Closed AndreasFuchsTPM closed 1 year ago
Encrypted parameters should be handles as simple TPM2Bs instead of trying to decode their inner workings.
Example:
Command . TPMI_ST_COMMAND_TAG | .tag 8002 TPMI_ST_COMMAND_TAG.SESSIONS UINT32 | .commandSize 000000a3 163 TPM_CC | .commandCode 00000131 TPM_CC.CreatePrimary TPMS_COMMAND_HANDLES_CREATE_PRIMARY | .handles TPMI_RH_HIERARCHY | | .primaryHandle 40000001 TPM_RH.OWNER UINT32 | .authSize 00000049 73 TPMS_AUTH_COMMAND | .authorizationArea[0] TPMI_SH_AUTH_SESSION | | .sessionHandle 02000000 TPM_HR.HMAC_SESSION.000000 TPM2B_NONCE | | .nonce UINT16 | | | .size 0020 32 list[BYTE] | | | .buffer 5765e890f5c7bafa312e331803c60631ede51d3cdcc6b991117456f1b19b9d31 We......1.3....1...<.....tV....1 TPMA_SESSION | | .sessionAttributes e1 225 | | | .continueSession .......1 | | | .auditExclusive ......0. | | | .auditReset .....0.. | | | .reserved ...00... | | | .decrypt ..1..... | | | .encrypt .1...... | | | .audit 1....... TPM2B_AUTH | | .hmac UINT16 | | | .size 0020 32 list[BYTE] | | | .buffer 410adc18ef2c019b7c7d55a808de9ae8cec1fdcfbe0b95a893acdce8d1149b61 A....,..|}U....................a TPMS_COMMAND_PARAMS_CREATE_PRIMARY | .parameters TPM2B_SENSITIVE_CREATE | | .inSensitive UINT16 | | | .size 0004 4 TPMS_SENSITIVE_CREATE | | | .sensitive TPM2B_AUTH | | | | .userAuth UINT16 | | | | | .size e8cd 59597 Warning: Anticipating violation of size constraint .commandSize = 163: already parsed 95 bytes and .parameters.inSensitive.sensitive.userAuth.size = 59597 indicates that the limit will be exceeded by >= 59529 byte(s). Warning: Violated size constraint .parameters.inSensitive.size = 4: already parsed 4 bytes and .parameters.inSensitive.sensitive.userAuth.buffer[2] exceeds the limit by 1 byte(s). list[BYTE] | | | | | .buffer 41f9 A. TPM2B_PUBLIC | | .inPublic UINT16 | | | .size 003a 58 TPMT_PUBLIC | | | .publicArea TPMI_ALG_PUBLIC | | | | .type 0023 TPMI_ALG_PUBLIC.ECC TPMI_ALG_HASH | | | | .nameAlg 000b TPMI_ALG_HASH.SHA256 TPMA_OBJECT | | | | .objectAttributes 000300b2 196786 | | | | | .reserved ...............................0 | | | | | .fixedTPM ..............................1. | | | | | .stClear .............................0.. | | | | | .reserved0 ............................0... | | | | | .fixedParent ...........................1.... | | | | | .sensitiveDataOrigin ..........................1..... | | | | | .userWithAuth .........................0...... | | | | | .adminWithPolicy ........................1....... | | | | | .reserved1 ......................00........ | | | | | .noDA .....................0.......... | | | | | .encryptedDuplication ....................0........... | | | | | .reserved2 ................0000............ | | | | | .restricted ...............1................ | | | | | .decrypt ..............1................. | | | | | .sign_decrypt .............0.................. | | | | | .sign ............0................... | | | | | .reserved3 000000000000.................... TPM2B_DIGEST | | | | .authPolicy UINT16 | | | | | .size 0020 32 list[BYTE] | | | | | .buffer e587c11ab50f9d8730f721e3fea42b46c0455b246f96aee85d18eb3be64d666a ........0.!...+F.E[$o...]..;.Mfj TPMU_PUBLIC_PARMS | | | | .parameters TPMS_ECC_PARMS | | | | | .eccDetail TPMT_SYM_DEF_OBJECT | | | | | | .symmetric TPMI_ALG_SYM_OBJECT | | | | | | | .algorithm 0006 TPMI_ALG_SYM_OBJECT.AES TPMU_SYM_KEY_BITS | | | | | | | .keyBits TPMI_AES_KEY_BITS | | | | | | | | .aes 0080 128 TPMU_SYM_MODE | | | | | | | .mode TPMI_ALG_SYM_MODE | | | | | | | | .aes 0043 TPMI_ALG_SYM_MODE.CFB TPMU_SYM_DETAILS | | | | | | | .details TPMT_ECC_SCHEME | | | | | | .scheme TPMI_ALG_ECC_SCHEME | | | | | | | .scheme 0010 TPMI_ALG_ECC_SCHEME.NULL TPMU_ASYM_SCHEME | | | | | | | .details TPMI_ECC_CURVE | | | | | | .curveID 0003 TPMI_ECC_CURVE.NIST_P256 TPMT_KDF_SCHEME | | | | | | .kdf TPMI_ALG_KDF | | | | | | | .scheme 0010 TPMI_ALG_KDF.NULL TPMU_KDF_SCHEME | | | | | | | .details TPMU_PUBLIC_ID | | | | .unique TPMS_ECC_POINT | | | | | .ecc TPM2B_ECC_PARAMETER | | | | | | .x UINT16 | | | | | | | .size 0000 0 list[BYTE] | | | | | | | .buffer TPM2B_ECC_PARAMETER | | | | | | .y UINT16 | | | | | | | .size 0000 0 list[BYTE] | | | | | | | .buffer TPM2B_DATA | | .outsideInfo UINT16 | | | .size 0000 0 list[BYTE] | | | .buffer TPML_PCR_SELECTION | | .creationPCR Warning: Violated size constraint .commandSize = 163: already parsed 160 bytes and .parameters.creationPCR.count exceeds the limit by 1 byte(s). Response . TPM_ST | .tag 0000 TPM_ST.None Warning: Parsed bad value for TPM_ST .tag = 0x0 = 0 not in ValidValues(TPM_ST) UINT32 | .responseSize 018a0000 25821184 TPM_RC | .responseCode 000080ff TPM_RC.None Warning: Parsed bad value for TPM_RC .responseCode = 0x80ff = 33023 not in ValidValues(TPM_RC) Warning: Violated size constraint: .responseSize = 25821184 bytes should be parsed by now, but 10 bytes were actually parsed Warning: Input stream exhausted but parser is not done.
Fixed in cc8f227af6cfa5e2df5cddd90e6f2a496d414377 for commands d0f265cf78fc0823b64d4a9a83ace9110d7947ac for responses.
Encrypted parameters should be handles as simple TPM2Bs instead of trying to decode their inner workings.
Example: