|
|
@@ -101,11 +101,13 @@ static int TSS_rawhmac(unsigned char *digest, const unsigned char *key,
|
|
|
if (dlen == 0)
|
|
|
break;
|
|
|
data = va_arg(argp, unsigned char *);
|
|
|
- if (data == NULL)
|
|
|
- return -EINVAL;
|
|
|
+ if (data == NULL) {
|
|
|
+ ret = -EINVAL;
|
|
|
+ break;
|
|
|
+ }
|
|
|
ret = crypto_shash_update(&sdesc->shash, data, dlen);
|
|
|
if (ret < 0)
|
|
|
- goto out;
|
|
|
+ break;
|
|
|
}
|
|
|
va_end(argp);
|
|
|
if (!ret)
|
|
|
@@ -146,14 +148,17 @@ static int TSS_authhmac(unsigned char *digest, const unsigned char *key,
|
|
|
if (dlen == 0)
|
|
|
break;
|
|
|
data = va_arg(argp, unsigned char *);
|
|
|
- ret = crypto_shash_update(&sdesc->shash, data, dlen);
|
|
|
- if (ret < 0) {
|
|
|
- va_end(argp);
|
|
|
- goto out;
|
|
|
+ if (!data) {
|
|
|
+ ret = -EINVAL;
|
|
|
+ break;
|
|
|
}
|
|
|
+ ret = crypto_shash_update(&sdesc->shash, data, dlen);
|
|
|
+ if (ret < 0)
|
|
|
+ break;
|
|
|
}
|
|
|
va_end(argp);
|
|
|
- ret = crypto_shash_final(&sdesc->shash, paramdigest);
|
|
|
+ if (!ret)
|
|
|
+ ret = crypto_shash_final(&sdesc->shash, paramdigest);
|
|
|
if (!ret)
|
|
|
ret = TSS_rawhmac(digest, key, keylen, SHA1_DIGEST_SIZE,
|
|
|
paramdigest, TPM_NONCE_SIZE, h1,
|
|
|
@@ -222,13 +227,12 @@ static int TSS_checkhmac1(unsigned char *buffer,
|
|
|
break;
|
|
|
dpos = va_arg(argp, unsigned int);
|
|
|
ret = crypto_shash_update(&sdesc->shash, buffer + dpos, dlen);
|
|
|
- if (ret < 0) {
|
|
|
- va_end(argp);
|
|
|
- goto out;
|
|
|
- }
|
|
|
+ if (ret < 0)
|
|
|
+ break;
|
|
|
}
|
|
|
va_end(argp);
|
|
|
- ret = crypto_shash_final(&sdesc->shash, paramdigest);
|
|
|
+ if (!ret)
|
|
|
+ ret = crypto_shash_final(&sdesc->shash, paramdigest);
|
|
|
if (ret < 0)
|
|
|
goto out;
|
|
|
|
|
|
@@ -316,13 +320,12 @@ static int TSS_checkhmac2(unsigned char *buffer,
|
|
|
break;
|
|
|
dpos = va_arg(argp, unsigned int);
|
|
|
ret = crypto_shash_update(&sdesc->shash, buffer + dpos, dlen);
|
|
|
- if (ret < 0) {
|
|
|
- va_end(argp);
|
|
|
- goto out;
|
|
|
- }
|
|
|
+ if (ret < 0)
|
|
|
+ break;
|
|
|
}
|
|
|
va_end(argp);
|
|
|
- ret = crypto_shash_final(&sdesc->shash, paramdigest);
|
|
|
+ if (!ret)
|
|
|
+ ret = crypto_shash_final(&sdesc->shash, paramdigest);
|
|
|
if (ret < 0)
|
|
|
goto out;
|
|
|
|
|
|
@@ -511,7 +514,7 @@ static int tpm_seal(struct tpm_buf *tb, uint16_t keytype,
|
|
|
/* get session for sealing key */
|
|
|
ret = osap(tb, &sess, keyauth, keytype, keyhandle);
|
|
|
if (ret < 0)
|
|
|
- return ret;
|
|
|
+ goto out;
|
|
|
dump_sess(&sess);
|
|
|
|
|
|
/* calculate encrypted authorization value */
|
|
|
@@ -519,11 +522,11 @@ static int tpm_seal(struct tpm_buf *tb, uint16_t keytype,
|
|
|
memcpy(td->xorwork + SHA1_DIGEST_SIZE, sess.enonce, SHA1_DIGEST_SIZE);
|
|
|
ret = TSS_sha1(td->xorwork, SHA1_DIGEST_SIZE * 2, td->xorhash);
|
|
|
if (ret < 0)
|
|
|
- return ret;
|
|
|
+ goto out;
|
|
|
|
|
|
ret = tpm_get_random(tb, td->nonceodd, TPM_NONCE_SIZE);
|
|
|
if (ret < 0)
|
|
|
- return ret;
|
|
|
+ goto out;
|
|
|
ordinal = htonl(TPM_ORD_SEAL);
|
|
|
datsize = htonl(datalen);
|
|
|
pcrsize = htonl(pcrinfosize);
|
|
|
@@ -552,7 +555,7 @@ static int tpm_seal(struct tpm_buf *tb, uint16_t keytype,
|
|
|
&datsize, datalen, data, 0, 0);
|
|
|
}
|
|
|
if (ret < 0)
|
|
|
- return ret;
|
|
|
+ goto out;
|
|
|
|
|
|
/* build and send the TPM request packet */
|
|
|
INIT_BUF(tb);
|
|
|
@@ -572,7 +575,7 @@ static int tpm_seal(struct tpm_buf *tb, uint16_t keytype,
|
|
|
|
|
|
ret = trusted_tpm_send(TPM_ANY_NUM, tb->data, MAX_BUF_SIZE);
|
|
|
if (ret < 0)
|
|
|
- return ret;
|
|
|
+ goto out;
|
|
|
|
|
|
/* calculate the size of the returned Blob */
|
|
|
sealinfosize = LOAD32(tb->data, TPM_DATA_OFFSET + sizeof(uint32_t));
|
|
|
@@ -591,6 +594,8 @@ static int tpm_seal(struct tpm_buf *tb, uint16_t keytype,
|
|
|
memcpy(blob, tb->data + TPM_DATA_OFFSET, storedsize);
|
|
|
*bloblen = storedsize;
|
|
|
}
|
|
|
+out:
|
|
|
+ kfree(td);
|
|
|
return ret;
|
|
|
}
|
|
|
|
Linus Torvalds