Skip to content

Commit

Permalink
Merge pull request #4 from smallstep/mariano/pss
Browse files Browse the repository at this point in the history 
Fix RSAPSS salt length check
  • Loading branch information
@maraino
maraino authored Jan 9, 2024
2 parents cf579e5 + ab3a4e6 commit 413678f
Showing 1 changed file with 2 additions and 2 deletions.
4 changes: 2 additions & 2 deletions attest/wrapped_tpm20.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -606,8 +606,8 @@ func signRSA(rw io.ReadWriter, key tpmutil.Handle, digest []byte, opts crypto.Si
}

if pss, ok := opts.(*rsa.PSSOptions); ok {
if pss.SaltLength != rsa.PSSSaltLengthAuto && pss.SaltLength != len(digest) {
return nil, fmt.Errorf("PSS salt length %d is incorrect, expected rsa.PSSSaltLengthAuto or %d", pss.SaltLength, len(digest))
if pss.SaltLength != rsa.PSSSaltLengthAuto && pss.SaltLength != rsa.PSSSaltLengthEqualsHash && pss.SaltLength != len(digest) {
return nil, fmt.Errorf("PSS salt length %d is incorrect, expected rsa.PSSSaltLengthAuto, rsa.PSSSaltLengthEqualsHash or %d", pss.SaltLength, len(digest))
}
scheme.Alg = tpm2.AlgRSAPSS
}
Expand Down

0 comments on commit 413678f

Please sign in to comment.