diff options
| author | Matthew Miller <matthew@millerti.me> | 2022-08-05 14:18:45 -0700 |
|---|---|---|
| committer | Matthew Miller <matthew@millerti.me> | 2022-08-05 14:18:45 -0700 |
| commit | f8f8c11d99cf13cc85c244afbb6281ce647f6bc3 (patch) | |
| tree | ff38c3912c3d75b30a626ffa78734e2e33d68f46 /packages/server/src | |
| parent | 37b40629e31d51c8982725b02e655b7c22fc193e (diff) | |
Properly parse `unique` for ECC type
Diffstat (limited to 'packages/server/src')
| -rw-r--r-- | packages/server/src/registration/verifications/tpm/parsePubArea.ts | 30 |
1 files changed, 26 insertions, 4 deletions
diff --git a/packages/server/src/registration/verifications/tpm/parsePubArea.ts b/packages/server/src/registration/verifications/tpm/parsePubArea.ts index 693f7bb..ca61ddc 100644 --- a/packages/server/src/registration/verifications/tpm/parsePubArea.ts +++ b/packages/server/src/registration/verifications/tpm/parsePubArea.ts @@ -2,6 +2,9 @@ import { TPM_ALG, TPM_ECC_CURVE } from './constants'; /** * Break apart a TPM attestation's pubArea buffer + * + * See 12.2.4 TPMT_PUBLIC here: + * https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-2-Structures-00.96-130315.pdf */ export function parsePubArea(pubArea: Buffer): ParsedPubArea { let pointer = 0; @@ -34,6 +37,8 @@ export function parsePubArea(pubArea: Buffer): ParsedPubArea { // Extract additional curve params according to type const parameters: { rsa?: RSAParameters; ecc?: ECCParameters } = {}; + let unique = Buffer.from([]); + if (type === 'TPM_ALG_RSA') { const rsaBuffer = pubArea.slice(pointer, (pointer += 10)); @@ -43,6 +48,14 @@ export function parsePubArea(pubArea: Buffer): ParsedPubArea { keyBits: rsaBuffer.slice(4, 6).readUInt16BE(0), exponent: rsaBuffer.slice(6, 10).readUInt32BE(0), }; + + /** + * See 11.2.4.5 TPM2B_PUBLIC_KEY_RSA here: + * https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-2-Structures-00.96-130315.pdf + */ + const uniqueLength = pubArea.slice(pointer, (pointer += 2)).readUInt16BE(0); + + unique = pubArea.slice(pointer, (pointer += uniqueLength)); } else if (type === 'TPM_ALG_ECC') { const eccBuffer = pubArea.slice(pointer, (pointer += 8)); @@ -52,14 +65,23 @@ export function parsePubArea(pubArea: Buffer): ParsedPubArea { curveID: TPM_ECC_CURVE[eccBuffer.slice(4, 6).readUInt16BE(0)], kdf: TPM_ALG[eccBuffer.slice(6, 8).readUInt16BE(0)], }; + + /** + * See 11.2.5.1 TPM2B_ECC_PARAMETER here: + * https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-2-Structures-00.96-130315.pdf + */ + // Retrieve X + const uniqueXLength = pubArea.slice(pointer, (pointer += 2)).readUInt16BE(0); + const uniqueX = pubArea.slice(pointer, (pointer += uniqueXLength)); + // Retrieve Y + const uniqueYLength = pubArea.slice(pointer, (pointer += 2)).readUInt16BE(0); + const uniqueY = pubArea.slice(pointer, (pointer += uniqueYLength)); + + unique = Buffer.concat([uniqueX, uniqueY]); } else { throw new Error(`Unexpected type "${type}" (TPM)`); } - // Slice out unique of dynamic length - const uniqueLength = pubArea.slice(pointer, (pointer += 2)).readUInt16BE(0); - const unique = pubArea.slice(pointer, (pointer += uniqueLength)); - return { type, nameAlg, |