@@ -20,16 +20,16 @@ package api
2020import (
2121 "crypto"
2222 "crypto/rsa"
23- "errors"
2423 "fmt"
2524 "strings"
2625
2726 ar "github.com/Fraunhofer-AISEC/cmc/attestationreport"
27+ "github.com/Fraunhofer-AISEC/cmc/internal"
2828)
2929
3030// The version of the API
3131const (
32- apiVersion = "1.2.1 "
32+ apiVersion = "1.3.0 "
3333)
3434
3535func GetVersion () string {
@@ -88,10 +88,10 @@ type VerificationResponse struct {
8888}
8989
9090type TLSSignRequest struct {
91- Version string `json:"version" cbor:"0,keyasint"`
92- Content []byte `json:"content" cbor:"1,keyasint"`
93- Hashtype HashFunction `json:"hashType " cbor:"2,keyasint"`
94- PssOpts * PSSOptions `json:"pssOpts" cbor:"3,keyasint"`
91+ Version string `json:"version" cbor:"0,keyasint"`
92+ Content []byte `json:"content" cbor:"1,keyasint"`
93+ HashAlg string `json:"hashAlg " cbor:"2,keyasint" jsonschema:"enum=SHA-256,enum=SHA-384,enum=SHA-512 "`
94+ PssOpts * PSSOptions `json:"pssOpts,omitempty " cbor:"3,keyasint,omitempty "`
9595}
9696
9797type TLSSignResponse struct {
@@ -160,30 +160,6 @@ type PSSOptions struct {
160160 SaltLength int32
161161}
162162
163- type HashFunction int32
164-
165- const (
166- HashFunction_SHA1 HashFunction = 0
167- HashFunction_SHA224 HashFunction = 1
168- HashFunction_SHA256 HashFunction = 2
169- HashFunction_SHA384 HashFunction = 3
170- HashFunction_SHA512 HashFunction = 4
171- HashFunction_MD4 HashFunction = 5
172- HashFunction_MD5 HashFunction = 6
173- HashFunction_MD5SHA1 HashFunction = 7
174- HashFunction_RIPEMD160 HashFunction = 8
175- HashFunction_SHA3_224 HashFunction = 9
176- HashFunction_SHA3_256 HashFunction = 10
177- HashFunction_SHA3_384 HashFunction = 11
178- HashFunction_SHA3_512 HashFunction = 12
179- HashFunction_SHA512_224 HashFunction = 13
180- HashFunction_SHA512_256 HashFunction = 14
181- HashFunction_BLAKE2s_256 HashFunction = 15
182- HashFunction_BLAKE2b_256 HashFunction = 16
183- HashFunction_BLAKE2b_384 HashFunction = 17
184- HashFunction_BLAKE2b_512 HashFunction = 18
185- )
186-
187163func TypeToString (t uint32 ) string {
188164 switch t {
189165 case TypeError :
@@ -209,80 +185,30 @@ func TypeToString(t uint32) string {
209185 }
210186}
211187
212- // Converts Protobuf hashtype to crypto.SignerOpts
213- func HashToSignerOpts (hashtype HashFunction , pssOpts * PSSOptions ) (crypto.SignerOpts , error ) {
214- var hash crypto.Hash
215- var len int
216- switch hashtype {
217- case HashFunction_SHA256 :
218- hash = crypto .SHA256
219- len = 32
220- case HashFunction_SHA384 :
221- hash = crypto .SHA384
222- len = 48
223- case HashFunction_SHA512 :
224- len = 64
225- hash = crypto .SHA512
226- default :
227- return crypto .SHA512 , fmt .Errorf ("hash function not implemented: %v" , hashtype )
188+ // StringToSignerOpts converts hash strings as defined in https://pkg.go.dev/crypto#Hash.String
189+ // to SignerOpts
190+ // Converts hash strings as defined in https://pkg.go.dev/crypto#Hash.String to SignerOpts
191+ func StringToSignerOpts (s string , pssOpts * PSSOptions ) (crypto.SignerOpts , error ) {
192+ hash , err := internal .HashFromString (s )
193+ if err != nil {
194+ return nil , err
228195 }
196+ return HashToSignerOpts (hash , pssOpts )
197+ }
198+
199+ // HashToSignerOpts converts hashes to crypto.SignerOpts
200+ func HashToSignerOpts (hash crypto.Hash , pssOpts * PSSOptions ) (crypto.SignerOpts , error ) {
229201 if pssOpts != nil {
230202 saltlen := int (pssOpts .SaltLength )
231203 // go-attestation / go-tpm does not allow -1 as definition for length of hash
232204 if saltlen < 0 {
233- saltlen = len
205+ saltlen = hash . Size ()
234206 }
235207 return & rsa.PSSOptions {SaltLength : saltlen , Hash : hash }, nil
236208 }
237209 return hash , nil
238210}
239211
240- // Converts Hash Types from crypto.SignerOpts to the types specified in the CMC interface
241- func SignerOptsToHash (opts crypto.SignerOpts ) (HashFunction , error ) {
242- switch opts .HashFunc () {
243- case crypto .MD4 :
244- return HashFunction_MD4 , nil
245- case crypto .MD5 :
246- return HashFunction_MD5 , nil
247- case crypto .SHA1 :
248- return HashFunction_SHA1 , nil
249- case crypto .SHA224 :
250- return HashFunction_SHA224 , nil
251- case crypto .SHA256 :
252- return HashFunction_SHA256 , nil
253- case crypto .SHA384 :
254- return HashFunction_SHA384 , nil
255- case crypto .SHA512 :
256- return HashFunction_SHA512 , nil
257- case crypto .MD5SHA1 :
258- return HashFunction_MD5SHA1 , nil
259- case crypto .RIPEMD160 :
260- return HashFunction_RIPEMD160 , nil
261- case crypto .SHA3_224 :
262- return HashFunction_SHA3_224 , nil
263- case crypto .SHA3_256 :
264- return HashFunction_SHA3_256 , nil
265- case crypto .SHA3_384 :
266- return HashFunction_SHA3_384 , nil
267- case crypto .SHA3_512 :
268- return HashFunction_SHA3_512 , nil
269- case crypto .SHA512_224 :
270- return HashFunction_SHA512_224 , nil
271- case crypto .SHA512_256 :
272- return HashFunction_SHA512_256 , nil
273- case crypto .BLAKE2s_256 :
274- return HashFunction_BLAKE2s_256 , nil
275- case crypto .BLAKE2b_256 :
276- return HashFunction_BLAKE2b_256 , nil
277- case crypto .BLAKE2b_384 :
278- return HashFunction_BLAKE2b_384 , nil
279- case crypto .BLAKE2b_512 :
280- return HashFunction_BLAKE2b_512 , nil
281- default :
282- }
283- return HashFunction_SHA512 , errors .New ("could not determine correct Hash function" )
284- }
285-
286212func (req * AttestationRequest ) CheckVersion () error {
287213 if req == nil {
288214 return fmt .Errorf ("internal error: AttestationRequest is nil" )
0 commit comments