Fixes max size issue with SensitiveData.

This fixes parallaxsecond#481 Signed-off-by: Jesper Brynolf <[email protected]>
Superhepper · Jan 18, 2024 · 3c3754c · 3c3754c
1 parent 63298c2
commit 3c3754c
Show file tree

Hide file tree

Showing 3 changed files with 36 additions and 5 deletions.
diff --git a/tss-esapi/build.rs b/tss-esapi/build.rs
@@ -38,6 +38,11 @@ fn main() {
         println!("cargo:rustc-cfg=has_tss_base_rc_values_52_to_53")
     }
 
+    let has_tpmu_sensitive_create_req = VersionReq::parse(">=4.0.0").unwrap();
+    if has_tpmu_sensitive_create_req.matches(&tss_version) {
+        println!("cargo:rustc-cfg=has_tpmu_sensitive_create")
+    }
+
     #[cfg(feature = "generate-bindings")]
     {
         let has_esys_tr_get_tpm_handle_req = VersionReq::parse(">=2.4.0").unwrap();

diff --git a/tss-esapi/src/structures/buffers.rs b/tss-esapi/src/structures/buffers.rs
@@ -354,11 +354,28 @@ pub mod public_key_rsa {
 }
 
 pub mod sensitive_data {
-    buffer_type!(
-        SensitiveData,
-        ::std::mem::size_of::<TPM2B_SENSITIVE_DATA>(),
-        TPM2B_SENSITIVE_DATA
-    );
+    // The specification says that the size of the buffer should be the size
+    // TPMU_SENSITIVE_CREATE structure. This does not exist in all the
+    // versions of tpm2-tss supported by the crate so the fall back is to
+    // calculate the max size by removing the size of the size parameter(UINT16)
+    // from the total size of the buffer type.
+    cfg_if::cfg_if! {
+        if #[cfg(has_tpmu_sensitive_create)] {
+            use crate::tss2_esys::TPMU_SENSITIVE_CREATE;
+            buffer_type!(
+                SensitiveData,
+                ::std::mem::size_of::<TPMU_SENSITIVE_CREATE>(),
+                TPM2B_SENSITIVE_DATA
+            );
+        } else {
+            use crate::tss2_esys::UINT16;
+            buffer_type!(
+                SensitiveData,
+                std::mem::size_of::<TPM2B_SENSITIVE_DATA>() - std::mem::size_of::<UINT16>(),
+                TPM2B_SENSITIVE_DATA
+            );
+        }
+    }
 }
 
 pub mod symmetric_key {

diff --git a/...i/tests/integration_tests/structures_tests/buffers_tests/sensitive_create_buffer_tests.rs b/...i/tests/integration_tests/structures_tests/buffers_tests/sensitive_create_buffer_tests.rs
@@ -6,6 +6,7 @@ use tss_esapi::{
     tss2_esys::TPM2B_SENSITIVE_CREATE,
     Error, WrapperErrorKind,
 };
+use tss_esapi_sys::TPM2B_SENSITIVE_DATA;
 
 // TPM2B_AUTH = TPM2B_DIGEST = u16 + [u8;64] = 2 + 64 = 66
 // TPM2B_SENSITIVE_DATA = u16 + [u8; 256] = 2 + 256 = 258
@@ -124,3 +125,11 @@ fn test_marshall_unmarshall() {
         "SensitiveCreate converted from SensitiveCreateBuffer did not contain the expected values"
     );
 }
+
+#[test]
+fn test_conversion_from_max_size_buffer() {
+    let data = vec![1u8; SensitiveData::MAX_SIZE];
+    let sensitive_data = SensitiveData::try_from(data)
+        .expect("It should be possible to convert maximum amount of data into SensitiveData.");
+    let _ = TPM2B_SENSITIVE_DATA::from(sensitive_data);
+}