From 8988d1cf15b0de414ca1bea73d83b1848b92b6e2 Mon Sep 17 00:00:00 2001
From: Pol Henarejos <pol.henarejos@cttc.es>
Date: Wed, 16 Mar 2022 18:20:17 +0100
Subject: [PATCH] Fix support for ECDSA and ECDSA-SHAx signatures.

Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
---
 src/hsm/sc_hsm.c | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/src/hsm/sc_hsm.c b/src/hsm/sc_hsm.c
index d7e286c..16497ba 100644
--- a/src/hsm/sc_hsm.c
+++ b/src/hsm/sc_hsm.c
@@ -1403,6 +1403,7 @@ static int cmd_signature() {
     else if (p2 == ALGO_EC_RAW || p2 == ALGO_EC_SHA1 || p2 == ALGO_EC_SHA224 || p2 == ALGO_EC_SHA256) {
         mbedtls_ecdsa_context ctx;
         mbedtls_ecdsa_init(&ctx);
+        md = MBEDTLS_MD_SHA256;
         if (p2 == ALGO_EC_RAW) {
             if (apdu.cmd_apdu_data_len == 32)
                 md = MBEDTLS_MD_SHA256;
@@ -1415,6 +1416,12 @@ static int cmd_signature() {
             else if (apdu.cmd_apdu_data_len == 64)
                 md = MBEDTLS_MD_SHA512;
         }
+        if (p2 == ALGO_EC_SHA1)
+            md = MBEDTLS_MD_SHA1;
+        else if (p2 == ALGO_EC_SHA224)
+            md = MBEDTLS_MD_SHA224;
+        else if (p2 == ALGO_EC_SHA256)
+            md = MBEDTLS_MD_SHA256;
         int r;
         r = load_private_key_ecdsa(&ctx, fkey);
         if (r != HSM_OK)