ims-volte-vowifi
/
strongswan
9
0
Fork 0
Code Pull Requests Releases Activity

libtpmtss: Read RSA public key exponent instead of assuming its value 

Up to now it was assumed that the RSA public key exponent is equal to 2^16+1.
Although this is probably true in most if not all cases, it is not correct
according to the TPM 2.0 specification.

This patch fixes that by reading the exponent from the structure returned
by TPM2_ReadPublic.

Closes strongswan/strongswan#121.
This commit is contained in:
krinfels 2019-01-20 14:39:08 +01:00 committed by Tobias Brunner
parent 220b0cb29c
commit 7533cedb9a
2 changed files with 20 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
src/libtpmtss/tpm_tss_tss2_v1.c
View File

@ -481,6 +481,7 @@ METHOD(tpm_tss_t, get_public, chunk_t,
TPM2B_PUBLIC_KEY_RSA *rsa;
TPMT_RSA_SCHEME *scheme;
chunk_t aik_exponent, aik_modulus;
uint32_t exponent;
scheme = &public.t.publicArea.parameters.rsaDetail.scheme;
sig_alg = scheme->scheme;
@ -488,7 +489,15 @@ METHOD(tpm_tss_t, get_public, chunk_t,
rsa = &public.t.publicArea.unique.rsa;
aik_modulus = chunk_create(rsa->t.buffer, rsa->t.size);
aik_exponent = chunk_from_chars(0x01, 0x00, 0x01);
exponent = public.t.publicArea.parameters.rsaDetail.exponent;
if (!exponent)
{
aik_exponent = chunk_from_chars(0x01, 0x00, 0x01);
}
else
{
aik_exponent = chunk_from_thing(exponent);
}
/* subjectPublicKeyInfo encoding of RSA public key */
if (!lib->encoding->encode(lib->encoding, PUBKEY_SPKI_ASN1_DER,

11
src/libtpmtss/tpm_tss_tss2_v2.c
View File

@ -435,6 +435,7 @@ METHOD(tpm_tss_t, get_public, chunk_t,
TPM2B_PUBLIC_KEY_RSA *rsa;
TPMT_RSA_SCHEME *scheme;
chunk_t aik_exponent, aik_modulus;
uint32_t exponent;
scheme = &public.publicArea.parameters.rsaDetail.scheme;
sig_alg = scheme->scheme;
@ -442,7 +443,15 @@ METHOD(tpm_tss_t, get_public, chunk_t,
rsa = &public.publicArea.unique.rsa;
aik_modulus = chunk_create(rsa->buffer, rsa->size);
aik_exponent = chunk_from_chars(0x01, 0x00, 0x01);
exponent = public.publicArea.parameters.rsaDetail.exponent;
if (!exponent)
{
aik_exponent = chunk_from_chars(0x01, 0x00, 0x01);
}
else
{
aik_exponent = chunk_from_thing(exponent);
}
/* subjectPublicKeyInfo encoding of RSA public key */
if (!lib->encoding->encode(lib->encoding, PUBKEY_SPKI_ASN1_DER,