tpm_lite: Fix delegation table parsing

The computation to determine the number of table entries was incorrect
due to sizeof(TPM_FAMILY_TABLE_ENTRY) producing a wrong value for the
size of a single entry. TPM_FAMILY_TABLE_ENTRY actually doesn't match
the encoding of the entries in the TPM's response due to alignment.
Fix this by using a constant that reflects the correct entry size.

Relatedly, I found that ReadDelegationFamilyTableTest would have
caught the bug, but was actually not being invoked. Fix this as well.

BUG=chromium:934193
TEST=Unit tests, manual per instructions in bug.
BRANCH=none

Change-Id: Ic72ad110dc0dbf15cc3cc25b438c4bc2bd2d6015
Reviewed-on: https://chromium-review.googlesource.com/1480519
Commit-Ready: Mattias Nissler <mnissler@chromium.org>
Tested-by: Mattias Nissler <mnissler@chromium.org>
Tested-by: Andreea-Elena Costinas <acostinas@google.com>
Reviewed-by: Andrey Pronin <apronin@chromium.org>

2 files changed, 4 insertions, 1 deletions

diff --git a/firmware/lib/tpm_lite/tlcl.c b/firmware/lib/tpm_lite/tlcl.c
index b8d83335..c03e8695 100644
--- a/firmware/lib/tpm_lite/tlcl.c
+++ b/firmware/lib/tpm_lite/tlcl.c
@@ -1355,7 +1355,9 @@ uint32_t TlclReadDelegationFamilyTable(TPM_FAMILY_TABLE_ENTRY *table,
 		return TPM_E_INVALID_RESPONSE;
 	}
 
-	uint32_t table_entries = table_bytes / sizeof(TPM_FAMILY_TABLE_ENTRY);
+	const uint32_t table_entry_size =
+		sizeof(uint16_t) + sizeof(uint8_t) + 3 * sizeof(uint32_t);
+	uint32_t table_entries = table_bytes / table_entry_size;
 	int i;
 	for (i = 0; i < table_entries; ++i) {
 		if (i >= *table_size || !table) {
diff --git a/tests/tlcl_tests.c b/tests/tlcl_tests.c
index 385350dd..00eae615 100644
--- a/tests/tlcl_tests.c
+++ b/tests/tlcl_tests.c
@@ -1168,6 +1168,7 @@ int main(void)
 	IFXFieldUpgradeInfoTest();
 	ReadPubekTest();
 	TakeOwnershipTest();
+	ReadDelegationFamilyTableTest();
 
 	return gTestSuccess ? 0 : 255;
 }