Fix TPMS_ECC_POINT parsing for TPM attestation

aseigler · aseigler · commit b6f76420ba74 · 2022-08-05T17:09:47.000-04:00
diff --git a/.gitignore b/.gitignore
@@ -332,3 +332,4 @@ ASALocalRun/
 /Test/coverage.netcoreapp3.1.cobertura.xml
 
 .DS_Store
+/testEnvironments.json
diff --git a/Src/Fido2/AttestationFormat/Tpm.cs b/Src/Fido2/AttestationFormat/Tpm.cs
@@ -611,6 +611,8 @@ public PubArea(byte[] pubArea)
                         Exponent = Convert.ToUInt32(Math.Pow(2, 16) + 1);
                     }
                 }
+                // TPM2B_PUBLIC_KEY_RSA
+                Unique = AuthDataHelper.GetSizedByteArray(pubArea, ref offset);
             }
 
             // TPMI_ECC_CURVE
@@ -625,10 +627,15 @@ public PubArea(byte[] pubArea)
             {
                 CurveID = AuthDataHelper.GetSizedByteArray(pubArea, ref offset, 2);
                 KDF = AuthDataHelper.GetSizedByteArray(pubArea, ref offset, 2);
-            }
 
-            // TPMU_PUBLIC_ID
-            Unique = AuthDataHelper.GetSizedByteArray(pubArea, ref offset);
+                // TPMS_ECC_POINT
+                ECPoint = new()
+                {
+                    X = AuthDataHelper.GetSizedByteArray(pubArea, ref offset),
+                    Y = AuthDataHelper.GetSizedByteArray(pubArea, ref offset),
+                };
+                Unique = DataHelper.Concat(ECPoint.X, ECPoint.Y);
+            }
 
             if (pubArea.Length != offset)
                 throw new Fido2VerificationException("Leftover bytes decoding pubArea");
@@ -645,21 +652,8 @@ public PubArea(byte[] pubArea)
         public uint Exponent { get; private set; }
         public byte[]? CurveID { get; private set; }
         public byte[]? KDF { get; private set; }
-        public byte[] Unique { get; private set; }
+        public byte[]? Unique { get; private set; }
         public TpmEccCurve EccCurve => (TpmEccCurve)Enum.ToObject(typeof(TpmEccCurve), BinaryPrimitives.ReadUInt16BigEndian(CurveID));
-
-        public ECPoint ECPoint
-        {
-            get
-            {
-                var point = new ECPoint();
-                var uniqueOffset = 0;
-                var size = AuthDataHelper.GetSizedByteArray(Unique, ref uniqueOffset, 2);
-                point.X = AuthDataHelper.GetSizedByteArray(Unique, ref uniqueOffset, BinaryPrimitives.ReadUInt16BigEndian(size));
-                size = AuthDataHelper.GetSizedByteArray(Unique, ref uniqueOffset, 2);
-                point.Y = AuthDataHelper.GetSizedByteArray(Unique, ref uniqueOffset, BinaryPrimitives.ReadUInt16BigEndian(size));
-                return point;
-            }
-        }
+        public ECPoint ECPoint { get; private set; }
     }
 }
diff --git a/Test/Attestation/Tpm.cs b/Test/Attestation/Tpm.cs
@@ -5920,7 +5920,6 @@ internal static byte[] CreatePubArea(
                 raw.Write(scheme);
                 raw.Write(curveID);
                 raw.Write(kdf);
-                raw.Write(GetUInt16BigEndianBytes(unique.Length));
                 raw.Write(unique);
             }
             else

Original file line number	Diff line number	Diff line change
`@@ -332,3 +332,4 @@ ASALocalRun/`
`332`	`332`	`/Test/coverage.netcoreapp3.1.cobertura.xml`
`333`	`333`
`334`	`334`	`.DS_Store`
	`335`	`+/testEnvironments.json`
Original file line number	Diff line number	Diff line change
`@@ -5920,7 +5920,6 @@ internal static byte[] CreatePubArea(`
`5920`	`5920`	`raw.Write(scheme);`
`5921`	`5921`	`raw.Write(curveID);`
`5922`	`5922`	`raw.Write(kdf);`
`5923`		`- raw.Write(GetUInt16BigEndianBytes(unique.Length));`
`5924`	`5923`	`raw.Write(unique);`
`5925`	`5924`	`}`
`5926`	`5925`	`else`