tpm2: Do not use RSA exponent special-case default value in PEM->TPM2B_PUBLIC conversion

The openssl default value for an RSA key exponent value is 0x10001, and the TPM
specification defines a exponent value of 0 as representing this value. The
systemd code that converted an RSA PEM public key to a TPM2B_PUBLIC object
previously used the exponent value directly, but commit
e3acb4d24c68291376b11bea5787112978e2775f changed the conversion to use the
special case exponent value of 0 for any RSA key with an exponent value of
0x10001.

Because the entire TPM2B_PUBLIC object is used to calculate its "name", this
difference in exponent value (0x10001 vs 0) introduced a change in the key
"name". Since the Authorize policy uses the key "name" directly in its policy
session hash value, this change resulted in new systemd code being unable to
properly unseal any data (e.g. a LUKS volume) that was previously sealed.

This reverts the code to no longer override an RSA exponent value of 0x10001
with the special case value of 0.

Fixes a bug introduced by commit e3acb4d24c68291376b11bea5787112978e2775f.

Fixes: #30546

1 files changed, 1 insertions, 1 deletions

diff --git a/src/test/test-tpm2.c b/src/test/test-tpm2.c
index eeaf0b7b88..c318ef33b3 100644
--- a/src/test/test-tpm2.c
+++ b/src/test/test-tpm2.c
@@ -846,7 +846,7 @@ TEST(tpm2b_public_from_openssl_pkey) {
 
         assert_se(p->parameters.rsaDetail.keyBits == expected_n_len * 8);
 
-        assert_se(p->parameters.rsaDetail.exponent == 0);
+        assert_se(p->parameters.rsaDetail.exponent == 0x10001);
 
         check_tpm2b_public_fingerprint(&public, "d9186d13a7fd5b3644cee05448f49ad3574e82a2942ff93cf89598d36cca78a9");
 }