[gnutls-devel] GnuTLS | Port openconnect TPM2 code (!1460)

Read-only notification of GnuTLS library development activities gnutls-devel at lists.gnutls.org
Wed Oct 20 09:39:29 CEST 2021

Daiki Ueno commented on a discussion: https://gitlab.com/gnutls/gnutls/-/merge_requests/1460#note_708755473

Further detail of these algorithms is described in the [structure document](https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-2-Structures-01.38.pdf):
> For  the  TPM_ALG_RSAPSS  signing  scheme,  the  same  hash  algorithm  is  used  for  digesting  TPM-
generated data (an attestation structure) and in the KDF used for the masking operation. The salt size is 
always the largest salt value that will fit into the available space.

This means that the algorithm cannot be used for TLS 1.3, where the salt size equals to the hash digest size.

Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1460#note_708755473
You're receiving this email because of your account on gitlab.com.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20211020/c624e792/attachment.html>

More information about the Gnutls-devel mailing list