While trying to troubleshoot C# code that's calling TssObject.Create() to prepare an externally-generated AES key for TPM import, I found what I believe to be a logic error in CreateSensitiveComposite() which is called by Create().
I believe the bug to be in the else if (keyData.Length != keySize) in the code block below. That condition should use == rather than != otherwise a properly-sized keyData byte array will cause the else{} block to execute resulting in an exception.
else if (pub.type == TpmAlgId.Symcipher)
{
var symDef = (SymDefObject)pub.parameters;
if (symDef.Algorithm != TpmAlgId.Aes)
{
throw new ArgumentException("Unsupported symmetric algorithm");
}
int keySize = (symDef.KeyBits + 7) / 8;
if (keyData == null)
{
keyData = Globs.GetRandomBytes(keySize);
}
else if (keyData.Length != keySize)
{
keyData = Globs.CopyData(keyData);
}
else
{
throw new ArgumentException("Wrong symmetric key length");
}
newSens = new Tpm2bSymKey(keyData);
}
While trying to troubleshoot C# code that's calling TssObject.Create() to prepare an externally-generated AES key for TPM import, I found what I believe to be a logic error in CreateSensitiveComposite() which is called by Create().
I believe the bug to be in the
else if (keyData.Length != keySize)in the code block below. That condition should use==rather than!=otherwise a properly-sized keyData byte array will cause the else{} block to execute resulting in an exception.