diff options
author | James Bottomley <James.Bottomley@HansenPartnership.com> | 2018-08-10 16:59:42 -0700 |
---|---|---|
committer | James Bottomley <James.Bottomley@HansenPartnership.com> | 2018-08-10 17:02:36 -0700 |
commit | 941af7a5925f9febb03cc60f8af15005bd674c22 (patch) | |
tree | 958ea2fe581a85704305d905e204587fce5f1855 | |
parent | 1b4c33302daeed9ff4c9986bd436d73d13bdef56 (diff) | |
download | openssl_tpm2_engine-941af7a5925f9febb03cc60f8af15005bd674c22.tar.gz |
fix error handling for failed policy commands
If the policy command of the key fails for any reason, we exit the
engine without flushing the policy session, which leads to a build up
of policy sessions leading to eventual failure. Fix this by flushing
the policy session in tpm2_init_session() if there's any policy
failure.
Also add a test for this and fix up check_enhanced_auth.sh so that any
failed test exits the script.
Signed-off-by: James Bottomley <James.Bottomley@HansenPartnership.com>
-rwxr-xr-x | tests/check_enhanced_auth.sh | 16 | ||||
-rw-r--r-- | tests/policies/policy_bogus.txt | 1 | ||||
-rw-r--r-- | tpm2-common.c | 11 |
3 files changed, 22 insertions, 6 deletions
diff --git a/tests/check_enhanced_auth.sh b/tests/check_enhanced_auth.sh index e8ab9d8..7006387 100755 --- a/tests/check_enhanced_auth.sh +++ b/tests/check_enhanced_auth.sh @@ -11,6 +11,16 @@ if [ ! -e ${tss_pcrreset_cmd} ] || [ ! -e ${tss_pcrextend_cmd} ]; then fi ## +# check we can use a bogus policy 5 times without clogging up the TPM, so +# we're properly flushing policy handles +## +${bindir}/create_tpm2_key key.tpm -c policies/policy_bogus.txt +a=0; while [ $a -lt 5 ]; do + a=$[$a+1] + echo "This is a message" | openssl rsautl -sign -engine tpm2 -engine tpm2 -keyform engine -inkey key.tpm -out tmp.msg && exit 1 +done + +## # test is # 1. create TPM internal private key with PolicyAuthValue authorization # 2. get the corresponding public key from the engine @@ -19,7 +29,7 @@ fi ${bindir}/create_tpm2_key -a -k passw0rd key2.tpm -c policies/policy_authvalue.txt && \ openssl rsa -engine tpm2 -inform engine -passin pass:passw0rd -in key2.tpm -pubout -out key2.pub && \ echo "This is a message" | openssl rsautl -sign -engine tpm2 -engine tpm2 -keyform engine -inkey key2.tpm -passin pass:passw0rd -out tmp.msg && \ -openssl rsautl -verify -in tmp.msg -inkey key2.pub -pubin +openssl rsautl -verify -in tmp.msg -inkey key2.pub -pubin || exit 1 ## # test is @@ -34,7 +44,7 @@ ${tss_pcrextend_cmd} -ha 16 -ic aaa ${bindir}/create_tpm2_key key2.tpm -c policies/policy_pcr.txt && \ openssl rsa -engine tpm2 -inform engine -in key2.tpm -pubout -out key2.pub && \ echo "This is a message" | openssl rsautl -sign -engine tpm2 -engine tpm2 -keyform engine -inkey key2.tpm -out tmp.msg && \ -openssl rsautl -verify -in tmp.msg -inkey key2.pub -pubin +openssl rsautl -verify -in tmp.msg -inkey key2.pub -pubin || exit 1 ## # test is @@ -66,7 +76,7 @@ ${tss_pcrextend_cmd} -ha 16 -ic aaa ${bindir}/create_tpm2_key -a -k passw0rd key2.tpm -c policies/policy_authvalue_pcr.txt && \ openssl rsa -engine tpm2 -inform engine -passin pass:passw0rd -in key2.tpm -pubout -out key2.pub && \ echo "This is a message" | openssl rsautl -sign -engine tpm2 -engine tpm2 -keyform engine -inkey key2.tpm -passin pass:passw0rd -out tmp.msg && \ -openssl rsautl -verify -in tmp.msg -inkey key2.pub -pubin +openssl rsautl -verify -in tmp.msg -inkey key2.pub -pubin || exit 1 ## # test is diff --git a/tests/policies/policy_bogus.txt b/tests/policies/policy_bogus.txt new file mode 100644 index 0000000..5b290d0 --- /dev/null +++ b/tests/policies/policy_bogus.txt @@ -0,0 +1 @@ +00000000 diff --git a/tpm2-common.c b/tpm2-common.c index a32f5da..0b704f2 100644 --- a/tpm2-common.c +++ b/tpm2-common.c @@ -634,12 +634,13 @@ TPM_RC tpm2_init_session(TSS_CONTEXT *tssContext, TPM_HANDLE handle, default: fprintf(stderr, "Unsupported policy command %d\n", commands[i].code); - return TPM_RC_FAILURE; + rc = TPM_RC_FAILURE; + goto out_flush; } if (rc) { tpm2_error(rc, "unmarshal"); - return rc; + goto out_flush; } rc = TSS_Execute(tssContext, @@ -650,11 +651,15 @@ TPM_RC tpm2_init_session(TSS_CONTEXT *tssContext, TPM_HANDLE handle, TPM_RH_NULL, NULL, 0); if (rc) { tpm2_error(rc, "policy command"); - return rc; + goto out_flush; } } return TPM_RC_SUCCESS; + + out_flush: + tpm2_flush_handle(tssContext, handle); + return rc; } /* |