From: Tobias Brunner <tobias@strongswan.org>
Date: Wed, 29 Jan 2020 10:22:07 +0000 (+0100)
Subject: libtpmtss: Fix problematic usage of chunk_from_chars() in TSS2 implementations
X-Git-Tag: 5.8.3dr1~31
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=ef4113a49dbf3d0315d5c3e486a3717dda5f4c7c;p=thirdparty%2Fstrongswan.git

libtpmtss: Fix problematic usage of chunk_from_chars() in TSS2 implementations

See 8ea13bbc5ccd for details.

References #3249.
---

diff --git a/src/libtpmtss/tpm_tss_tss2_v1.c b/src/libtpmtss/tpm_tss_tss2_v1.c
index fb26d059b0..31465da82b 100644
--- a/src/libtpmtss/tpm_tss_tss2_v1.c
+++ b/src/libtpmtss/tpm_tss_tss2_v1.c
@@ -494,7 +494,8 @@ METHOD(tpm_tss_t, get_public, chunk_t,
 		{
 			TPM2B_PUBLIC_KEY_RSA *rsa;
 			TPMT_RSA_SCHEME *scheme;
-			chunk_t aik_exponent, aik_modulus;
+			chunk_t aik_exponent = chunk_from_chars(0x01, 0x00, 0x01);
+			chunk_t aik_modulus;
 			uint32_t exponent;
 
 			scheme = &public.t.publicArea.parameters.rsaDetail.scheme;
@@ -504,11 +505,7 @@ METHOD(tpm_tss_t, get_public, chunk_t,
 			rsa = &public.t.publicArea.unique.rsa;
 			aik_modulus = chunk_create(rsa->t.buffer, rsa->t.size);
 			exponent = htonl(public.t.publicArea.parameters.rsaDetail.exponent);
-			if (!exponent)
-			{
-				aik_exponent = chunk_from_chars(0x01, 0x00, 0x01);
-			}
-			else
+			if (exponent)
 			{
 				aik_exponent = chunk_from_thing(exponent);
 			}
diff --git a/src/libtpmtss/tpm_tss_tss2_v2.c b/src/libtpmtss/tpm_tss_tss2_v2.c
index c5d78d6419..fef32e16b7 100644
--- a/src/libtpmtss/tpm_tss_tss2_v2.c
+++ b/src/libtpmtss/tpm_tss_tss2_v2.c
@@ -448,7 +448,8 @@ METHOD(tpm_tss_t, get_public, chunk_t,
 		{
 			TPM2B_PUBLIC_KEY_RSA *rsa;
 			TPMT_RSA_SCHEME *scheme;
-			chunk_t aik_exponent, aik_modulus;
+			chunk_t aik_exponent = chunk_from_chars(0x01, 0x00, 0x01);
+			chunk_t aik_modulus;
 			uint32_t exponent;
 
 			scheme = &public.publicArea.parameters.rsaDetail.scheme;
@@ -458,11 +459,7 @@ METHOD(tpm_tss_t, get_public, chunk_t,
 			rsa = &public.publicArea.unique.rsa;
 			aik_modulus = chunk_create(rsa->buffer, rsa->size);
 			exponent = htonl(public.publicArea.parameters.rsaDetail.exponent);
-			if (!exponent)
-			{
-				aik_exponent = chunk_from_chars(0x01, 0x00, 0x01);
-			}
-			else
+			if (exponent)
 			{
 				aik_exponent = chunk_from_thing(exponent);
 			}