Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Verfiy signature on linux using .net #33

Closed
Marwen10 opened this issue Mar 13, 2019 · 2 comments
Closed

Verfiy signature on linux using .net #33

Marwen10 opened this issue Mar 13, 2019 · 2 comments

Comments

@Marwen10
Copy link

Marwen10 commented Mar 13, 2019
edited

Hello, I'm trying to validate a quote on a linux machine, and as per the documentation there is a bug for hash verification on mono that throws algorithm is not supported. By looking deeper I guess the issue comes from this function in the mono implementation of RSACryptoServiceProvider:

private string GetHashNameFromOID (string oid) 
		{
			switch (oid) {
			case "1.3.14.3.2.26":
				return "SHA1";
			case "1.2.840.113549.2.5":
				return "MD5";
			case "2.16.840.1.101.3.4.2.1":
				return "SHA256";
			case "2.16.840.1.101.3.4.2.2":
				return "SHA384";
			case "2.16.840.1.101.3.4.2.3":
				return "SHA512";
			default:
				throw new CryptographicException (oid + " is an unsupported hash algorithm for RSA signing");
			}
}

So I guess there is a mismatch from the values representing the hash algorithm passed by the Tpm2lib to this one, which causes the error. So my question is, which part of the implementation I have to change, so that the value is recognized by the mono implementation of System.Security.Cryptography

Thank you
@Marwen10
Copy link
Author

in fact changing this method in CryptoLib.cs would make things work:

#if !TSS_USE_BCRYPT
        /// <summary>
        /// Get the CAPI name for a hash algorithm.
        /// </summary>
        /// <param name="algId"></param>
        /// <returns></returns>
        internal static string GetHashName(TpmAlgId algId)
        {
            switch (algId)
            {
                case TpmAlgId.Sha1:
                    return "1.3.14.3.2.26";
                case TpmAlgId.Sha256:
                    return "2.16.840.1.101.3.4.2.1";
                case TpmAlgId.Sha384:
                    return "2.16.840.1.101.3.4.2.2";
                case TpmAlgId.Sha512:
                    return "2.16.840.1.101.3.4.2.3";
                default:
                    Globs.Throw<ArgumentException>("Unsupported hash algorithm");
                    return "1.3.14.3.2.26";
            }
        }
#endif // !TSS_USE_BCRYPT

amarochk added a commit that referenced this issue Mar 15, 2019
@amarochk
Fix for #33
0dc9aa5
@amarochk
Copy link
Contributor

Hi Marwen,

Since there is a full-fledged .Net framework for Linux (https://dotnet.microsoft.com/download), we do not really support Mono implementations now. But as your fix is compatible with the .Net Core framework, I've committed it.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@amarochk @Marwen10