|
 |
e56592 |
From 0bd19b61c8cd07d03b6efffc05f95d5ec427a3d6 Mon Sep 17 00:00:00 2001
|
|
|
e56592 |
From: Tadeusz Struk <tadeusz.struk@intel.com>
|
|
|
e56592 |
Date: Tue, 14 Jan 2020 10:55:20 -0800
|
|
|
e56592 |
Subject: [PATCH] esys: fix Esys_StartAuthSession called with optional params
|
|
|
e56592 |
|
|
|
e56592 |
For an HMAC session if any of the optional params are ESYS_TR_NONE
|
|
|
e56592 |
we need to use the same tpm2_handles TPM2_RH_NULL (0x40000007)
|
|
|
e56592 |
as in the prepare call to correctly calculate cpHash and HMAC
|
|
|
e56592 |
values for the session.
|
|
|
e56592 |
|
|
|
e56592 |
Fixes: #1590
|
|
|
e56592 |
|
|
|
e56592 |
Signed-off-by: Tadeusz Struk <tadeusz.struk@intel.com>
|
|
|
e56592 |
---
|
|
|
e56592 |
src/tss2-esys/api/Esys_StartAuthSession.c | 14 +++++++++++++-
|
|
|
e56592 |
1 file changed, 13 insertions(+), 1 deletion(-)
|
|
|
e56592 |
|
|
|
e56592 |
diff --git a/src/tss2-esys/api/Esys_StartAuthSession.c b/src/tss2-esys/api/Esys_StartAuthSession.c
|
|
|
e56592 |
index 313604a2077c..3ccd842a7572 100644
|
|
|
e56592 |
--- a/src/tss2-esys/api/Esys_StartAuthSession.c
|
|
|
e56592 |
+++ b/src/tss2-esys/api/Esys_StartAuthSession.c
|
|
|
e56592 |
@@ -260,7 +260,19 @@ Esys_StartAuthSession_Async(
|
|
|
e56592 |
iesys_compute_session_value(esysContext->session_tab[2], NULL, NULL);
|
|
|
e56592 |
|
|
|
e56592 |
/* Generate the auth values and set them in the SAPI command buffer */
|
|
|
e56592 |
- r = iesys_gen_auths(esysContext, tpmKeyNode, bindNode, NULL, &auths);
|
|
|
e56592 |
+
|
|
|
e56592 |
+ RSRC_NODE_T none;
|
|
|
e56592 |
+ size_t offset = 0;
|
|
|
e56592 |
+ none.rsrc.handle = TPM2_RH_NULL;
|
|
|
e56592 |
+ none.rsrc.rsrcType = IESYSC_WITHOUT_MISC_RSRC;
|
|
|
e56592 |
+ r = Tss2_MU_TPM2_HANDLE_Marshal(TPM2_RH_NULL,
|
|
|
e56592 |
+ none.rsrc.name.name,
|
|
|
e56592 |
+ sizeof(none.rsrc.name.name),
|
|
|
e56592 |
+ &offset);
|
|
|
e56592 |
+ return_state_if_error(r, _ESYS_STATE_INIT, "Marshaling TPM handle.");
|
|
|
e56592 |
+ none.rsrc.name.size = offset;
|
|
|
e56592 |
+ r = iesys_gen_auths(esysContext, tpmKeyNode ? tpmKeyNode : &none,
|
|
|
e56592 |
+ bindNode ? bindNode : &none, NULL, &auths);
|
|
|
e56592 |
return_state_if_error(r, _ESYS_STATE_INIT,
|
|
|
e56592 |
"Error in computation of auth values");
|
|
|
e56592 |
|
|
|
e56592 |
--
|
|
|
e56592 |
2.27.0
|
|
|
e56592 |
|