This patch adds RSA signing for TPM2 keys. There's a limitation to the
way TPM2 does signing: it must recognise the OID for the signature.
That fails for the MD5-SHA1 signatures of the TLS/SSL certificate
verification protocol, so I'm using RSA_Decrypt for both signing
(encryption) and
This is a completed version of the original RFC. It's working now both
on the TPM2 simulator and on real hardware (I've converted my laptop to
TPM2). I've updated it to use the latest version of the ASN.1 for the
key format (still using a TCG OID).
I have it building here (it's what I'm