39 lines
1.4 KiB
Diff
39 lines
1.4 KiB
Diff
|
From 1ec07af70925ece698b733d55dedd1d9878b70f2 Mon Sep 17 00:00:00 2001
|
||
|
|
From: Tadeusz Struk <tadeusz.struk@intel.com>
|
||
|
|
Date: Fri, 24 Jan 2020 19:05:34 -0800
|
||
|
|
Subject: [PATCH] esys: zero out ctx->salt after on startAuthSession_finish
|
||
|
|
|
||
|
|
The ctx->salt is used to calculate session key during
|
||
|
|
startAuthSession call if the caller pass a valid tpmKey
|
||
|
|
parameter. There salt is calculated in the _Async call
|
||
|
|
and the the session key is calculated in the _Finish call.
|
||
|
|
The problem is that if in the same context an unsalted
|
||
|
|
session is created after a salted session the ctx->salt
|
||
|
|
will still hold the old value and it will incorrectly
|
||
|
|
be used for session key calculation in the the subsequent
|
||
|
|
_Finish call. To fix this the salt needs to be set to
|
||
|
|
cleaned after no longer needed.
|
||
|
|
|
||
|
|
Fixes: #1574
|
||
|
|
|
||
|
|
Signed-off-by: Tadeusz Struk <tadeusz.struk@intel.com>
|
||
|
|
---
|
||
|
|
src/tss2-esys/api/Esys_StartAuthSession.c | 1 +
|
||
|
|
1 file changed, 1 insertion(+)
|
||
|
|
|
||
|
|
diff --git a/src/tss2-esys/api/Esys_StartAuthSession.c b/src/tss2-esys/api/Esys_StartAuthSession.c
|
||
|
|
index 1717928a717d..6367419d7c9a 100644
|
||
|
|
--- a/src/tss2-esys/api/Esys_StartAuthSession.c
|
||
|
|
+++ b/src/tss2-esys/api/Esys_StartAuthSession.c
|
||
|
|
@@ -497,6 +497,7 @@ Esys_StartAuthSession_Finish(
|
||
|
|
goto_if_error(r, "Marshal session name", error_cleanup);
|
||
|
|
|
||
|
|
sessionHandleNode->rsrc.name.size = offset;
|
||
|
|
+ memset(&esysContext->salt, '\0', sizeof(esysContext->salt));
|
||
|
|
esysContext->state = _ESYS_STATE_INIT;
|
||
|
|
|
||
|
|
return TSS2_RC_SUCCESS;
|
||
|
|
--
|
||
|
|
2.27.0
|
||
|
|
|