@@ -4,31 +4,35 @@ use crate::error::Error;
44use crate :: error:: Result ;
55use crate :: WrapperErrorKind ;
66use crate :: {
7- abstraction:: public:: AssociatedTpmCurve ,
87 interface_types:: algorithm:: HashingAlgorithm ,
9- structures:: {
10- Attest , AttestInfo , DigestList , EccSignature , PcrSelectionList , Public , QuoteInfo ,
11- Signature ,
12- } ,
8+ structures:: { Attest , AttestInfo , DigestList , PcrSelectionList , Public , QuoteInfo , Signature } ,
139 traits:: Marshall ,
1410} ;
1511use digest:: { Digest , DynDigest } ;
1612
13+ #[ cfg( any( feature = "p224" , feature = "p256" , feature = "p384" ) ) ]
14+ use crate :: { abstraction:: public:: AssociatedTpmCurve , structures:: EccSignature } ;
15+ #[ cfg( any( feature = "p224" , feature = "p256" , feature = "p384" ) ) ]
1716use ecdsa:: {
1817 hazmat:: { DigestPrimitive , VerifyPrimitive } ,
1918 PrimeCurve , SignatureSize , VerifyingKey ,
2019} ;
20+ #[ cfg( any( feature = "p224" , feature = "p256" , feature = "p384" ) ) ]
2121use elliptic_curve:: {
2222 generic_array:: ArrayLength ,
2323 point:: AffinePoint ,
2424 sec1:: { FromEncodedPoint , ModulusSize , ToEncodedPoint } ,
2525 CurveArithmetic , FieldBytesSize ,
2626} ;
27- use signature:: { hazmat:: PrehashVerifier , Verifier } ;
27+ #[ cfg( any( feature = "p224" , feature = "p256" , feature = "p384" ) ) ]
28+ use signature:: hazmat:: PrehashVerifier ;
2829
2930#[ cfg( feature = "rsa" ) ]
3031use rsa:: { pkcs1v15, pss, RsaPublicKey } ;
32+ #[ cfg( feature = "rsa" ) ]
33+ use signature:: Verifier ;
3134
35+ #[ cfg( any( feature = "p224" , feature = "p256" , feature = "p384" ) ) ]
3236fn verify_ecdsa < C > (
3337 public : & Public ,
3438 message : & [ u8 ] ,
@@ -306,9 +310,10 @@ pub fn checkquote(
306310
307311 let bytes = attest. marshall ( ) ?;
308312
309- let mut hash_alg = None ;
310- match ( public , signature ) {
313+ let hash_alg = match ( public , signature ) {
314+ # [ cfg ( any ( feature = "p224" , feature = "p256" , feature = "p384" ) ) ]
311315 ( Public :: Ecc { parameters, .. } , _) => {
316+ let mut hash_alg = None ;
312317 macro_rules! impl_check_ecdsa {
313318 ( $curve: ty) => {
314319 if parameters. ecc_curve( ) == <$curve>:: TPM_CURVE {
@@ -319,7 +324,6 @@ pub fn checkquote(
319324 {
320325 return Ok ( false ) ;
321326 }
322-
323327 hash_alg = Some ( sig. hashing_algorithm( ) ) ;
324328 }
325329 } ;
@@ -330,6 +334,12 @@ pub fn checkquote(
330334 impl_check_ecdsa ! ( p256:: NistP256 ) ;
331335 #[ cfg( feature = "p384" ) ]
332336 impl_check_ecdsa ! ( p384:: NistP384 ) ;
337+
338+ if let Some ( h) = hash_alg {
339+ h
340+ } else {
341+ return Err ( Error :: WrapperError ( WrapperErrorKind :: InvalidParam ) ) ;
342+ }
333343 }
334344 #[ cfg( feature = "rsa" ) ]
335345 ( Public :: Rsa { .. } , sig @ Signature :: RsaSsa ( pkcs_sig) ) => {
@@ -340,7 +350,7 @@ pub fn checkquote(
340350 if !verify_rsa_pkcs1v15 ( public, & bytes, & sig, pkcs_sig. hashing_algorithm ( ) ) ? {
341351 return Ok ( false ) ;
342352 }
343- hash_alg = Some ( pkcs_sig. hashing_algorithm ( ) ) ;
353+ pkcs_sig. hashing_algorithm ( )
344354 }
345355 #[ cfg( feature = "rsa" ) ]
346356 ( Public :: Rsa { .. } , sig @ Signature :: RsaPss ( pkcs_sig) ) => {
@@ -351,16 +361,13 @@ pub fn checkquote(
351361 if !verify_rsa_pss ( public, & bytes, & sig, pkcs_sig. hashing_algorithm ( ) ) ? {
352362 return Ok ( false ) ;
353363 }
354- hash_alg = Some ( pkcs_sig. hashing_algorithm ( ) ) ;
364+ pkcs_sig. hashing_algorithm ( )
355365 }
356366 _ => {
357367 return Err ( Error :: WrapperError ( WrapperErrorKind :: UnsupportedParam ) ) ;
358368 }
359369 } ;
360370
361- let Some ( hash_alg) = hash_alg else {
362- return Ok ( false ) ;
363- } ;
364371 if qualifying_data != attest. extra_data ( ) . as_bytes ( ) {
365372 return Ok ( false ) ;
366373 }
0 commit comments