aboutsummaryrefslogtreecommitdiffstats
path: root/src
diff options
context:
space:
mode:
authorJack Lloyd <[email protected]>2019-10-16 09:37:47 -0400
committerJack Lloyd <[email protected]>2019-10-16 09:37:47 -0400
commit1b5517d6768e6a2056f09c78c9cbcc6432f666e0 (patch)
treecdfb419de8dd9027eafab6d2b1a7a8db65019c60 /src
parent0d942b56a579c99e6f2a4211c35a363be46111bc (diff)
parent08dde3b2bccaf761bf3841559f28a96afe9f16cd (diff)
Merge GH #2149 Fix a leak in TPM interface
Diffstat (limited to 'src')
-rw-r--r--src/lib/prov/tpm/tpm.cpp11
-rw-r--r--src/lib/prov/tpm/tpm.h1
2 files changed, 7 insertions, 5 deletions
diff --git a/src/lib/prov/tpm/tpm.cpp b/src/lib/prov/tpm/tpm.cpp
index 5516d41a0..c77981e55 100644
--- a/src/lib/prov/tpm/tpm.cpp
+++ b/src/lib/prov/tpm/tpm.cpp
@@ -153,7 +153,9 @@ std::string format_url(const TSS_UUID& tss_uuid, TSS_FLAG store_type)
}
-TPM_Context::TPM_Context(pin_cb cb, const char* srk_password) : m_pin_cb(cb)
+TPM_Context::TPM_Context(pin_cb cb, const char* srk_password) :
+ m_pin_cb(cb),
+ m_srk_policy(0)
{
TSPI_CHECK_SUCCESS(::Tspi_Context_Create(&m_ctx));
TSPI_CHECK_SUCCESS(::Tspi_Context_Connect(m_ctx, nullptr));
@@ -164,11 +166,9 @@ TPM_Context::TPM_Context(pin_cb cb, const char* srk_password) : m_pin_cb(cb)
TSPI_CHECK_SUCCESS(::Tspi_Context_LoadKeyByUUID(m_ctx, TSS_PS_TYPE_SYSTEM, SRK_UUID, &m_srk));
- TSS_HPOLICY srk_policy;
- TSPI_CHECK_SUCCESS(::Tspi_GetPolicyObject(m_srk, TSS_POLICY_USAGE, &srk_policy));
- set_policy_secret(srk_policy, srk_password);
+ TSPI_CHECK_SUCCESS(::Tspi_GetPolicyObject(m_srk, TSS_POLICY_USAGE, &m_srk_policy));
+ set_policy_secret(m_srk_policy, srk_password);
- // TODO: leaking policy object here?
// TODO: do we have to cache it?
// TODO: try to use SRK with null, if it fails call the pin cb?
}
@@ -177,6 +177,7 @@ TPM_Context::~TPM_Context()
{
TSPI_CHECK_SUCCESS(::Tspi_Context_CloseObject(m_ctx, m_srk));
//TSPI_CHECK_SUCCESS(::Tspi_Context_CloseObject(m_ctx, m_tpm));
+ TSPI_CHECK_SUCCESS(::Tspi_Context_Close(m_srk_policy));
TSPI_CHECK_SUCCESS(::Tspi_Context_Close(m_ctx));
}
diff --git a/src/lib/prov/tpm/tpm.h b/src/lib/prov/tpm/tpm.h
index 093bebd62..8a25458b7 100644
--- a/src/lib/prov/tpm/tpm.h
+++ b/src/lib/prov/tpm/tpm.h
@@ -72,6 +72,7 @@ class BOTAN_PUBLIC_API(2,0) TPM_Context final
TSS_HCONTEXT m_ctx;
TSS_HKEY m_srk;
TSS_HTPM m_tpm;
+ TSS_HPOLICY m_srk_policy;
};
class BOTAN_PUBLIC_API(2,0) TPM_RNG final : public Hardware_RNG