Cleanups from peer-review

Author: dgarske

src/fwtpm/fwtpm.c

@@ -82,39 +82,29 @@ int FWTPM_Init(FWTPM_CTX* ctx)
 
     /* Initialize wolfCrypt RNG */
     rc = wolfCrypt_Init();
-    if (rc != 0) {
-        return rc;
-    }
-    rc = wc_InitRng(&ctx->rng);
-    if (rc != 0) {
-        wolfCrypt_Cleanup();
-        return rc;
+    if (rc == 0) {
+        rc = wc_InitRng(&ctx->rng);
     }
 
     /* Generate per-boot context protection key (volatile only) for
      * ContextSave/ContextLoad HMAC + AES-CFB session blob protection. */
-    rc = wc_RNG_GenerateBlock(&ctx->rng, ctx->ctxProtectKey,
-        sizeof(ctx->ctxProtectKey));
     if (rc == 0) {
-        ctx->ctxProtectKeyValid = 1;
-    }
-    else {
-        wc_FreeRng(&ctx->rng);
-        wolfCrypt_Cleanup();
-        return rc;
+        rc = wc_RNG_GenerateBlock(&ctx->rng, ctx->ctxProtectKey,
+            sizeof(ctx->ctxProtectKey));
+        if (rc == 0) {
+            ctx->ctxProtectKeyValid = 1;
+        }
     }
 
     /* Initialize NV storage - loads existing state or creates fresh seeds */
 #ifndef FWTPM_NO_NV
-    rc = FWTPM_NV_Init(ctx);
-    if (rc != 0) {
-        wc_FreeRng(&ctx->rng);
-        wolfCrypt_Cleanup();
-        return rc;
+    if (rc == 0) {
+        rc = FWTPM_NV_Init(ctx);
     }
 #else
     /* No NV: generate ephemeral seeds (lost on reset) */
-    rc = wc_RNG_GenerateBlock(&ctx->rng, ctx->ownerSeed, FWTPM_SEED_SIZE);
+    if (rc == 0)
+        rc = wc_RNG_GenerateBlock(&ctx->rng, ctx->ownerSeed, FWTPM_SEED_SIZE);
     if (rc == 0)
         rc = wc_RNG_GenerateBlock(&ctx->rng, ctx->endorsementSeed,
             FWTPM_SEED_SIZE);
@@ -124,13 +114,15 @@ int FWTPM_Init(FWTPM_CTX* ctx)
     if (rc == 0)
         rc = wc_RNG_GenerateBlock(&ctx->rng, ctx->nullSeed,
             FWTPM_SEED_SIZE);
+    if (rc == 0) {
+        ctx->pcrAllocatedBanks = FWTPM_PCR_ALLOC_DEFAULT;
+    }
+#endif
+
     if (rc != 0) {
         wc_FreeRng(&ctx->rng);
         wolfCrypt_Cleanup();
-        return TPM_RC_FAILURE;
     }
-    ctx->pcrAllocatedBanks = FWTPM_PCR_ALLOC_DEFAULT;
-#endif
 
     return rc;
 }

src/fwtpm/fwtpm_crypto.c

@@ -557,6 +557,7 @@ TPM_RC FwDeriveEccPrimaryKey(TPMI_ALG_HASH nameAlg,
     int valid = 0;
     int i;
     int allZero;
+    volatile byte orAccum;
 
     FWTPM_ALLOC_VAR(eccKey, ecc_key);
 
@@ -577,13 +578,11 @@ TPM_RC FwDeriveEccPrimaryKey(TPMI_ALG_HASH nameAlg,
             break;
         }
         /* Constant-time check d != 0 (all zeros) */
-        {
-            volatile byte orAccum = 0;
-            for (i = 0; i < keySz; i++) {
-                orAccum |= dBuf[i];
-            }
-            allZero = (orAccum == 0);
+        orAccum = 0;
+        for (i = 0; i < keySz; i++) {
+            orAccum |= dBuf[i];
         }
+        allZero = (orAccum == 0);
         if (!allZero) {
             valid = 1; /* Accept — range check done by import */
         }
@@ -1248,7 +1247,7 @@ int FwWrapContextBlob(FWTPM_CTX* ctx,
         rc = wc_AesInit(aes, NULL, INVALID_DEVID);
         if (rc == 0) {
             aesInit = 1;
-            rc = wc_AesSetKey(aes, ctx->ctxProtectKey, 32, iv, AES_ENCRYPTION);
+            rc = wc_AesSetKey(aes, ctx->ctxProtectKey, AES_256_KEY_SIZE, iv, AES_ENCRYPTION);
         }
     }
     if (rc == 0) {
@@ -1347,7 +1346,7 @@ int FwUnwrapContextBlob(FWTPM_CTX* ctx,
         rc = wc_AesInit(aes, NULL, INVALID_DEVID);
         if (rc == 0) {
             aesInit = 1;
-            rc = wc_AesSetKey(aes, ctx->ctxProtectKey, 32, in, AES_ENCRYPTION);
+            rc = wc_AesSetKey(aes, ctx->ctxProtectKey, AES_256_KEY_SIZE, in, AES_ENCRYPTION);
         }
     }
     if (rc == 0) {

src/fwtpm/fwtpm_io.c

@@ -522,6 +522,11 @@ int FWTPM_IO_ServerLoop(FWTPM_CTX* ctx)
     int maxFd;
     int cmdFd = -1;   /* active command client fd */
     int platFd = -1;  /* active platform client fd */
+    struct timeval tv;
+    int selRc;
+#ifndef _WIN32
+    struct sigaction sa;
+#endif
 #endif
 
     if (ctx == NULL) {
@@ -536,13 +541,10 @@ int FWTPM_IO_ServerLoop(FWTPM_CTX* ctx)
 #ifndef _WIN32
     /* Ignore SIGPIPE so write to closed socket returns error instead
      * of killing the process */
-    {
-        struct sigaction sa;
-        sa.sa_handler = SIG_IGN;
-        sigemptyset(&sa.sa_mask);
-        sa.sa_flags = 0;
-        sigaction(SIGPIPE, &sa, NULL);
-    }
+    sa.sa_handler = SIG_IGN;
+    sigemptyset(&sa.sa_mask);
+    sa.sa_flags = 0;
+    sigaction(SIGPIPE, &sa, NULL);
 #endif
 
     /* Multiplexed select loop: handles listen sockets AND active client fds
@@ -568,25 +570,21 @@ int FWTPM_IO_ServerLoop(FWTPM_CTX* ctx)
             if (platFd > maxFd) maxFd = platFd;
         }
 
-        {
-            struct timeval tv;
-            int selRc;
-            tv.tv_sec = 30;
-            tv.tv_usec = 0;
-            selRc = select(maxFd + 1, &readFds, NULL, NULL, &tv);
-            if (selRc < 0) {
-                if (errno == EINTR) {
-                    continue;
-                }
-            #ifdef DEBUG_WOLFTPM
-                printf("fwTPM: select error %d (%s)\n", errno, strerror(errno));
-            #endif
-                rc = TPM_RC_FAILURE;
-                break;
-            }
-            if (selRc == 0) {
-                continue; /* timeout — recheck ctx->running */
+        tv.tv_sec = 30;
+        tv.tv_usec = 0;
+        selRc = select(maxFd + 1, &readFds, NULL, NULL, &tv);
+        if (selRc < 0) {
+            if (errno == EINTR) {
+                continue;
             }
+        #ifdef DEBUG_WOLFTPM
+            printf("fwTPM: select error %d (%s)\n", errno, strerror(errno));
+        #endif
+            rc = TPM_RC_FAILURE;
+            break;
+        }
+        if (selRc == 0) {
+            continue; /* timeout — recheck ctx->running */
         }
 
         /* Accept new platform connection */

src/fwtpm/fwtpm_main.c

@@ -75,6 +75,7 @@ int main(int argc, char* argv[])
     static FWTPM_CTX ctx;
     int i;
     int clearNv = 0;
+    struct sigaction sa;
 
     /* Zero context before init (required so HAL save/restore works) */
     XMEMSET(&ctx, 0, sizeof(ctx));
@@ -159,14 +160,11 @@ int main(int argc, char* argv[])
 
     /* Install signal handler for graceful shutdown with NV save */
     g_ctx = &ctx;
-    {
-        struct sigaction sa;
-        sa.sa_handler = sigterm_handler;
-        sigemptyset(&sa.sa_mask);
-        sa.sa_flags = 0;
-        sigaction(SIGTERM, &sa, NULL);
-        sigaction(SIGINT, &sa, NULL);
-    }
+    sa.sa_handler = sigterm_handler;
+    sigemptyset(&sa.sa_mask);
+    sa.sa_flags = 0;
+    sigaction(SIGTERM, &sa, NULL);
+    sigaction(SIGINT, &sa, NULL);
 
     /* Initialize socket transport */
     rc = FWTPM_IO_Init(&ctx);

src/fwtpm/fwtpm_tis.c

@@ -406,6 +406,9 @@ int FWTPM_TIS_ServerLoop(FWTPM_CTX* ctx)
     FWTPM_TIS_HAL* hal;
     FWTPM_TIS_REGS* regs;
     int rc;
+#ifndef _WIN32
+    struct sigaction sa;
+#endif
 
     if (ctx == NULL || ctx->tisRegs == NULL ||
         ctx->tisHal.wait_request == NULL) {
@@ -417,13 +420,10 @@ int FWTPM_TIS_ServerLoop(FWTPM_CTX* ctx)
     ctx->running = 1;
 
 #ifndef _WIN32
-    {
-        struct sigaction sa;
-        sa.sa_handler = SIG_IGN;
-        sigemptyset(&sa.sa_mask);
-        sa.sa_flags = 0;
-        sigaction(SIGPIPE, &sa, NULL);
-    }
+    sa.sa_handler = SIG_IGN;
+    sigemptyset(&sa.sa_mask);
+    sa.sa_flags = 0;
+    sigaction(SIGPIPE, &sa, NULL);
 #endif
 
     printf("fwTPM TIS: Server ready, waiting for register accesses...\n");

src/tpm2_swtpm.c

@@ -95,27 +95,27 @@ static TPM_RC SwTpmTransmit(TPM2_CTX* ctx, const void* buffer, ssize_t bufSz)
 {
     TPM_RC rc = TPM_RC_SUCCESS;
     ssize_t wrc = 0;
+    const char* ptr;
+    int remaining;
 
     if (ctx == NULL || ctx->tcpCtx.fd < 0 || buffer == NULL) {
         return BAD_FUNC_ARG;
     }
 
-    {
-        const char* ptr = (const char*)buffer;
-        int remaining = bufSz;
-        while (remaining > 0) {
-            wrc = write(ctx->tcpCtx.fd, ptr, remaining);
-            if (wrc <= 0) {
-            #ifdef WOLFTPM_DEBUG_VERBOSE
-                printf("Failed to send the TPM command to fd %d, got errno %d ="
-                       "%s\n", ctx->tcpCtx.fd, errno, strerror(errno));
-            #endif
-                rc = TPM_RC_FAILURE;
-                break;
-            }
-            remaining -= (int)wrc;
-            ptr += wrc;
+    ptr = (const char*)buffer;
+    remaining = bufSz;
+    while (remaining > 0) {
+        wrc = write(ctx->tcpCtx.fd, ptr, remaining);
+        if (wrc <= 0) {
+        #ifdef WOLFTPM_DEBUG_VERBOSE
+            printf("Failed to send the TPM command to fd %d, got errno %d ="
+                   "%s\n", ctx->tcpCtx.fd, errno, strerror(errno));
+        #endif
+            rc = TPM_RC_FAILURE;
+            break;
         }
+        remaining -= (int)wrc;
+        ptr += wrc;
     }
 
     return rc;
@@ -170,6 +170,7 @@ static TPM_RC SwTpmConnect(TPM2_CTX* ctx, const char* host, const char* port)
     struct termios tty;
     speed_t baud;
     int baudInt;
+    struct stat devStat;
 
     if (ctx == NULL) {
         return BAD_FUNC_ARG;
@@ -185,12 +186,9 @@ static TPM_RC SwTpmConnect(TPM2_CTX* ctx, const char* host, const char* port)
         return TPM_RC_FAILURE;
     }
     /* Verify the opened path is a character device */
-    {
-        struct stat st;
-        if (fstat(fd, &st) != 0 || !S_ISCHR(st.st_mode)) {
-            close(fd);
-            return TPM_RC_FAILURE;
-        }
+    if (fstat(fd, &devStat) != 0 || !S_ISCHR(devStat.st_mode)) {
+        close(fd);
+        return TPM_RC_FAILURE;
     }
 
     /* Configure serial port: 8N1, raw mode, no flow control */

src/tpm2_wrap.c

@@ -1866,6 +1866,10 @@ int wolfTPM2_SetSessionHandle(WOLFTPM2_DEV* dev, int index,
 
         session->auth.size = tpmSession->handle.auth.size;
         if (session->auth.size > sizeof(session->auth.buffer)) {
+        #ifdef DEBUG_WOLFTPM
+            printf("SetSessionHandle: auth size %d exceeds buffer %d\n",
+                session->auth.size, (int)sizeof(session->auth.buffer));
+        #endif
             return BUFFER_E;
         }
         XMEMCPY(session->auth.buffer, tpmSession->handle.auth.buffer,

wolftpm/fwtpm/fwtpm.h

@@ -428,7 +428,7 @@ typedef struct FWTPM_CTX {
     /* Per-boot context protection key (volatile only, never persisted).
      * Used by ContextSave/ContextLoad for HMAC + AES-CFB protection of
      * session context blobs per TPM 2.0 Part 1 §30. */
-    byte ctxProtectKey[32];
+    byte ctxProtectKey[AES_256_KEY_SIZE];
     int  ctxProtectKeyValid;
 
     /* TIS transport state (when not using sockets) */