Skip to content

Commit 547fcda

Browse files
aidangarskeaidangarske
committed
F-2991 - https://fenrir.wolfssl.com/finding/2991 - Add ForceZero for sensitive stack buffers in SPDM PSK and TCG functions
1 parent c02fb0d commit 547fcda

2 files changed

Lines changed: 48 additions & 58 deletions

File tree

src/spdm/spdm_psk.c

Lines changed: 36 additions & 48 deletions
Original file line numberDiff line numberDiff line change
@@ -369,71 +369,59 @@ int wolfSPDM_ConnectPsk(WOLFSPDM_CTX* ctx)
369369

370370
wolfSPDM_DebugPrint(ctx, "PSK Step 4: PSK_EXCHANGE\n");
371371
rc = wolfSPDM_BuildPskExchange(ctx, txBuf, &txSz);
372-
if (rc != WOLFSPDM_SUCCESS) {
373-
ctx->state = WOLFSPDM_STATE_ERROR;
374-
return rc;
375-
}
376-
rc = wolfSPDM_TranscriptAdd(ctx, txBuf, txSz);
377-
if (rc != WOLFSPDM_SUCCESS) {
378-
ctx->state = WOLFSPDM_STATE_ERROR;
379-
return rc;
372+
if (rc == WOLFSPDM_SUCCESS) {
373+
rc = wolfSPDM_TranscriptAdd(ctx, txBuf, txSz);
380374
}
381-
rc = wolfSPDM_SendReceive(ctx, txBuf, txSz, rxBuf, &rxSz);
382-
if (rc != WOLFSPDM_SUCCESS) {
383-
ctx->state = WOLFSPDM_STATE_ERROR;
384-
return rc;
375+
if (rc == WOLFSPDM_SUCCESS) {
376+
rc = wolfSPDM_SendReceive(ctx, txBuf, txSz, rxBuf, &rxSz);
385377
}
386-
rc = wolfSPDM_ParsePskExchangeRsp(ctx, rxBuf, rxSz);
387-
if (rc != WOLFSPDM_SUCCESS) {
388-
ctx->state = WOLFSPDM_STATE_ERROR;
389-
return rc;
378+
if (rc == WOLFSPDM_SUCCESS) {
379+
rc = wolfSPDM_ParsePskExchangeRsp(ctx, rxBuf, rxSz);
390380
}
391381

392382
/* Step 5: PSK_FINISH / PSK_FINISH_RSP (encrypted) */
393-
finSz = sizeof(finBuf);
394-
encSz = sizeof(encBuf);
395-
rxSz = sizeof(rxBuf);
396-
decSz = sizeof(decBuf);
383+
if (rc == WOLFSPDM_SUCCESS) {
384+
finSz = sizeof(finBuf);
385+
encSz = sizeof(encBuf);
386+
rxSz = sizeof(rxBuf);
387+
decSz = sizeof(decBuf);
397388

398-
wolfSPDM_DebugPrint(ctx, "PSK Step 5: PSK_FINISH\n");
399-
rc = wolfSPDM_BuildPskFinish(ctx, finBuf, &finSz);
400-
if (rc != WOLFSPDM_SUCCESS) {
401-
ctx->state = WOLFSPDM_STATE_ERROR;
402-
return rc;
389+
wolfSPDM_DebugPrint(ctx, "PSK Step 5: PSK_FINISH\n");
390+
rc = wolfSPDM_BuildPskFinish(ctx, finBuf, &finSz);
403391
}
404-
rc = wolfSPDM_EncryptInternal(ctx, finBuf, finSz, encBuf, &encSz);
405-
if (rc != WOLFSPDM_SUCCESS) {
406-
ctx->state = WOLFSPDM_STATE_ERROR;
407-
return rc;
392+
if (rc == WOLFSPDM_SUCCESS) {
393+
rc = wolfSPDM_EncryptInternal(ctx, finBuf, finSz, encBuf, &encSz);
408394
}
409-
rc = wolfSPDM_SendReceive(ctx, encBuf, encSz, rxBuf, &rxSz);
410-
if (rc != WOLFSPDM_SUCCESS) {
411-
ctx->state = WOLFSPDM_STATE_ERROR;
412-
return rc;
395+
if (rc == WOLFSPDM_SUCCESS) {
396+
rc = wolfSPDM_SendReceive(ctx, encBuf, encSz, rxBuf, &rxSz);
413397
}
414-
rc = wolfSPDM_DecryptInternal(ctx, rxBuf, rxSz, decBuf, &decSz);
415-
if (rc != WOLFSPDM_SUCCESS) {
416-
ctx->state = WOLFSPDM_STATE_ERROR;
417-
return rc;
398+
if (rc == WOLFSPDM_SUCCESS) {
399+
rc = wolfSPDM_DecryptInternal(ctx, rxBuf, rxSz, decBuf, &decSz);
418400
}
419-
rc = wolfSPDM_ParsePskFinishRsp(ctx, decBuf, decSz);
420-
if (rc != WOLFSPDM_SUCCESS) {
421-
ctx->state = WOLFSPDM_STATE_ERROR;
422-
return rc;
401+
if (rc == WOLFSPDM_SUCCESS) {
402+
rc = wolfSPDM_ParsePskFinishRsp(ctx, decBuf, decSz);
423403
}
424404

425405
/* Derive application data keys */
426-
rc = wolfSPDM_DeriveAppDataKeys(ctx);
427-
if (rc != WOLFSPDM_SUCCESS) {
406+
if (rc == WOLFSPDM_SUCCESS) {
407+
rc = wolfSPDM_DeriveAppDataKeys(ctx);
408+
}
409+
410+
if (rc == WOLFSPDM_SUCCESS) {
411+
ctx->state = WOLFSPDM_STATE_CONNECTED;
412+
wolfSPDM_DebugPrint(ctx, "PSK: SPDM Session Established! "
413+
"SessionID=0x%08x\n", ctx->sessionId);
414+
}
415+
else {
428416
ctx->state = WOLFSPDM_STATE_ERROR;
429-
return rc;
430417
}
431418

432-
ctx->state = WOLFSPDM_STATE_CONNECTED;
433-
wolfSPDM_DebugPrint(ctx, "PSK: SPDM Session Established! "
434-
"SessionID=0x%08x\n", ctx->sessionId);
419+
/* Always zero sensitive stack buffers */
420+
wc_ForceZero(finBuf, sizeof(finBuf));
421+
wc_ForceZero(encBuf, sizeof(encBuf));
422+
wc_ForceZero(decBuf, sizeof(decBuf));
435423

436-
return WOLFSPDM_SUCCESS;
424+
return rc;
437425
}
438426

439427
#endif /* WOLFTPM_SPDM_PSK */

src/spdm/spdm_tcg.c

Lines changed: 12 additions & 10 deletions
Original file line numberDiff line numberDiff line change
@@ -97,23 +97,25 @@ int wolfSPDM_TCG_VendorCmdSecured(WOLFSPDM_CTX* ctx, const char* vdCode,
9797
spdmMsgSz = wolfSPDM_BuildVendorDefined(ver, vdCode, payload,
9898
payloadSz, spdmMsg, sizeof(spdmMsg));
9999
if (spdmMsgSz < 0) {
100-
return spdmMsgSz;
100+
rc = spdmMsgSz;
101101
}
102-
103-
decSz = sizeof(decBuf);
104-
rc = wolfSPDM_SecuredExchange(ctx, spdmMsg, (word32)spdmMsgSz,
105-
decBuf, &decSz);
106-
if (rc != WOLFSPDM_SUCCESS) {
107-
return rc;
102+
else {
103+
decSz = sizeof(decBuf);
104+
rc = wolfSPDM_SecuredExchange(ctx, spdmMsg, (word32)spdmMsgSz,
105+
decBuf, &decSz);
108106
}
109107

110-
if (decSz >= 4 && decBuf[1] == SPDM_ERROR) {
108+
if (rc == WOLFSPDM_SUCCESS && decSz >= 4 && decBuf[1] == SPDM_ERROR) {
111109
wolfSPDM_DebugPrint(ctx, "%s: SPDM ERROR 0x%02x 0x%02x\n",
112110
vdCode, decBuf[2], decBuf[3]);
113-
return WOLFSPDM_E_PEER_ERROR;
111+
rc = WOLFSPDM_E_PEER_ERROR;
114112
}
115113

116-
return WOLFSPDM_SUCCESS;
114+
/* Always zero sensitive stack buffers */
115+
wc_ForceZero(spdmMsg, sizeof(spdmMsg));
116+
wc_ForceZero(decBuf, sizeof(decBuf));
117+
118+
return rc;
117119
}
118120

119121
/* ----- TCG SPDM Binding Message Framing ----- */

0 commit comments

Comments
 (0)