libtpms

packages/libtpms

Fork 0

Commit Graph

Author	SHA1	Message	Date
jiangfangjie 00559066	33786178b6	rename patch file Signed-off-by: jiangfangjie 00559066 <jiangfangjie@huawei.com> (cherry picked from commit a1a30376203ea5fefc0ddaeb1f7a1324dd8b8e6b)	2021-09-09 18:39:02 +08:00
jiangfangjie 00559066	c54acdfb69	fix the cve-2021-3505 Signed-off-by: jiangfangjie 00559066 <jiangfangjie@huawei.com> (cherry picked from commit 49be9bc2aed2a56d88f89efec8d142b9565fc37e)	2021-09-09 18:39:02 +08:00
jiangfangjie 00559066	a1a4809abf	tpm2: CryptSym: fix AES output IV The TPM is supposed to provide the output IV in the ivInOut parameter in CryptSymmetricEncrypt. In the case of using the openssl routines, the output IV is missed, and the resulting output from the TPM is in the input IV. OpenSSL unfortunately does not export EVP_CIPHER_CTX_iv() until tags/OpenSSL_1_1_0, so we have to fall back to the reference code for previous OpenSSL versions. Fixes: CVE-2021-3446 buglink:https://bugzilla.redhat.com/show_bug.cgi?id=1939664 Signed-off-by: William Roberts <william.c.roberts@intel.com> Signed-off-by: Stefan Berger <stefanb@linux.ibm.com> Signed-off-by: jiangfangjie 00559066 <jiangfangjie@huawei.com>	2021-04-06 18:19:30 +08:00

Author

SHA1

Message

Date

jiangfangjie 00559066

33786178b6

rename patch file

Signed-off-by: jiangfangjie 00559066 <jiangfangjie@huawei.com>
(cherry picked from commit a1a30376203ea5fefc0ddaeb1f7a1324dd8b8e6b)

2021-09-09 18:39:02 +08:00

jiangfangjie 00559066

c54acdfb69

fix the cve-2021-3505

Signed-off-by: jiangfangjie 00559066 <jiangfangjie@huawei.com>
(cherry picked from commit 49be9bc2aed2a56d88f89efec8d142b9565fc37e)

2021-09-09 18:39:02 +08:00

jiangfangjie 00559066

a1a4809abf

tpm2: CryptSym: fix AES output IV

The TPM is supposed to provide the output IV in the ivInOut parameter in
CryptSymmetricEncrypt. In the case of using the openssl routines, the
output IV is missed, and the resulting output from the TPM is in the
input IV.

OpenSSL unfortunately does not export EVP_CIPHER_CTX_iv() until
tags/OpenSSL_1_1_0, so we have to fall back to the reference code for
previous OpenSSL versions.

Fixes: CVE-2021-3446
buglink:https://bugzilla.redhat.com/show_bug.cgi?id=1939664

Signed-off-by: William Roberts <william.c.roberts@intel.com>
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Signed-off-by: jiangfangjie 00559066 <jiangfangjie@huawei.com>

2021-04-06 18:19:30 +08:00

3 Commits