While the TPM expects and returns the data in big-endian, the SAPI
implementation converts it to native-endianness. As stated in the
SAPI specification (section 3.2):
8. All SAPI data SHALL be in native-endian format. This means that
the SAPI implementation will do any endian conversion required for
both inputs and outputs.
So to use the exponent in a chunk we have to convert it to big-endian again.
Fixes:
7533cedb9a8a ("libtpmtss: Read RSA public key exponent instead of assuming its value")
rsa = &public.t.publicArea.unique.rsa;
aik_modulus = chunk_create(rsa->t.buffer, rsa->t.size);
- exponent = public.t.publicArea.parameters.rsaDetail.exponent;
+ exponent = htonl(public.t.publicArea.parameters.rsaDetail.exponent);
if (!exponent)
{
aik_exponent = chunk_from_chars(0x01, 0x00, 0x01);
rsa = &public.publicArea.unique.rsa;
aik_modulus = chunk_create(rsa->buffer, rsa->size);
- exponent = public.publicArea.parameters.rsaDetail.exponent;
+ exponent = htonl(public.publicArea.parameters.rsaDetail.exponent);
if (!exponent)
{
aik_exponent = chunk_from_chars(0x01, 0x00, 0x01);