in src/crypto/tpm.rs [147:183]
fn sign(&self, data: &[u8]) -> Result<Vec<u8>, CoseError> {
let scheme = TPMT_SIG_SCHEME {
scheme: tpm_constants::tss::TPM2_ALG_NULL,
details: Default::default(),
};
let validation = TPMT_TK_HASHCHECK {
tag: tpm_constants::tss::TPM2_ST_HASHCHECK,
hierarchy: tpm_constants::tss::TPM2_RH_NULL,
digest: Default::default(),
};
let data = data
.try_into()
.map_err(|_| CoseError::UnsupportedError("Tried to sign invalid data".to_string()))?;
let signature = {
let mut context = self.context.borrow_mut();
context
.sign(
self.key_handle,
&data,
scheme,
validation.try_into().expect("Unable to convert validation"),
)
.map_err(CoseError::TpmError)?
};
match &signature.signature {
SignatureData::EcdsaSignature { r, s } => {
Ok(super::merge_ec_signature(r, s, self.key_length))
}
_ => Err(CoseError::UnsupportedError(
"Unsupported signature data returned".to_string(),
)),
}
}