libtpms

mirror of https://github.com/stefanberger/libtpms synced 2025-12-31 11:12:04 +00:00

History

Stefan Berger 2fc551ffbc tpm2: Prevent SHA1 signature generation using new flag: no-sha1-signing Prevent SHA1 signature generation like FIPS mode on the host does for RSA and all ECC (ecdsa, ecdaa, ecschnorr, sm2) signing algorithms by implementing attribute no-sha1-signing. Since CryptRSASign and CryptEccSign are called from CryptSign the check for SHA1 can be done there. The other call locations are from the algorithm test functions where the default hash is SHA512. Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>	2024-09-03 10:28:55 -04:00
..
man3	tpm2: Prevent SHA1 signature generation using new flag: no-sha1-signing	2024-09-03 10:28:55 -04:00
Makefile.am	Initial import of project	2013-10-31 15:33:22 -05:00

Stefan Berger 2fc551ffbc tpm2: Prevent SHA1 signature generation using new flag: no-sha1-signing

Prevent SHA1 signature generation like FIPS mode on the host does
for RSA and all ECC (ecdsa, ecdaa, ecschnorr, sm2) signing algorithms
by implementing attribute no-sha1-signing.
Since CryptRSASign and CryptEccSign are called from CryptSign the
check for SHA1 can be done there. The other call locations are
from the algorithm test functions where the default hash is SHA512.

Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>

2024-09-03 10:28:55 -04:00

man3

tpm2: Prevent SHA1 signature generation using new flag: no-sha1-signing

2024-09-03 10:28:55 -04:00

Makefile.am

Initial import of project

2013-10-31 15:33:22 -05:00