Bug#989366: unblock: tpm2-tools/5.0-2

To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: Bug#989366: unblock: tpm2-tools/5.0-2
From: "Ying-Chun Liu (PaulLiu)" <paulliu@debian.org>
Date: Wed, 2 Jun 2021 04:32:31 +0800
Message-id: <[🔎] 9a2c36c6-d786-f6d2-8315-5df754d3839a@debian.org>
Reply-to: "Ying-Chun Liu (PaulLiu)" <paulliu@debian.org>, 989366@bugs.debian.org

Package: release.debian.org
Severity: normal
User: release.debian.org@packages.debian.org
Usertags: unblock
X-Debbugs-Cc: paulliu@debian.org


Please unblock package tpm2-tools

[ Reason ]

tpm2-tools has a CVE bug CVE-2021-3565.

We fixed this issue by backporting the upstream's patch.

The Debian bug is #989148


[ Impact ]
If the unblock is not granted, when users run tpm2_import command there
might be

some risks that the key will be stolen by MITM attack.


[ Tests ]

We only run manually test on computers with tpm2 external hardware.

The following command is run and still works as expected.

 * tpm2_createprimary -Grsa2048:aes128cfb -C o -c parent.ctx
 * dd if=/dev/urandom of=sym.key bs=1 count=16
 * tpm2_import -C parent.ctx -G aes -i sym.key -u key.pub -r key.priv


The above commands are not suitable for autopkgtest because they require

tpm2 hardware.


[ Risks ]

This package is not a key package. It is a leaf package. No other
package depends on this.

These tpm2_* commands are for users who wants to manually operate tpm2
device.

The patch is quite trivial. Just don't use fixed key, instead generate
it randomly.

[ Checklist ]
  [x] all changes are documented in the d/changelog
  [x] I reviewed all changes and I approve them
  [x] attach debdiff against the package in testing

[ Other info ]

unblock tpm2-tools/5.0-2

diff -Nru tpm2-tools-5.0/debian/changelog tpm2-tools-5.0/debian/changelog
--- tpm2-tools-5.0/debian/changelog	2020-11-30 15:56:37.000000000 +0800
+++ tpm2-tools-5.0/debian/changelog	2021-06-02 04:00:26.000000000 +0800
@@ -1,3 +1,11 @@
+tpm2-tools (5.0-2) unstable; urgency=low
+
+  * Add debian/patches/0001-tpm2_import-fix-fixed-AES-key-CVE-2021-3565.patch
+    - Fix CVE-2021-3565 (Closes: #989148)
+    - This patch fixes the fixed AES key issue in tpm2_import command
+
+ -- Ying-Chun Liu (PaulLiu) <paulliu@debian.org>  Wed, 02 Jun 2021 04:00:26 +0800
+
 tpm2-tools (5.0-1) unstable; urgency=low
 
   * New upstream release.
diff -Nru tpm2-tools-5.0/debian/patches/0001-tpm2_import-fix-fixed-AES-key-CVE-2021-3565.patch tpm2-tools-5.0/debian/patches/0001-tpm2_import-fix-fixed-AES-key-CVE-2021-3565.patch
--- tpm2-tools-5.0/debian/patches/0001-tpm2_import-fix-fixed-AES-key-CVE-2021-3565.patch	1970-01-01 08:00:00.000000000 +0800
+++ tpm2-tools-5.0/debian/patches/0001-tpm2_import-fix-fixed-AES-key-CVE-2021-3565.patch	2021-06-02 04:00:26.000000000 +0800
@@ -0,0 +1,44 @@
+From c069e4f179d5e6653a84fb236816c375dca82515 Mon Sep 17 00:00:00 2001
+From: William Roberts <william.c.roberts@intel.com>
+Date: Fri, 21 May 2021 12:22:31 -0500
+Bug-Debian: https://bugs.debian.org/989148
+Subject: [PATCH] tpm2_import: fix fixed AES key CVE-2021-3565
+
+tpm2_import used a fixed AES key for the inner wrapper, which means that
+a MITM attack would be able to unwrap the imported key. Even the
+use of an encrypted session will not prevent this. The TPM only
+encrypts the first parameter which is the fixed symmetric key.
+
+To fix this, ensure the key size is 16 bytes or bigger and use
+OpenSSL to generate a secure random AES key.
+
+Fixes: #2738
+
+Signed-off-by: William Roberts <william.c.roberts@intel.com>
+---
+ tools/tpm2_import.c | 12 +++++++++++-
+ 1 file changed, 11 insertions(+), 1 deletion(-)
+
+Index: tpm2-tools-5.0/tools/tpm2_import.c
+===================================================================
+--- tpm2-tools-5.0.orig/tools/tpm2_import.c
++++ tpm2-tools-5.0/tools/tpm2_import.c
+@@ -149,7 +149,17 @@ static tool_rc key_import(ESYS_CONTEXT *
+     TPM2B_DATA enc_sensitive_key = {
+         .size = parent_pub->publicArea.parameters.rsaDetail.symmetric.keyBits.sym / 8
+     };
+-    memset(enc_sensitive_key.buffer, 0xFF, enc_sensitive_key.size);
++
++    if(enc_sensitive_key.size < 16) {
++        LOG_ERR("Calculated wrapping keysize is less than 16 bytes, got: %u", enc_sensitive_key.size);
++        return tool_rc_general_error;
++    }
++
++    int ossl_rc = RAND_bytes(enc_sensitive_key.buffer, enc_sensitive_key.size);
++    if (ossl_rc != 1) {
++        LOG_ERR("RAND_bytes failed: %s", ERR_error_string(ERR_get_error(), NULL));
++        return tool_rc_general_error;
++    }
+ 
+     /*
+      * Calculate the object name.
diff -Nru tpm2-tools-5.0/debian/patches/series tpm2-tools-5.0/debian/patches/series
--- tpm2-tools-5.0/debian/patches/series	2020-02-02 01:35:00.000000000 +0800
+++ tpm2-tools-5.0/debian/patches/series	2021-06-01 18:48:27.000000000 +0800
@@ -1 +1,2 @@
 0001_add_version_string.patch
+0001-tpm2_import-fix-fixed-AES-key-CVE-2021-3565.patch

Attachment: OpenPGP_signature
Description: OpenPGP digital signature

Reply to:

Follow-Ups:
- Bug#989366: marked as done (unblock: tpm2-tools/5.0-2)
  - From: "Debian Bug Tracking System" <owner@bugs.debian.org>

Prev by Date: Bug#989295: marked as done (unblock: mialmpick/0.2.15-1)
Next by Date: Upcoming stable point release (10.10)
Previous by thread: Bug#989295: marked as done (unblock: mialmpick/0.2.15-1)
Next by thread: Bug#989366: marked as done (unblock: tpm2-tools/5.0-2)
Index(es):
- Date
- Thread