From mboxrd@z Thu Jan  1 00:00:00 1970
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: base64
From: Jakub Jelen <jjelen@redhat.com>
To: git-commits@fedoraproject.org
Subject: [rpms/yubihsm-shell] epel10: Use low-level AES operations to prevent session leak (#2487009)
Date: Tue, 23 Jun 2026 13:26:24 GMT
Message-ID: <178222118428.1.10706129257433254385.rpms-yubihsm-shell-c5bcf9918450@fedoraproject.org>
List-ID: <git-commits.fedoraproject.org>
X-Git-Repo: rpms/yubihsm-shell
X-Git-Branch: epel10
X-Git-Rev: c5bcf991845084d774d391c717423ee7857acbcf

QSBuZXcgY29tbWl0IGhhcyBiZWVuIHB1c2hlZC4KClJlcG8gICA6IHJwbXMveXViaWhzbS1zaGVs
bApCcmFuY2ggOiBlcGVsMTAKQ29tbWl0IDogYzViY2Y5OTE4NDUwODRkNzc0ZDM5MWM3MTc0MjNl
ZTc4NTdhY2JjZgpBdXRob3IgOiBKYWt1YiBKZWxlbiA8amplbGVuQHJlZGhhdC5jb20+CkRhdGUg
ICA6IDIwMjYtMDYtMjNUMTU6MjU6NTQrMDI6MDAKU3RhdHMgIDogKzIzMS8tMiBpbiAyIGZpbGUo
cykKVVJMICAgIDogaHR0cHM6Ly9zcmMuZmVkb3JhcHJvamVjdC5vcmcvcnBtcy95dWJpaHNtLXNo
ZWxsL2MvYzViY2Y5OTE4NDUwODRkNzc0ZDM5MWM3MTc0MjNlZTc4NTdhY2JjZj9icmFuY2g9ZXBl
bDEwCgpMb2c6ClVzZSBsb3ctbGV2ZWwgQUVTIG9wZXJhdGlvbnMgdG8gcHJldmVudCBzZXNzaW9u
IGxlYWsgKCMyNDg3MDA5KQoKLS0tCmRpZmYgLS1naXQgYS95dWJpaHNtLXNoZWxsLTIuNy4wLXNl
c3Npb24tbGVhay5wYXRjaCBiL3l1Ymloc20tc2hlbGwtMi43LjAtc2Vzc2lvbi1sZWFrLnBhdGNo
Cm5ldyBmaWxlIG1vZGUgMTAwNjQ0CmluZGV4IDAwMDAwMDAuLjc3YjgzNTUKLS0tIC9kZXYvbnVs
bAorKysgYi95dWJpaHNtLXNoZWxsLTIuNy4wLXNlc3Npb24tbGVhay5wYXRjaApAQCAtMCwwICsx
LDIyOCBAQAorZGlmZiAtLWdpdCBhL2Flc19jbWFjL2Flcy5jIGIvYWVzX2NtYWMvYWVzLmMKK2lu
ZGV4IDViNWY0NWYuLjY5NmEyODkgMTAwNjQ0CistLS0gYS9hZXNfY21hYy9hZXMuYworKysrIGIv
YWVzX2NtYWMvYWVzLmMKK0BAIC0xNzAsNzcgKzE3MCwxNSBAQCBjbGVhbnVwOgorIAorICNlbHNl
CisgCistc3RhdGljIGNvbnN0IEVWUF9DSVBIRVIgKmFlc19lY2IodWludDE2X3Qga2V5X2xlbikg
eworLSAgc3dpdGNoIChrZXlfbGVuKSB7CistICAgIGNhc2UgMTY6CistICAgICAgcmV0dXJuIEVW
UF9hZXNfMTI4X2VjYigpOworLSAgICBjYXNlIDI0OgorLSAgICAgIHJldHVybiBFVlBfYWVzXzE5
Ml9lY2IoKTsKKy0gICAgY2FzZSAzMjoKKy0gICAgICByZXR1cm4gRVZQX2Flc18yNTZfZWNiKCk7
CistICAgIGRlZmF1bHQ6CistICAgICAgcmV0dXJuIE5VTEw7CistICB9CistfQorLQorLXN0YXRp
YyBjb25zdCBFVlBfQ0lQSEVSICphZXNfY2JjKHVpbnQxNl90IGtleV9sZW4pIHsKKy0gIHN3aXRj
aCAoa2V5X2xlbikgeworLSAgICBjYXNlIDE2OgorLSAgICAgIHJldHVybiBFVlBfYWVzXzEyOF9j
YmMoKTsKKy0gICAgY2FzZSAyNDoKKy0gICAgICByZXR1cm4gRVZQX2Flc18xOTJfY2JjKCk7Cist
ICAgIGNhc2UgMzI6CistICAgICAgcmV0dXJuIEVWUF9hZXNfMjU2X2NiYygpOworLSAgICBkZWZh
dWx0OgorLSAgICAgIHJldHVybiBOVUxMOworLSAgfQorLX0KKy0KKy1zdGF0aWMgaW50IGFlc19l
bmNyeXB0X2V4KGNvbnN0IEVWUF9DSVBIRVIgKmNpcGhlciwgY29uc3QgdWludDhfdCAqaW4sCist
ICAgICAgICAgICAgICAgICAgICAgICAgICB1aW50OF90ICpvdXQsIHVpbnQxNl90IGxlbiwgY29u
c3QgdWludDhfdCAqaXYsCistICAgICAgICAgICAgICAgICAgICAgICAgICBhZXNfY29udGV4dCAq
Y3R4KSB7CistICBpZiAoRVZQX0VuY3J5cHRJbml0X2V4KGN0eC0+Y3R4LCBjaXBoZXIsIE5VTEws
IGN0eC0+a2V5LCBpdikgIT0gMSkgeworLSAgICByZXR1cm4gLTE7CistICB9CistICBpZiAoRVZQ
X0NJUEhFUl9DVFhfc2V0X3BhZGRpbmcoY3R4LT5jdHgsIDApICE9IDEpIHsKKy0gICAgcmV0dXJu
IC0yOworLSAgfQorLSAgaW50IHVwZGF0ZV9sZW4gPSBsZW47CistICBpZiAoRVZQX0VuY3J5cHRV
cGRhdGUoY3R4LT5jdHgsIG91dCwgJnVwZGF0ZV9sZW4sIGluLCBsZW4pICE9IDEpIHsKKy0gICAg
cmV0dXJuIC0zOworLSAgfQorLSAgaW50IGZpbmFsX2xlbiA9IGxlbiAtIHVwZGF0ZV9sZW47Cist
ICBpZiAoRVZQX0VuY3J5cHRGaW5hbF9leChjdHgtPmN0eCwgb3V0ICsgdXBkYXRlX2xlbiwgJmZp
bmFsX2xlbikgIT0gMSkgeworLSAgICByZXR1cm4gLTQ7CistICB9CistICBpZiAodXBkYXRlX2xl
biArIGZpbmFsX2xlbiAhPSBsZW4pIHsKKy0gICAgcmV0dXJuIC01OworLSAgfQorLSAgcmV0dXJu
IDA7CistfQorLQorLXN0YXRpYyBpbnQgYWVzX2RlY3J5cHRfZXgoY29uc3QgRVZQX0NJUEhFUiAq
Y2lwaGVyLCBjb25zdCB1aW50OF90ICppbiwKKy0gICAgICAgICAgICAgICAgICAgICAgICAgIHVp
bnQ4X3QgKm91dCwgdWludDE2X3QgbGVuLCBjb25zdCB1aW50OF90ICppdiwKKy0gICAgICAgICAg
ICAgICAgICAgICAgICAgIGFlc19jb250ZXh0ICpjdHgpIHsKKy0gIGlmIChFVlBfRGVjcnlwdElu
aXRfZXgoY3R4LT5jdHgsIGNpcGhlciwgTlVMTCwgY3R4LT5rZXksIGl2KSAhPSAxKSB7CistICAg
IHJldHVybiAtMTsKKy0gIH0KKy0gIGlmIChFVlBfQ0lQSEVSX0NUWF9zZXRfcGFkZGluZyhjdHgt
PmN0eCwgMCkgIT0gMSkgeworLSAgICByZXR1cm4gLTI7CistICB9CistICBpbnQgdXBkYXRlX2xl
biA9IGxlbjsKKy0gIGlmIChFVlBfRGVjcnlwdFVwZGF0ZShjdHgtPmN0eCwgb3V0LCAmdXBkYXRl
X2xlbiwgaW4sIGxlbikgIT0gMSkgeworLSAgICByZXR1cm4gLTM7CistICB9CistICBpbnQgZmlu
YWxfbGVuID0gbGVuIC0gdXBkYXRlX2xlbjsKKy0gIGlmIChFVlBfRGVjcnlwdEZpbmFsX2V4KGN0
eC0+Y3R4LCBvdXQgKyB1cGRhdGVfbGVuLCAmZmluYWxfbGVuKSAhPSAxKSB7CistICAgIHJldHVy
biAtNDsKKy0gIH0KKy0gIGlmICh1cGRhdGVfbGVuICsgZmluYWxfbGVuICE9IGxlbikgeworLSAg
ICByZXR1cm4gLTU7CistICB9CistICByZXR1cm4gMDsKKy19CisrLyoKKysgKiBVc2UgdGhlIGxv
dy1sZXZlbCBBRVMgQVBJIChBRVNfc2V0X2VuY3J5cHRfa2V5IC8gQUVTX2VjYl9lbmNyeXB0IC8K
KysgKiBBRVNfY2JjX2VuY3J5cHQpIGluc3RlYWQgb2YgdGhlIEVWUCBBUEkuICBUaGUgbG93LWxl
dmVsIGZ1bmN0aW9ucworKyAqIG9wZXJhdGUgZGlyZWN0bHkgb24gYW4gQUVTX0tFWSBzdHJ1Y3Qg
d2l0aCBwcmUtY29tcHV0ZWQgcm91bmQga2V5cworKyAqIGFuZCBkbyBub3QgZGVwZW5kIG9uIE9w
ZW5TU0wncyBnbG9iYWwgbGlicmFyeSBjb250ZXh0LiAgVGhpcyBtZWFucworKyAqIHRoZXkgY29u
dGludWUgdG8gd29yayBhZnRlciBPUEVOU1NMX2NsZWFudXAoKSBoYXMgYmVlbiBjYWxsZWQsCisr
ICogd2hpY2ggaXMgY3JpdGljYWwgZm9yIFNDUDAzIHNlc3Npb24gY2xvc2UgZHVyaW5nIGFwcGxp
Y2F0aW9uCisrICogdGVhcmRvd24uCisrICovCisgCisgI2VuZGlmCisgCitAQCAtMjY2LDE3ICsy
MDQsMTUgQEAgaW50IGFlc19zZXRfa2V5KGNvbnN0IHVpbnQ4X3QgKmtleSwgdWludDE2X3Qga2V5
X2xlbiwgYWVzX2NvbnRleHQgKmN0eCkgeworIAorICNlbHNlCisgCistICBpZiAoa2V5ID09IE5V
TEwgfHwgYWVzX2VjYihrZXlfbGVuKSA9PSBOVUxMKSB7CisrICBpZiAoa2V5ID09IE5VTEwgfHwg
KGtleV9sZW4gIT0gMTYgJiYga2V5X2xlbiAhPSAyNCAmJiBrZXlfbGVuICE9IDMyKSkgeworICAg
ICByZXR1cm4gLTE7CisgICB9CistICBpZiAoIWN0eC0+Y3R4KSB7CistICAgIGN0eC0+Y3R4ID0g
RVZQX0NJUEhFUl9DVFhfbmV3KCk7CistICAgIGlmICghY3R4LT5jdHgpIHsKKy0gICAgICByZXR1
cm4gLTI7CistICAgIH0KKysgIGlmIChBRVNfc2V0X2VuY3J5cHRfa2V5KGtleSwga2V5X2xlbiAq
IDgsICZjdHgtPmVuY19rZXkpICE9IDApIHsKKysgICAgcmV0dXJuIC0yOworKyAgfQorKyAgaWYg
KEFFU19zZXRfZGVjcnlwdF9rZXkoa2V5LCBrZXlfbGVuICogOCwgJmN0eC0+ZGVjX2tleSkgIT0g
MCkgeworKyAgICByZXR1cm4gLTM7CisgICB9CistICBjdHgtPmtleV9sZW4gPSBrZXlfbGVuOwor
LSAgbWVtY3B5KGN0eC0+a2V5LCBrZXksIGtleV9sZW4pOworIAorICNlbmRpZgorIAorQEAgLTI5
NSwyMyArMjMxLDE4IEBAIGludCBhZXNfbG9hZF9rZXkoY29uc3QgY2hhciAqa2V5LCBhZXNfY29u
dGV4dCAqY3R4KSB7CisgICBjb25zdCB1aW50OF90IGRlZmF1bHRfbWFjW10gPSB7MHg1OSwgMHgy
ZiwgMHhkNCwgMHg4MywgMHhmNywgMHg1OSwKKyAgICAgICAgICAgICAgICAgICAgICAgICAgICAg
ICAgICAweGUyLCAweDk5LCAweDA5LCAweGEwLCAweDRjLCAweDQ1LAorICAgICAgICAgICAgICAg
ICAgICAgICAgICAgICAgICAgIDB4MDUsIDB4ZDIsIDB4Y2UsIDB4MGF9OworLSAgY3R4LT5rZXlf
bGVuID0gc2l6ZW9mKGRlZmF1bHRfZW5jKTsKKy0gIGlmIChrZXkgPT0gTlVMTCB8fCBhZXNfZWNi
KGN0eC0+a2V5X2xlbikgPT0gTlVMTCkgeworKyAgY29uc3QgdWludDhfdCAqazsKKysKKysgIGlm
IChrZXkgPT0gTlVMTCkKKyAgICAgcmV0dXJuIC0xOworLSAgfQorLSAgaWYgKCFjdHgtPmN0eCkg
eworLSAgICBjdHgtPmN0eCA9IEVWUF9DSVBIRVJfQ1RYX25ldygpOworLSAgICBpZiAoIWN0eC0+
Y3R4KSB7CistICAgICAgcmV0dXJuIC0yOworLSAgICB9CistICB9CisgICBpZiAoIXN0cmNtcChr
ZXksICJkZWZhdWx0X2VuYyIpKQorLSAgICBtZW1jcHkoY3R4LT5rZXksIGRlZmF1bHRfZW5jLCBj
dHgtPmtleV9sZW4pOworKyAgICBrID0gZGVmYXVsdF9lbmM7CisgICBlbHNlIGlmICghc3RyY21w
KGtleSwgImRlZmF1bHRfbWFjIikpCistICAgIG1lbWNweShjdHgtPmtleSwgZGVmYXVsdF9tYWMs
IGN0eC0+a2V5X2xlbik7CisrICAgIGsgPSBkZWZhdWx0X21hYzsKKyAgIGVsc2UKKy0gICAgbWVt
c2V0KGN0eC0+a2V5LCAwLCBjdHgtPmtleV9sZW4pOworLSAgcmV0dXJuIDA7CisrICAgIHJldHVy
biAtMTsKKysKKysgIHJldHVybiBhZXNfc2V0X2tleShrLCBzaXplb2YoZGVmYXVsdF9lbmMpLCBj
dHgpOworICNlbmRpZgorIH0KKyAKK0BAIC0zMzQsOCArMjY1LDggQEAgaW50IGFlc19lbmNyeXB0
KGNvbnN0IHVpbnQ4X3QgKmluLCB1aW50OF90ICpvdXQsIGFlc19jb250ZXh0ICpjdHgpIHsKKyAK
KyAjZWxzZQorIAorLSAgcmV0dXJuIGFlc19lbmNyeXB0X2V4KGFlc19lY2IoY3R4LT5rZXlfbGVu
KSwgaW4sIG91dCwgQUVTX0JMT0NLX1NJWkUsIE5VTEwsCistICAgICAgICAgICAgICAgICAgICAg
ICAgY3R4KTsKKysgIEFFU19lY2JfZW5jcnlwdChpbiwgb3V0LCAmY3R4LT5lbmNfa2V5LCBBRVNf
RU5DUllQVCk7CisrICByZXR1cm4gMDsKKyAKKyAjZW5kaWYKKyB9CitAQCAtMzU5LDggKzI5MCw4
IEBAIGludCBhZXNfZGVjcnlwdChjb25zdCB1aW50OF90ICppbiwgdWludDhfdCAqb3V0LCBhZXNf
Y29udGV4dCAqY3R4KSB7CisgCisgI2Vsc2UKKyAKKy0gIHJldHVybiBhZXNfZGVjcnlwdF9leChh
ZXNfZWNiKGN0eC0+a2V5X2xlbiksIGluLCBvdXQsIEFFU19CTE9DS19TSVpFLCBOVUxMLAorLSAg
ICAgICAgICAgICAgICAgICAgICAgIGN0eCk7CisrICBBRVNfZWNiX2VuY3J5cHQoaW4sIG91dCwg
JmN0eC0+ZGVjX2tleSwgQUVTX0RFQ1JZUFQpOworKyAgcmV0dXJuIDA7CisgCisgI2VuZGlmCisg
fQorQEAgLTM4OCw3ICszMTksMTAgQEAgaW50IGFlc19jYmNfZW5jcnlwdChjb25zdCB1aW50OF90
ICppbiwgdWludDhfdCAqb3V0LCB1aW50MTZfdCBsZW4sCisgCisgI2Vsc2UKKyAKKy0gIHJldHVy
biBhZXNfZW5jcnlwdF9leChhZXNfY2JjKGN0eC0+a2V5X2xlbiksIGluLCBvdXQsIGxlbiwgaXYs
IGN0eCk7CisrICB1aW50OF90IF9pdltBRVNfQkxPQ0tfU0laRV07CisrICBtZW1jcHkoX2l2LCBp
diwgQUVTX0JMT0NLX1NJWkUpOworKyAgQUVTX2NiY19lbmNyeXB0KGluLCBvdXQsIGxlbiwgJmN0
eC0+ZW5jX2tleSwgX2l2LCBBRVNfRU5DUllQVCk7CisrICByZXR1cm4gMDsKKyAKKyAjZW5kaWYK
KyB9CitAQCAtNDE2LDcgKzM1MCwxMCBAQCBpbnQgYWVzX2NiY19kZWNyeXB0KGNvbnN0IHVpbnQ4
X3QgKmluLCB1aW50OF90ICpvdXQsIHVpbnQxNl90IGxlbiwKKyAKKyAjZWxzZQorIAorLSAgcmV0
dXJuIGFlc19kZWNyeXB0X2V4KGFlc19jYmMoY3R4LT5rZXlfbGVuKSwgaW4sIG91dCwgbGVuLCBp
diwgY3R4KTsKKysgIHVpbnQ4X3QgX2l2W0FFU19CTE9DS19TSVpFXTsKKysgIG1lbWNweShfaXYs
IGl2LCBBRVNfQkxPQ0tfU0laRSk7CisrICBBRVNfY2JjX2VuY3J5cHQoaW4sIG91dCwgbGVuLCAm
Y3R4LT5kZWNfa2V5LCBfaXYsIEFFU19ERUNSWVBUKTsKKysgIHJldHVybiAwOworIAorICNlbmRp
ZgorIH0KK0BAIC00ODQsNyArNDIxLDcgQEAgdm9pZCBhZXNfZGVzdHJveShhZXNfY29udGV4dCAq
Y3R4KSB7CisgCisgI2Vsc2UKKyAKKy0gIEVWUF9DSVBIRVJfQ1RYX2ZyZWUoY3R4LT5jdHgpOwor
KyAgLyogQUVTX0tFWSBoYXMgbm8gcmVzb3VyY2VzIHRvIGZyZWUsIGp1c3QgemVybyB0aGUga2V5
IG1hdGVyaWFsICovCisgCisgI2VuZGlmCisgCitkaWZmIC0tZ2l0IGEvYWVzX2NtYWMvYWVzLmgg
Yi9hZXNfY21hYy9hZXMuaAoraW5kZXggNzk4Y2IxNS4uYmEwZWY5NyAxMDA2NDQKKy0tLSBhL2Fl
c19jbWFjL2Flcy5oCisrKysgYi9hZXNfY21hYy9hZXMuaAorQEAgLTMwLDcgKzMwLDcgQEAKKyAj
aW5jbHVkZSA8YmNyeXB0Lmg+CisgI2luY2x1ZGUgPG50c3RhdHVzLmg+CisgI2Vsc2UKKy0jaW5j
bHVkZSA8b3BlbnNzbC9ldnAuaD4KKysjaW5jbHVkZSA8b3BlbnNzbC9hZXMuaD4KKyAjZW5kaWYK
KyAKKyAjaWZuZGVmIEFFU19CTE9DS19TSVpFIC8vIERlZmluZWQgaW4gb3BlbnNzbC9hZXMuaAor
QEAgLTUxLDkgKzUxLDggQEAgdHlwZWRlZiBzdHJ1Y3QgeworICAgUEJZVEUgcGJLZXlFQ0JPYmo7
CisgICBzaXplX3QgY2JLZXlPYmo7CisgI2Vsc2UKKy0gIEVWUF9DSVBIRVJfQ1RYICpjdHg7Cist
ICB1aW50MTZfdCBrZXlfbGVuOworLSAgdWludDhfdCBrZXlbMzJdOworKyAgQUVTX0tFWSBlbmNf
a2V5OworKyAgQUVTX0tFWSBkZWNfa2V5OworICNlbmRpZgorIH0gYWVzX2NvbnRleHQ7CisgCisK
CmRpZmYgLS1naXQgYS95dWJpaHNtLXNoZWxsLnNwZWMgYi95dWJpaHNtLXNoZWxsLnNwZWMKaW5k
ZXggOWJmMjM2Mi4uZjg4YzY4MSAxMDA2NDQKLS0tIGEveXViaWhzbS1zaGVsbC5zcGVjCisrKyBi
L3l1Ymloc20tc2hlbGwuc3BlYwpAQCAtMTMsNiArMTMsOCBAQCBTb3VyY2UxOglodHRwczovL2Rl
dmVsb3BlcnMueXViaWNvLmNvbS8le25hbWV9L1JlbGVhc2VzLyV7bmFtZX0tJXt2ZXJzaW9ufS50
YXIuZwogU291cmNlMjoJZ3Bna2V5LTk1ODhFQTBGLmdwZwogIyBodHRwczovL2dpdGh1Yi5jb20v
WXViaWNvL3l1Ymloc20tc2hlbGwvcHVsbC80MTEKIFBhdGNoMjoJeXViaWhzbS1zaGVsbC0yLjUu
MC1wY3NjLWxpdGUucGF0Y2gKKyMgaHR0cHM6Ly9naXRodWIuY29tL1l1Ymljby95dWJpaHNtLXNo
ZWxsL3B1bGwvNTI4CitQYXRjaDM6CXl1Ymloc20tc2hlbGwtMi43LjAtc2Vzc2lvbi1sZWFrLnBh
dGNoCiAKIEJ1aWxkUmVxdWlyZXM6CWNtYWtlCiBCdWlsZFJlcXVpcmVzOgljcHBjaGVjawpAQCAt
NDUsOCArNDcsNyBAQCBEZXZlbG9wbWVudCBsaWJyYXJpZXMgZm9yIHdvcmtpbmcgd2l0aCB5dWJp
aHNtIDIuCiAKICVwcmVwCiBncGd2MiAtLXF1aWV0IC0ta2V5cmluZyAle1NPVVJDRTJ9ICV7U09V
UkNFMX0gJXtTT1VSQ0UwfQotJXNldHVwIC1xCi0lcGF0Y2ggMiAtcDEKKyVhdXRvc2V0dXAgLXAx
CiAKIAogJWJ1aWxkCg==