Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

ESAPI.hash would fails on too big input #239

Open
gaetanww opened this issue Oct 14, 2021 · 4 comments
Open

ESAPI.hash would fails on too big input #239

gaetanww opened this issue Oct 14, 2021 · 4 comments

Comments

@gaetanww
Copy link

gaetanww commented Oct 14, 2021
edited
Loading

If data is bigger than lib.MAX_BUFFER_SIZE the TPM should send error. Is it worth catching it before in python code?

Might be worth considering a higher level hash function taht handles the hash sequences if data input is too big.

For example:

def hash_all(
        self,
        data: Union[TPM2B_MAX_DIGEST_BUFFER, bytes, str],
        hash_alg: TPM2_ALG,
        hierarchy: ESYS_TR = ESYS_TR.OWNER,
        session1: ESYS_TR = ESYS_TR.NONE,
        session2: ESYS_TR = ESYS_TR.NONE,
        session3: ESYS_TR = ESYS_TR.NONE,
    ) -> Tuple[TPM2B_DIGEST, TPMT_TK_HASHCHECK]:
        data = data.encode() if isinstance(data, str) else data
        maxi = lib.MAX_BUFFER_SIZE
        # data is small enough
        if isinstance(data, TPM2B_MAX_BUFFER) or data.len() <= maxi:
            return self.hash(data, hash_alg, hierarchy, session1, session2, session3)
        handle = self.hash_sequence_start(
            b'', hash_alg, session1, session2, session3)

        # data is too big
        for chunk in [data[i:i+maxi] for i in range(0, len(data), maxi)]:
            self.sequence_update(handle, chunk, session1, session2, session3)
        return self.sequence_complete(handle, b'', hierarchy, session1, session2, session3)
@gaetanww gaetanww changed the title ESAPI.hash would fails on too big outputs ESAPI.hash would fails on too big input Oct 14, 2021
@whooo
Copy link
Contributor

whooo commented Oct 14, 2021

Does it silently fail for you? or what happens?

@gaetanww
Copy link
Author

gaetanww commented Oct 14, 2021
edited
Loading

No, my bad, it's caught by the TPM2B_MAX_BUFFER initializer:

initializer bytes is too long for 'uint8_t[1024]' (got 2048 characters)

However, do you think the ESAPI could benefit from that sort of abstracted hash function? I also have an abstracted signing function that handles generates and use a tpm hash ticket for restricted signing keys.

@whooo
Copy link
Contributor

whooo commented Oct 14, 2021

Sorry, I misread.

The bigger question is how much extra functionality we want to add I guess.
And adding something that behaves like pythons hashlib might be better, so wrapping something around hash and HMAC sequences, so for example:

hashseq = ectx.hashseq(TPM2_ALG.SHA256, b"initial data")
hashseq.update(b"more data")
digest, ticket = hashseq.digest()

@williamcroberts
Copy link
Member

No, it's not good to handle it in the python code, because policies generated may need to know how many commands were executed. So we don't want to automate this in the direct calls. However, we could have an option to the call to keep sending it if its set and default it to false.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@whooo @williamcroberts @gaetanww