Hello community, here is the log from the commit of package tpm2-0-tss for openSUSE:Leap:15.2 checked in at 2020-01-22 08:19:44 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Leap:15.2/tpm2-0-tss (Old) and /work/SRC/openSUSE:Leap:15.2/.tpm2-0-tss.new.26092 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "tpm2-0-tss" Wed Jan 22 08:19:44 2020 rev:19 rq:766035 version:2.3.0 Changes: -------- --- /work/SRC/openSUSE:Leap:15.2/tpm2-0-tss/tpm2-0-tss.changes 2020-01-15 16:24:48.776631415 +0100 +++ /work/SRC/openSUSE:Leap:15.2/.tpm2-0-tss.new.26092/tpm2-0-tss.changes 2020-01-22 08:19:46.106191927 +0100 @@ -1,0 +2,7 @@ +Thu Jan 16 11:07:32 UTC 2020 - Matthias Gerstner <[email protected]> + +- 0001-esys-Fix-HMAC-generation-for-policy-sessions.patch: fix problems with + policy sessions that don't include an TPM2_PolicyAuthValue (bsc#1160736). + This bug was fixed upstream in a minor release 2.3.2. + +------------------------------------------------------------------- New: ---- 0001-esys-Fix-HMAC-generation-for-policy-sessions.patch ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ tpm2-0-tss.spec ++++++ --- /var/tmp/diff_new_pack.Gcfotu/_old 2020-01-22 08:19:46.422192097 +0100 +++ /var/tmp/diff_new_pack.Gcfotu/_new 2020-01-22 08:19:46.426192099 +0100 @@ -25,6 +25,7 @@ Url: https://github.com/tpm2-software/tpm2-tss Source0: https://github.com/tpm2-software/tpm2-tss/releases/download/%{version}/tpm2-tss-%{version}.tar.gz Source2: baselibs.conf +Patch0: 0001-esys-Fix-HMAC-generation-for-policy-sessions.patch BuildRequires: doxygen BuildRequires: gcc-c++ BuildRequires: libgcrypt-devel @@ -125,6 +126,7 @@ %prep %setup -q -n tpm2-tss-%{version} +%patch0 -p1 %pre # the same user is employed by trousers (and was employed by the old ++++++ 0001-esys-Fix-HMAC-generation-for-policy-sessions.patch ++++++ >From 76c97e5adc391f77a613b62f2ae49f9067e7ddcf Mon Sep 17 00:00:00 2001 From: Jeffrey Ferreira <[email protected]> Date: Fri, 16 Aug 2019 16:04:24 -0700 Subject: [PATCH] esys: Fix HMAC generation for policy sessions Policy sessions which do not include TPM2_PolicyAuthValue should not include authValue in their HMAC computation. Signed-off-by: Jeffrey Ferreira <[email protected]> --- src/tss2-esys/esys_iutil.c | 11 +++++++---- 1 file changed, 7 insertions(+), 4 deletions(-) diff --git a/src/tss2-esys/esys_iutil.c b/src/tss2-esys/esys_iutil.c index 35bca6e1..94d0332c 100644 --- a/src/tss2-esys/esys_iutil.c +++ b/src/tss2-esys/esys_iutil.c @@ -1019,11 +1019,14 @@ iesys_compute_session_value(RSRC_NODE_T * session, /* Then if we are a bound session, the auth value is not appended to the end of the session value for HMAC computation. The size of the key will not be increased.*/ - if (iesys_is_object_bound(name, auth_value, - session) && - /* type_policy_session set to POLICY_AUTH by command PolicyAuthValue */ - (session->rsrc.misc.rsrc_session.type_policy_session != POLICY_AUTH)) + if (iesys_is_object_bound(name, auth_value, session)) return; + + /* type_policy_session set to POLICY_AUTH by command PolicyAuthValue */ + if (session->rsrc.misc.rsrc_session.sessionType == TPM2_SE_POLICY && + session->rsrc.misc.rsrc_session.type_policy_session != POLICY_AUTH) + return; + session->rsrc.misc.rsrc_session.sizeHmacValue += auth_value->size; } -- 2.24.1
