Accepting request 758978 from home:mgerstner:branches:security

- Add ibmswtpm2-fix-empty-decrypt.patch: Fix a corner case in the emulator
  that causes an error when trying to RSA-decrypt an empty message
  (bsc#1159510). This fix was confirmed to be by the upstream author and is
  supposed to be contained in the next release.

OBS-URL: https://build.opensuse.org/request/show/758978
OBS-URL: https://build.opensuse.org/package/show/security/ibmswtpm2?expand=0&rev=18

ibmswtpm2-fix-empty-decrypt.patch

@@ -0,0 +1,13 @@
+Index: ibmswtpm2-1119/src/CryptRsa.c
+===================================================================
+--- ibmswtpm2-1119.orig/src/CryptRsa.c
++++ ibmswtpm2-1119/src/CryptRsa.c
+@@ -469,7 +469,7 @@ RSAES_Decode(
+     pSize++;
+     // Make sure that pSize has not gone over the end and that there are at least 8
+     // bytes of pad data.
+-    fail = (pSize >= coded->size) | fail;
++    fail = (pSize > coded->size) | fail;
+     fail = ((pSize - 2) < 8) | fail;
+     if((message->size < (UINT16)(coded->size - pSize)) || fail)
+ 	return TPM_RC_VALUE;

ibmswtpm2.changes

@@ -1,3 +1,11 @@
+-------------------------------------------------------------------
+Mon Dec 23 12:06:22 UTC 2019 - mgerstner <matthias.gerstner@suse.com>
+
+- Add ibmswtpm2-fix-empty-decrypt.patch: Fix a corner case in the emulator
+  that causes an error when trying to RSA-decrypt an empty message
+  (bsc#1159510). This fix was confirmed to be by the upstream author and is
+  supposed to be contained in the next release.
+
 -------------------------------------------------------------------
 Thu Jul  4 17:02:41 UTC 2019 - Michal Suchanek <msuchanek@suse.de>
 

ibmswtpm2.spec

@@ -34,6 +34,7 @@ URL:            https://sourceforge.net/projects/ibmswtpm2
 Source:         https://sourceforge.net/projects/ibmswtpm2/files/ibmtpm%{version}.tar.gz
 Patch1:         makefile.patch
 Patch2:         ibmswtpm2-fix-uninitialized.patch
+Patch3:         ibmswtpm2-fix-empty-decrypt.patch
 BuildRequires:  libopenssl-devel >= 1.0
 
 %description