search

xaptum / ecdaa

A C implementation of elliptic-curve-based Direct Anonymous Attestation (DAA) signatures. Created to support the Xaptum Edge Network Fabric, an IoT Network Solution.
https://www.xaptum.com
Apache License 2.0
45 stars 8 forks source link

Use length-checked version of AMCL deserialization when reading output from TPM #118

Closed zanebeckwith closed 6 years ago

zanebeckwith commented 6 years ago

When reading the output from TPM_Commit and TPM_Sign, the output values are raw buffers with 2-byte size values preceding them.

Previously, we were assuming constant sizes for these buffers, which most likely should be true in the usual circumstances.

However, we can use the length-checked version of the AMCL deserialization function that we were already using (with no run-time cost) to leverage the size values we already have, just to make sure we don't have any buffer overflows.

This series introduces this length-checking, so that we should now be sanitizing all output received from the TPM.

coveralls commented 6 years ago

Coverage Status

Coverage increased (+0.005%) to 93.118% when pulling 0f83398bd790539daa1a927fa615aa3aeaa3648f on zanebeckwith:check-tpm-output-sizes into 2a476138d01cb53ad0feedc9bf120097933251e6 on xaptum:master.