From 7533cedb9a8a099d291f9f1f2e306b44b200db67 Mon Sep 17 00:00:00 2001 From: krinfels Date: Sun, 20 Jan 2019 14:39:08 +0100 Subject: [PATCH] libtpmtss: Read RSA public key exponent instead of assuming its value Up to now it was assumed that the RSA public key exponent is equal to 2^16+1. Although this is probably true in most if not all cases, it is not correct according to the TPM 2.0 specification. This patch fixes that by reading the exponent from the structure returned by TPM2_ReadPublic. Closes strongswan/strongswan#121. --- src/libtpmtss/tpm_tss_tss2_v1.c | 11 ++++++++++- src/libtpmtss/tpm_tss_tss2_v2.c | 11 ++++++++++- 2 files changed, 20 insertions(+), 2 deletions(-) diff --git a/src/libtpmtss/tpm_tss_tss2_v1.c b/src/libtpmtss/tpm_tss_tss2_v1.c index f904442ede..1c214afa37 100644 --- a/src/libtpmtss/tpm_tss_tss2_v1.c +++ b/src/libtpmtss/tpm_tss_tss2_v1.c @@ -481,6 +481,7 @@ METHOD(tpm_tss_t, get_public, chunk_t, TPM2B_PUBLIC_KEY_RSA *rsa; TPMT_RSA_SCHEME *scheme; chunk_t aik_exponent, aik_modulus; + uint32_t exponent; scheme = &public.t.publicArea.parameters.rsaDetail.scheme; sig_alg = scheme->scheme; @@ -488,7 +489,15 @@ METHOD(tpm_tss_t, get_public, chunk_t, rsa = &public.t.publicArea.unique.rsa; aik_modulus = chunk_create(rsa->t.buffer, rsa->t.size); - aik_exponent = chunk_from_chars(0x01, 0x00, 0x01); + exponent = public.t.publicArea.parameters.rsaDetail.exponent; + if (!exponent) + { + aik_exponent = chunk_from_chars(0x01, 0x00, 0x01); + } + else + { + aik_exponent = chunk_from_thing(exponent); + } /* subjectPublicKeyInfo encoding of RSA public key */ if (!lib->encoding->encode(lib->encoding, PUBKEY_SPKI_ASN1_DER, diff --git a/src/libtpmtss/tpm_tss_tss2_v2.c b/src/libtpmtss/tpm_tss_tss2_v2.c index 6bbbce238f..cac0dd6617 100644 --- a/src/libtpmtss/tpm_tss_tss2_v2.c +++ b/src/libtpmtss/tpm_tss_tss2_v2.c @@ -435,6 +435,7 @@ METHOD(tpm_tss_t, get_public, chunk_t, TPM2B_PUBLIC_KEY_RSA *rsa; TPMT_RSA_SCHEME *scheme; chunk_t aik_exponent, aik_modulus; + uint32_t exponent; scheme = &public.publicArea.parameters.rsaDetail.scheme; sig_alg = scheme->scheme; @@ -442,7 +443,15 @@ METHOD(tpm_tss_t, get_public, chunk_t, rsa = &public.publicArea.unique.rsa; aik_modulus = chunk_create(rsa->buffer, rsa->size); - aik_exponent = chunk_from_chars(0x01, 0x00, 0x01); + exponent = public.publicArea.parameters.rsaDetail.exponent; + if (!exponent) + { + aik_exponent = chunk_from_chars(0x01, 0x00, 0x01); + } + else + { + aik_exponent = chunk_from_thing(exponent); + } /* subjectPublicKeyInfo encoding of RSA public key */ if (!lib->encoding->encode(lib->encoding, PUBKEY_SPKI_ASN1_DER,