diff options
| author | nagendra modadugu <ngm@google.com> | 2016-04-13 23:49:12 -0700 |
|---|---|---|
| committer | chrome-bot <chrome-bot@chromium.org> | 2016-04-14 17:28:25 -0700 |
| commit | d08dade97485fb5aaaaad33f9cfb5cb446a25cd8 (patch) | |
| tree | 0650e0107c213f2058a5de62d74e870b087e865f | |
| parent | 2fb8d2772cdb2d78019d0e27fceaeb7b0a608f78 (diff) | |
| download | chrome-ec-d08dade97485fb5aaaaad33f9cfb5cb446a25cd8.tar.gz | |
CR50: handle big-endian RSA keys
The TPM library serializes RSA keys in big-endian format, while
CR50 requires little-endian.
Handle endianness by converting from big to little and back
to big within the _cpri__* layer.
Also modify test code to make copies of static const RSA keys, as
these get placed on read-only memory.
BRANCH=none
BUG=chrome-os-partner:43025,chrome-os-partner:47524,chrome-os-partner:52337
TEST=tests in test/tpm/tpmtest.py pass
Change-Id: Id9cfbe8c99ecaeb02744fbc7554cd48a08bab819
Signed-off-by: nagendra modadugu <ngm@google.com>
Reviewed-on: https://chromium-review.googlesource.com/331740
Commit-Ready: Nagendra Modadugu <ngm@google.com>
Tested-by: Nagendra Modadugu <ngm@google.com>
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
| -rw-r--r-- | board/cr50/tpm2/rsa.c | 256 |
1 files changed, 147 insertions, 109 deletions
diff --git a/board/cr50/tpm2/rsa.c b/board/cr50/tpm2/rsa.c index 6345b70309..2e7ccd8208 100644 --- a/board/cr50/tpm2/rsa.c +++ b/board/cr50/tpm2/rsa.c @@ -9,6 +9,11 @@ #include <assert.h> +static void reverse_tpm2b(TPM2B *b) +{ + reverse(b->buffer, b->size); +} + static int check_key(const RSA_KEY *key) { if (key->publicKey->size & 0x3) @@ -71,20 +76,26 @@ CRYPT_RESULT _cpri__EncryptRSA(uint32_t *out_len, uint8_t *out, struct RSA rsa; enum padding_mode padding; enum hashing_mode hashing; + int result; if (!check_key(key)) return CRYPT_FAIL; if (!check_encrypt_params(padding_alg, hash_alg, &padding, &hashing)) return CRYPT_FAIL; + reverse_tpm2b(key->publicKey); rsa.e = key->exponent; rsa.N.dmax = key->publicKey->size / sizeof(uint32_t); rsa.N.d = (struct access_helper *) &key->publicKey->buffer; rsa.d.dmax = 0; rsa.d.d = NULL; - if (DCRYPTO_rsa_encrypt(&rsa, out, out_len, in, in_len, padding, - hashing, label)) + result = DCRYPTO_rsa_encrypt(&rsa, out, out_len, in, in_len, padding, + hashing, label); + + reverse_tpm2b(key->publicKey); + + if (result) return CRYPT_SUCCESS; else return CRYPT_FAIL; @@ -98,20 +109,29 @@ CRYPT_RESULT _cpri__DecryptRSA(uint32_t *out_len, uint8_t *out, struct RSA rsa; enum padding_mode padding; enum hashing_mode hashing; + int result; if (!check_key(key)) return CRYPT_FAIL; if (!check_encrypt_params(padding_alg, hash_alg, &padding, &hashing)) return CRYPT_FAIL; + reverse_tpm2b(key->publicKey); + reverse_tpm2b(key->privateKey); + rsa.e = key->exponent; rsa.N.dmax = key->publicKey->size / sizeof(uint32_t); rsa.N.d = (struct access_helper *) &key->publicKey->buffer; rsa.d.dmax = key->privateKey->size / sizeof(uint32_t); rsa.d.d = (struct access_helper *) &key->privateKey->buffer; - if (DCRYPTO_rsa_decrypt(&rsa, out, out_len, in, in_len, padding, - hashing, label)) + result = DCRYPTO_rsa_decrypt(&rsa, out, out_len, in, in_len, padding, + hashing, label); + + reverse_tpm2b(key->publicKey); + reverse_tpm2b(key->privateKey); + + if (result) return CRYPT_SUCCESS; else return CRYPT_FAIL; @@ -124,19 +144,29 @@ CRYPT_RESULT _cpri__SignRSA(uint32_t *out_len, uint8_t *out, struct RSA rsa; enum padding_mode padding; enum hashing_mode hashing; + int result; if (!check_key(key)) return CRYPT_FAIL; if (!check_sign_params(padding_alg, hash_alg, &padding, &hashing)) return CRYPT_FAIL; + reverse_tpm2b(key->publicKey); + reverse_tpm2b(key->privateKey); + rsa.e = key->exponent; rsa.N.dmax = key->publicKey->size / sizeof(uint32_t); rsa.N.d = (struct access_helper *) &key->publicKey->buffer; rsa.d.dmax = key->privateKey->size / sizeof(uint32_t); rsa.d.d = (struct access_helper *) &key->privateKey->buffer; - if (DCRYPTO_rsa_sign(&rsa, out, out_len, in, in_len, padding, hashing)) + result = DCRYPTO_rsa_sign(&rsa, out, out_len, in, in_len, + padding, hashing); + + reverse_tpm2b(key->publicKey); + reverse_tpm2b(key->privateKey); + + if (result) return CRYPT_SUCCESS; else return CRYPT_FAIL; @@ -150,20 +180,27 @@ CRYPT_RESULT _cpri__ValidateSignatureRSA( struct RSA rsa; enum padding_mode padding; enum hashing_mode hashing; + int result; if (!check_key(key)) return CRYPT_FAIL; if (!check_sign_params(padding_alg, hash_alg, &padding, &hashing)) return CRYPT_FAIL; + reverse_tpm2b(key->publicKey); + rsa.e = key->exponent; rsa.N.dmax = key->publicKey->size / sizeof(uint32_t); rsa.N.d = (struct access_helper *) &key->publicKey->buffer; rsa.d.dmax = 0; rsa.d.d = NULL; - if (DCRYPTO_rsa_verify(&rsa, digest, digest_len, sig, sig_len, - padding, hashing)) + result = DCRYPTO_rsa_verify(&rsa, digest, digest_len, sig, sig_len, + padding, hashing); + + reverse_tpm2b(key->publicKey); + + if (result) return CRYPT_SUCCESS; else return CRYPT_FAIL; @@ -183,123 +220,116 @@ enum { static const TPM2B_PUBLIC_KEY_RSA RSA_768_N = { .t = {96, { - 0x69, 0x85, 0x39, 0x2d, 0x78, 0x2b, 0x90, 0x75, - 0xe1, 0x7c, 0xc1, 0x7b, 0xbd, 0x5b, 0xdd, 0xfd, - 0x00, 0x36, 0xf7, 0x38, 0x74, 0x33, 0x2b, 0xa8, - 0x53, 0x89, 0x10, 0xa7, 0x2d, 0x3c, 0xe6, 0x00, - 0xa3, 0xe5, 0x8b, 0x5f, 0xed, 0x77, 0x32, 0xc0, - 0x0f, 0xe2, 0x2c, 0x51, 0x1b, 0x46, 0xba, 0x18, - 0xc0, 0x4e, 0x1b, 0x44, 0xdf, 0x94, 0xcc, 0x15, - 0xe1, 0x67, 0x48, 0x3a, 0x12, 0xc4, 0x0c, 0x82, - 0xd2, 0xfa, 0xfe, 0x74, 0x6e, 0x49, 0xa4, 0x8b, - 0x64, 0xc2, 0x3b, 0x33, 0x36, 0x72, 0x24, 0xdb, - 0x17, 0x86, 0x5a, 0x35, 0xd2, 0x23, 0x20, 0xd4, - 0x7c, 0xf0, 0x32, 0xd9, 0x46, 0xed, 0xdb, 0xb0 + 0xb0, 0xdb, 0xed, 0x46, 0xd9, 0x32, 0xf0, 0x7c, + 0xd4, 0x20, 0x23, 0xd2, 0x35, 0x5a, 0x86, 0x17, + 0xdb, 0x24, 0x72, 0x36, 0x33, 0x3b, 0xc2, 0x64, + 0x8b, 0xa4, 0x49, 0x6e, 0x74, 0xfe, 0xfa, 0xd2, + 0x82, 0x0c, 0xc4, 0x12, 0x3a, 0x48, 0x67, 0xe1, + 0x15, 0xcc, 0x94, 0xdf, 0x44, 0x1b, 0x4e, 0xc0, + 0x18, 0xba, 0x46, 0x1b, 0x51, 0x2c, 0xe2, 0x0f, + 0xc0, 0x32, 0x77, 0xed, 0x5f, 0x8b, 0xe5, 0xa3, + 0x00, 0xe6, 0x3c, 0x2d, 0xa7, 0x10, 0x89, 0x53, + 0xa8, 0x2b, 0x33, 0x74, 0x38, 0xf7, 0x36, 0x00, + 0xfd, 0xdd, 0x5b, 0xbd, 0x7b, 0xc1, 0x7c, 0xe1, + 0x75, 0x90, 0x2b, 0x78, 0x2d, 0x39, 0x85, 0x69 } } }; static const TPM2B_PUBLIC_KEY_RSA RSA_768_D = { .t = {96, { - 0x01, 0x40, 0x76, 0x7b, 0x41, 0xd6, 0xd9, 0x17, - 0xfe, 0x52, 0x6d, 0xdd, 0x24, 0x70, 0xbc, 0x97, - 0x7e, 0xcf, 0x54, 0x22, 0x4c, 0x71, 0x29, 0xf5, - 0xb2, 0xe2, 0xf6, 0xf8, 0x8b, 0x9e, 0x20, 0x1a, - 0x1e, 0x67, 0xee, 0x59, 0xf9, 0x83, 0x6b, 0x91, - 0x8d, 0xdf, 0x03, 0xfc, 0xdd, 0x0f, 0x35, 0xd7, - 0xa2, 0x5d, 0x06, 0x3f, 0x45, 0xb9, 0xb0, 0x23, - 0x90, 0x7b, 0x11, 0x32, 0xc1, 0xf2, 0x12, 0xdb, - 0x61, 0xf9, 0xa7, 0x31, 0x24, 0xc8, 0x66, 0x4e, - 0x49, 0x72, 0xb9, 0xce, 0xa6, 0x5b, 0xab, 0x46, - 0x45, 0xdf, 0x75, 0x76, 0x3e, 0xd3, 0x42, 0x9f, - 0x5c, 0x1b, 0x8c, 0x25, 0x50, 0xb9, 0xad, 0xae + 0xae, 0xad, 0xb9, 0x50, 0x25, 0x8c, 0x1b, 0x5c, + 0x9f, 0x42, 0xd3, 0x3e, 0x76, 0x75, 0xdf, 0x45, + 0x46, 0xab, 0x5b, 0xa6, 0xce, 0xb9, 0x72, 0x49, + 0x4e, 0x66, 0xc8, 0x24, 0x31, 0xa7, 0xf9, 0x61, + 0xdb, 0x12, 0xf2, 0xc1, 0x32, 0x11, 0x7b, 0x90, + 0x23, 0xb0, 0xb9, 0x45, 0x3f, 0x06, 0x5d, 0xa2, + 0xd7, 0x35, 0x0f, 0xdd, 0xfc, 0x03, 0xdf, 0x8d, + 0x91, 0x6b, 0x83, 0xf9, 0x59, 0xee, 0x67, 0x1e, + 0x1a, 0x20, 0x9e, 0x8b, 0xf8, 0xf6, 0xe2, 0xb2, + 0xf5, 0x29, 0x71, 0x4c, 0x22, 0x54, 0xcf, 0x7e, + 0x97, 0xbc, 0x70, 0x24, 0xdd, 0x6d, 0x52, 0xfe, + 0x17, 0xd9, 0xd6, 0x41, 0x7b, 0x76, 0x40, 0x01 } } }; static const TPM2B_PUBLIC_KEY_RSA RSA_2048_N = { .t = {256, { - 0x99, 0xa9, 0x93, 0xdf, 0xe8, 0xde, 0x41, 0x07, - 0xe9, 0xb1, 0x4f, 0x53, 0xa6, 0x11, 0xe3, 0x67, - 0x88, 0xc5, 0x9a, 0x57, 0xa5, 0x38, 0x1f, 0x69, - 0x51, 0xf2, 0xa7, 0xb5, 0x6a, 0xd2, 0x1a, 0xf2, - 0x0c, 0x62, 0xad, 0x33, 0x1f, 0x82, 0x21, 0x4a, - 0x72, 0xb3, 0x6e, 0xba, 0xfd, 0x66, 0x3e, 0xef, - 0x40, 0x78, 0xa7, 0x37, 0x97, 0x4a, 0x74, 0x63, - 0x23, 0x05, 0x2e, 0x55, 0x6d, 0x36, 0xd0, 0xb7, - 0x8c, 0xb7, 0x83, 0x60, 0x3b, 0xa1, 0x58, 0x5d, - 0xdc, 0xef, 0xf7, 0x2c, 0x5e, 0x05, 0x27, 0xbc, - 0xb0, 0x4d, 0xc9, 0xff, 0x04, 0x50, 0x22, 0x97, - 0xe7, 0x15, 0x66, 0xa5, 0x24, 0x0e, 0x86, 0xa6, - 0x36, 0x9c, 0x92, 0xa2, 0x16, 0x51, 0xed, 0xc2, - 0xea, 0xbf, 0xf4, 0xb2, 0x5e, 0x3a, 0xd7, 0xc5, - 0xa3, 0xfa, 0xf0, 0xcf, 0xcf, 0x7b, 0xc8, 0x5c, - 0x07, 0xe2, 0xcc, 0xa8, 0xb8, 0x36, 0x76, 0xb1, - 0xc9, 0xbb, 0x48, 0x38, 0xbe, 0x0b, 0x57, 0xce, - 0x05, 0x2d, 0xf1, 0xdb, 0x7b, 0x94, 0xb6, 0xcd, - 0x3a, 0xa8, 0x50, 0x49, 0xca, 0x18, 0xb3, 0x52, - 0x18, 0x49, 0xde, 0x10, 0xf8, 0x41, 0x40, 0x6e, - 0x51, 0xaf, 0xdd, 0x06, 0xc3, 0x30, 0xc7, 0x57, - 0x6b, 0xd4, 0xdc, 0x10, 0x46, 0x30, 0x04, 0x23, - 0x98, 0xc0, 0xf0, 0xb4, 0xeb, 0x5d, 0xc9, 0x6e, - 0x50, 0x1f, 0xd7, 0xd9, 0xac, 0xf2, 0x0d, 0x06, - 0xe3, 0x9b, 0x5e, 0xde, 0x2a, 0xaa, 0xb1, 0xaf, - 0xd6, 0x97, 0x68, 0x2d, 0xeb, 0x0c, 0x7b, 0x75, - 0x49, 0x23, 0x64, 0xbe, 0x90, 0x53, 0x82, 0x99, - 0xa2, 0x50, 0x78, 0x0c, 0x9f, 0x72, 0xc1, 0x0a, - 0x0f, 0x32, 0x75, 0xed, 0x1f, 0x6e, 0xef, 0x2c, - 0x2e, 0x1d, 0x4c, 0x19, 0x85, 0x5c, 0x90, 0x95, - 0xe3, 0x4b, 0x86, 0xf5, 0xb7, 0x9f, 0x73, 0xcd, - 0xbe, 0x15, 0x8e, 0x43, 0x2e, 0x61, 0xd7, 0x9c + 0x9c, 0xd7, 0x61, 0x2e, 0x43, 0x8e, 0x15, 0xbe, + 0xcd, 0x73, 0x9f, 0xb7, 0xf5, 0x86, 0x4b, 0xe3, + 0x95, 0x90, 0x5c, 0x85, 0x19, 0x4c, 0x1d, 0x2e, + 0x2c, 0xef, 0x6e, 0x1f, 0xed, 0x75, 0x32, 0x0f, + 0x0a, 0xc1, 0x72, 0x9f, 0x0c, 0x78, 0x50, 0xa2, + 0x99, 0x82, 0x53, 0x90, 0xbe, 0x64, 0x23, 0x49, + 0x75, 0x7b, 0x0c, 0xeb, 0x2d, 0x68, 0x97, 0xd6, + 0xaf, 0xb1, 0xaa, 0x2a, 0xde, 0x5e, 0x9b, 0xe3, + 0x06, 0x0d, 0xf2, 0xac, 0xd9, 0xd7, 0x1f, 0x50, + 0x6e, 0xc9, 0x5d, 0xeb, 0xb4, 0xf0, 0xc0, 0x98, + 0x23, 0x04, 0x30, 0x46, 0x10, 0xdc, 0xd4, 0x6b, + 0x57, 0xc7, 0x30, 0xc3, 0x06, 0xdd, 0xaf, 0x51, + 0x6e, 0x40, 0x41, 0xf8, 0x10, 0xde, 0x49, 0x18, + 0x52, 0xb3, 0x18, 0xca, 0x49, 0x50, 0xa8, 0x3a, + 0xcd, 0xb6, 0x94, 0x7b, 0xdb, 0xf1, 0x2d, 0x05, + 0xce, 0x57, 0x0b, 0xbe, 0x38, 0x48, 0xbb, 0xc9, + 0xb1, 0x76, 0x36, 0xb8, 0xa8, 0xcc, 0xe2, 0x07, + 0x5c, 0xc8, 0x7b, 0xcf, 0xcf, 0xf0, 0xfa, 0xa3, + 0xc5, 0xd7, 0x3a, 0x5e, 0xb2, 0xf4, 0xbf, 0xea, + 0xc2, 0xed, 0x51, 0x16, 0xa2, 0x92, 0x9c, 0x36, + 0xa6, 0x86, 0x0e, 0x24, 0xa5, 0x66, 0x15, 0xe7, + 0x97, 0x22, 0x50, 0x04, 0xff, 0xc9, 0x4d, 0xb0, + 0xbc, 0x27, 0x05, 0x5e, 0x2c, 0xf7, 0xef, 0xdc, + 0x5d, 0x58, 0xa1, 0x3b, 0x60, 0x83, 0xb7, 0x8c, + 0xb7, 0xd0, 0x36, 0x6d, 0x55, 0x2e, 0x05, 0x23, + 0x63, 0x74, 0x4a, 0x97, 0x37, 0xa7, 0x78, 0x40, + 0xef, 0x3e, 0x66, 0xfd, 0xba, 0x6e, 0xb3, 0x72, + 0x4a, 0x21, 0x82, 0x1f, 0x33, 0xad, 0x62, 0x0c, + 0xf2, 0x1a, 0xd2, 0x6a, 0xb5, 0xa7, 0xf2, 0x51, + 0x69, 0x1f, 0x38, 0xa5, 0x57, 0x9a, 0xc5, 0x88, + 0x67, 0xe3, 0x11, 0xa6, 0x53, 0x4f, 0xb1, 0xe9, + 0x07, 0x41, 0xde, 0xe8, 0xdf, 0x93, 0xa9, 0x99 } } }; static const TPM2B_PUBLIC_KEY_RSA RSA_2048_D = { .t = {256, { - 0xf5, 0x95, 0x99, 0xca, 0x31, 0x84, 0x66, 0x4c, - 0xa9, 0x29, 0x24, 0x74, 0x22, 0x29, 0xb4, 0x64, - 0x5b, 0x22, 0xeb, 0x5d, 0x2f, 0xe3, 0x62, 0x21, - 0x02, 0x16, 0x33, 0x16, 0xe4, 0xad, 0x10, 0x52, - 0x3f, 0xf0, 0xf1, 0x86, 0x68, 0x54, 0x47, 0x24, - 0xcc, 0x5c, 0x08, 0x82, 0x0f, 0x68, 0xdd, 0x79, - 0x55, 0x11, 0x07, 0x6d, 0x56, 0x89, 0x30, 0xf1, - 0x7f, 0xaf, 0xb1, 0xb8, 0x41, 0xe8, 0x7a, 0x82, - 0x03, 0x1a, 0x95, 0xd7, 0x00, 0x7c, 0xb7, 0x04, - 0xee, 0x8e, 0x9b, 0xbc, 0x4f, 0xdf, 0xa8, 0x38, - 0xea, 0xbf, 0xfb, 0x79, 0xa0, 0xd3, 0xd6, 0xc2, - 0x1f, 0x67, 0xa2, 0x88, 0x2b, 0x1d, 0x23, 0xc6, - 0x19, 0xfc, 0x27, 0x45, 0xcf, 0xbd, 0xc7, 0xe9, - 0x6e, 0x7a, 0xe2, 0x84, 0x4c, 0x9c, 0x16, 0x65, - 0xb0, 0xa6, 0x88, 0xc5, 0xbe, 0x30, 0x70, 0xb9, - 0xc6, 0x6d, 0x3f, 0xf5, 0xcd, 0x52, 0x97, 0x54, - 0x15, 0x26, 0xd2, 0x06, 0x82, 0xcc, 0xe7, 0x02, - 0x1a, 0x23, 0xb8, 0x0a, 0x71, 0xde, 0x91, 0x82, - 0xe4, 0x1e, 0xbe, 0x67, 0xeb, 0x94, 0x24, 0x22, - 0xe7, 0x27, 0xfa, 0x52, 0xf2, 0x94, 0x5e, 0x6e, - 0x85, 0xc1, 0x47, 0x42, 0xdc, 0xae, 0x8b, 0xaf, - 0x4e, 0x32, 0xc6, 0x8d, 0xd3, 0xc0, 0xa2, 0x6b, - 0x02, 0x96, 0x76, 0x0a, 0x96, 0x87, 0x16, 0x35, - 0xc1, 0xea, 0xf7, 0x91, 0xa4, 0xa3, 0x1b, 0x40, - 0xc0, 0x95, 0x20, 0x14, 0x9f, 0x32, 0xad, 0x39, - 0x19, 0x29, 0xea, 0x80, 0x33, 0x2c, 0x31, 0x86, - 0xca, 0x5e, 0x89, 0xf0, 0x74, 0xdf, 0x8f, 0xdc, - 0xa3, 0xf3, 0xbe, 0x26, 0xd0, 0xa3, 0xb4, 0x7c, - 0x6e, 0xdf, 0xad, 0xdb, 0x26, 0xf3, 0xaa, 0xfb, - 0x68, 0x56, 0x43, 0xb9, 0x7f, 0x19, 0x70, 0x67, - 0x5a, 0x66, 0x15, 0x6f, 0xe2, 0x14, 0x8f, 0xbc, - 0x89, 0x8b, 0x4a, 0xdf, 0x1f, 0x02, 0x9d, 0x4e + 0x4e, 0x9d, 0x02, 0x1f, 0xdf, 0x4a, 0x8b, 0x89, + 0xbc, 0x8f, 0x14, 0xe2, 0x6f, 0x15, 0x66, 0x5a, + 0x67, 0x70, 0x19, 0x7f, 0xb9, 0x43, 0x56, 0x68, + 0xfb, 0xaa, 0xf3, 0x26, 0xdb, 0xad, 0xdf, 0x6e, + 0x7c, 0xb4, 0xa3, 0xd0, 0x26, 0xbe, 0xf3, 0xa3, + 0xdc, 0x8f, 0xdf, 0x74, 0xf0, 0x89, 0x5e, 0xca, + 0x86, 0x31, 0x2c, 0x33, 0x80, 0xea, 0x29, 0x19, + 0x39, 0xad, 0x32, 0x9f, 0x14, 0x20, 0x95, 0xc0, + 0x40, 0x1b, 0xa3, 0xa4, 0x91, 0xf7, 0xea, 0xc1, + 0x35, 0x16, 0x87, 0x96, 0x0a, 0x76, 0x96, 0x02, + 0x6b, 0xa2, 0xc0, 0xd3, 0x8d, 0xc6, 0x32, 0x4e, + 0xaf, 0x8b, 0xae, 0xdc, 0x42, 0x47, 0xc1, 0x85, + 0x6e, 0x5e, 0x94, 0xf2, 0x52, 0xfa, 0x27, 0xe7, + 0x22, 0x24, 0x94, 0xeb, 0x67, 0xbe, 0x1e, 0xe4, + 0x82, 0x91, 0xde, 0x71, 0x0a, 0xb8, 0x23, 0x1a, + 0x02, 0xe7, 0xcc, 0x82, 0x06, 0xd2, 0x26, 0x15, + 0x54, 0x97, 0x52, 0xcd, 0xf5, 0x3f, 0x6d, 0xc6, + 0xb9, 0x70, 0x30, 0xbe, 0xc5, 0x88, 0xa6, 0xb0, + 0x65, 0x16, 0x9c, 0x4c, 0x84, 0xe2, 0x7a, 0x6e, + 0xe9, 0xc7, 0xbd, 0xcf, 0x45, 0x27, 0xfc, 0x19, + 0xc6, 0x23, 0x1d, 0x2b, 0x88, 0xa2, 0x67, 0x1f, + 0xc2, 0xd6, 0xd3, 0xa0, 0x79, 0xfb, 0xbf, 0xea, + 0x38, 0xa8, 0xdf, 0x4f, 0xbc, 0x9b, 0x8e, 0xee, + 0x04, 0xb7, 0x7c, 0x00, 0xd7, 0x95, 0x1a, 0x03, + 0x82, 0x7a, 0xe8, 0x41, 0xb8, 0xb1, 0xaf, 0x7f, + 0xf1, 0x30, 0x89, 0x56, 0x6d, 0x07, 0x11, 0x55, + 0x79, 0xdd, 0x68, 0x0f, 0x82, 0x08, 0x5c, 0xcc, + 0x24, 0x47, 0x54, 0x68, 0x86, 0xf1, 0xf0, 0x3f, + 0x52, 0x10, 0xad, 0xe4, 0x16, 0x33, 0x16, 0x02, + 0x21, 0x62, 0xe3, 0x2f, 0x5d, 0xeb, 0x22, 0x5b, + 0x64, 0xb4, 0x29, 0x22, 0x74, 0x24, 0x29, 0xa9, + 0x4c, 0x66, 0x84, 0x31, 0xca, 0x99, 0x95, 0xf5 } } }; -static const RSA_KEY RSA_768 = { - 65537, (TPM2B *) &RSA_768_N.b, (TPM2B *) &RSA_768_D.b -}; -static const RSA_KEY RSA_2048 = { - 65537, (TPM2B *) &RSA_2048_N.b, (TPM2B *) &RSA_2048_D.b -}; - #define MAX_MSG_BYTES RSA_MAX_BYTES static void rsa_command_handler(void *cmd_body, @@ -316,7 +346,9 @@ static void rsa_command_handler(void *cmd_body, uint16_t digest_len; uint8_t digest[SHA_DIGEST_MAX_BYTES]; uint8_t *out = (uint8_t *) cmd_body; - RSA_KEY *key; + TPM2B_PUBLIC_KEY_RSA N; + TPM2B_PUBLIC_KEY_RSA d; + RSA_KEY key; uint32_t *response_size = (uint32_t *) response_size_out; assert(sizeof(size_t) == sizeof(uint32_t)); @@ -360,43 +392,49 @@ static void rsa_command_handler(void *cmd_body, memcpy(digest, cmd, digest_len); } + /* Make copies of N, and d, as const data is immutable. */ switch (key_len) { case 768: - key = (RSA_KEY *) &RSA_768; + N = RSA_768_N; + d = RSA_768_D; break; case 2048: - key = (RSA_KEY *) &RSA_2048; + N = RSA_2048_N; + d = RSA_2048_D; break; default: *response_size = 0; return; } + key.exponent = 65537; + key.publicKey = &N.b; + key.privateKey = &d.b; switch (op) { case TEST_RSA_ENCRYPT: if (_cpri__EncryptRSA( - response_size, out, key, + response_size, out, &key, padding_alg, in_len, in, hashing_alg, "") != CRYPT_SUCCESS) *response_size = 0; return; case TEST_RSA_DECRYPT: if (_cpri__DecryptRSA( - response_size, out, key, + response_size, out, &key, padding_alg, in_len, in, hashing_alg, "") != CRYPT_SUCCESS) *response_size = 0; return; case TEST_RSA_SIGN: if (_cpri__SignRSA( - response_size, out, key, + response_size, out, &key, padding_alg, hashing_alg, in_len, in) != CRYPT_SUCCESS) *response_size = 0; return; case TEST_RSA_VERIFY: if (_cpri__ValidateSignatureRSA( - key, padding_alg, hashing_alg, digest_len, + &key, padding_alg, hashing_alg, digest_len, digest, in_len, in, 0) != CRYPT_SUCCESS) { *response_size = 0; |