in src/crypto/tpm.rs [39:92]
fn public_to_parameters(
public: TPMT_PUBLIC,
) -> Result<((SignatureAlgorithm, MessageDigest), HashingAlgorithm, usize), CoseError> {
match public.type_ {
tpm_constants::tss::TPM2_ALG_ECDSA => {}
tpm_constants::tss::TPM2_ALG_ECC => {}
type_ => {
return Err(CoseError::UnsupportedError(format!(
"Key algorithm {} is not supported, only ECDSA is currently supported",
type_
)))
}
}
// This is safe to do, because we checked the type above
let params = unsafe { public.parameters.eccDetail };
let (param_sig_alg, key_length) = match params.curveID {
tpm_constants::tss::TPM2_ECC_NIST_P256 => (SignatureAlgorithm::ES256, 32),
tpm_constants::tss::TPM2_ECC_NIST_P384 => (SignatureAlgorithm::ES384, 48),
tpm_constants::tss::TPM2_ECC_NIST_P521 => (SignatureAlgorithm::ES512, 66),
curve_id => {
return Err(CoseError::UnsupportedError(format!(
"Key curve {} is not supported",
curve_id
)))
}
};
match params.scheme.scheme {
tpm_constants::tss::TPM2_ALG_ECDSA => {}
scheme => {
return Err(CoseError::UnsupportedError(format!(
"Key scheme {} is not supported",
scheme
)))
}
}
let scheme = unsafe { params.scheme.details.ecdsa };
let param_hash_alg = match scheme.hashAlg {
tpm_constants::tss::TPM2_ALG_SHA256 => MessageDigest::sha256(),
tpm_constants::tss::TPM2_ALG_SHA384 => MessageDigest::sha384(),
tpm_constants::tss::TPM2_ALG_SHA512 => MessageDigest::sha512(),
hash_alg => {
return Err(CoseError::UnsupportedError(format!(
"Key hash alg {} is not supported",
hash_alg
)))
}
};
let hash_alg = scheme.hashAlg.try_into().map_err(|_| {
CoseError::UnsupportedError("Unsupported hashing algorithm".to_string())
})?;
Ok(((param_sig_alg, param_hash_alg), hash_alg, key_length))
}