@@ -4,31 +4,35 @@ use crate::error::Error;
44use crate :: error:: Result ;
55use crate :: WrapperErrorKind ;
66use crate :: {
7- abstraction:: public:: AssociatedTpmCurve ,
87 interface_types:: algorithm:: HashingAlgorithm ,
9- structures:: {
10- Attest , AttestInfo , DigestList , EccSignature , PcrSelectionList , Public , QuoteInfo ,
11- Signature ,
12- } ,
8+ structures:: { Attest , AttestInfo , DigestList , PcrSelectionList , Public , QuoteInfo , Signature } ,
139 traits:: Marshall ,
1410} ;
1511use digest:: { Digest , DynDigest } ;
1612
13+ #[ cfg( any( feature = "p224" , feature = "p256" , feature = "p384" ) ) ]
14+ use crate :: { abstraction:: public:: AssociatedTpmCurve , structures:: EccSignature } ;
15+ #[ cfg( any( feature = "p224" , feature = "p256" , feature = "p384" ) ) ]
1716use ecdsa:: {
1817 hazmat:: { DigestPrimitive , VerifyPrimitive } ,
1918 PrimeCurve , SignatureSize , VerifyingKey ,
2019} ;
20+ #[ cfg( any( feature = "p224" , feature = "p256" , feature = "p384" ) ) ]
2121use elliptic_curve:: {
2222 generic_array:: ArrayLength ,
2323 point:: AffinePoint ,
2424 sec1:: { FromEncodedPoint , ModulusSize , ToEncodedPoint } ,
2525 CurveArithmetic , FieldBytesSize ,
2626} ;
27- use signature:: { hazmat:: PrehashVerifier , Verifier } ;
27+ #[ cfg( any( feature = "p224" , feature = "p256" , feature = "p384" ) ) ]
28+ use signature:: hazmat:: PrehashVerifier ;
2829
2930#[ cfg( feature = "rsa" ) ]
3031use rsa:: { pkcs1v15, pss, RsaPublicKey } ;
32+ #[ cfg( feature = "rsa" ) ]
33+ use signature:: Verifier ;
3134
35+ #[ cfg( any( feature = "p224" , feature = "p256" , feature = "p384" ) ) ]
3236fn verify_ecdsa < C > (
3337 public : & Public ,
3438 message : & [ u8 ] ,
@@ -310,9 +314,10 @@ pub fn checkquote(
310314
311315 let bytes = attest. marshall ( ) ?;
312316
313- let mut hash_alg = None ;
314- match ( public , signature ) {
317+ let hash_alg = match ( public , signature ) {
318+ # [ cfg ( any ( feature = "p224" , feature = "p256" , feature = "p384" ) ) ]
315319 ( Public :: Ecc { parameters, .. } , _) => {
320+ let mut hash_alg = None ;
316321 macro_rules! impl_check_ecdsa {
317322 ( $curve: ty) => {
318323 if parameters. ecc_curve( ) == <$curve>:: TPM_CURVE {
@@ -323,12 +328,10 @@ pub fn checkquote(
323328 {
324329 return Ok ( false ) ;
325330 }
326-
327331 hash_alg = Some ( sig. hashing_algorithm( ) ) ;
328332 }
329333 } ;
330334 }
331-
332335 //#[cfg(feature = "p192")]
333336 //impl_check_ecdsa!(p192::NistP192);
334337 #[ cfg( feature = "p224" ) ]
@@ -341,6 +344,12 @@ pub fn checkquote(
341344 //impl_check_ecdsa!(p521::NistP521);
342345 //#[cfg(feature = "sm2")]
343346 //impl_check_ecdsa!(sm2::Sm2);
347+
348+ if let Some ( h) = hash_alg {
349+ h
350+ } else {
351+ return Err ( Error :: WrapperError ( WrapperErrorKind :: InvalidParam ) ) ;
352+ }
344353 }
345354 #[ cfg( feature = "rsa" ) ]
346355 ( Public :: Rsa { .. } , sig @ Signature :: RsaSsa ( pkcs_sig) ) => {
@@ -351,7 +360,7 @@ pub fn checkquote(
351360 if !verify_rsa_pkcs1v15 ( public, & bytes, & sig, pkcs_sig. hashing_algorithm ( ) ) ? {
352361 return Ok ( false ) ;
353362 }
354- hash_alg = Some ( pkcs_sig. hashing_algorithm ( ) ) ;
363+ pkcs_sig. hashing_algorithm ( )
355364 }
356365 #[ cfg( feature = "rsa" ) ]
357366 ( Public :: Rsa { .. } , sig @ Signature :: RsaPss ( pkcs_sig) ) => {
@@ -362,16 +371,13 @@ pub fn checkquote(
362371 if !verify_rsa_pss ( public, & bytes, & sig, pkcs_sig. hashing_algorithm ( ) ) ? {
363372 return Ok ( false ) ;
364373 }
365- hash_alg = Some ( pkcs_sig. hashing_algorithm ( ) ) ;
374+ pkcs_sig. hashing_algorithm ( )
366375 }
367376 _ => {
368377 return Err ( Error :: WrapperError ( WrapperErrorKind :: UnsupportedParam ) ) ;
369378 }
370379 } ;
371380
372- let Some ( hash_alg) = hash_alg else {
373- return Ok ( false ) ;
374- } ;
375381 if qualifying_data != attest. extra_data ( ) . as_bytes ( ) {
376382 return Ok ( false ) ;
377383 }
0 commit comments