I'm developing software for a daughter card that contains a TPM and a FPGA.
The FPGA will create a soft processor (Altera NIOS) without any OS running.
I'm planning on using Trunks to send and receive the TPM commands. Here's what
I would like to do.
1. Use the TPM to generate a RSA 2048 keypair.
2. Extract the public key and send it to a CA to create a x509
certificate for my device.
3. Exchange certificates with an application on a server.
4. Receive from that application a message encrypted with my device's RSA
public key using PKCS#1 v1.5 padding. The encryption will not be done with a
TPM.
5. Use the TPM to decrypt the message using a TPM_ORD_UnBind command and
the device's private RSA key.
I've read the TCG documents, 'A Practical Guide to Trusted Computing' and some
google searches. Based on that I think that I need to create a migratable RSA
2048 legacy key. Does this sound right? My investigate says that if UnBinding
using a Legacy key then no TPM_BOUND_DATA structure is expected. Also, I see
commands for Seal, Unseal, Unbind, but I don't see a Bind command. Am I
missing it somewhere?
Regards,
Doug Johnson
------------------------------------------------------------------------------
Want fast and easy access to all the code in your enterprise? Index and
search up to 200,000 lines of code with a free copy of Black Duck
Code Sight - the same software that powers the world's largest code
search on Ohloh, the Black Duck Open Hub! Try it now.
http://p.sf.net/sfu/bds
_______________________________________________
TrouSerS-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/trousers-users
