tpm2: have CryptCreateObject handle nameAlg TPM_ALG_NULL
For symmetric objects (i.e. non-public key based objects),
name computation requires that a non NULL hash algorithm
be specified.
The hash algorithm is specified via direct user input,
and may hence be invalid. The crash in bug chrome-os-partner:56767
was reached via CryptGenerateKeySymmetric, but a similar fix
applies to CryptGenerateKeyedHash (which also has a code-path
to the crash site). Hence this change adds checks to both
CryptGenerateKeySymmetric and CryptGenerateKeyedHash, returning
error TPM_RC_VALUE if appropriate.
BRANCH=none
BUG=chrome-os-partner:56767
TEST=fuzz test no longer results in a crash; TCG tests pass
Change-Id: I8ed38bacd65368246b7f20cb4f76c803509165d3
Signed-off-by: nagendra modadugu <ngm@google.com>
Reviewed-on: https://chromium-review.googlesource.com/382864
Commit-Ready: Nagendra Modadugu <ngm@google.com>
Tested-by: Nagendra Modadugu <ngm@google.com>
Reviewed-by: Marius Schilder <mschilder@chromium.org>
Reviewed-by: Bill Richardson <wfrichar@chromium.org>
Reviewed-by: Darren Krahn <dkrahn@chromium.org>
1 file changed