Overview

File 0001-esys-Fix-HMAC-generation-for-policy-sessions.patch of Package tpm2-0-tss

From 76c97e5adc391f77a613b62f2ae49f9067e7ddcf Mon Sep 17 00:00:00 2001
From: Jeffrey Ferreira <jeffpferreira@gmail.com>
Date: Fri, 16 Aug 2019 16:04:24 -0700
Subject: [PATCH] esys: Fix HMAC generation for policy sessions

Policy sessions which do not include TPM2_PolicyAuthValue should not include
authValue in their HMAC computation.

Signed-off-by: Jeffrey Ferreira <jeffpferreira@gmail.com>
---
 src/tss2-esys/esys_iutil.c | 11 +++++++----
 1 file changed, 7 insertions(+), 4 deletions(-)

diff --git a/src/tss2-esys/esys_iutil.c b/src/tss2-esys/esys_iutil.c
index 35bca6e1..94d0332c 100644
--- a/src/tss2-esys/esys_iutil.c
+++ b/src/tss2-esys/esys_iutil.c
@@ -1019,11 +1019,14 @@ iesys_compute_session_value(RSRC_NODE_T * session,
     /* Then if we are a bound session, the auth value is not appended to the end
        of the session value for HMAC computation. The size of the key will not be
        increased.*/
-    if (iesys_is_object_bound(name, auth_value,
-                              session) &&
-        /* type_policy_session set to POLICY_AUTH by command PolicyAuthValue */
-        (session->rsrc.misc.rsrc_session.type_policy_session != POLICY_AUTH))
+    if (iesys_is_object_bound(name, auth_value, session))
         return;
+
+    /* type_policy_session set to POLICY_AUTH by command PolicyAuthValue */
+    if (session->rsrc.misc.rsrc_session.sessionType == TPM2_SE_POLICY &&
+        session->rsrc.misc.rsrc_session.type_policy_session != POLICY_AUTH)
+        return;
+
     session->rsrc.misc.rsrc_session.sizeHmacValue += auth_value->size;
 }
 
-- 
2.24.1
openSUSE Build Service is sponsored by
Places