ae4efe5fa0
Resolves: RHEL-52968 Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
32 lines
1.2 KiB
Diff
32 lines
1.2 KiB
Diff
From 1b0b41293a0d49ff8063542fcb3a5ee1d4e10f7e Mon Sep 17 00:00:00 2001
|
|
From: Stefan Berger <stefanb@linux.ibm.com>
|
|
Date: Mon, 29 Jul 2024 10:19:00 -0400
|
|
Subject: [PATCH] tpm2: Return TPM_RC_VALUE upon decryption failure
|
|
|
|
When decryption fails then return TPM_RC_VALUE rather than TPM_RC_FAILURE.
|
|
The old error code could indicate to an application or driver that
|
|
something is wrong with the TPM (has possibly gone into failure mode) even
|
|
though only the decryption failed, possibly due to a wrong key.
|
|
|
|
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
|
|
---
|
|
src/tpm2/crypto/openssl/CryptRsa.c | 2 +-
|
|
1 file changed, 1 insertion(+), 1 deletion(-)
|
|
|
|
diff --git a/src/tpm2/crypto/openssl/CryptRsa.c b/src/tpm2/crypto/openssl/CryptRsa.c
|
|
index b5d6b6c3..88ee3bac 100644
|
|
--- a/src/tpm2/crypto/openssl/CryptRsa.c
|
|
+++ b/src/tpm2/crypto/openssl/CryptRsa.c
|
|
@@ -1457,7 +1457,7 @@ CryptRsaDecrypt(
|
|
outlen = sizeof(buffer);
|
|
if (EVP_PKEY_decrypt(ctx, buffer, &outlen,
|
|
cIn->buffer, cIn->size) <= 0)
|
|
- ERROR_RETURN(TPM_RC_FAILURE);
|
|
+ ERROR_RETURN(TPM_RC_VALUE);
|
|
|
|
if (outlen > dOut->size)
|
|
ERROR_RETURN(TPM_RC_FAILURE);
|
|
--
|
|
2.41.0.28.gd7d8841f67
|
|
|