TPM 1.2 doesn't verify signatures, but TSS 1.2 does.
Trousers does all of the verification in software via openssl, it's not
using the hardware, so this does make sense.
That said, do you even need to load the key? Maybe you can just leverage
the software? As long as the key you are using meets the PKCSv1.5 criteria.
To address why your key won't load: I'm not sure you can just arbitrarily
create keys and load them, the key must be in the SRK hierarchy. In other
words, the TPM creates keys and TELLS YOU the RSA pub key, no the other way
around.
-Tadd
On Tue, Mar 8, 2016 at 2:43 PM Ken Goldman <[email protected]> wrote:
> On 3/8/2016 3:24 AM, eye two are wrote:
> > I am trying to verify a signature using a public key from an X509
> > certificate generated with the tpm engine.
> >
>
> I'm not a trousers expert, but I will note that:
>
> 1 - TPM 1.2 cannot do signature verification.
>
> 2- With TPM 1.2, one cannot load a key unless you have both the public
> and (wrapped) private part.
>
> Could #2 be related to your problem?
>
>
>
>
> ------------------------------------------------------------------------------
> Transform Data into Opportunity.
> Accelerate data analysis in your applications with
> Intel Data Analytics Acceleration Library.
> Click to learn more.
> http://makebettercode.com/inteldaal-eval
> _______________________________________________
> TrouSerS-users mailing list
> [email protected]
> https://lists.sourceforge.net/lists/listinfo/trousers-users
>
------------------------------------------------------------------------------
Transform Data into Opportunity.
Accelerate data analysis in your applications with
Intel Data Analytics Acceleration Library.
Click to learn more.
http://makebettercode.com/inteldaal-eval
_______________________________________________
TrouSerS-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/trousers-users
