#220 Issue with handle randomization - getNextHandle()
We experienced that every once in a while our web-server (lighttpd) would crash.
It was quite difficult to re-produce.
We identified the issue to originate from a collision of handles.
Our webserver have a long-lived handle used for SSL handshake and some other program only running for a short time.
Eventually we would get 2017-05-30 07:05:32: (connections.c.305) SSL: 1 error:8006906D:tpm engine:TPM_RSA_PRIV_ENC:request failed
2017-05-30 07:05:32: (connections.c.305) SSL: 1 error:1409B006:SSL routines:SSL3_SEND_SERVER_KEY_EXCHANGE:EVP lib
We traced this to ‘getNextHandle()’ in /src/tcs/tcs_context.c
The function only provide 8-bit of randomness due to the AND-MASK applied (collision will appear after some time)
Workaround
Since we are running on an embedded platform with very low chance of other users of TSS we simply skipped the obfuscation (use pointer address)
In the function
struct tcs_context ret = (struct tcs_context )calloc(1, sizeof(struct tcs_context));
This will not work in a distributed setup.
However, it should be possible to use more random bits to identify session in order to avoid collisions.
Setup
We are using TSS 0.3.14 and linux 4.3 and OpenSsl tpm engine + lighttpd-1.4.30
Embedded ARM platform
