|
|
d6ed27 |
From e4261984374556da65c9d46097d5a1200b335c0c Mon Sep 17 00:00:00 2001
|
|
|
d6ed27 |
From: Juergen Repp <juergen.repp@sit.fraunhofer.de>
|
|
|
d6ed27 |
Date: Sat, 19 Feb 2022 12:59:32 +0100
|
|
|
d6ed27 |
Subject: [PATCH] tpm2: Do not call EVP_PKEY_CTX_set0_rsa_oaep_label() for
|
|
|
d6ed27 |
label of size 0 (OSSL 3)
|
|
|
d6ed27 |
|
|
|
d6ed27 |
Openssl 3.0 did return an error if EVP_PKEY_CTX_set0_rsa_oaep_label was called
|
|
|
d6ed27 |
with label size 0. The function should only be called if the size of the label
|
|
|
d6ed27 |
is greater 0.
|
|
|
d6ed27 |
With this fix TPM2_RSA_Encrypt/Decrypt did work with OpenSSL 1.1 and 3.0
|
|
|
d6ed27 |
for encryption without label.
|
|
|
d6ed27 |
|
|
|
d6ed27 |
Signed-off-by: Juergen Repp <juergen.repp@sit.fraunhofer.de>
|
|
|
d6ed27 |
---
|
|
|
d6ed27 |
src/tpm2/crypto/openssl/CryptRsa.c | 5 ++---
|
|
|
d6ed27 |
1 file changed, 2 insertions(+), 3 deletions(-)
|
|
|
d6ed27 |
|
|
|
d6ed27 |
diff --git a/src/tpm2/crypto/openssl/CryptRsa.c b/src/tpm2/crypto/openssl/CryptRsa.c
|
|
|
d6ed27 |
index 4ed04384feb0..b5d6b6c3be82 100644
|
|
|
d6ed27 |
--- a/src/tpm2/crypto/openssl/CryptRsa.c
|
|
|
d6ed27 |
+++ b/src/tpm2/crypto/openssl/CryptRsa.c
|
|
|
d6ed27 |
@@ -1356,10 +1356,9 @@ CryptRsaEncrypt(
|
|
|
d6ed27 |
if (tmp == NULL)
|
|
|
d6ed27 |
ERROR_RETURN(TPM_RC_FAILURE);
|
|
|
d6ed27 |
memcpy(tmp, label->buffer, label->size);
|
|
|
d6ed27 |
+ if (EVP_PKEY_CTX_set0_rsa_oaep_label(ctx, tmp, label->size) <= 0)
|
|
|
d6ed27 |
+ ERROR_RETURN(TPM_RC_FAILURE);
|
|
|
d6ed27 |
}
|
|
|
d6ed27 |
- // label->size == 0 is supported
|
|
|
d6ed27 |
- if (EVP_PKEY_CTX_set0_rsa_oaep_label(ctx, tmp, label->size) <= 0)
|
|
|
d6ed27 |
- ERROR_RETURN(TPM_RC_FAILURE);
|
|
|
d6ed27 |
tmp = NULL;
|
|
|
d6ed27 |
break;
|
|
|
d6ed27 |
default:
|
|
|
d6ed27 |
--
|
|
|
d6ed27 |
2.36.0.44.g0f828332d5ac
|
|
|
d6ed27 |
|