On Tue, 2018-10-02 at 19:58 +0100, David Woodhouse wrote: > > So... that now *is* working for signing. However, while the > corresponding 'rsautl -verify' works fine with James's tpm2 engine, it > fails with tpm2tss: > > $ openssl rsautl -verify -engine tpm2tss -inkey ../openssl_tpm2_engine/tpm2-engine.tss -keyform engine -in testsig.tpm2tss > Initializing > engine "tpm2tss" set. > Loading private key ../openssl_tpm2_engine/tpm2-engine.tss > get_auth called for object user key with ui_method 0x55ced253fdc0 > Enter password for user key: > password is > Loaded key uses alg-id 1 > Creating RSA key object. > Created RSA key object. > TPM2 Key loaded > RSA operation error > 140407559393728:error:0407006A:rsa routines:RSA_padding_check_PKCS1_type_1:block type is not 01:../crypto/rsa/rsa_pk1.c:75: > 140407559393728:error:04067072:rsa routines:rsa_ossl_public_decrypt:padding check failed:../crypto/rsa/rsa_ossl.c:586: > > > So... is it the public key that I've misconverted somehow? I've resolved that one too. James explicitly sets the exponent in tpm2Data->pub.publicArea.parameters.rsaDetail.exponent to zero if it's 0x10001, with a comment saying "zero means standard exponent. Some TPM chips will reject a non standard exponent". So now I do have OpenConnect using my wrapped VPN key, with both engines (although tpm2-tss-engine stills asks me for an empty password). By setting objectAttributes when creating a key, I can make tpm2tss-genkey work again too. Full patch below, for reference. Don't heckle too hard; it exists mostly to document the current incompatibilities. I'll let the two of you come to an agreement on the correct way to resolve them, while I throw together some GnuTLS code to use the same PEM files. (Since the tpm2-tss-engine code is under a licence which lets me crib from it, and the libraries actually have pkgconfig etc., I suppose that's made this application author's implementation choice fairly much a no-brainer...) --- a/src/tpm2-tss-engine-common.h +++ b/src/tpm2-tss-engine-common.h @@ -55,8 +55,7 @@ TSS2_RC init_tpm_key(ESYS_CONTEXT **ctx, ESYS_TR *keyHandle, .objectAttributes = (TPMA_OBJECT_USERWITHAUTH | \ TPMA_OBJECT_RESTRICTED | \ TPMA_OBJECT_DECRYPT | \ - TPMA_OBJECT_FIXEDTPM | \ - TPMA_OBJECT_FIXEDPARENT | \ + TPMA_OBJECT_NODA | \ TPMA_OBJECT_SENSITIVEDATAORIGIN), \ .authPolicy = { \ .size = 0, \ --- a/src/tpm2-tss-engine-rsa.c +++ b/src/tpm2-tss-engine-rsa.c @@ -304,7 +304,7 @@ populate_rsa(RSA *rsa) { ERR(populate_rsa, ERR_R_MALLOC_FAILURE); goto error; } - BN_set_word(rsa->e, tpm2Data->pub.publicArea.parameters.rsaDetail.exponent); + BN_set_word(rsa->e, tpm2Data->pub.publicArea.parameters.rsaDetail.exponent ? : 0x10001); /* Setting private portions to 0 values so the public key can be extracted from the keyfile if this is desired. */ @@ -366,7 +366,7 @@ populate_rsa(RSA *rsa) { goto error; } - BN_set_word(e, tpm2Data->pub.publicArea.parameters.rsaDetail.exponent); + BN_set_word(e, tpm2Data->pub.publicArea.parameters.rsaDetail.exponent ? : 0x10001); BN_set_word(d, 0); BN_set_word(p, 0); BN_set_word(q, 0); @@ -485,6 +485,8 @@ tpm2tss_rsa_genkey(RSA *rsa, int bits, BIGNUM *e, char *password) if (e) inPublic.publicArea.parameters.rsaDetail.exponent = BN_get_word(e); + inPublic.publicArea.objectAttributes = TPMA_OBJECT_SENSITIVEDATAORIGIN | TPMA_OBJECT_NODA; + if (password) { DBG("Setting a password for the created key.\n"); if (strlen(password) > sizeof(tpm2Data->userauth.buffer) - 1) {