Fix peer review findings

Author: dgarske

.github/workflows/fwtpm-test.yml

@@ -191,9 +191,11 @@ jobs:
           CONFIGURE_ARGS="${{ matrix.wolfssl_config }}"
           EXTRA_CFLAGS="${{ matrix.extra_cflags }}"
           EXTRA_LDFLAGS="${{ matrix.extra_ldflags }}"
+          WOLFSSL_CFLAGS="-DWC_RSA_NO_PADDING"
           if [ -n "$EXTRA_CFLAGS" ]; then
-            CONFIGURE_ARGS="$CONFIGURE_ARGS CFLAGS=\"$EXTRA_CFLAGS\""
+            WOLFSSL_CFLAGS="$WOLFSSL_CFLAGS $EXTRA_CFLAGS"
           fi
+          CONFIGURE_ARGS="$CONFIGURE_ARGS CFLAGS=\"$WOLFSSL_CFLAGS\""
           if [ -n "$EXTRA_LDFLAGS" ]; then
             CONFIGURE_ARGS="$CONFIGURE_ARGS LDFLAGS=\"$EXTRA_LDFLAGS\""
           fi
@@ -355,13 +357,15 @@ jobs:
           ./autogen.sh
           ./configure --enable-wolftpm --enable-pkcallbacks --enable-keygen
           make
-          sudo make install
-          sudo ldconfig
+          make install
+          ldconfig
 
       - name: Copy wolfSSL to /tmp/wolfssl-fwtpm
         run: cp -a wolfssl /tmp/wolfssl-fwtpm
 
       - name: Run fwTPM emulator test (non-TZ)
+        env:
+          WOLFSSL_DIR: /tmp/wolfssl-fwtpm
         run: scripts/fwtpm_emu_test.sh
 
       - name: Upload failure logs

scripts/fwtpm_build_test.sh

@@ -58,7 +58,8 @@ check_wolfssl_options() {
     [ -f "$opts_file" ] || return 1
     grep -q "HAVE_PK_CALLBACKS" "$opts_file" && \
     grep -q "WOLFSSL_KEY_GEN" "$opts_file" && \
-    grep -q "WOLFSSL_PUBLIC_MP" "$opts_file"
+    grep -q "WOLFSSL_PUBLIC_MP" "$opts_file" && \
+    grep -q "WC_RSA_NO_PADDING" "$opts_file"
 }
 
 ensure_wolfssl() {
@@ -103,6 +104,7 @@ ensure_wolfssl() {
         ./autogen.sh > /dev/null 2>&1 && \
         ./configure \
             --enable-wolftpm --enable-pkcallbacks --enable-keygen \
+            CFLAGS="-DWC_RSA_NO_PADDING" \
             > /tmp/wolfssl-fwtpm-configure.log 2>&1 && \
         make -j"$(nproc)" > /tmp/wolfssl-fwtpm-build.log 2>&1 && \
         sudo make install > /tmp/wolfssl-fwtpm-install.log 2>&1 && \

scripts/fwtpm_emu_test.sh

@@ -62,7 +62,7 @@ echo "  TZEN: $TZEN"
 if [ $DO_BUILD -eq 1 ]; then
     echo "Building fwTPM STM32 (TZEN=$TZEN, SELFTEST=1)..."
     make -C "$PORT_DIR" clean > /dev/null 2>&1
-    if ! make -C "$PORT_DIR" TZEN=$TZEN SELFTEST=1 > /tmp/fwtpm_emu_build.log 2>&1; then
+    if ! make -C "$PORT_DIR" ${WOLFSSL_DIR:+WOLFSSL_DIR="$WOLFSSL_DIR"} TZEN=$TZEN SELFTEST=1 > /tmp/fwtpm_emu_build.log 2>&1; then
         echo "FAIL: Build failed"
         tail -20 /tmp/fwtpm_emu_build.log
         exit 1

src/fwtpm/README.md

@@ -11,11 +11,11 @@ SPI/I2C for bare-metal integration. Implements 103 of 113 TPM 2.0 v1.38 commands
 
 ## Building
 
-wolfSSL must be built with `--enable-keygen`:
+wolfSSL must be built with `--enable-keygen` and `WC_RSA_NO_PADDING`:
 
 ```bash
 cd wolfssl
-./configure --enable-wolftpm --enable-pkcallbacks --enable-keygen
+./configure --enable-wolftpm --enable-pkcallbacks --enable-keygen CFLAGS="-DWC_RSA_NO_PADDING"
 make && make install
 ```
 

src/fwtpm/fwtpm_command.c

@@ -5457,9 +5457,13 @@ static TPM_RC FwCmd_RSA_Encrypt(FWTPM_CTX* ctx, TPM2_Packet* cmd,
         }
         else if (encScheme == TPM_ALG_NULL) {
             /* Raw RSA (no padding) */
+        #ifdef WC_RSA_NO_PADDING
             outSz = wc_RsaPublicEncrypt_ex(message.buffer, message.size,
                 outBuf, (word32)FWTPM_MAX_PUB_BUF, rsaKey, &ctx->rng,
                 WC_RSA_NO_PAD, WC_HASH_TYPE_NONE, 0, NULL, 0);
+        #else
+            rc = TPM_RC_SCHEME;
+        #endif
         }
         else {
             /* RSAES PKCS1 v1.5 */
@@ -5602,9 +5606,13 @@ static TPM_RC FwCmd_RSA_Decrypt(FWTPM_CTX* ctx, TPM2_Packet* cmd,
         }
         else if (decScheme == TPM_ALG_NULL) {
             /* Raw RSA (no padding) */
+        #ifdef WC_RSA_NO_PADDING
             outSz = wc_RsaPrivateDecrypt_ex(cipherText.buffer, cipherText.size,
                 outBuf, (word32)FWTPM_MAX_PUB_BUF, rsaKey,
                 WC_RSA_NO_PAD, WC_HASH_TYPE_NONE, 0, NULL, 0);
+        #else
+            rc = TPM_RC_SCHEME;
+        #endif
         }
         else {
             /* RSAES PKCS1 v1.5 */
@@ -10964,7 +10972,10 @@ static TPM_RC FwCmd_MakeCredential(FWTPM_CTX* ctx, TPM2_Packet* cmd,
         XMEMCPY(oaepLabel, "IDENTITY", 8);
         oaepLabelSz = 8;
         oaepLabel[oaepLabelSz++] = 0x00;
-        if (objectName.size + oaepLabelSz <= (int)sizeof(oaepLabel)) {
+        if (objectName.size + oaepLabelSz > (int)sizeof(oaepLabel)) {
+            rc = TPM_RC_SIZE;
+        }
+        else {
             XMEMCPY(oaepLabel + oaepLabelSz, objectName.name,
                 objectName.size);
             oaepLabelSz += objectName.size;
@@ -11016,14 +11027,20 @@ static TPM_RC FwCmd_MakeCredential(FWTPM_CTX* ctx, TPM2_Packet* cmd,
         TPM2_Packet_AppendBytes(rsp, encCred, (int)encCredSz);
         /* patch blob size */
         blobSz = rsp->pos - blobStart;
-        savedPos = rsp->pos;
-        rsp->pos = blobSzPos;
-        TPM2_Packet_AppendU16(rsp, (UINT16)blobSz);
-        rsp->pos = savedPos;
-        /* secret = TPM2B_ENCRYPTED_SECRET */
-        TPM2_Packet_AppendU16(rsp, (UINT16)encSeedSz);
-        TPM2_Packet_AppendBytes(rsp, encSeed, encSeedSz);
-        FwRspParamsEnd(rsp, cmdTag, paramSzPos, paramStart);
+        if (blobSz < 0 || blobSz > 0xFFFF ||
+            encSeedSz < 0 || encSeedSz > 0xFFFF) {
+            rc = TPM_RC_SIZE;
+        }
+        if (rc == 0) {
+            savedPos = rsp->pos;
+            rsp->pos = blobSzPos;
+            TPM2_Packet_AppendU16(rsp, (UINT16)blobSz);
+            rsp->pos = savedPos;
+            /* secret = TPM2B_ENCRYPTED_SECRET */
+            TPM2_Packet_AppendU16(rsp, (UINT16)encSeedSz);
+            TPM2_Packet_AppendBytes(rsp, encSeed, encSeedSz);
+            FwRspParamsEnd(rsp, cmdTag, paramSzPos, paramStart);
+        }
     }
 
     TPM2_ForceZero(seed, sizeof(seed));
@@ -11151,7 +11168,10 @@ static TPM_RC FwCmd_ActivateCredential(FWTPM_CTX* ctx, TPM2_Packet* cmd,
         XMEMCPY(oaepLabel, "IDENTITY", 8);
         oaepLabelSz = 8;
         oaepLabel[oaepLabelSz++] = 0x00;
-        if (objName->size + oaepLabelSz <= (int)sizeof(oaepLabel)) {
+        if (objName->size + oaepLabelSz > (int)sizeof(oaepLabel)) {
+            rc = TPM_RC_SIZE;
+        }
+        else {
             XMEMCPY(oaepLabel + oaepLabelSz, objName->name, objName->size);
             oaepLabelSz += objName->size;
         }
@@ -12293,6 +12313,10 @@ int FWTPM_ProcessCommand(FWTPM_CTX* ctx,
         int rspParamEnd;
 #endif
         int j;
+        int rngRc;
+        byte rpHash[TPM_MAX_DIGEST_SIZE];
+        int rpHashSz = 0;
+        TPMI_ALG_HASH rpHashAlg = TPM_ALG_SHA256;
 
         /* Read parameterSize from response buffer */
         if (rspHandleEnd + 4 <= rspPkt.pos) {
@@ -12314,9 +12338,14 @@ int FWTPM_ProcessCommand(FWTPM_CTX* ctx,
                 FWTPM_Session* sess = cmdAuths[j].sess;
                 int digestSz = TPM2_GetHashDigestSize(sess->authHash);
                 if (digestSz > 0) {
-                    sess->nonceTPM.size = digestSz;
-                    wc_RNG_GenerateBlock(&ctx->rng, sess->nonceTPM.buffer,
-                        digestSz);
+                    rngRc = wc_RNG_GenerateBlock(&ctx->rng,
+                        sess->nonceTPM.buffer, digestSz);
+                    if (rngRc == 0) {
+                        sess->nonceTPM.size = digestSz;
+                    }
+                    else {
+                        sess->nonceTPM.size = 0;
+                    }
                 }
             }
         }
@@ -12340,8 +12369,6 @@ int FWTPM_ProcessCommand(FWTPM_CTX* ctx,
 #endif /* !FWTPM_NO_PARAM_ENC */
 
         /* Compute rpHash on (possibly encrypted) response parameters */
-        byte rpHash[TPM_MAX_DIGEST_SIZE];
-        int rpHashSz = 0;
         {
             const byte* rpBytes = NULL;
             int rpBytesSz = 0;
@@ -12350,7 +12377,6 @@ int FWTPM_ProcessCommand(FWTPM_CTX* ctx,
                 rpBytesSz = (int)rspParamSzVal;
             }
             /* Use first session's hashAlg for rpHash (or SHA-256 default) */
-            TPMI_ALG_HASH rpHashAlg = TPM_ALG_SHA256;
             for (j = 0; j < cmdAuthCnt; j++) {
                 if (cmdAuths[j].sess != NULL) {
                     rpHashAlg = cmdAuths[j].sess->authHash;

src/fwtpm/fwtpm_crypto.c

@@ -84,11 +84,15 @@ int FwComputeUniqueHash(TPMI_ALG_HASH nameAlg, const byte* keyData,
         FWTPM_DECLARE_VAR(hCtx, wc_HashAlg);
         FWTPM_ALLOC_VAR(hCtx, wc_HashAlg);
         if (rc == 0 && wc_HashInit(hCtx, wcHash) == 0) {
-            wc_HashUpdate(hCtx, wcHash, keyData, (word32)keyDataSz);
-            wc_HashFinal(hCtx, wcHash, outBuf);
+            rc = wc_HashUpdate(hCtx, wcHash, keyData, (word32)keyDataSz);
+            if (rc == 0) {
+                rc = wc_HashFinal(hCtx, wcHash, outBuf);
+            }
             wc_HashFree(hCtx, wcHash);
-            FWTPM_FREE_VAR(hCtx);
-            return hSz;
+            if (rc == 0) {
+                FWTPM_FREE_VAR(hCtx);
+                return hSz;
+            }
         }
         FWTPM_FREE_VAR(hCtx);
     }
@@ -263,10 +267,14 @@ int FwAppendCreationHashAndTicket(FWTPM_CTX* ctx, TPM2_Packet* rsp,
     byte ticketData[TPM_MAX_DIGEST_SIZE + sizeof(TPM2B_NAME)];
     int chSz = TPM2_GetHashDigestSize(nameAlg);
     int ticketDataSz = 0;
+    int hashRc = 0;
 
     if (chSz > 0) {
-        wc_Hash(FwGetWcHashType(nameAlg),
+        hashRc = wc_Hash(FwGetWcHashType(nameAlg),
             rsp->buf + cdStart, cdSize, creationHash, chSz);
+        if (hashRc != 0) {
+            chSz = 0;
+        }
     }
     TPM2_Packet_AppendU16(rsp, (UINT16)chSz);
     if (chSz > 0) {

src/fwtpm/fwtpm_io.c

@@ -261,8 +261,7 @@ static int HandleMssimSignal(FWTPM_CTX* ctx, int clientFd, UINT32 tssCmd)
     printf("fwTPM: Cmd-port signal %u (ack)\n", tssCmd);
 #endif
     netVal = FwTpmSwapU32(0);
-    SocketSend(clientFd, &netVal, 4);
-    return TPM_RC_SUCCESS;
+    return SocketSend(clientFd, &netVal, 4);
 }
 
 /* --- Process and send TPM command response --- */

src/fwtpm/fwtpm_nv.c

@@ -104,7 +104,10 @@ static int FwNvFileWrite(void* ctx, word32 offset, const byte* buf,
         byte zero = 0;
         long i;
         for (i = fileSize; i < (long)offset; i++) {
-            fwrite(&zero, 1, 1, f);
+            if (fwrite(&zero, 1, 1, f) != 1) {
+                fclose(f);
+                return TPM_RC_FAILURE;
+            }
         }
     }
 
@@ -860,6 +863,9 @@ static int FwNvProcessEntry(FWTPM_CTX* ctx, UINT16 tag,
                     XMEMCPY(&ctx->nvIndices[slot], &nv,
                         sizeof(FWTPM_NvIndex));
                 }
+                else {
+                    WOLFSSL_MSG("fwTPM NV: no free NV slot, entry dropped");
+                }
             }
             break;
         }

src/fwtpm/fwtpm_tis.c

@@ -159,7 +159,12 @@ static void TisHandleRegAccess(FWTPM_CTX* ctx, FWTPM_TIS_REGS* regs)
             case FWTPM_TIS_XDATA_FIFO: {
                 /* Write command data to FIFO */
                 UINT32 i;
-                UINT32 space = FWTPM_TIS_FIFO_SIZE - regs->fifo_write_pos;
+                UINT32 space;
+                /* Clamp len to reg_data buffer size */
+                if (len > sizeof(regs->reg_data)) {
+                    len = (UINT32)sizeof(regs->reg_data);
+                }
+                space = FWTPM_TIS_FIFO_SIZE - regs->fifo_write_pos;
                 if (len > space) {
                     len = space;
                 }
@@ -178,6 +183,16 @@ static void TisHandleRegAccess(FWTPM_CTX* ctx, FWTPM_TIS_REGS* regs)
                  * is complete based on the size field in bytes [2..5] */
                 if (regs->cmd_len >= TPM2_HEADER_SIZE) {
                     UINT32 cmdTotalSz = FwLoadU32BE(regs->cmd_buf + 2);
+                    if (cmdTotalSz < TPM2_HEADER_SIZE ||
+                        cmdTotalSz > FWTPM_TIS_FIFO_SIZE) {
+                        /* Invalid command size, reset FIFO */
+                        regs->cmd_len = 0;
+                        regs->fifo_write_pos = 0;
+                        regs->sts = TisBuildSts(
+                            FWTPM_STS_VALID | FWTPM_STS_COMMAND_READY,
+                            FWTPM_TIS_BURST_COUNT);
+                        break;
+                    }
                     if (regs->cmd_len >= cmdTotalSz) {
                         /* Full command received, clear EXPECT */
                         regs->sts = TisBuildSts(

src/fwtpm/fwtpm_tis_shm.c

@@ -148,7 +148,9 @@ static int TisShmWaitRequest(void* ctx)
 static int TisShmSignalResponse(void* ctx)
 {
     FWTPM_TIS_SHM_CTX* shm = (FWTPM_TIS_SHM_CTX*)ctx;
-    sem_post(shm->semRsp);
+    if (sem_post(shm->semRsp) != 0) {
+        return TPM_RC_FAILURE;
+    }
     return 0;
 }