You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
To fix, note that RsaEncrypt expects both the public part and exponent to be in big endian format. The TPM stores the public part as a raw byte buffer, so it remains big endian by default during unmarshaling and thus can be passed directly to RsaEncrypt. However the exponent is stored as a UINT32, so it'll be converted to little endian when unmarshaled - meaning we'll have to convert it to big endian before passing it to RsaEncrypt. To improve clarity, I would suggest to change the type of RSA_KEY struct's exponent member from UINT32 to a TPM2B just like its sibling members.
A TPM compatible with this specification and supporting RSA shall support two primes and an exponent of zero. An exponent of zero indicates that the exponent is the default of 2^16 + 1. Support for other values is optional.
So Crypto::Encrypt should check for this and set the exponent value accordingly before passing it to RsaEncrypt.
The text was updated successfully, but these errors were encountered:
Crypto::Encrypt
stores the key's public part and exponent inRSA_KEY theKey
and then passes it toRsaEncrypt
:TSS.MSR/TSS.CPP/Src/Crypto.cpp
Lines 424 to 436 in d715b59
RsaEncrypt
consumes the public part, but uses the hardcoded bufferBYTE exponent[] {1, 0, 1};
, corresponding to 2^16 + 1, as the exponent:TSS.MSR/TSS.CPP/Src/Crypto.cpp
Lines 318 to 324 in d715b59
To fix, note that
RsaEncrypt
expects both the public part and exponent to be in big endian format. The TPM stores the public part as a raw byte buffer, so it remains big endian by default during unmarshaling and thus can be passed directly toRsaEncrypt
. However the exponent is stored as aUINT32
, so it'll be converted to little endian when unmarshaled - meaning we'll have to convert it to big endian before passing it toRsaEncrypt
. To improve clarity, I would suggest to change the type ofRSA_KEY
struct'sexponent
member fromUINT32
to aTPM2B
just like its sibling members.Also note that as per TPM Library Spec:
So
Crypto::Encrypt
should check for this and set the exponent value accordingly before passing it toRsaEncrypt
.The text was updated successfully, but these errors were encountered: