[TrouSerS-users] Setting public OpenSSL RSA key 'n' value in TSS key object

Mon, 23 Feb 2015 16:24:07 -0800 

Hello TrouSerS-users!
I'm running MyFunc_CreatePubKey() from "A practical guide to trusted 
computing" with some issues.

I generated an RSA key with "openssl genpkey -algorithm RSA -out key.pem 
-pkeyopt rsa_keygen_bits:2048 -pkeyopt rsa_keygen_pubexp:3".
Then, call openssl_read_key() (from 
http://sourceforge.net/p/trousers/openssl_tpm_engine/ci/master/tree/create_tpm_key.c)
 
to create an RSA object.
Next MyFunc_CreatePubKey(), but the call Tspi_SetAttribData(*hKey, 
TSS_TSPATTRIB_KEY_BLOB, TSS_TSPATTRIB_KEYBLOB_PUBLIC_KEY, sizeN, n) 
doesn't return and the program terminates with no more output.

CODE:

int main(int argc, char **argv){
        RSA *rsa = openssl_read_key("key.pem");
        TSS_HKEY hKey;
        int padding = RSA_PKCS1_PADDING;
        TSS_RESULT ret = MyFunc_CreatePubKey(rsa, padding, &hKey);
                DBG("MyFunc_CreatePubKey", ret);
        return 0;
}
TSS_RESULT MyFunc_CreatePubKey(RSA *rsa, int padding, TSS_HKEY *hKey){
        TSS_FLAG keySize;
        UINT32 encScheme, sizeN;
        BYTE n[2048];

        switch(padding){
        case RSA_PKCS1_PADDING:
                encScheme = TSS_ES_RSAESPKCSV15;
                break;
        case RSA_PKCS1_OAEP_PADDING:
                encScheme = TSS_ES_RSAESOAEP_SHA1_MGF1;
                break;
        case RSA_NO_PADDING:
                encScheme = TSS_ES_NONE;
                break;
        default:
                return TSS_E_INTERNAL_ERROR;
                break;
        }

        keySize = get_tss_key_size(RSA_size(rsa)*8)) // 0x300 
(TSS_KEY_SIZE_2048)

        /* Create the TSS key object */
        result=Tspi_Context_CreateObject(hContext, TSS_OBJECT_TYPE_RSAKEY, 
TSS_KEY_TYPE_LEGACY | keySize, hKey);
                DBG("Create the TSS key object", result);

        /* Get the public 'n' value from OpenSSL key */
        sizeN = BN_bn2bin(rsa->n, n); // 256
        printf("sizeN = BN_bn2bin(rsa->n, n): %d \n", sizeN);
        printf("n[]: \n");
        printf("-- "); for(int i=0; i < sizeN; i++){ ... printf("%02X ", n[i]); 
...}

        BN_ULONG value = BN_get_word(rsa->n);
        printf("word(rsa->n): %ld \n", value); // -1 !!

        /* Set the key's algorithm */
        result=Tspi_SetAttribUint32(*hKey, TSS_TSPATTRIB_KEY_INFO, 
TSS_TSPATTRIB_KEYINFO_ALGORITHM, TSS_ALG_RSA);
                DBG("Tspi_SetAttribUint32 - key's algorithm", result);

        /* Set the key's number of primes */
        result=Tspi_SetAttribUint32(*hKey, TSS_TSPATTRIB_RSAKEY_INFO, 
TSS_TSPATTRIB_KEYINFO_RSA_PRIMES, 2);
                DBG("Tspi_SetAttribUint32 - key's number of primes", result);

        /* Set the key's encryption scheme */
        result=Tspi_SetAttribUint32(*hKey, TSS_TSPATTRIB_KEY_INFO, 
TSS_TSPATTRIB_KEYINFO_ENCSCHEME, encScheme);
                DBG("Tspi_SetAttribUint32 - key's encryption scheme", result);

        /* Set the public key data (n) in the TSS object */
        result=Tspi_SetAttribData(*hKey, TSS_TSPATTRIB_KEY_BLOB, 
TSS_TSPATTRIB_KEYBLOB_PUBLIC_KEY, sizeN, n);
                DBG("Tspi_SetAttribData - 'n' value", result);

        printf("RETURN");
        return TSS_SUCCESS;
}


OUTPUT:

Success (line  50, MyFunc_CreatePubKey) Create the TSS key object, 
returned 0x00000000.
sizeN = BN_bn2bin(rsa->n, n): 256
n[]:
-- D2 BD D6 DE 60 E4 15 D8 6D F9 A1 23 8B ED
31 31 13 9C 80 20 A1 33 A8 35 80 2F DE 17 C6
01 AE B4 9D 14 73 EA 21 23 FF 57 FD 0B 6C 68
4B 23 38 17 59 45 FF 4F 88 5C FE 45 99 72 6A
E6 35 86 63 C3 AB 0E 61 46 21 80 28 63 56 1D
43 C3 3C 6E 36 0F 95 D6 A9 7E D9 C0 91 C4 3A
52 F8 E5 F8 36 CD D9 71 9C E8 CA ED DD 78 D3
ED 34 97 CE B9 24 69 88 27 73 FC C3 8E 49 F0
FE 78 9B B6 C7 87 4F C1 28 2D C8 32 DA 6F 2E
AF 79 74 E3 91 B7 D6 9F 78 4F 12 0B FF 7E 24
DC 18 D4 8F 63 94 79 1D 9B FB CD 14 84 B2 FA
3D 38 B0 88 41 E3 CC E9 A8 A3 71 A0 9C 49 6F
1F 4A 2A F0 55 6A B0 E0 EB 55 B5 D4 84 99 9F
DD 15 2A 70 8E D3 36 7B 6B 5D 10 1F C3 78 5C
2E D6 E1 F5 AC 04 4A C5 6D C4 B5 CB 6C 83 CB
EF 40 C5 CC 5C A5 76 E4 36 F5 C8 0E 3B 37 4E
DE F9 6F 3A 82 28 22 4D 1A 93 C6 06 F0 FA AA
00 8F
word(rsa->n): -1
Success (line  96, MyFunc_CreatePubKey) Tspi_SetAttribUint32 - key's 
algorithm, returned 0x00000000.
Success (line 104, MyFunc_CreatePubKey) Tspi_SetAttribUint32 - key's 
number of primes, returned 0x00000000.
Success (line 112, MyFunc_CreatePubKey) Tspi_SetAttribUint32 - key's 
encryption scheme, returned 0x00000000.

I have some questions:
1) Is 'padding' argument correct?
2) Why does BN_get_word(rsa->n) return -1?
3) Why does not Tspi_SetAttribData() return at all?

Thank you very much for any suggestions,
Max.

------------------------------------------------------------------------------
Dive into the World of Parallel Programming The Go Parallel Website, sponsored
by Intel and developed in partnership with Slashdot Media, is your hub for all
things parallel software development, from weekly thought leadership blogs to
news, videos, case studies, tutorials and more. Take a look and join the 
conversation now. http://goparallel.sourceforge.net/
_______________________________________________
TrouSerS-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/trousers-users

Reply via email to