Skip to content

Commit a54e004

Browse files
yawangwangyawangwang
committed
Remove P224 support and upgrade deprecated methods
1 parent b8bf8f0 commit a54e004

File tree

2 files changed

+29
-9
lines changed

2 files changed

+29
-9
lines changed

server/import.go

Lines changed: 29 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -5,13 +5,14 @@ import (
55
"crypto"
66
"crypto/aes"
77
"crypto/cipher"
8-
"crypto/elliptic"
8+
"crypto/ecdsa"
99
"crypto/hmac"
1010
"crypto/rand"
1111
"crypto/rsa"
1212
"fmt"
1313
"hash"
1414
"io"
15+
"math/big"
1516

1617
"github.com/google/go-tpm/legacy/tpm2"
1718
"github.com/google/go-tpm/tpmutil"
@@ -131,25 +132,45 @@ func createECCSeed(ek tpm2.Public) (seed, encryptedSeed []byte, err error) {
131132
if err != nil {
132133
return nil, nil, err
133134
}
134-
priv, x, y, err := elliptic.GenerateKey(curve, rand.Reader)
135+
136+
ecdsaPriv, err := ecdsa.GenerateKey(curve, rand.Reader)
137+
if err != nil {
138+
return nil, nil, err
139+
}
140+
141+
ecdhPriv, err := ecdsaPriv.ECDH()
142+
if err != nil {
143+
return nil, nil, err
144+
}
145+
146+
pub, err := ek.Key()
135147
if err != nil {
136148
return nil, nil, err
137149
}
138-
ekPoint := ek.ECCParameters.Point
139-
z, _ := curve.ScalarMult(ekPoint.X(), ekPoint.Y(), priv)
140-
xBytes := eccIntToBytes(curve, x)
150+
151+
ekPub, err := pub.(*ecdsa.PublicKey).ECDH()
152+
if err != nil {
153+
return nil, nil, err
154+
}
155+
156+
zBytes, err := ecdhPriv.ECDH(ekPub)
157+
if err != nil {
158+
return nil, nil, err
159+
}
160+
161+
xBytes := eccIntToBytes(curve, ecdsaPriv.X)
141162

142163
seed, err = tpm2.KDFe(
143164
ek.NameAlg,
144-
eccIntToBytes(curve, z),
165+
eccIntToBytes(curve, new(big.Int).SetBytes(zBytes)),
145166
"DUPLICATE",
146167
xBytes,
147-
eccIntToBytes(curve, ekPoint.X()),
168+
eccIntToBytes(curve, ek.ECCParameters.Point.X()),
148169
getHash(ek.NameAlg).Size()*8)
149170
if err != nil {
150171
return nil, nil, err
151172
}
152-
encryptedSeed, err = tpmutil.Pack(tpmutil.U16Bytes(xBytes), tpmutil.U16Bytes(eccIntToBytes(curve, y)))
173+
encryptedSeed, err = tpmutil.Pack(tpmutil.U16Bytes(xBytes), tpmutil.U16Bytes(eccIntToBytes(curve, ecdsaPriv.Y)))
153174
return seed, encryptedSeed, err
154175
}
155176

server/import_test.go

Lines changed: 0 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -25,7 +25,6 @@ func TestImport(t *testing.T) {
2525
{"ECC", client.DefaultEKTemplateECC()},
2626
{"SRK-RSA", client.SRKTemplateRSA()},
2727
{"SRK-ECC", client.SRKTemplateECC()},
28-
{"ECC-P224", getECCTemplate(tpm2.CurveNISTP224)},
2928
{"ECC-P256", getECCTemplate(tpm2.CurveNISTP256)},
3029
{"ECC-P384", getECCTemplate(tpm2.CurveNISTP384)},
3130
{"ECC-P521", getECCTemplate(tpm2.CurveNISTP521)},

0 commit comments

Comments
 (0)