From fb0470a9f5834b77fba2bf5e1b41f56d063e556f Mon Sep 17 00:00:00 2001 From: Werner Koch Date: Fri, 9 Mar 2018 10:36:14 +0100 Subject: [PATCH] agent: Minor cleanup of the TPM patches. * configure.ac (AC_CHECK_HEADERS): Add tss2/tss.h. * agent/divert-tpm2.c: Print an error if that file is not available. * agent/Makefile.am (gpg_agent_SOURCES): Add tpm.h * agent/command.c (do_one_keyinfo): Replace xstrdup by xtrystrdup. * agent/protect.c (agent_get_shadow_info_type): Check error of xtrystrdup. Signed-off-by: Werner Koch --- agent/Makefile.am | 2 +- agent/command.c | 10 ++++++++-- agent/divert-tpm2.c | 6 ++++++ agent/protect.c | 18 +++++++++++------- configure.ac | 2 +- 5 files changed, 27 insertions(+), 11 deletions(-) diff --git a/agent/Makefile.am b/agent/Makefile.am index 290ef1288..4fe74f539 100644 --- a/agent/Makefile.am +++ b/agent/Makefile.am @@ -52,7 +52,7 @@ gpg_agent_SOURCES = \ trustlist.c \ divert-scd.c \ divert-tpm2.c \ - tpm2.c \ + tpm2.c tpm2.h \ cvt-openpgp.c cvt-openpgp.h \ call-scd.c \ learncard.c diff --git a/agent/command.c b/agent/command.c index c439aa5f7..a46e2888e 100644 --- a/agent/command.c +++ b/agent/command.c @@ -1104,7 +1104,8 @@ do_one_keyinfo (ctrl_t ctrl, const unsigned char *grip, assuan_context_t ctx, char hexgrip[40+1]; char *fpr = NULL; int keytype; - unsigned char *shadow_info = NULL, *shadow_info_type = NULL; + unsigned char *shadow_info = NULL; + unsigned char *shadow_info_type = NULL; char *serialno = NULL; char *idstr = NULL; const char *keytypestr; @@ -1194,7 +1195,12 @@ do_one_keyinfo (ctrl_t ctrl, const unsigned char *grip, assuan_context_t ctx, } else if (strcmp (shadow_info_type, "tpm2-v1") == 0) { - serialno = xstrdup("TPM-Protected"); + serialno = xtrystrdup("TPM-Protected"); + if (!serialno) + { + err = gpg_error_from_syserror (); + goto leave; + } idstr = NULL; } else diff --git a/agent/divert-tpm2.c b/agent/divert-tpm2.c index deb655a47..84935dee2 100644 --- a/agent/divert-tpm2.c +++ b/agent/divert-tpm2.c @@ -8,6 +8,12 @@ #include #include +/* FIXME: Until we have a proper checking in configure we give a hint + * on what to do */ +#ifndef HAVE_TSS2_TSS_H +# error Please install the libtss2 dev package first +#endif + #include "agent.h" #include "../common/i18n.h" #include "../common/sexp-parse.h" diff --git a/agent/protect.c b/agent/protect.c index 0920667d1..09c7d616a 100644 --- a/agent/protect.c +++ b/agent/protect.c @@ -1559,11 +1559,12 @@ agent_shadow_key_type (const unsigned char *pubkey, /* Calculate required length by taking in account: the "shadowed-" prefix, the "shadowed", shadow type as well as some parenthesis */ + /* FIXME: We should use membuf functions here. */ n = 12 + pubkey_len + 1 + 3+8 + 2+5 + shadow_info_len + 1; *result = xtrymalloc (n); p = (char*)*result; if (!p) - return out_of_core (); + return out_of_core (); p = stpcpy (p, "(20:shadowed-private-key"); /* (10:public-key ...)*/ memcpy (p, pubkey+14, point - (pubkey+14)); @@ -1643,12 +1644,15 @@ agent_get_shadow_info_type (const unsigned char *shadowkey, n = snext (&s); if (!n) return gpg_error (GPG_ERR_INV_SEXP); - if (shadow_type) { - char *buf = xtrymalloc(n+1); - memcpy(buf, s, n); - buf[n] = '\0'; - *shadow_type = buf; - } + if (shadow_type) + { + char *buf = xtrymalloc(n+1); + if (!buf) + return gpg_error_from_syserror (); + memcpy (buf, s, n); + buf[n] = '\0'; + *shadow_type = buf; + } if (smatch (&s, n, "t1-v1") || smatch(&s, n, "tpm2-v1")) { diff --git a/configure.ac b/configure.ac index 7522b6922..9dd9230c0 100644 --- a/configure.ac +++ b/configure.ac @@ -1301,7 +1301,7 @@ AC_HEADER_STDC AC_CHECK_HEADERS([string.h unistd.h langinfo.h termio.h locale.h getopt.h \ pty.h utmp.h pwd.h inttypes.h signal.h sys/select.h \ stdint.h signal.h util.h libutil.h termios.h \ - ucred.h sys/ucred.h sys/sysmacros.h sys/mkdev.h]) + ucred.h sys/ucred.h sys/sysmacros.h sys/mkdev.h tss2/tss.h]) AC_HEADER_TIME