From: krinfels <kornel@duleba.com.pl>
Date: Sun, 20 Jan 2019 13:39:08 +0000 (+0100)
Subject: libtpmtss: Read RSA public key exponent instead of assuming its value
X-Git-Tag: 5.8.0dr1~13
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=7533cedb9a8a099d291f9f1f2e306b44b200db67;p=thirdparty%2Fstrongswan.git

libtpmtss: Read RSA public key exponent instead of assuming its value

Up to now it was assumed that the RSA public key exponent is equal to 2^16+1.
Although this is probably true in most if not all cases, it is not correct
according to the TPM 2.0 specification.

This patch fixes that by reading the exponent from the structure returned
by TPM2_ReadPublic.

Closes strongswan/strongswan#121.
---

diff --git a/src/libtpmtss/tpm_tss_tss2_v1.c b/src/libtpmtss/tpm_tss_tss2_v1.c
index f904442ede..1c214afa37 100644
--- a/src/libtpmtss/tpm_tss_tss2_v1.c
+++ b/src/libtpmtss/tpm_tss_tss2_v1.c
@@ -481,6 +481,7 @@ METHOD(tpm_tss_t, get_public, chunk_t,
 			TPM2B_PUBLIC_KEY_RSA *rsa;
 			TPMT_RSA_SCHEME *scheme;
 			chunk_t aik_exponent, aik_modulus;
+			uint32_t exponent;
 
 			scheme = &public.t.publicArea.parameters.rsaDetail.scheme;
 			sig_alg   = scheme->scheme;
@@ -488,7 +489,15 @@ METHOD(tpm_tss_t, get_public, chunk_t,
 
 			rsa = &public.t.publicArea.unique.rsa;
 			aik_modulus = chunk_create(rsa->t.buffer, rsa->t.size);
-			aik_exponent = chunk_from_chars(0x01, 0x00, 0x01);
+			exponent = public.t.publicArea.parameters.rsaDetail.exponent;
+			if (!exponent)
+			{
+				aik_exponent = chunk_from_chars(0x01, 0x00, 0x01);
+			}
+			else
+			{
+				aik_exponent = chunk_from_thing(exponent);
+			}
 
 			/* subjectPublicKeyInfo encoding of RSA public key */
 			if (!lib->encoding->encode(lib->encoding, PUBKEY_SPKI_ASN1_DER,
diff --git a/src/libtpmtss/tpm_tss_tss2_v2.c b/src/libtpmtss/tpm_tss_tss2_v2.c
index 6bbbce238f..cac0dd6617 100644
--- a/src/libtpmtss/tpm_tss_tss2_v2.c
+++ b/src/libtpmtss/tpm_tss_tss2_v2.c
@@ -435,6 +435,7 @@ METHOD(tpm_tss_t, get_public, chunk_t,
 			TPM2B_PUBLIC_KEY_RSA *rsa;
 			TPMT_RSA_SCHEME *scheme;
 			chunk_t aik_exponent, aik_modulus;
+			uint32_t exponent;
 
 			scheme = &public.publicArea.parameters.rsaDetail.scheme;
 			sig_alg   = scheme->scheme;
@@ -442,7 +443,15 @@ METHOD(tpm_tss_t, get_public, chunk_t,
 
 			rsa = &public.publicArea.unique.rsa;
 			aik_modulus = chunk_create(rsa->buffer, rsa->size);
-			aik_exponent = chunk_from_chars(0x01, 0x00, 0x01);
+			exponent = public.publicArea.parameters.rsaDetail.exponent;
+			if (!exponent)
+			{
+				aik_exponent = chunk_from_chars(0x01, 0x00, 0x01);
+			}
+			else
+			{
+				aik_exponent = chunk_from_thing(exponent);
+			}
 
 			/* subjectPublicKeyInfo encoding of RSA public key */
 			if (!lib->encoding->encode(lib->encoding, PUBKEY_SPKI_ASN1_DER,