Fix crash of RSA key generator.

2 files changed, 19 insertions, 14 deletions

diff --git a/security/openssl_tpm_engine/Makefile b/security/openssl_tpm_engine/Makefile
index 02e6dfa6243b..ae52310d2e42 100644
--- a/security/openssl_tpm_engine/Makefile
+++ b/security/openssl_tpm_engine/Makefile
@@ -7,6 +7,7 @@
 
 PORTNAME=	openssl_tpm_engine
 PORTVERSION=	0.4.1
+PORTREVISION=	1
 CATEGORIES=	security
 MASTER_SITES=	SF/trousers/OpenSSL%20TPM%20Engine/${PORTVERSION}
 
diff --git a/security/openssl_tpm_engine/files/patch-e_tpm.c b/security/openssl_tpm_engine/files/patch-e_tpm.c
index 03f31cd1a973..944d6c6c3c09 100644
--- a/security/openssl_tpm_engine/files/patch-e_tpm.c
+++ b/security/openssl_tpm_engine/files/patch-e_tpm.c
@@ -2,7 +2,7 @@ http://sourceforge.net/mailarchive/message.php?msg_name=4C0E2D48.20803%40sirrix.
 http://sourceforge.net/mailarchive/message.php?msg_name=1270748622.4478.6722.camel%40macbook.infradead.org
 
 --- e_tpm.c.orig	2007-02-06 05:32:10.000000000 +0900
-+++ e_tpm.c	2010-11-01 00:13:51.370858197 +0900
++++ e_tpm.c	2010-11-21 06:54:21.792744937 +0900
 @@ -35,9 +35,6 @@
  #include <openssl/bn.h>
  
@@ -75,7 +75,7 @@ http://sourceforge.net/mailarchive/message.php?msg_name=1270748622.4478.6722.cam
  	if (hSRK != NULL_HKEY) {
  		DBGFN("SRK is already loaded.");
  		return 1;
-@@ -300,25 +317,33 @@
+@@ -300,29 +317,37 @@
  		return 0;
  	}
  
@@ -83,12 +83,6 @@ http://sourceforge.net/mailarchive/message.php?msg_name=1270748622.4478.6722.cam
 -		TSSerr(TPM_F_TPM_LOAD_SRK, ERR_R_MALLOC_FAILURE);
 -		return 0;
 -	}
--
--	if (!tpm_engine_get_auth(ui, (char *)auth, 128, "SRK authorization: ")) {
--		p_tspi_Context_CloseObject(hContext, hSRK);
--		free(auth);
--		TSSerr(TPM_F_TPM_LOAD_SRK, TPM_R_REQUEST_FAILED);
--	}
 +	/* c.hol...@sirrix.com: If the UI method is NULL, use TSS_WELL_KNOWN_SECRET */
 +	if (ui) {
 +		if ((auth = calloc(1, 128)) == NULL) {
@@ -96,14 +90,11 @@ http://sourceforge.net/mailarchive/message.php?msg_name=1270748622.4478.6722.cam
 +			return 0;
 +		}
  
--	/* secret_mode is a global that may be set by engine ctrl
--	 * commands.  By default, its set to TSS_SECRET_MODE_PLAIN */
--	if ((result = p_tspi_Policy_SetSecret(hSRKPolicy, secret_mode,
--					      strlen((char *)auth), auth))) {
+-	if (!tpm_engine_get_auth(ui, (char *)auth, 128, "SRK authorization: ")) {
 -		p_tspi_Context_CloseObject(hContext, hSRK);
 -		free(auth);
 -		TSSerr(TPM_F_TPM_LOAD_SRK, TPM_R_REQUEST_FAILED);
--		return 0;
+-	}
 +		if (!tpm_engine_get_auth(ui, (char *)auth, 128, "SRK authorization: ")) {
 +			p_tspi_Context_CloseObject(hContext, hSRK);
 +			free(auth);
@@ -118,6 +109,15 @@ http://sourceforge.net/mailarchive/message.php?msg_name=1270748622.4478.6722.cam
 +			TSSerr(TPM_F_TPM_LOAD_SRK, TPM_R_REQUEST_FAILED);
 +			return 0;
 +		}
+ 
+-	/* secret_mode is a global that may be set by engine ctrl
+-	 * commands.  By default, its set to TSS_SECRET_MODE_PLAIN */
+-	if ((result = p_tspi_Policy_SetSecret(hSRKPolicy, secret_mode,
+-					      strlen((char *)auth), auth))) {
+-		p_tspi_Context_CloseObject(hContext, hSRK);
+ 		free(auth);
+-		TSSerr(TPM_F_TPM_LOAD_SRK, TPM_R_REQUEST_FAILED);
+-		return 0;
 +	} else {
 +		if (result = p_tspi_Policy_SetSecret(hSRKPolicy, TSS_SECRET_MODE_SHA1, 20, well_known)) {
 +			p_tspi_Context_CloseObject(hContext, hSRK);
@@ -126,7 +126,11 @@ http://sourceforge.net/mailarchive/message.php?msg_name=1270748622.4478.6722.cam
 +		}
  	}
  
- 	free(auth);
+-	free(auth);
+-
+ 	return 1;
+ }
+ 
 @@ -363,6 +388,12 @@
  	void (*p22) ();
  	void (*p23) ();