diff options
| author | Luca Boccassi <bluca@debian.org> | 2023-02-15 00:44:01 +0000 |
|---|---|---|
| committer | Luca Boccassi <luca.boccassi@gmail.com> | 2023-02-15 18:01:28 +0000 |
| commit | 504d0acf61c8472bc93c2a927e858074873b2eaf (patch) | |
| tree | 7b06a1c427598a7aaa145b134f3b1da67d7e1766 /src/cryptsetup | |
| parent | c126c8ac81f849ccf5214ff3f90c416b6bbad71f (diff) | |
| download | systemd-504d0acf61c8472bc93c2a927e858074873b2eaf.tar.gz | |
cryptsetup: do not assert when unsealing token without salt
Salt was added in v253. We are not checking whether it was actually found
(non-zero size), so when an old tpm+pin enrollment is opened things go boom.
For good measure, check both the buffer and the size in both places.
Assertion 'saltlen > 0' failed at src/shared/tpm2-util.c:2490, function tpm2_util_pbkdf2_hmac_sha256(). Aborting.
Diffstat (limited to 'src/cryptsetup')
| -rw-r--r-- | src/cryptsetup/cryptsetup-tokens/luks2-tpm2.c | 3 | ||||
| -rw-r--r-- | src/cryptsetup/cryptsetup-tpm2.c | 4 |
2 files changed, 5 insertions, 2 deletions
diff --git a/src/cryptsetup/cryptsetup-tokens/luks2-tpm2.c b/src/cryptsetup/cryptsetup-tokens/luks2-tpm2.c index 80a2c0d316..c4377230ca 100644 --- a/src/cryptsetup/cryptsetup-tokens/luks2-tpm2.c +++ b/src/cryptsetup/cryptsetup-tokens/luks2-tpm2.c @@ -38,6 +38,7 @@ int acquire_luks2_key( _cleanup_(erase_and_freep) char *b64_salted_pin = NULL; int r; + assert(salt || salt_size == 0); assert(ret_decrypted_key); assert(ret_decrypted_key_size); @@ -58,7 +59,7 @@ int acquire_luks2_key( if ((flags & TPM2_FLAGS_USE_PIN) && salt && !pin) return -ENOANO; - if (pin) { + if (pin && salt_size > 0) { uint8_t salted_pin[SHA256_DIGEST_SIZE] = {}; CLEANUP_ERASE(salted_pin); r = tpm2_util_pbkdf2_hmac_sha256(pin, strlen(pin), salt, salt_size, salted_pin); diff --git a/src/cryptsetup/cryptsetup-tpm2.c b/src/cryptsetup/cryptsetup-tpm2.c index 2a8a38c593..a375a22758 100644 --- a/src/cryptsetup/cryptsetup-tpm2.c +++ b/src/cryptsetup/cryptsetup-tpm2.c @@ -86,6 +86,8 @@ int acquire_tpm2_key( const void *blob; int r; + assert(salt || salt_size == 0); + if (!device) { r = tpm2_find_device_auto(LOG_DEBUG, &auto_device); if (r == -ENODEV) @@ -152,7 +154,7 @@ int acquire_tpm2_key( if (r < 0) return r; - if (salt) { + if (salt_size > 0) { uint8_t salted_pin[SHA256_DIGEST_SIZE] = {}; CLEANUP_ERASE(salted_pin); |