Fix decodeCertify
always returning a truncated signature in case of ECDSA
signature.
#192
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR is a follow up to the issue #191.
The bug is mainly due to the fact that the old code called
tpmutil.UnpackBuf
on only one element that issignature
.It worked for
RSA
signatures as their corresponding structureTPMS_SIGNATURE_RSASSA
contains only 1 fieldTPM2B_PUBLIC_KEY_RSA
, in addition toTPMI_ALG_HASH
field.However, it failed for
ECDSA
signatures because their corresponding structure isTPMS_SIGNATURE_ECDSA
,which contains 2 fields R and S - instead of just 1 - which are both
TPM2B_ECC_PARAMETER
, in addition toTPMI_ALG_HASH
field.All this information can be found here.
Therefore, the bug can be fixed by calling
tpmutil.UnpackBuf
on 2 elements, that is R followed by S, in the case ofECDSA
signature, which results in retrieving the whole signature.Signed-off-by: El Mostafa IDRASSI mostafa.idrassi@tutanota.com