TrueCloudLab/certificates
17
0
Fork 2
Code Issues 1 Pull requests 1 Releases Activity Actions

Simplify alg validity check

Browse source
This commit is contained in:
Herman Slatman 2023-04-03 22:32:26 +02:00
parent dfc56f21b8
commit e25acff13c
No known key found for this signature in database
GPG key ID: F4D8A44EA0A75A4F
1 changed files with 5 additions and 7 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

12
acme/challenge.go
View file

@ -621,16 +621,14 @@ func doTPMAttestationFormat(ctx context.Context, prov Provisioner, ch *Challenge
return nil, NewError(ErrorBadAttestationStatementType, "invalid alg in attestation statement")
}
var hash crypto.Hash
switch alg {
case -257: // RS256
hash = crypto.SHA256
case -7: // ES256
hash = crypto.SHA256
default:
// only RS256 and ES256 are allowed
if alg != -257 && alg != -1 {
return nil, NewError(ErrorBadAttestationStatementType, "invalid alg %d in attestation statement", alg)
}
// set the hash algorithm to use to SHA256
hash := crypto.SHA256
// recreate the generated key certification parameter values and verify
// the attested key using the public key of the AK.
certificationParameters := &attest.CertificationParameters{