Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
openSUSE:Leap:15.5:Update
tpm2.0-tools.24995
0001-tpm2_import-fix-fixed-AES-key-CVE-2021-356...
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File 0001-tpm2_import-fix-fixed-AES-key-CVE-2021-3565.patch of Package tpm2.0-tools.24995
From c069e4f179d5e6653a84fb236816c375dca82515 Mon Sep 17 00:00:00 2001 From: William Roberts <william.c.roberts@intel.com> Date: Fri, 21 May 2021 12:22:31 -0500 Subject: [PATCH] tpm2_import: fix fixed AES key CVE-2021-3565 tpm2_import used a fixed AES key for the inner wrapper, which means that a MITM attack would be able to unwrap the imported key. Even the use of an encrypted session will not prevent this. The TPM only encrypts the first parameter which is the fixed symmetric key. To fix this, ensure the key size is 16 bytes or bigger and use OpenSSL to generate a secure random AES key. Fixes: #2738 Signed-off-by: William Roberts <william.c.roberts@intel.com> --- tools/tpm2_import.c | 12 +++++++++++- 1 file changed, 11 insertions(+), 1 deletion(-) diff --git a/tools/tpm2_import.c b/tools/tpm2_import.c index cfb6f207..f44326c8 100644 --- a/tools/tpm2_import.c +++ b/tools/tpm2_import.c @@ -118,7 +118,17 @@ static tool_rc key_import(ESYS_CONTEXT *ectx, TPM2B_PUBLIC *parent_pub, TPM2B_DATA enc_sensitive_key = { .size = parent_pub->publicArea.parameters.rsaDetail.symmetric.keyBits.sym / 8 }; - memset(enc_sensitive_key.buffer, 0xFF, enc_sensitive_key.size); + + if(enc_sensitive_key.size < 16) { + LOG_ERR("Calculated wrapping keysize is less than 16 bytes, got: %u", enc_sensitive_key.size); + return tool_rc_general_error; + } + + int ossl_rc = RAND_bytes(enc_sensitive_key.buffer, enc_sensitive_key.size); + if (ossl_rc != 1) { + LOG_ERR("RAND_bytes failed: %s", ERR_error_string(ERR_get_error(), NULL)); + return tool_rc_general_error; + } /* * Calculate the object name. -- 2.26.3
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor