rpms
/
libtpms
20
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

import libtpms-0.9.1-4.20211126git1ff6fe1f43.el9_2

Browse Source
i9c changed/i9c/libtpms-0.9.1-4.20211126git1ff6fe1f43.el9_2
MSVSphere Packaging Team 3 months ago
parent 8838832c38
commit f0316b5259
Signed by: sys_gitsync
GPG Key ID: B2B0B9F29E528FE8
2 changed files with 38 additions and 2 deletions
Show Stats Download Patch File Download Diff File

31
SOURCES/0001-tpm2-Return-TPM_RC_VALUE-upon-decryption-failure.patch
Unescape View File

@ -0,0 +1,31 @@
From 1b0b41293a0d49ff8063542fcb3a5ee1d4e10f7e Mon Sep 17 00:00:00 2001
From: Stefan Berger <stefanb@linux.ibm.com>
Date: Mon, 29 Jul 2024 10:19:00 -0400
Subject: [PATCH] tpm2: Return TPM_RC_VALUE upon decryption failure
When decryption fails then return TPM_RC_VALUE rather than TPM_RC_FAILURE.
The old error code could indicate to an application or driver that
something is wrong with the TPM (has possibly gone into failure mode) even
though only the decryption failed, possibly due to a wrong key.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
---
src/tpm2/crypto/openssl/CryptRsa.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/tpm2/crypto/openssl/CryptRsa.c b/src/tpm2/crypto/openssl/CryptRsa.c
index b5d6b6c3..88ee3bac 100644
--- a/src/tpm2/crypto/openssl/CryptRsa.c
+++ b/src/tpm2/crypto/openssl/CryptRsa.c
@@ -1457,7 +1457,7 @@ CryptRsaDecrypt(
outlen = sizeof(buffer);
if (EVP_PKEY_decrypt(ctx, buffer, &outlen,
cIn->buffer, cIn->size) <= 0)
- ERROR_RETURN(TPM_RC_FAILURE);
+ ERROR_RETURN(TPM_RC_VALUE);
if (outlen > dOut->size)
ERROR_RETURN(TPM_RC_FAILURE);
--
2.41.0.28.gd7d8841f67

9
SPECS/libtpms.spec
Unescape View File

@ -3,7 +3,7 @@
Name: libtpms Name: libtpms
Version: 0.9.1 Version: 0.9.1
Release: 3.%{gitdate}git%{gitversion}%{?dist} Release: 4.%{gitdate}git%{gitversion}%{?dist}
Summary: Library providing Trusted Platform Module (TPM) functionality Summary: Library providing Trusted Platform Module (TPM) functionality
License: BSD License: BSD
@ -13,6 +13,7 @@ Patch0001: 0001-tpm2-Do-not-call-EVP_PKEY_CTX_set0_rsa_oaep_label-fo.patch
Patch0002: 0001-tpm2-Fix-size-check-in-CryptSecretDecrypt.patch Patch0002: 0001-tpm2-Fix-size-check-in-CryptSecretDecrypt.patch
Patch0003: 0001-tpm2-When-writing-state-initialize-s_ContextSlotMask.patch Patch0003: 0001-tpm2-When-writing-state-initialize-s_ContextSlotMask.patch
Patch0004: 0001-tpm2-Check-size-of-buffer-before-accessing-it-CVE-20.patch Patch0004: 0001-tpm2-Check-size-of-buffer-before-accessing-it-CVE-20.patch
Patch0005: 0001-tpm2-Return-TPM_RC_VALUE-upon-decryption-failure.patch
BuildRequires: openssl-devel BuildRequires: openssl-devel
BuildRequires: pkgconfig gawk sed BuildRequires: pkgconfig gawk sed
@ -59,7 +60,11 @@ find %{buildroot} -type f -name '*.la' | xargs rm -f -- || :
%{_mandir}/man3/* %{_mandir}/man3/*
%changelog %changelog
* Wed Mar 15 2023 MSVSphere Packaging Team <packager@msvsphere.ru> - 0.9.1-2.20211126git1ff6fe1f43 * Wed Sep 04 2024 Marc-André Lureau <marcandre.lureau@redhat.com> - 0.9.1-4.20211126git1ff6fe1f43
- Backport "tpm2: Return TPM_RC_VALUE upon decryption failure"
Resolves: RHEL-58054
* Wed Mar 15 2023 MSVSphere Packaging Team <packager@msvsphere.ru> - 0.9.1-3.20211126git1ff6fe1f43
- Rebuilt for MSVSphere 9.1. - Rebuilt for MSVSphere 9.1.
* Wed Mar 01 2023 Marc-André Lureau <marcandre.lureau@redhat.com> - 0.9.1-3.20211126git1ff6fe1f43 * Wed Mar 01 2023 Marc-André Lureau <marcandre.lureau@redhat.com> - 0.9.1-3.20211126git1ff6fe1f43

Write Preview
Loading…
Cancel
Save