[TrouSerS-users] 128 byte decryption on TPM secure MCU

Mon, 08 Dec 2014 06:36:04 -0800 

Dear trousers users,

I'm new on TPM and I have to do 1024 bit RSA_private (decryption) process on
the TPM secure MCU. Is it possible?

I tried following process: 
 
keyUsage   : TPM_KEY_LEGACY
signScheme : TPM_SS_RSASSAPKCS1v15_SHA1
encScheme  : TPM_ES_RSAESOAEP_SHA1_MGF1

TPM_unbind command decryptes 128-byte (1024-bit)  however  42+5 bytes of
data used by TPM_unbind, some consistency check requirments and also 81 (key
size - 42 -5) bytes not enough for our project.

There is some information on TPM Main-Part 3.
Commands_v1.2_rev116_01032011.pdf page-81 (document page-70)


if (keyHandle -> encScheme does not equal TPM_ES_RSAESOAEP_SHA1_MGF1) and
(keyHandle -> keyUsage equals TPM_KEY_LEGACY)
{
a. The payload does not have TPM specific markers to validate, so no
consistency check can be performed.
b. Set the output parameter outData to the value of the decrypted value of
inData.(Padding associated with the encryption wrapping of inData SHALL NOT
be returned.)
c. Set the output parameter outDataSize to the size of outData, as deduced
from the decryption process.
}
else
{
// This section works well.
a.Interpret the decrypted data under the assumption that it is a
TPM_BOUND_DATA structure, and validate that the payload type is TPM_PT_BIND
b. Set the output parameter outData to the value of TPM_BOUND_DATA
->payloadData. (Other parameters of TPM_BOUND_DATA SHALL NOT be
returned.Padding associated with the encryption wrapping of inData SHALL NOT
be returned.)
c. Set the output parameter outDataSize to the size of outData, as deduced
from the decryption process and the interpretation of TPM_BOUND_DATA.
}


But 
keyUsage   : TPM_KEY_LEGACY
signScheme : TPM_SS_RSASSAPKCS1v15_SHA1
encScheme  : TPM_ES_RSAESPKCSv15

error returns from secure MCU
TPM_DECRYPT_ERROR, O, 33, 0x 00000021, The decryption process did not complete.


I have to decrypt 1024-bit data with TPM secure MCU. This data will not be
any bind data please think as random !!! Could you tell me about where I am
fail?


Regards
Sevkuthan KURAK



------------------------------------------------------------------------------
Download BIRT iHub F-Type - The Free Enterprise-Grade BIRT Server
from Actuate! Instantly Supercharge Your Business Reports and Dashboards
with Interactivity, Sharing, Native Excel Exports, App Integration & more
Get technology previously reserved for billion-dollar corporations, FREE
http://pubads.g.doubleclick.net/gampad/clk?id=164703151&iu=/4140/ostg.clktrk
_______________________________________________
TrouSerS-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/trousers-users

Reply via email to