Fix H-35, M-74, M-75 for wolfTPM

src/tpm2_asn.c

@@ -24,6 +24,7 @@
 #endif
 
 #include <wolftpm/tpm2_asn.h>
+#include <wolftpm/tpm2_wrap.h>
 
 #ifndef WOLFTPM2_NO_ASN
 
@@ -343,8 +344,8 @@ int TPM2_ASN_DecodeRsaPubKey(uint8_t* input, int inputSz,
         }
     }
     if (rc == 0) {
-        XMEMCPY(&pub->publicArea.parameters.rsaDetail.exponent, &input[idx],
-            exp_len);
+        pub->publicArea.parameters.rsaDetail.exponent =
+            wolfTPM2_RsaKey_Exponent(&input[idx], exp_len);
     }
     return rc;
 }

src/tpm2_wrap.c

@@ -26,6 +26,16 @@
 #include <wolftpm/tpm2_wrap.h>
 #include <wolftpm/tpm2_param_enc.h>
 
+/* Convert big-endian byte array to native word32 */
+word32 wolfTPM2_RsaKey_Exponent(const byte* e, word32 eSz)
+{
+    word32 exponent = 0, i;
+    for (i = 0; i < eSz && i < sizeof(word32); i++) {
+        exponent = (exponent << 8) | e[i];
+    }
+    return exponent;
+}
+
 #ifndef WOLFTPM2_NO_WRAPPER
 
 /* For some struct to buffer conversions */
@@ -3529,15 +3539,6 @@ int wolfTPM2_RsaKey_TpmToPemPub(WOLFTPM2_DEV* dev, WOLFTPM2_KEY* tpmKey,
 #endif /* !NO_ASN */
 
 #ifndef NO_RSA
-static word32 wolfTPM2_RsaKey_Exponent(byte* e, word32 eSz)
-{
-    word32 exponent = 0, i;
-    for (i=0; i<eSz && i<sizeof(word32); i++) {
-        exponent |= ((word32)e[i]) << (i*8);
-    }
-    return exponent;
-}
-
 int wolfTPM2_RsaKey_TpmToWolf(WOLFTPM2_DEV* dev, WOLFTPM2_KEY* tpmKey,
     RsaKey* wolfKey)
 {
@@ -4144,22 +4145,22 @@ int wolfTPM2_SignHashScheme(WOLFTPM2_DEV* dev, WOLFTPM2_KEY* key,
         /* Assemble R and S into signature (R then S) */
         sigOutSz = curveSize * 2;
         if (sigOutSz > *sigSz ||
-            curveSize > ecdsa->signatureR.size ||
-            curveSize > ecdsa->signatureS.size) {
+            ecdsa->signatureR.size > curveSize ||
+            ecdsa->signatureS.size > curveSize) {
         #ifdef DEBUG_WOLFTPM
             printf("TPM2_Sign: ECC result buffer too small %d -> %d\n",
                 sigOutSz, *sigSz);
         #endif
             return BUFFER_E;
         }
-        XMEMCPY(sig, ecdsa->signatureR.buffer,
-            ecdsa->signatureR.size);
-        XMEMSET(sig + ecdsa->signatureR.size, 0,
-            curveSize - ecdsa->signatureR.size);
-        XMEMCPY(sig + curveSize, ecdsa->signatureS.buffer,
-            ecdsa->signatureS.size);
-        XMEMSET(sig + curveSize + ecdsa->signatureS.size, 0,
-            curveSize - ecdsa->signatureS.size);
+        /* Left-pad R */
+        XMEMSET(sig, 0, curveSize - ecdsa->signatureR.size);
+        XMEMCPY(sig + curveSize - ecdsa->signatureR.size,
+            ecdsa->signatureR.buffer, ecdsa->signatureR.size);
+        /* Left-pad S */
+        XMEMSET(sig + curveSize, 0, curveSize - ecdsa->signatureS.size);
+        XMEMCPY(sig + curveSize + (curveSize - ecdsa->signatureS.size),
+            ecdsa->signatureS.buffer, ecdsa->signatureS.size);
     }
     else if (key->pub.publicArea.type == TPM_ALG_RSA) {
         /* RSA signature size and buffer (with padding depending on scheme) */
@@ -5857,7 +5858,7 @@ int wolfTPM2_EncryptDecryptBlock(WOLFTPM2_DEV* dev, WOLFTPM2_KEY* key,
 
     /* update IV */
     if (iv) {
-        if (ivSz < encDecOut.ivOut.size)
+        if (ivSz > encDecOut.ivOut.size)
             ivSz = encDecOut.ivOut.size;
         XMEMCPY(iv, encDecOut.ivOut.buffer, ivSz);
     }

wolftpm/tpm2_wrap.h

@@ -1256,6 +1256,18 @@ WOLFTPM_API int wolfTPM2_SensitiveToPrivate(TPM2B_SENSITIVE* sens, TPM2B_PRIVATE
     TPMI_ALG_HASH nameAlg, TPM2B_NAME* name, const WOLFTPM2_KEY* parentKey,
     TPMT_SYM_DEF_OBJECT* sym, TPM2B_DATA* symSeed);
 
+/*!
+    \ingroup wolfTPM2_Wrappers
+    \brief Converts a big-endian byte array to a native word32 value.
+    Used for RSA exponent conversion from ASN.1/DER format.
+
+    \param e pointer to big-endian byte array
+    \param eSz size of the byte array (max 4 bytes)
+
+    \return word32 value in native byte order
+*/
+WOLFTPM_API word32 wolfTPM2_RsaKey_Exponent(const byte* e, word32 eSz);
+
 #ifndef WOLFTPM2_NO_WOLFCRYPT
 /*!
     \ingroup wolfTPM2_Wrappers
@@ -1321,6 +1333,7 @@ WOLFTPM_API int wolfTPM2_ExportPublicKeyBuffer(WOLFTPM2_DEV* dev, WOLFTPM2_KEY*
     int encodingType, byte* out, word32* outSz);
 
 #ifndef NO_RSA
+
 /*!
     \ingroup wolfTPM2_Wrappers
     \brief Helper function to import Der rsa key directly