Actually TPM 1.2 *does* verify signatures - but it requires owner auth. You
use one of those CMK commands to do it.
And you *can* load in the public key without loading in the private key to
do it. I have some code around somewhere... I will try to find it
tomorrow....
On Tue, Mar 8, 2016 at 6:29 PM, Tadd Seiff <[email protected]> wrote:
> TPM 1.2 doesn't verify signatures, but TSS 1.2 does.
>
> Trousers does all of the verification in software via openssl, it's not
> using the hardware, so this does make sense.
>
> That said, do you even need to load the key? Maybe you can just leverage
> the software? As long as the key you are using meets the PKCSv1.5 criteria.
>
> To address why your key won't load: I'm not sure you can just arbitrarily
> create keys and load them, the key must be in the SRK hierarchy. In other
> words, the TPM creates keys and TELLS YOU the RSA pub key, no the other way
> around.
>
> -Tadd
>
>
> On Tue, Mar 8, 2016 at 2:43 PM Ken Goldman <[email protected]> wrote:
>
>> On 3/8/2016 3:24 AM, eye two are wrote:
>> > I am trying to verify a signature using a public key from an X509
>> > certificate generated with the tpm engine.
>> >
>>
>> I'm not a trousers expert, but I will note that:
>>
>> 1 - TPM 1.2 cannot do signature verification.
>>
>> 2- With TPM 1.2, one cannot load a key unless you have both the public
>> and (wrapped) private part.
>>
>> Could #2 be related to your problem?
>>
>>
>>
>>
>> ------------------------------------------------------------------------------
>> Transform Data into Opportunity.
>> Accelerate data analysis in your applications with
>> Intel Data Analytics Acceleration Library.
>> Click to learn more.
>> http://makebettercode.com/inteldaal-eval
>> _______________________________________________
>> TrouSerS-users mailing list
>> [email protected]
>> https://lists.sourceforge.net/lists/listinfo/trousers-users
>>
>
>
> ------------------------------------------------------------------------------
> Transform Data into Opportunity.
> Accelerate data analysis in your applications with
> Intel Data Analytics Acceleration Library.
> Click to learn more.
> http://makebettercode.com/inteldaal-eval
> _______________________________________________
> TrouSerS-users mailing list
> [email protected]
> https://lists.sourceforge.net/lists/listinfo/trousers-users
>
>
------------------------------------------------------------------------------
Transform Data into Opportunity.
Accelerate data analysis in your applications with
Intel Data Analytics Acceleration Library.
Click to learn more.
http://pubads.g.doubleclick.net/gampad/clk?id=278785111&iu=/4140
_______________________________________________
TrouSerS-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/trousers-users
