Fix wrong ECDSA algorithm-identifier #150

smhmeier · 2025-10-15T14:27:56Z

RFC 5758 specifies in section 3.2 ECDSA Signature Algorithm the following:

When the ecdsa-with-SHA224, ecdsa-with-SHA256, ecdsa-with-SHA384, or
ecdsa-with-SHA512 algorithm identifier appears in the algorithm field
as an AlgorithmIdentifier, the encoding MUST omit the parameters
field.

Using V_ASN1_NULL adds the NULL parameter 30 0C 06 08 2A 86 48 CE 3D 04 03 02 05 00
Decoded:

SEQUENCE (2 elem)
     OBJECT IDENTIFIER 1.2.840.10045.4.3.2 ecdsaWithSHA256 (ANSI X9.62 ECDSA algorithm with SHA256)
    [0] [?] NULL

Using V_ASN1_UNDEF creates the desired ASN1 structure 30 0A 06 08 2A 86 48 CE 3D 04 03 02:

SEQUENCE (1 elem)
    OBJECT IDENTIFIER 1.2.840.10045.4.3.2 ecdsaWithSHA256 (ANSI X9.62 ECDSA algorithm with SHA256)

Omit parameter field for AlgorithmIdentifiers for ECDSA signatures. Fixes tpm2-software#150

smhmeier force-pushed the ecdsa-algorithm-identifier branch from cc4ff08 to 1f1640f Compare October 15, 2025 15:03

ecc: Fix wrong ECDSA algorithm-identifier

a556c85

Omit parameter field for AlgorithmIdentifiers for ECDSA signatures. Fixes tpm2-software#150

smhmeier force-pushed the ecdsa-algorithm-identifier branch from 1f1640f to a556c85 Compare October 16, 2025 07:46

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Fix wrong ECDSA algorithm-identifier #150

Fix wrong ECDSA algorithm-identifier #150

Uh oh!

smhmeier commented Oct 15, 2025

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant

Fix wrong ECDSA algorithm-identifier #150

Are you sure you want to change the base?

Fix wrong ECDSA algorithm-identifier #150

Uh oh!

Conversation

smhmeier commented Oct 15, 2025

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant