tpm2-tools: backport fix for CVE-2021-3565

tpm2_import used a fixed AES key for the inner wrapper, which means that a MITM attack would be able to unwrap the imported key. Even the use of an encrypted session will not prevent this. The TPM only encrypts the first parameter which is the fixed symmetric key. To fix this, ensure the key size is 16 bytes or bigger and use OpenSSL to generate a secure random AES key. Upstream commit (with offset adjusted) https://github.com/tpm2-software/tpm2-tools/commit/c069e4f179d5e6653a84fb236816c375dca82515 Signed-off-by: Ralph Siemsen <ralph.siemsen@linaro.org> Signed-off-by: Armin Kuster <akuster808@gmail.com>
author: Ralph Siemsen <ralph.siemsen@linaro.org> 2022-03-15 12:08:27 -0400
committer: Armin Kuster <akuster808@gmail.com> 2022-03-17 08:05:36 -0700
commit: de4e7fced9f735f3c25277de38cde8454b97b28e (patch)
tree: d55751cfbf16d9f4cfe5348ba542d8a544bcb221
parent: c74cc97641fd93e0e7a4383255e9a0ab3deaf9d7 (diff)
download: meta-security-de4e7fced9f735f3c25277de38cde8454b97b28e.tar.gz
2 files changed, 51 insertions, 0 deletions
diff --git a/meta-tpm/recipes-tpm2/tpm2-tools/tpm2-tools/0001-tpm2_import-fix-fixed-AES-key-CVE-2021-3565.patch b/meta-tpm/recipes-tpm2/tpm2-tools/tpm2-tools/0001-tpm2_import-fix-fixed-AES-key-CVE-2021-3565.patch
new file mode 100644
index 0000000..3832063
--- /dev/null
+++ b/meta-tpm/recipes-tpm2/tpm2-tools/tpm2-tools/0001-tpm2_import-fix-fixed-AES-key-CVE-2021-3565.patch
@@ -0,0 +1,48 @@
+From 784be35c52a7083b9535bad2fcca416ff9cfd26b Mon Sep 17 00:00:00 2001
+From: William Roberts <william.c.roberts@intel.com>
+Date: Fri, 21 May 2021 12:22:31 -0500
+Subject: [PATCH] tpm2_import: fix fixed AES key CVE-2021-3565
+tpm2_import used a fixed AES key for the inner wrapper, which means that
+a MITM attack would be able to unwrap the imported key. Even the
+use of an encrypted session will not prevent this. The TPM only
+encrypts the first parameter which is the fixed symmetric key.
+To fix this, ensure the key size is 16 bytes or bigger and use
+OpenSSL to generate a secure random AES key.
+Fixes: #2738
+Signed-off-by: William Roberts <william.c.roberts@intel.com>
+Upstream-Status: Backport
+https://github.com/tpm2-software/tpm2-tools/commit/c069e4f179d5e6653a84fb236816c375dca82515
+CVE: CVE-2021-3565
+Signed-off-by: Ralph Siemsen <ralph.siemsen@linaro.org>
+---
+ tools/tpm2_import.c | 12 +++++++++++-
+ 1 file changed, 11 insertions(+), 1 deletion(-)
+diff --git a/tools/tpm2_import.c b/tools/tpm2_import.c
+index 6404cac..acd8ac8 100644
+--- a/tools/tpm2_import.c
+++ b/tools/tpm2_import.c
+@@ -146,7 +146,17 @@ static tool_rc key_import(ESYS_CONTEXT *ectx, TPM2B_PUBLIC *parent_pub,
+     TPM2B_DATA enc_sensitive_key = {
+         .size = parent_pub->publicArea.parameters.rsaDetail.symmetric.keyBits.sym / 8
+     };
+-    memset(enc_sensitive_key.buffer, 0xFF, enc_sensitive_key.size);
+
+    if(enc_sensitive_key.size < 16) {
+        LOG_ERR("Calculated wrapping keysize is less than 16 bytes, got: %u", enc_sensitive_key.size);
+        return tool_rc_general_error;
+    }
+
+    int ossl_rc = RAND_bytes(enc_sensitive_key.buffer, enc_sensitive_key.size);
+    if (ossl_rc != 1) {
+        LOG_ERR("RAND_bytes failed: %s", ERR_error_string(ERR_get_error(), NULL));
+        return tool_rc_general_error;
+    }
+ 
+     /*
+      * Calculate the object name.
diff --git a/meta-tpm/recipes-tpm2/tpm2-tools/tpm2-tools_4.1.1.bb b/meta-tpm/recipes-tpm2/tpm2-tools/tpm2-tools_4.1.1.bb
index e90dcfe..f013fa1 100644
--- a/meta-tpm/recipes-tpm2/tpm2-tools/tpm2-tools_4.1.1.bb
+++ b/meta-tpm/recipes-tpm2/tpm2-tools/tpm2-tools_4.1.1.bb
@@ -6,7 +6,10 @@ SECTION = "tpm"
 DEPENDS = "tpm2-abrmd tpm2-tss openssl curl autoconf-archive"
+FILESEXTRAPATHS_prepend := "${THISDIR}/${PN}:"
 SRC_URI = "https://github.com/tpm2-software/${BPN}/releases/download/${PV}/${BPN}-${PV}.tar.gz"
+SRC_URI += "file://0001-tpm2_import-fix-fixed-AES-key-CVE-2021-3565.patch"
 SRC_URI[md5sum] = "701ae9e8c8cbdd37d89c8ad774f55395"
 SRC_URI[sha256sum] = "40b9263d8b949bd2bc03a3cd60fa242e27116727467f9bbdd0b5f2539a25a7b1"
author	Ralph Siemsen <ralph.siemsen@linaro.org>	2022-03-15 12:08:27 -0400
committer	Armin Kuster <akuster808@gmail.com>	2022-03-17 08:05:36 -0700
commit	de4e7fced9f735f3c25277de38cde8454b97b28e (patch)
tree	d55751cfbf16d9f4cfe5348ba542d8a544bcb221
parent	c74cc97641fd93e0e7a4383255e9a0ab3deaf9d7 (diff)
download	meta-security-de4e7fced9f735f3c25277de38cde8454b97b28e.tar.gz

diff --git a/meta-tpm/recipes-tpm2/tpm2-tools/tpm2-tools/0001-tpm2_import-fix-fixed-AES-key-CVE-2021-3565.patch b/meta-tpm/recipes-tpm2/tpm2-tools/tpm2-tools/0001-tpm2_import-fix-fixed-AES-key-CVE-2021-3565.patch new file mode 100644 index 0000000..3832063 --- /dev/null +++ b/meta-tpm/recipes-tpm2/tpm2-tools/tpm2-tools/0001-tpm2_import-fix-fixed-AES-key-CVE-2021-3565.patch
@@ -0,0 +1,48 @@
		1	From 784be35c52a7083b9535bad2fcca416ff9cfd26b Mon Sep 17 00:00:00 2001
		2	From: William Roberts <william.c.roberts@intel.com>
		3	Date: Fri, 21 May 2021 12:22:31 -0500
		4	Subject: [PATCH] tpm2_import: fix fixed AES key CVE-2021-3565
		5
		6	tpm2_import used a fixed AES key for the inner wrapper, which means that
		7	a MITM attack would be able to unwrap the imported key. Even the
		8	use of an encrypted session will not prevent this. The TPM only
		9	encrypts the first parameter which is the fixed symmetric key.
		10
		11	To fix this, ensure the key size is 16 bytes or bigger and use
		12	OpenSSL to generate a secure random AES key.
		13
		14	Fixes: #2738
		15
		16	Signed-off-by: William Roberts <william.c.roberts@intel.com>
		17
		18	Upstream-Status: Backport
		19	https://github.com/tpm2-software/tpm2-tools/commit/c069e4f179d5e6653a84fb236816c375dca82515
		20	CVE: CVE-2021-3565
		21	Signed-off-by: Ralph Siemsen <ralph.siemsen@linaro.org>
		22	---
		23	tools/tpm2_import.c \| 12 +++++++++++-
		24	1 file changed, 11 insertions(+), 1 deletion(-)
		25
		26	diff --git a/tools/tpm2_import.c b/tools/tpm2_import.c
		27	index 6404cac..acd8ac8 100644
		28	--- a/tools/tpm2_import.c
		29	+++ b/tools/tpm2_import.c
		30	@@ -146,7 +146,17 @@ static tool_rc key_import(ESYS_CONTEXT ectx, TPM2B_PUBLIC parent_pub,
		31	TPM2B_DATA enc_sensitive_key = {
		32	.size = parent_pub->publicArea.parameters.rsaDetail.symmetric.keyBits.sym / 8
		33	};
		34	- memset(enc_sensitive_key.buffer, 0xFF, enc_sensitive_key.size);
		35	+
		36	+ if(enc_sensitive_key.size < 16) {
		37	+ LOG_ERR("Calculated wrapping keysize is less than 16 bytes, got: %u", enc_sensitive_key.size);
		38	+ return tool_rc_general_error;
		39	+ }
		40	+
		41	+ int ossl_rc = RAND_bytes(enc_sensitive_key.buffer, enc_sensitive_key.size);
		42	+ if (ossl_rc != 1) {
		43	+ LOG_ERR("RAND_bytes failed: %s", ERR_error_string(ERR_get_error(), NULL));
		44	+ return tool_rc_general_error;
		45	+ }
		46
		47	/*
		48	* Calculate the object name.


diff --git a/meta-tpm/recipes-tpm2/tpm2-tools/tpm2-tools_4.1.1.bb b/meta-tpm/recipes-tpm2/tpm2-tools/tpm2-tools_4.1.1.bb index e90dcfe..f013fa1 100644 --- a/meta-tpm/recipes-tpm2/tpm2-tools/tpm2-tools_4.1.1.bb +++ b/meta-tpm/recipes-tpm2/tpm2-tools/tpm2-tools_4.1.1.bb
@@ -6,7 +6,10 @@ SECTION = "tpm"
6		6
7	DEPENDS = "tpm2-abrmd tpm2-tss openssl curl autoconf-archive"	7	DEPENDS = "tpm2-abrmd tpm2-tss openssl curl autoconf-archive"
8		8
		9	FILESEXTRAPATHS_prepend := "${THISDIR}/${PN}:"
		10
9	SRC_URI = "https://github.com/tpm2-software/${BPN}/releases/download/${PV}/${BPN}-${PV}.tar.gz"	11	SRC_URI = "https://github.com/tpm2-software/${BPN}/releases/download/${PV}/${BPN}-${PV}.tar.gz"
		12	SRC_URI += "file://0001-tpm2_import-fix-fixed-AES-key-CVE-2021-3565.patch"
10		13
11	SRC_URI[md5sum] = "701ae9e8c8cbdd37d89c8ad774f55395"	14	SRC_URI[md5sum] = "701ae9e8c8cbdd37d89c8ad774f55395"
12	SRC_URI[sha256sum] = "40b9263d8b949bd2bc03a3cd60fa242e27116727467f9bbdd0b5f2539a25a7b1"	15	SRC_URI[sha256sum] = "40b9263d8b949bd2bc03a3cd60fa242e27116727467f9bbdd0b5f2539a25a7b1"