I have an issue with using tss engine when server is configure to be tls1.2 for both min max value.
Look like during SSL negotiation it is trying to use the Signature Algorithm that client's tpm key doesn't support and failed with
WARNING:esys:src/tss2-esys/api/Esys_Sign.c:311:Esys_Sign_Finish() Received TPM Error
ERROR:esys:src/tss2-esys/api/Esys_Sign.c:105:Esys_Sign() Esys Finish ErrorCode (0x000002d2)
If we set -sigalgs to be ECDSA+SHA384 only then it works fine.
Expected behaviors:
It should only negotiate the Signature Algorithm that client's tpm key support.
Hi,
I have an issue with using tss engine when server is configure to be tls1.2 for both min max value. Look like during SSL negotiation it is trying to use the Signature Algorithm that client's tpm key doesn't support and failed with WARNING:esys:src/tss2-esys/api/Esys_Sign.c:311:Esys_Sign_Finish() Received TPM Error ERROR:esys:src/tss2-esys/api/Esys_Sign.c:105:Esys_Sign() Esys Finish ErrorCode (0x000002d2) If we set -sigalgs to be ECDSA+SHA384 only then it works fine.
Expected behaviors: It should only negotiate the Signature Algorithm that client's tpm key support.
openssl s_client log:
Full tss engine debug log: