diff options
author | nagendra modadugu <ngm@google.com> | 2016-04-27 08:17:11 -0700 |
---|---|---|
committer | chrome-bot <chrome-bot@chromium.org> | 2016-05-03 01:42:52 -0700 |
commit | 3d030e640908efaf1a3948b9c4c4280c8d404a4c (patch) | |
tree | 62166a82e53017b4d598e78e72679ae56e466141 | |
parent | 45d9f6afeb50dcd7a5a6644da9de00d6179f4239 (diff) | |
download | chrome-ec-3d030e640908efaf1a3948b9c4c4280c8d404a4c.tar.gz |
CR50: remove checks on RSA key buffer size
Remove buffer size checks in _cpri__GenerateKeyRSA().
The TPM stack passes in TPM2B buffers that
may have the size field uninitialized.
Callees are expected to assume that the
buffer size is sufficient for the requested
operation.
BRANCH=none
BUG=chrome-os-partner:43025,chrome-os-partner:47524
TEST=TCG test CPCTPM_TC2_2_20_03_02 reliably passes
Change-Id: I3d9bc2475b82dfaa9ed1d2617b1c333ff4df409d
Signed-off-by: nagendra modadugu <ngm@google.com>
Reviewed-on: https://chromium-review.googlesource.com/340883
Commit-Ready: Nagendra Modadugu <ngm@google.com>
Tested-by: Nagendra Modadugu <ngm@google.com>
Reviewed-by: Bill Richardson <wfrichar@chromium.org>
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
-rw-r--r-- | board/cr50/tpm2/rsa.c | 5 |
1 files changed, 0 insertions, 5 deletions
diff --git a/board/cr50/tpm2/rsa.c b/board/cr50/tpm2/rsa.c index 43e7d4e23d..306eccb92d 100644 --- a/board/cr50/tpm2/rsa.c +++ b/board/cr50/tpm2/rsa.c @@ -307,10 +307,6 @@ CRYPT_RESULT _cpri__GenerateKeyRSA( if (num_bits & 0xF) return CRYPT_FAIL; - if (num_bytes / 2 > p_buf->size) - return CRYPT_FAIL; - if (N_buf->size > 0 && num_bytes > N_buf->size) - return CRYPT_FAIL; if (num_bytes > RSA_MAX_BYTES) return CRYPT_FAIL; /* Seed size must be at least 2*security_strength per TPM 2.0 spec. */ @@ -320,7 +316,6 @@ CRYPT_RESULT _cpri__GenerateKeyRSA( if (e_buf == 0) e_buf = RSA_F4; - N_buf->size = num_bytes; DCRYPTO_bn_wrap(&e, &e_buf, sizeof(e_buf)); DCRYPTO_bn_wrap(&p, p_buf->buffer, num_bytes / 2); DCRYPTO_bn_wrap(&q, q_buf, num_bytes / 2); |