From b9bc887c843bab85398d44553ca98fc9b746508a Mon Sep 17 00:00:00 2001 From: Jerry Snitselaar Date: Mon, 28 Jun 2021 08:28:16 -0700 Subject: [PATCH] tpm2_import: Do not use fixed AES wrapping key Fix for CVE-2021-3565 resolves: rhbz#1965982 Signed-off-by: Jerry Snitselaar --- ...port-fix-fixed-AES-key-CVE-2021-3565.patch | 46 +++++++++++++++++++ tpm2-tools.spec | 7 ++- 2 files changed, 52 insertions(+), 1 deletion(-) create mode 100644 0001-tpm2_import-fix-fixed-AES-key-CVE-2021-3565.patch diff --git a/0001-tpm2_import-fix-fixed-AES-key-CVE-2021-3565.patch b/0001-tpm2_import-fix-fixed-AES-key-CVE-2021-3565.patch new file mode 100644 index 0000000..53814a4 --- /dev/null +++ b/0001-tpm2_import-fix-fixed-AES-key-CVE-2021-3565.patch @@ -0,0 +1,46 @@ +From c069e4f179d5e6653a84fb236816c375dca82515 Mon Sep 17 00:00:00 2001 +From: William Roberts +Date: Fri, 21 May 2021 12:22:31 -0500 +Subject: [PATCH] tpm2_import: fix fixed AES key CVE-2021-3565 + +tpm2_import used a fixed AES key for the inner wrapper, which means that +a MITM attack would be able to unwrap the imported key. Even the +use of an encrypted session will not prevent this. The TPM only +encrypts the first parameter which is the fixed symmetric key. + +To fix this, ensure the key size is 16 bytes or bigger and use +OpenSSL to generate a secure random AES key. + +Fixes: #2738 + +Signed-off-by: William Roberts +--- + tools/tpm2_import.c | 12 +++++++++++- + 1 file changed, 11 insertions(+), 1 deletion(-) + +diff --git a/tools/tpm2_import.c b/tools/tpm2_import.c +index cfb6f207ba9c..f44326c87e7e 100644 +--- a/tools/tpm2_import.c ++++ b/tools/tpm2_import.c +@@ -118,7 +118,17 @@ static tool_rc key_import(ESYS_CONTEXT *ectx, TPM2B_PUBLIC *parent_pub, + TPM2B_DATA enc_sensitive_key = { + .size = parent_pub->publicArea.parameters.rsaDetail.symmetric.keyBits.sym / 8 + }; +- memset(enc_sensitive_key.buffer, 0xFF, enc_sensitive_key.size); ++ ++ if(enc_sensitive_key.size < 16) { ++ LOG_ERR("Calculated wrapping keysize is less than 16 bytes, got: %u", enc_sensitive_key.size); ++ return tool_rc_general_error; ++ } ++ ++ int ossl_rc = RAND_bytes(enc_sensitive_key.buffer, enc_sensitive_key.size); ++ if (ossl_rc != 1) { ++ LOG_ERR("RAND_bytes failed: %s", ERR_error_string(ERR_get_error(), NULL)); ++ return tool_rc_general_error; ++ } + + /* + * Calculate the object name. +-- +2.31.0 + diff --git a/tpm2-tools.spec b/tpm2-tools.spec index b5954af..b1b9418 100644 --- a/tpm2-tools.spec +++ b/tpm2-tools.spec @@ -2,12 +2,13 @@ Name: tpm2-tools Version: 5.0 -Release: 6%{?candidate:.%{candidate}}%{?dist} +Release: 7%{?candidate:.%{candidate}}%{?dist} Summary: A bunch of TPM testing toolS build upon tpm2-tss License: BSD URL: https://github.com/tpm2-software/tpm2-tools Source0: https://github.com/tpm2-software/tpm2-tools/releases/download/%{version}%{?candidate:-%{candidate}}/%{name}-%{version}%{?candidate:-%{candidate}}.tar.gz +Patch0: 0001-tpm2_import-fix-fixed-AES-key-CVE-2021-3565.patch BuildRequires: make BuildRequires: gcc-c++ @@ -57,6 +58,10 @@ tpm2-tools is a batch of tools for tpm2.0. It is based on tpm2-tss. %{_mandir}/man1/tss2_*.1.gz %changelog +* Mon Jun 28 2021 Jerry Snitselaar - 5.0-7 +- Fix for CVE-2021-3565 +Resolves: rhbz#1965982 + * Wed Jun 16 2021 Mohan Boddu - 5.0-6 - Rebuilt for RHEL 9 BETA for openssl 3.0 Related: rhbz#1971065