search

parallaxsecond / rust-tss-esapi

TSS 2.0 Enhanced System API (ESAPI) Rust wrapper
https://docs.rs/tss-esapi/
Apache License 2.0
86 stars 51 forks source link

nv_define_space and nv_undefine_space is using the wrong interface type. #184

Closed Superhepper closed 3 years ago

Superhepper commented 3 years ago

According to the specification the interface type to use should be Provision and not NvAuth.

TCG TPM2 r1p59 Part2 Structures

9.22 TPMI_RH_NV_AUTH This interface type is used to identify the source of the authorization for access to an NV location. The handle value of a >TPMI_RH_NV_AUTH shall indicate that the authorization value is either Platform Authorization, Owner Authorization, or the >authValue. This type is used in the commands that access an NV Index (commands of the form TPM2_NV_xxx) other than >TPM2_NV_DefineSpace() and TPM2_NV_UndefineSpace().

https://github.com/parallaxsecond/rust-tss-esapi/blob/14d7c4dc524f0a97ef24d5c7e1d19a0af96d3f05/tss-esapi/src/context/tpm_commands/non_volatile_storage.rs#L23

https://github.com/parallaxsecond/rust-tss-esapi/blob/14d7c4dc524f0a97ef24d5c7e1d19a0af96d3f05/tss-esapi/src/context/tpm_commands/non_volatile_storage.rs#L58

Superhepper commented 3 years ago

I think that the read and write functions have the wrong auth handle types as well.