libtpmtss: Convert RSA exponent to big-endian when provided by a TPM 2.0

While the TPM expects and returns the data in big-endian, the SAPI
implementation converts it to native-endianness.  As stated in the
SAPI specification (section 3.2):

  8. All SAPI data SHALL be in native-endian format.  This means that
     the SAPI implementation will do any endian conversion required for
     both inputs and outputs.

So to use the exponent in a chunk we have to convert it to big-endian again.

Fixes: 7533cedb9a8a ("libtpmtss: Read RSA public key exponent instead of assuming its value")

diff --git a/src/libtpmtss/tpm_tss_tss2_v1.c b/src/libtpmtss/tpm_tss_tss2_v1.c
index 0335fab91ac5e05889bf113debdf1a1d1777f79b..fb26d059b0f956530ff0bf368308c71393a98c76 100644 (file)
--- a/src/libtpmtss/tpm_tss_tss2_v1.c
+++ b/src/libtpmtss/tpm_tss_tss2_v1.c
@@ -503,7 +503,7 @@ METHOD(tpm_tss_t, get_public, chunk_t,
 
                        rsa = &public.t.publicArea.unique.rsa;
                        aik_modulus = chunk_create(rsa->t.buffer, rsa->t.size);
-                       exponent = public.t.publicArea.parameters.rsaDetail.exponent;
+                       exponent = htonl(public.t.publicArea.parameters.rsaDetail.exponent);
                        if (!exponent)
                        {
                                aik_exponent = chunk_from_chars(0x01, 0x00, 0x01);

diff --git a/src/libtpmtss/tpm_tss_tss2_v2.c b/src/libtpmtss/tpm_tss_tss2_v2.c
index e527443fb9715ff9bad502653f1020d2508a4078..c5d78d64191c34a3d7921f44f7404caadd874ab6 100644 (file)
--- a/src/libtpmtss/tpm_tss_tss2_v2.c
+++ b/src/libtpmtss/tpm_tss_tss2_v2.c
@@ -457,7 +457,7 @@ METHOD(tpm_tss_t, get_public, chunk_t,
 
                        rsa = &public.publicArea.unique.rsa;
                        aik_modulus = chunk_create(rsa->buffer, rsa->size);
-                       exponent = public.publicArea.parameters.rsaDetail.exponent;
+                       exponent = htonl(public.publicArea.parameters.rsaDetail.exponent);
                        if (!exponent)
                        {
                                aik_exponent = chunk_from_chars(0x01, 0x00, 0x01);