commit 02d05fe93a31df8ef24d152a91fe9a07a776f931
author Yi Chou <yich@google.com> Wed Jul 21 13:17:43 2021 +0800
committer Commit Bot <commit-bot@chromium.org> Thu Jul 22 08:10:32 2021 +0000
tree a5ff6452d50a48aa6d4ba1b0a95c9217f67b180c
parent 9646935aec2ccaf042bf382232551874db9f8828

cryptohome: fix the wrong auth_value in tpm_live_test

BUG=b:194248083, b:188742402
TEST=unittest of cryptohome.
TEST=tast run $DUT hwsec.CryptohomeTPMLiveTestsTPM*

Change-Id: I68848b429a0510f4d798cba78450b8e5d2f4a055
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform2/+/3041302
Tested-by: Yi Chou <yich@google.com>
Reviewed-by: Ching-Kang Yen <chingkang@chromium.org>
Reviewed-by: Leo Lai <cylai@google.com>
Commit-Queue: Yi Chou <yich@google.com>

cryptohome/tpm_live_test.cc

diff --git a/cryptohome/tpm_live_test.cc b/cryptohome/tpm_live_test.cc
index 7703c72..fea722c 100644
--- a/cryptohome/tpm_live_test.cc
+++ b/cryptohome/tpm_live_test.cc
@@ -388,7 +388,7 @@
   SecureBlob plaintext(32, 'a');
   SecureBlob pass_blob(256, 'b');
   SecureBlob ciphertext;
-  brillo::SecureBlob auth_value;
+  SecureBlob auth_value;
   if (!tpm_->GetAuthValue(handle.value(), pass_blob, &auth_value)) {
     LOG(ERROR) << "Failed to get auth value.";
     return false;
@@ -410,8 +410,12 @@
     return false;
   }
 
-  // Check that unsealing doesn't work with wrong auth_value.
-  auth_value.char_data()[255] = 'a';
+  // Check that unsealing doesn't work with wrong pass_blob.
+  pass_blob.char_data()[255] = 'a';
+  if (!tpm_->GetAuthValue(handle.value(), pass_blob, &auth_value)) {
+    LOG(ERROR) << "Failed to get auth value.";
+    return false;
+  }
   if (tpm_->UnsealWithAuthorization(base::nullopt, ciphertext, auth_value,
                                     pcr_map,
                                     &unsealed_text) == Tpm::kTpmRetryNone &&