search

xaptum / ecdaa

A C implementation of elliptic-curve-based Direct Anonymous Attestation (DAA) signatures. Created to support the Xaptum Edge Network Fabric, an IoT Network Solution.
https://www.xaptum.com
Apache License 2.0
45 stars 8 forks source link

Update signing algorithm to work with TPM spec 1.38 (and 1.16 with Errata 1.5) #116

Closed zanebeckwith closed 5 years ago

zanebeckwith commented 5 years ago

More-recent TPM2.0 specifications include a change to the TPM2_Sign operation that breaks the old implementation of this library. This series updates our implementation to accord with that change.

fixes #112

zanebeckwith commented 5 years ago

Thanks.

FYI: That failed travis build appears to have been a transient issue; I can't recreate it (either on travis or locally).

The issue was an assert that failed due to the TPM returning one of the signature values with a size different from expected (since it's an assert, I don't know what the size actually was). After that assert, I copy the output from the signature value and into an AMCL curve point structure. The size to copy is constant (set by the modulus of the finite field).

It's very strange that the size wouldn't be the same constant value, and I think this must have been due to some failure in the simulator.

I think this actually isn't a problem, surprisingly, because of the static sizing of xaptum-tpm.

However, avoiding a buffer overflow is easy so I'm adding that as a separate PR.