pkcs11: Fix encoding of RSA keys if unnecessarily zero prefixed

Some tokens/libraries seem to prefix all numbers with zero bytes even
if not necessary (e.g. the default exponent 0x010001).  If we don't fix
that, the fingerprints calculated based on the retrieved values will be
incorrect.

Even if the pkcs1 plugin can properly handle numbers that are not in
two's complement since a81bd670b086 ("Added PUBKEY_RSA_MODULUS
encoding type") we prefix them with zero if necessary as other encoders
might expect them in two's complement.

Fixes #1012.

diff --git a/src/libstrongswan/plugins/pkcs11/pkcs11_public_key.c b/src/libstrongswan/plugins/pkcs11/pkcs11_public_key.c
index 6d5211657d2e6badc1736f6cb98b80551bbe430e..38477761018bfd38c265932ba51c67b3ddbcf541 100644 (file)
--- a/src/libstrongswan/plugins/pkcs11/pkcs11_public_key.c
+++ b/src/libstrongswan/plugins/pkcs11/pkcs11_public_key.c
@@ -439,12 +439,17 @@ static bool encode_rsa(private_pkcs11_public_key_t *this,
                attr[0].ulValueLen > 0 && attr[1].ulValueLen > 0)
        {
                chunk_t n, e;
-               n = chunk_create(attr[0].pValue, attr[0].ulValueLen);
+               /* some tokens/libraries add unnecessary 0x00 prefixes */
+               n = chunk_skip_zero(chunk_create(attr[0].pValue, attr[0].ulValueLen));
                if (n.ptr[0] & 0x80)
-               {       /* add leading 0x00, encoders expect it already like this */
+               {       /* add leading 0x00, encoders might expect it in two's complement */
                        n = chunk_cata("cc", chunk_from_chars(0x00), n);
                }
-               e = chunk_create(attr[1].pValue, attr[1].ulValueLen);
+               e = chunk_skip_zero(chunk_create(attr[1].pValue, attr[1].ulValueLen));
+               if (e.ptr[0] & 0x80)
+               {
+                       e = chunk_cata("cc", chunk_from_chars(0x00), e);
+               }
                success = lib->encoding->encode(lib->encoding, type, cache, encoding,
                        CRED_PART_RSA_MODULUS, n, CRED_PART_RSA_PUB_EXP, e, CRED_PART_END);
        }