Blame SOURCES/0001-tpm2_import-fix-fixed-AES-key-CVE-2021-3565.patch

ff593b
From c069e4f179d5e6653a84fb236816c375dca82515 Mon Sep 17 00:00:00 2001
ff593b
From: William Roberts <william.c.roberts@intel.com>
ff593b
Date: Fri, 21 May 2021 12:22:31 -0500
ff593b
Subject: [PATCH] tpm2_import: fix fixed AES key CVE-2021-3565
ff593b
ff593b
tpm2_import used a fixed AES key for the inner wrapper, which means that
ff593b
a MITM attack would be able to unwrap the imported key. Even the
ff593b
use of an encrypted session will not prevent this. The TPM only
ff593b
encrypts the first parameter which is the fixed symmetric key.
ff593b
ff593b
To fix this, ensure the key size is 16 bytes or bigger and use
ff593b
OpenSSL to generate a secure random AES key.
ff593b
ff593b
Fixes: #2738
ff593b
ff593b
Signed-off-by: William Roberts <william.c.roberts@intel.com>
ff593b
---
ff593b
 tools/tpm2_import.c | 12 +++++++++++-
ff593b
 1 file changed, 11 insertions(+), 1 deletion(-)
ff593b
ff593b
diff --git a/tools/tpm2_import.c b/tools/tpm2_import.c
ff593b
index cfb6f207ba9c..f44326c87e7e 100644
ff593b
--- a/tools/tpm2_import.c
ff593b
+++ b/tools/tpm2_import.c
ff593b
@@ -118,7 +118,17 @@ static tool_rc key_import(ESYS_CONTEXT *ectx, TPM2B_PUBLIC *parent_pub,
ff593b
     TPM2B_DATA enc_sensitive_key = {
ff593b
         .size = parent_pub->publicArea.parameters.rsaDetail.symmetric.keyBits.sym / 8
ff593b
     };
ff593b
-    memset(enc_sensitive_key.buffer, 0xFF, enc_sensitive_key.size);
ff593b
+
ff593b
+    if(enc_sensitive_key.size < 16) {
ff593b
+        LOG_ERR("Calculated wrapping keysize is less than 16 bytes, got: %u", enc_sensitive_key.size);
ff593b
+        return tool_rc_general_error;
ff593b
+    }
ff593b
+
ff593b
+    int ossl_rc = RAND_bytes(enc_sensitive_key.buffer, enc_sensitive_key.size);
ff593b
+    if (ossl_rc != 1) {
ff593b
+        LOG_ERR("RAND_bytes failed: %s", ERR_error_string(ERR_get_error(), NULL));
ff593b
+        return tool_rc_general_error;
ff593b
+    }
ff593b
 
ff593b
     /*
ff593b
      * Calculate the object name.
ff593b
-- 
ff593b
2.31.0
ff593b