Reject oversized TPM ROT auth input

danielinux · danielinux · commit 1cb6c75002f0 · 2026-03-30T14:08:19.000+02:00
F/1480
diff --git a/tools/tpm/rot.c b/tools/tpm/rot.c
@@ -148,6 +148,8 @@ static int TPM2_Boot_SecureROT_Example(TPMI_RH_NV_AUTH authHandle, word32 nvBase
         /* Setup a read/lock structure */
         XMEMSET(&nv, 0, sizeof(nv));
         nv.handle.hndl = handle;
+        if (authBufSz > (int)sizeof(nv.handle.auth.buffer))
+            return BAD_FUNC_ARG;
         nv.handle.auth.size = authBufSz;
         XMEMCPY(nv.handle.auth.buffer, authBuf, nv.handle.auth.size);
 
diff --git a/tools/unit-tests/Makefile b/tools/unit-tests/Makefile
@@ -49,7 +49,7 @@ TESTS:=unit-parser unit-extflash unit-string unit-spi-flash unit-aes128 \
        unit-update-flash-enc unit-update-ram unit-pkcs11_store unit-psa_store unit-disk \
        unit-update-disk unit-multiboot unit-boot-x86-fsp unit-qspi-flash unit-tpm-rsa-exp \
        unit-image-nopart unit-image-sha384 unit-image-sha3-384 unit-store-sbrk \
-       unit-tpm-blob unit-policy-sign unit-sdhci-response-bits unit-hal-otp
+       unit-tpm-blob unit-policy-sign unit-rot-auth unit-sdhci-response-bits unit-hal-otp
 
 all: $(TESTS)
 
@@ -139,6 +139,12 @@ unit-policy-sign: ../../include/target.h unit-policy-sign.c \
 		-DHAVE_ECC_KEY_IMPORT \
 		-ffunction-sections -fdata-sections $(LDFLAGS) -Wl,--gc-sections
 
+unit-rot-auth: ../../include/target.h unit-rot-auth.c \
+		$(WOLFBOOT_LIB_WOLFSSL)/wolfcrypt/src/memory.c
+	gcc -o $@ $^ -I../tpm $(CFLAGS) -I$(WOLFBOOT_LIB_WOLFTPM) -DWOLFBOOT_TPM \
+		-DWOLFTPM_USER_SETTINGS -DWOLFBOOT_SIGN_ECC256 -DWOLFBOOT_HASH_SHA256 \
+		-ffunction-sections -fdata-sections $(LDFLAGS) -Wl,--gc-sections
+
 unit-store-sbrk: unit-store-sbrk.c ../../src/store_sbrk.c
 	gcc -o $@ $^ $(CFLAGS) $(LDFLAGS)
 
diff --git a/tools/unit-tests/unit-rot-auth.c b/tools/unit-tests/unit-rot-auth.c
@@ -0,0 +1,239 @@
+#include <check.h>
+#include <stdlib.h>
+#include <stdint.h>
+#include <string.h>
+
+#include <wolfssl/wolfcrypt/settings.h>
+#include <wolftpm/tpm2_wrap.h>
+#include "tpm.h"
+
+static uint8_t test_pubkey[32];
+static int symmetric_corrupted;
+
+#define TPM2_IoCb NULL
+#define XSTRTOL strtol
+
+int wolfTPM2_Init(WOLFTPM2_DEV* dev, TPM2HalIoCb ioCb, void* userCtx)
+{
+    (void)dev;
+    (void)ioCb;
+    (void)userCtx;
+    return TPM_RC_SUCCESS;
+}
+
+int wolfTPM2_StartSession(WOLFTPM2_DEV* dev, WOLFTPM2_SESSION* session,
+    WOLFTPM2_KEY* tpmKey, WOLFTPM2_HANDLE* bind, TPM_SE sesType,
+    int encDecAlg)
+{
+    (void)dev;
+    (void)tpmKey;
+    (void)bind;
+    (void)sesType;
+    (void)encDecAlg;
+    session->handle.hndl = 1;
+    return 0;
+}
+
+int wolfTPM2_SetAuthSession(WOLFTPM2_DEV* dev, int index,
+    WOLFTPM2_SESSION* session, TPMA_SESSION sessionAttributes)
+{
+    (void)dev;
+    (void)index;
+    (void)session;
+    (void)sessionAttributes;
+    return 0;
+}
+
+int wolfTPM2_UnloadHandle(WOLFTPM2_DEV* dev, WOLFTPM2_HANDLE* handle)
+{
+    (void)dev;
+    (void)handle;
+    return 0;
+}
+
+int wolfTPM2_Cleanup(WOLFTPM2_DEV* dev)
+{
+    (void)dev;
+    return 0;
+}
+
+int wolfTPM2_NVReadPublic(WOLFTPM2_DEV* dev, TPM_HANDLE nvIndex,
+    TPMS_NV_PUBLIC* nvPublic)
+{
+    (void)dev;
+    (void)nvIndex;
+    memset(nvPublic, 0, sizeof(*nvPublic));
+    nvPublic->dataSize = 32;
+    return 0;
+}
+
+int wolfTPM2_NVReadAuth(WOLFTPM2_DEV* dev, WOLFTPM2_NV* nv, TPM_HANDLE nvIndex,
+    uint8_t* dataBuf, uint32_t* dataSz, uint32_t offset)
+{
+    TPMT_SYM_DEF zero_sym;
+
+    (void)dev;
+    (void)nv;
+    (void)nvIndex;
+    (void)offset;
+    memset(&zero_sym, 0, sizeof(zero_sym));
+    symmetric_corrupted =
+        memcmp(&nv->handle.symmetric, &zero_sym, sizeof(zero_sym)) != 0;
+    memset(dataBuf, 0xA5, *dataSz);
+    return 0;
+}
+
+int wolfTPM2_GetNvAttributesTemplate(TPMI_RH_NV_AUTH authHandle,
+    word32* nvAttributes)
+{
+    (void)authHandle;
+    *nvAttributes = 0;
+    return 0;
+}
+
+int wolfTPM2_NVCreateAuth(WOLFTPM2_DEV* dev, WOLFTPM2_HANDLE* parent,
+    WOLFTPM2_NV* nv, TPM_HANDLE nvIndex, word32 nvAttributes, word32 nvSize,
+    const uint8_t* auth, int authSz)
+{
+    (void)dev;
+    (void)parent;
+    (void)nv;
+    (void)nvIndex;
+    (void)nvAttributes;
+    (void)nvSize;
+    (void)auth;
+    (void)authSz;
+    return 0;
+}
+
+int wolfTPM2_NVWriteAuth(WOLFTPM2_DEV* dev, WOLFTPM2_NV* nv, TPM_HANDLE nvIndex,
+    uint8_t* dataBuf, word32 dataSz, word32 offset)
+{
+    (void)dev;
+    (void)nv;
+    (void)nvIndex;
+    (void)dataBuf;
+    (void)dataSz;
+    (void)offset;
+    return 0;
+}
+
+int wolfTPM2_NVWriteLock(WOLFTPM2_DEV* dev, WOLFTPM2_NV* nv)
+{
+    (void)dev;
+    (void)nv;
+    return 0;
+}
+
+const char* TPM2_GetAlgName(TPM_ALG_ID alg)
+{
+    (void)alg;
+    return "stub";
+}
+
+const char* wolfTPM2_GetRCString(int rc)
+{
+    (void)rc;
+    return "stub";
+}
+
+void TPM2_PrintBin(const uint8_t* buffer, uint32_t length)
+{
+    (void)buffer;
+    (void)length;
+}
+
+int keystore_num_pubkeys(void)
+{
+    return 1;
+}
+
+uint32_t keystore_get_key_type(int id)
+{
+    (void)id;
+    return 0;
+}
+
+int keystore_get_size(int id)
+{
+    (void)id;
+    return (int)sizeof(test_pubkey);
+}
+
+uint8_t* keystore_get_buffer(int id)
+{
+    (void)id;
+    return test_pubkey;
+}
+
+int wc_HashGetDigestSize(enum wc_HashType hash_type)
+{
+    (void)hash_type;
+    return 32;
+}
+
+int wc_Hash(enum wc_HashType hash_type, const byte* data, word32 len, byte* hash,
+    word32 hash_len)
+{
+    (void)hash_type;
+    (void)data;
+    (void)len;
+    memset(hash, 0x5A, hash_len);
+    return 0;
+}
+
+int printf(const char* fmt, ...)
+{
+    (void)fmt;
+    return 0;
+}
+
+#define main rot_tool_main
+#include "../tpm/rot.c"
+#undef main
+
+START_TEST(test_rot_rejects_oversized_auth)
+{
+    char auth[sizeof(((WOLFTPM2_NV*)0)->handle.auth.buffer) + 2];
+    int rc;
+
+    memset(test_pubkey, 0x11, sizeof(test_pubkey));
+    symmetric_corrupted = 0;
+    memset(auth, 'A', sizeof(auth) - 1);
+    auth[sizeof(auth) - 1] = '\0';
+
+    rc = TPM2_Boot_SecureROT_Example(TPM_RH_PLATFORM,
+        WOLFBOOT_TPM_KEYSTORE_NV_BASE, WC_HASH_TYPE_SHA256, 0, 0, auth,
+        (int)strlen(auth));
+
+    ck_assert_int_eq(symmetric_corrupted, 0);
+    ck_assert_int_eq(rc, BAD_FUNC_ARG);
+}
+END_TEST
+
+static Suite* rot_auth_suite(void)
+{
+    Suite* s;
+    TCase* tc;
+
+    s = suite_create("rot_auth");
+    tc = tcase_create("auth_validation");
+    tcase_add_test(tc, test_rot_rejects_oversized_auth);
+    suite_add_tcase(s, tc);
+    return s;
+}
+
+int main(void)
+{
+    Suite* s;
+    SRunner* sr;
+    int failures;
+
+    s = rot_auth_suite();
+    sr = srunner_create(s);
+    srunner_run_all(sr, CK_ENV);
+    failures = srunner_ntests_failed(sr);
+    srunner_free(sr);
+
+    return failures == 0 ? 0 : 1;
+}
