key): Ditto. * tpm2d/intel-tss.h (TSS_Hash_Generate): Check passed length for negative values. Check return value of TSS_GetDigestSize. Use dedicated 16 bit length variable. -- These are reworked and improved fixes as reported in GnuPG-bug-id: 7129
2025-07-03 22:56:33 +02:00 · 2024-05-28 12:45:21 +02:00 · 2024-05-28 12:45:21 +02:00 · d631c8198c
commit d631c8198c
parent 2e4b1f7850
3 changed files with 110 additions and 66 deletions
--- a/tpm2d/command.c
+++ b/tpm2d/command.c
@ -291,12 +291,12 @@ cmd_pkdecrypt (assuan_context_t ctx, char *line)
 {
  ctrl_t ctrl = assuan_get_pointer (ctx);
  int rc;
-  unsigned char *shadow_info;
+  unsigned char *shadow_info = NULL;
  size_t len;
  TSS_CONTEXT *tssc;
  TPM_HANDLE key;
  TPMI_ALG_PUBLIC type;
-  unsigned char *crypto;
+  unsigned char *crypto = NULL;
  size_t cryptolen;
  char *buf;
  size_t buflen;
@ -313,7 +313,7 @@ cmd_pkdecrypt (assuan_context_t ctx, char *line)

  rc = assuan_inquire (ctx, "EXTRA", &crypto, &cryptolen, MAXLEN_KEYDATA);
  if (rc)
-    goto out_freeshadow;
+    goto out;

  rc = tpm2_start (&tssc);
  if (rc)
@ -329,6 +329,11 @@ cmd_pkdecrypt (assuan_context_t ctx, char *line)
  else if (type == TPM_ALG_ECC)
    rc = tpm2_ecc_decrypt (ctrl, tssc, key, pin_cb, crypto,
 			   cryptolen, &buf, &buflen);
+  else
+    {
+      rc = GPG_ERR_PUBKEY_ALGO;
+      goto end_out;
+    }

  tpm2_flush_handle (tssc, key);

@ -343,7 +348,6 @@ cmd_pkdecrypt (assuan_context_t ctx, char *line)

 out:
  xfree (crypto);
- out_freeshadow:
  xfree (shadow_info);

  return rc;