pkey: fix handling of absent emptyAuth value

fixes #121
tpm2-software · Oct 7, 2024 · 0e98eae · 0e98eae
1 parent 87082a3
commit 0e98eae
Show file tree

Hide file tree

Showing 2 changed files with 6 additions and 5 deletions.
diff --git a/docs/CHANGELOG.md b/docs/CHANGELOG.md
@@ -3,13 +3,14 @@ All notable changes to this project will be documented in this file.
 
 The format is based on [Keep a Changelog](http://keepachangelog.com/)
 
-## [1.3.0] - 2023-xx-yy
-### Fixed
-- Set authorization value of newly generated keys. This allows users of the
-  C API to direcly use just generated EVP_PKEY.
+## [1.3.0] - 2024-xx-yy
 ### Added
 - Added support for RSA-OAEP decryption
 - Added Parent to textual information printed by 'openssl pkey -text'
+### Fixed
+- Fixed handling of absent emptyAuth value in the TSS2 PRIVATE KEY file.
+- Set authorization value of newly generated keys. This allows users of the
+  C API to direcly use just generated EVP_PKEY.
 
 ## [1.2.0] - 2023-10-14
 ### Added

diff --git a/src/tpm2-provider-pkey.c b/src/tpm2-provider-pkey.c
@@ -132,7 +132,7 @@ tpm2_keydata_read(BIO *bin, TPM2_KEYDATA *keydata, TPM2_PKEY_FORMAT format)
         return 0;
 
     keydata->privatetype = KEY_TYPE_BLOB;
-    keydata->emptyAuth = tpk->emptyAuth;
+    keydata->emptyAuth = (tpk->emptyAuth != V_ASN1_UNDEF && tpk->emptyAuth);
 
     // the ASN1_INTEGER_get on a 32-bit machine will fail for numbers of UINT32_MAX
     if (!ASN1_INTEGER_get_uint64(&parent, tpk->parent))