[TrouSerS-users] Verifying a signature using public key from X509 certificate

Tue, 08 Mar 2016 08:23:37 -0800 

I am trying to verify a signature using a public key from an X509
certificate generated with the tpm engine.

What i tried to do is to load the cert from the certificate file into a
X509 type variable using PEM_read_bio_X509 and convert it into an EVP_PKEY
type using X509_get_pubkey.

How do i then convert the EVP_PKEY into a public key usable with the
signature verification function Tspi_Hash_VerifySignature?

This is what i am trying and it does not seem to be working:

UINT32 convertPubKeyToByte(tpmArgs tpm, EVP_PKEY* pkey, BYTE** pkeyByte) {
int modulusLen;
int exponentLen;

BYTE *modulus = malloc(256);
BYTE *exponent = malloc(256);
BYTE *pubKeyByte = NULL;

RSA* rsa;

TSS_HKEY hKey;
TSS_FLAG initFlags;
TSS_RESULT result;

UINT32 pubKeySize;

rsa = EVP_PKEY_get1_RSA(pkey);
modulusLen = BN_bn2bin(rsa->n, (unsigned char*)modulus);
exponentLen = BN_bn2bin(rsa->e, (unsigned char*)exponent);

initFlags = TSS_KEY_TYPE_LEGACY |
           TSS_KEY_SIZE_2048 |
           TSS_KEY_NO_AUTHORIZATION |
           TSS_KEY_MIGRATABLE;

result = Tspi_Context_CreateObject(tpm.hContext,
                                  TSS_OBJECT_TYPE_RSAKEY,
                                  initFlags,
                                  &hKey);
DBG("Create key object", result);

result = Tspi_SetAttribUint32(hKey,
                             TSS_TSPATTRIB_KEY_INFO,
                             TSS_TSPATTRIB_KEYINFO_SIGSCHEME,
                             PADDING_SCHEME);
DBG("Set the key's padding type", result);

result = Tspi_SetAttribData(hKey,
                           TSS_TSPATTRIB_RSAKEY_INFO,
                           TSS_TSPATTRIB_KEYINFO_RSA_EXPONENT,
                           exponentLen,
                           exponent);
DBG("Set public key exponent", result);

result = Tspi_SetAttribData(hKey,
                           TSS_TSPATTRIB_RSAKEY_INFO,
                           TSS_TSPATTRIB_KEYINFO_RSA_MODULUS,
                           modulusLen,
                           modulus);
DBG("Set public key modulus", result);

result = Tspi_Key_LoadKey(hKey, tpm.hSRK);
DBG("Load key into TPM", result);

result = Tspi_Key_GetPubKey(hKey, &pubKeySize, &pubKeyByte);
DBG("Get public key blob", result);

return pubKeySize;
}

The errors i got from the above code are:
Load key into TPM returned 0x00000028. Unsupported key parameters.
Get public key blob returned 0x0000310e. The addressed key is not currently
loaded.

------------------------------------------------------------------------------
Transform Data into Opportunity.
Accelerate data analysis in your applications with
Intel Data Analytics Acceleration Library.
Click to learn more.
http://makebettercode.com/inteldaal-eval
_______________________________________________
TrouSerS-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/trousers-users

Reply via email to