On 19 November 2013 03:31, Ken Goldman <[email protected]> wrote:
> 4 - I don't understand (2). The sealed blob can't sign anything. It's
> your data blob encrypted by the SRK public key.
I think I may have not meant "seal". Distrust my use of terminology. I
got it working yesterday, so I must be doing something right.
Essentially what I'm doing (with plenty of incorrect function names
and consolidating several calls into one, but you'll get the idea):
Key generation:
blob, public = Tspi_CreateKey(...NOT_MIGRATABLE...SIGNSCHEME_PKCSV15V1_DER)
Key use:
challenge = GetChallengeFromServer()
key = Tspi_LoadKeyFromBlob(blob)
response = Tspi_Hash_Sign(key, challenge)
SendToServer(response)
This is what I meant by "give blob back to TPM chip and ask it to sign
a server challenge".
Thanks for your help.
--
typedef struct me_s {
char name[] = { "Thomas Habets" };
char email[] = { "[email protected]" };
char kernel[] = { "Linux" };
char *pgpKey[] = { "http://www.habets.pp.se/pubkey.txt"; };
char pgp[] = { "A8A3 D1DD 4AE0 8467 7FDE 0945 286A E90A AD48 E854" };
char coolcmd[] = { "echo '. ./_&. ./_'>_;. ./_" };
} me_t;
------------------------------------------------------------------------------
Shape the Mobile Experience: Free Subscription
Software experts and developers: Be at the forefront of tech innovation.
Intel(R) Software Adrenaline delivers strategic insight and game-changing
conversations that shape the rapidly evolving mobile landscape. Sign up now.
http://pubads.g.doubleclick.net/gampad/clk?id=63431311&iu=/4140/ostg.clktrk
_______________________________________________
TrouSerS-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/trousers-users
