Fix signature computation for algorithms ES384 and ES512.

Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
2023-08-16 12:39:53 +02:00
parent 8ffd1bfe38
commit ce040a79f5
2 changed files with 23 additions and 8 deletions
--- a/src/fido/cbor_get_assertion.c
+++ b/src/fido/cbor_get_assertion.c
@@ -574,16 +574,23 @@ int cbor_get_assertion(const uint8_t *data, size_t len, bool next) {
    }

    memcpy(pa, clientDataHash.data, clientDataHash.len);
-    uint8_t hash[32], sig[MBEDTLS_ECDSA_MAX_LEN];
-    ret = mbedtls_md(mbedtls_md_info_from_type(MBEDTLS_MD_SHA256),
+    uint8_t hash[64], sig[MBEDTLS_ECDSA_MAX_LEN];
+    const mbedtls_md_info_t *md = mbedtls_md_info_from_type(MBEDTLS_MD_SHA256);
+    if (ekey.grp.id == MBEDTLS_ECP_DP_SECP384R1) {
+        md = mbedtls_md_info_from_type(MBEDTLS_MD_SHA384);
+    }
+    else if (ekey.grp.id == MBEDTLS_ECP_DP_SECP521R1) {
+        md = mbedtls_md_info_from_type(MBEDTLS_MD_SHA512);
+    }
+    ret = mbedtls_md(md,
                     aut_data,
                     aut_data_len + clientDataHash.len,
                     hash);
    size_t olen = 0;
    ret = mbedtls_ecdsa_write_signature(&ekey,
-                                        MBEDTLS_MD_SHA256,
+                                        mbedtls_md_get_type(md),
                                        hash,
-                                        32,
+                                        mbedtls_md_get_size(md),
                                        sig,
                                        sizeof(sig),
                                        &olen,