Skip to content

Commit

Permalink
Merge pull request #317 from dgarske/ecc_sign
Browse files Browse the repository at this point in the history 
Fix ECC sign missing hash algorithm
  • Loading branch information
@embhorn
embhorn authored Dec 8, 2023
2 parents 88bff51 + c2d6022 commit 17fcfb6
Showing 1 changed file with 11 additions and 1 deletion.
12 changes: 11 additions & 1 deletion src/tpm2_wrap.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3510,11 +3510,21 @@ int wolfTPM2_SignHash(WOLFTPM2_DEV* dev, WOLFTPM2_KEY* key,
}

if (key->pub.publicArea.type == TPM_ALG_ECC) {
/* Keys that are created with sign and decrypt require scheme to be NULL,
* but we must supply ECDSA and Hash Algorithm for signing */
sigAlg = key->pub.publicArea.parameters.eccDetail.scheme.scheme;
hashAlg = key->pub.publicArea.parameters.eccDetail.scheme.details.any.hashAlg;
if (sigAlg == TPM_ALG_NULL) {
if (sigAlg == 0 || sigAlg == TPM_ALG_NULL) {
sigAlg = TPM_ALG_ECDSA;
}
if (hashAlg == 0 || hashAlg == TPM_ALG_NULL) {
if (digestSz == 64)
hashAlg = TPM_ALG_SHA512;
else if (digestSz == 48)
hashAlg = TPM_ALG_SHA384;
else if (digestSz == 32)
hashAlg = TPM_ALG_SHA256;
}
}
else if (key->pub.publicArea.type == TPM_ALG_RSA) {
sigAlg = key->pub.publicArea.parameters.rsaDetail.scheme.scheme;
Expand Down

0 comments on commit 17fcfb6

Please sign in to comment.