Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

add example manual verification of quote signature with ecc #379

Merged
merged 4 commits into from
Sep 23, 2024
Merged

add example manual verification of quote signature with ecc #379

merged 4 commits into from
Sep 23, 2024

Conversation

JacobBarthelmeh
Copy link
Contributor

@JacobBarthelmeh JacobBarthelmeh commented Sep 13, 2024
edited by dgarske
Loading

./examples/pcr/quote -ecc

@JacobBarthelmeh JacobBarthelmeh self-assigned this Sep 13, 2024
@dgarske dgarske self-requested a review September 13, 2024 21:02
dgarske
dgarske requested changes Sep 17, 2024
View reviewed changes
Copy link
Contributor

@dgarske dgarske left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Is it possible you could add support for this with RSA also?

dgarske
dgarske requested changes Sep 17, 2024
View reviewed changes
examples/pcr/quote.c Outdated
goto exit;
}

pubKey = (byte*)malloc(pubKeySz);
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Please use XMALLOC/XFREE for portability. They exist unless WOLFTPM2_NO_HEAP is used.

examples/pcr/quote.c Outdated
@@ -229,6 +266,60 @@ int TPM2_PCR_Quote_Test(void* userCtx, int argc, char *argv[])
cmdOut.quoteResult.signature.signature.rsassa.sig.size);
#endif

#ifdef HAVE_ECC
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Consider also gating on WOLFTPM2_NO_HEAP and WOLFSSL_PUBLIC_MP

examples/pcr/quote.c
mp_free(&r);
mp_free(&s);
wc_ecc_free(&ecKey);
printf("%s [rc = %d, result = %d]\n", (res == 1)? "SUCCESS": "FAILURE",
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Mine consistently shows: Attempting to manually verify the quotes signature :FAILURE [rc = 0, result = 0]. Any special steps?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Possibly different for swtpm used? Try with ms-tpm-20-ref. I made a commit now updating the docs/SWTPM.md with steps for a test done.

@dgarske dgarske assigned JacobBarthelmeh and unassigned dgarske Sep 17, 2024
@JacobBarthelmeh
Copy link
Contributor Author

Yup, can add in RSA. Would like to follow up with it though in a separate PR, keeping this one with as few code changes as can for the use.

@dgarske
Fix macros to match. Resolves error: unused variable 'pubKeySz' and…
034306a 
… `examples/pcr/quote.c:336:9: error: use of undeclared identifier 'pubKey'`.
dgarske
dgarske approved these changes Sep 21, 2024
View reviewed changes
Copy link
Contributor

@dgarske dgarske left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Works for me now! Thank you

@dgarske dgarske merged commit 5e87595 into wolfSSL:master Sep 23, 2024
3 checks passed
@dgarske dgarske mentioned this pull request Nov 5, 2024
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@dgarske dgarske dgarske approved these changes

Assignees

@dgarske dgarske

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@JacobBarthelmeh @dgarske