question

Daniel702-8288 avatar image
0 Votes"
Daniel702-8288 asked Daniel702-8288 answered

HLK for Windows Server 2022 TPM 2.0 Platform Crypto Provider Key Storage Provider Test

PcpRsaTest::SignPSSTest in TPM 2.0 Platform Crypto Provider Key Storage Provider Test failed.

Using keySize: 1024 and hashSize: 64.
SUCCEEDED(TpmGetPssSalt(&actualSaltSize, hashName, keySize))
SUCCEEDED(hr): NCryptGetProperty - NCRYPT_PCP_PSS_SALT_SIZE_PROPERTY
*Error AreEqual(actualSaltSize, hashSize) - Values (62, 64)*

From the messages, it looks like HLK is expecting in RSA-PSS algorithm to return a salt size of 64 when key size is 1024 and hash size is 64.

From the TCG https://trustedcomputinggroup.org/wp-content/uploads/TCG_TPM2_r1p59_Part1_Architecture_pub.pdf#page=281, this case should be 62 as 62 is the largest size allowed by the key size and message digest size.
We could also refer openssl implementation https://github.com/openssl/openssl/blob/master/crypto/rsa/rsa_pss.c#L198.

It's unclear why HLK is expecting a salt size of 64 here.

windows-hardware-certificationwindows-hardware-wdk
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

1 Answer

Daniel702-8288 avatar image
0 Votes"
Daniel702-8288 answered

Bump.
The source of this test having swtpm setup with Qemu environment.

5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.