diff options
author | Daiki Ueno <ueno@gnu.org> | 2021-08-12 15:00:19 +0000 |
---|---|---|
committer | Daiki Ueno <ueno@gnu.org> | 2021-08-12 15:00:19 +0000 |
commit | 2f0558fe577eca8b45acf22dc7734b0cc30dd753 (patch) | |
tree | 8261048d03339696ade57340635a1ad73212535b | |
parent | b3a7468f06996ccd53ffe0837d620ef82331ce45 (diff) | |
parent | ebb18f7885c918f056cae26b286dc6b42cf1191b (diff) | |
download | libsecret-2f0558fe577eca8b45acf22dc7734b0cc30dd753.tar.gz |
Merge branch 'tpm-issue' into 'master'
TPM2: Fix primary key generation in decrypting
See merge request GNOME/libsecret!91
-rw-r--r-- | egg/egg-tpm2.c | 15 | ||||
-rw-r--r-- | egg/test-tpm2.c | 3 |
2 files changed, 11 insertions, 7 deletions
diff --git a/egg/egg-tpm2.c b/egg/egg-tpm2.c index 2812aea..5d36ca2 100644 --- a/egg/egg-tpm2.c +++ b/egg/egg-tpm2.c @@ -130,15 +130,10 @@ static GBytes * egg_tpm2_generate_random_data(EggTpm2Context *context, GError **error) { - gboolean status = FALSE; TSS2_RC ret; TPM2B_DIGEST *random_data; GBytes *bytes; - status = egg_tpm2_generate_primary_key(context, error); - if (!status) - return NULL; - ret = Esys_GetRandom(context->esys_context, ESYS_TR_NONE, ESYS_TR_NONE, ESYS_TR_NONE, MAX_BYTE_SIZE, &random_data); @@ -164,6 +159,7 @@ egg_tpm2_initialize(GError **error) EggTpm2Context *context; gsize n_context; const gchar *tcti_conf; + gboolean status; n_context = 1; context = g_new(EggTpm2Context, n_context); @@ -201,6 +197,12 @@ egg_tpm2_initialize(GError **error) return NULL; } + status = egg_tpm2_generate_primary_key(context, error); + if (!status) { + egg_tpm2_finalize(context); + return NULL; + } + return context; } @@ -286,8 +288,6 @@ egg_tpm2_generate_master_password(EggTpm2Context *context, } data = g_bytes_get_data(input, &size); - g_bytes_unref(input); - if (size > sizeof(in_sensitive.sensitive.data.buffer)) { g_set_error_literal(error, G_IO_ERROR, @@ -298,6 +298,7 @@ egg_tpm2_generate_master_password(EggTpm2Context *context, memcpy(in_sensitive.sensitive.data.buffer, data, size); in_sensitive.sensitive.data.size = size; + g_bytes_unref(input); ret = Esys_Create(context->esys_context, context->primary_key, ESYS_TR_PASSWORD, ESYS_TR_NONE, ESYS_TR_NONE, diff --git a/egg/test-tpm2.c b/egg/test-tpm2.c index 218c310..ac82a6b 100644 --- a/egg/test-tpm2.c +++ b/egg/test-tpm2.c @@ -50,6 +50,9 @@ test_egg_tpm2_decrypt_master_password(void) g_assert_nonnull(context); result = egg_tpm2_generate_master_password(context, &error); g_assert_nonnull(result); + egg_tpm2_finalize(context); + + context = egg_tpm2_initialize(&error); decrypted1 = egg_tpm2_decrypt_master_password(context, result, &error); g_assert_nonnull(decrypted1); |