1 /* SPDX-License-Identifier: BSD-2-Clause */
2 /***********************************************************************
3 * Copyright (c) 2015 - 2018, Intel Corporation
4 *
5 * All rights reserved.
6 ***********************************************************************/
7
8 #ifdef HAVE_CONFIG_H
9 #include <config.h>
10 #endif
11
12 #include "util/tss2_endian.h"
13 #include "tss2_tpm2_types.h"
14 #include "tss2_mu.h"
15 #include "sysapi_util.h"
16 #include <string.h>
17
Tss2_Sys_GetRspAuths(TSS2_SYS_CONTEXT * sysContext,TSS2L_SYS_AUTH_RESPONSE * rspAuthsArray)18 TSS2_RC Tss2_Sys_GetRspAuths(
19 TSS2_SYS_CONTEXT *sysContext,
20 TSS2L_SYS_AUTH_RESPONSE *rspAuthsArray)
21 {
22 _TSS2_SYS_CONTEXT_BLOB *ctx = syscontext_cast(sysContext);
23 TSS2_RC rval = TSS2_RC_SUCCESS;
24 size_t offset = 0, offset_tmp;
25 unsigned i = 0;
26 UINT32 rspParamsSize;
27
28 if (!ctx || !rspAuthsArray)
29 return TSS2_SYS_RC_BAD_REFERENCE;
30
31 if (ctx->previousStage != CMD_STAGE_RECEIVE_RESPONSE ||
32 ctx->rsp_header.responseCode != TSS2_RC_SUCCESS ||
33 ctx->authAllowed == 0)
34 return TSS2_SYS_RC_BAD_SEQUENCE;
35
36 if (TPM2_ST_SESSIONS != ctx->rsp_header.tag)
37 return TSS2_SYS_RC_BAD_SEQUENCE;
38
39 offset += sizeof(TPM20_Header_Out);
40 offset += ctx->numResponseHandles * sizeof(TPM2_HANDLE);
41 memcpy(&rspParamsSize, ctx->rspParamsSize, sizeof(rspParamsSize));
42 offset += BE_TO_HOST_32(rspParamsSize);
43 offset += sizeof(UINT32);
44 offset_tmp = offset;
45
46 /* Validate the auth area before copying it */
47 for (i = 0; i < ctx->authsCount; i++) {
48
49 if (offset_tmp > ctx->rsp_header.responseSize)
50 return TSS2_SYS_RC_MALFORMED_RESPONSE;
51
52 UINT16 tmp;
53 memcpy(&tmp, ctx->cmdBuffer + offset_tmp, sizeof(UINT16));
54 offset_tmp += sizeof(UINT16);
55 offset_tmp += BE_TO_HOST_16(tmp);
56
57 if (offset_tmp > ctx->rsp_header.responseSize)
58 return TSS2_SYS_RC_MALFORMED_RESPONSE;
59
60 offset_tmp += 1;
61
62 if (offset_tmp > ctx->rsp_header.responseSize)
63 return TSS2_SYS_RC_MALFORMED_RESPONSE;
64
65 memcpy(&tmp, ctx->cmdBuffer + offset_tmp, sizeof(UINT16));
66 offset_tmp += sizeof(UINT16);
67 offset_tmp += BE_TO_HOST_16(tmp);
68
69 if (offset_tmp > ctx->rsp_header.responseSize)
70 return TSS2_SYS_RC_MALFORMED_RESPONSE;
71
72 if (i + 1 > ctx->authsCount)
73 return TSS2_SYS_RC_INVALID_SESSIONS;
74 }
75
76 /* Unmarshal the auth area */
77 for (i = 0; i < ctx->authsCount; i++) {
78 rval = Tss2_MU_TPMS_AUTH_RESPONSE_Unmarshal(ctx->cmdBuffer,
79 ctx->maxCmdSize,
80 &offset, &rspAuthsArray->auths[i]);
81 if (rval)
82 break;
83 }
84
85 rspAuthsArray->count = ctx->authsCount;
86
87 return rval;
88 }
89