86 lines
2.9 KiB
Diff
86 lines
2.9 KiB
Diff
From 5ffbddedaedc3215da219d35dc3f95b1c52ef393 Mon Sep 17 00:00:00 2001
|
|
From: jiangfangjie 00559066 <jiangfangjie@huawei.com>
|
|
Date: Tue, 11 May 2021 14:15:09 +0800
|
|
Subject: [PATCH 6/7] tpm2: Pass SEED_COMPAT_LEVEL to CryptAdjustPrimeCandidate
|
|
function
|
|
|
|
Pass the SEED_COMPAT_LEVEL, originating from the seed that's being used,
|
|
to the CryptAdjustPrimeCandidate function and use it to determine
|
|
whether the old code should be used or the new one.
|
|
---
|
|
src/tpm2/crypto/CryptPrime_fp.h | 3 ++-
|
|
src/tpm2/crypto/openssl/CryptPrime.c | 26 ++++++++++++++++++++------
|
|
2 files changed, 22 insertions(+), 7 deletions(-)
|
|
|
|
diff --git a/src/tpm2/crypto/CryptPrime_fp.h b/src/tpm2/crypto/CryptPrime_fp.h
|
|
index 8cd23f5..e8ac8b8 100644
|
|
--- a/src/tpm2/crypto/CryptPrime_fp.h
|
|
+++ b/src/tpm2/crypto/CryptPrime_fp.h
|
|
@@ -89,7 +89,8 @@ RsaCheckPrime(
|
|
);
|
|
LIB_EXPORT void
|
|
RsaAdjustPrimeCandidate(
|
|
- bigNum prime
|
|
+ bigNum prime,
|
|
+ SEED_COMPAT_LEVEL seedCompatLevel // IN: compatibility level; libtpms added
|
|
);
|
|
void
|
|
BnGeneratePrimeForRSA(
|
|
diff --git a/src/tpm2/crypto/openssl/CryptPrime.c b/src/tpm2/crypto/openssl/CryptPrime.c
|
|
index 9a5ee7d..2e8601c 100644
|
|
--- a/src/tpm2/crypto/openssl/CryptPrime.c
|
|
+++ b/src/tpm2/crypto/openssl/CryptPrime.c
|
|
@@ -361,13 +361,21 @@ RsaAdjustPrimeCandidate_New(
|
|
}
|
|
LIB_EXPORT void
|
|
RsaAdjustPrimeCandidate(
|
|
- bigNum prime
|
|
+ bigNum prime,
|
|
+ SEED_COMPAT_LEVEL seedCompatLevel // IN: compatibility level; libtpms added
|
|
)
|
|
{
|
|
- if (1)
|
|
+ switch (seedCompatLevel) {
|
|
+ case SEED_COMPAT_LEVEL_ORIGINAL:
|
|
RsaAdjustPrimeCandidate_PreRev155(prime);
|
|
- else
|
|
+ break;
|
|
+ /* case SEED_COMPAT_LEVEL_LAST: */
|
|
+ case SEED_COMPAT_LEVEL_RSA_PRIME_ADJUST_FIX:
|
|
RsaAdjustPrimeCandidate_New(prime);
|
|
+ break;
|
|
+ default:
|
|
+ FAIL(FATAL_ERROR_INTERNAL);
|
|
+ }
|
|
}
|
|
/* 10.2.14.1.8 BnGeneratePrimeForRSA() */
|
|
|
|
@@ -395,15 +403,21 @@ BnGeneratePrimeForRSA(
|
|
// DRBG_Generate(rand, (BYTE *)prime->d, (UINT16)BITS_TO_BYTES(bits));// old
|
|
// if(g_inFailureMode) // old
|
|
// libtpms changed begin
|
|
- if (1) {
|
|
+ switch (DRBG_GetSeedCompatLevel(rand)) {
|
|
+ case SEED_COMPAT_LEVEL_ORIGINAL:
|
|
DRBG_Generate(rand, (BYTE *)prime->d, (UINT16)BITS_TO_BYTES(bits));
|
|
if (g_inFailureMode)
|
|
return;
|
|
- } else {
|
|
+ break;
|
|
+ /* case SEED_COMPAT_LEVEL_LAST: */
|
|
+ case SEED_COMPAT_LEVEL_RSA_PRIME_ADJUST_FIX:
|
|
if(!BnGetRandomBits(prime, bits, rand)) // new
|
|
return;
|
|
+ break;
|
|
+ default:
|
|
+ FAIL(FATAL_ERROR_INTERNAL);
|
|
}
|
|
- RsaAdjustPrimeCandidate(prime);
|
|
+ RsaAdjustPrimeCandidate(prime, DRBG_GetSeedCompatLevel(rand));
|
|
// libtpms changed end
|
|
found = RsaCheckPrime(prime, exponent, rand) == TPM_RC_SUCCESS;
|
|
}
|
|
--
|
|
2.21.0.windows.1
|
|
|