Enforce TPM response HMAC length checks

Reject zero-length or mismatched response HMACs for authenticated sessions so forged SWTPM replies fail verification.

Author: LinuxJedi

src/tpm2.c

@@ -332,10 +332,21 @@ static int TPM2_ResponseProcess(TPM2_CTX* ctx, TPM2_Packet* packet,
             }
 
         #if !defined(WOLFTPM2_NO_WOLFCRYPT) && !defined(NO_HMAC)
-            if (authRsp.hmac.size > 0) {
+            if (TPM2_IS_HMAC_SESSION(session->sessionHandle) ||
+                TPM2_IS_POLICY_SESSION(session->sessionHandle))
+            {
+                UINT16 expectedHmacSz = TPM2_GetHashDigestSize(session->authHash);
                 TPM2B_DIGEST hash;
                 TPM2B_AUTH hmac;
 
+                if (expectedHmacSz == 0 || authRsp.hmac.size != expectedHmacSz) {
+                #ifdef DEBUG_WOLFTPM
+                    printf("Response HMAC size mismatch! expected=%u got=%u\n",
+                        expectedHmacSz, authRsp.hmac.size);
+                #endif
+                    return TPM_RC_HMAC;
+                }
+
                 /* calculate "rpHash" hash for command code and parameters */
                 rc = TPM2_CalcRpHash(session->authHash, cmdCode, param, paramSz,
                     &hash);