On Sat, Dec 31, 2016 at 02:52:43PM -0800, James Bottomley wrote: > This patch adds RSA signing for TPM2 keys. There's a limitation to the > way TPM2 does signing: it must recognise the OID for the signature. > That fails for the MD5-SHA1 signatures of the TLS/SSL certificate > verification protocol, so I'm using RSA_Decrypt for both signing > (encryption) and decryption ... meaning that this only works with TPM > decryption keys. It is possible to use the prior code, which preserved > the distinction of signing and decryption keys, but only at the expense > of not being able to support SSL or TLS lower than 1.2
Please submit patches via github. Kurt -- openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
