Skip to content

Commit

Permalink
don't drop leading zeroes when performing generic ecdsa signing (goog…
Browse files Browse the repository at this point in the history 
…le#357)

call ret.FillBytes() instead of ret.Bytes() to preserve leading zeroes that may have been dropped when converting the digest to an integer
  • Loading branch information
@mwielgoszewski @hslatman
mwielgoszewski authored and hslatman committed Oct 10, 2024
1 parent 3b625a2 commit 1932e2b
Showing 1 changed file with 3 additions and 1 deletion.
4 changes: 3 additions & 1 deletion attest/wrapped_tpm20.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -613,7 +613,9 @@ func signECDSA(rw io.ReadWriter, key tpmutil.Handle, digest []byte, curve ellipt
if excess > 0 {
ret.Rsh(ret, uint(excess))
}
digest = ret.Bytes()
// call ret.FillBytes() here instead of ret.Bytes() to preserve leading zeroes
// that may have been dropped when converting the digest to an integer
digest = ret.FillBytes(digest)

sig, err := tpm2.Sign(rw, key, "", digest, nil, scheme)
if err != nil {
Expand Down

0 comments on commit 1932e2b

Please sign in to comment.