tpm2-tss/0002-esys-Shared-secret-calculation-is-not-spec-compliant.patch
Štěpán Horáček 1362aab239 Backport fixes from upstream
Resolves: CVE-2023-22745
Resolves: rhbz#2160302
Resolves: rhbz#2162611

Signed-off-by: Štěpán Horáček <shoracek@redhat.com>
2023-07-10 16:14:22 +02:00

32 lines
1.2 KiB
Diff

From b94392537a1ed43918483a2bfa8a90e5fd05354d Mon Sep 17 00:00:00 2001
From: Stefan Thom <mail@LordOfDorks.com>
Date: Fri, 5 Jun 2020 12:11:39 -0700
Subject: [PATCH 2/4] esys: Shared secret calculation is not spec compliant.
Refer to specification part 1 Architecture, Section 20.1 AuditSession
Introduction: If the session was bound when created (see 19.6.10 and
19.6.12), the bind value is lost and any further use of the session for
authorization will require that the authValue be used in the HMAC.
Signed-off-by: Stefan Thom <mail@LordOfDorks.com>
---
src/tss2-esys/esys_tr.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/src/tss2-esys/esys_tr.c b/src/tss2-esys/esys_tr.c
index c9ea537a..d14c7d35 100644
--- a/src/tss2-esys/esys_tr.c
+++ b/src/tss2-esys/esys_tr.c
@@ -511,6 +511,8 @@ Esys_TRSess_SetAttributes(ESYS_CONTEXT * esys_context, ESYS_TR esys_handle,
esys_object->rsrc.misc.rsrc_session.sessionAttributes =
(esys_object->rsrc.misc.rsrc_session.
sessionAttributes & ~mask) | (flags & mask);
+ if (esys_object->rsrc.misc.rsrc_session.sessionAttributes & TPMA_SESSION_AUDIT)
+ esys_object->rsrc.misc.rsrc_session.bound_entity.size = 0;
return TSS2_RC_SUCCESS;
}
--
2.41.0