I am not trying to verify the certificate though. I am trying to verify a
message that was signed using the tpm with the private key generated for
the certificate. Is that possible? If so what are the steps required to
verify the message using the certificate?
On Wed, Mar 9, 2016 at 11:19 AM, David Challener <
[email protected]> wrote:
> Actually TPM 1.2 *does* verify signatures - but it requires owner auth.
> You use one of those CMK commands to do it.
> And you *can* load in the public key without loading in the private key to
> do it. I have some code around somewhere... I will try to find it
> tomorrow....
>
> On Tue, Mar 8, 2016 at 6:29 PM, Tadd Seiff <[email protected]> wrote:
>
>> TPM 1.2 doesn't verify signatures, but TSS 1.2 does.
>>
>> Trousers does all of the verification in software via openssl, it's not
>> using the hardware, so this does make sense.
>>
>> That said, do you even need to load the key? Maybe you can just leverage
>> the software? As long as the key you are using meets the PKCSv1.5 criteria.
>>
>> To address why your key won't load: I'm not sure you can just arbitrarily
>> create keys and load them, the key must be in the SRK hierarchy. In other
>> words, the TPM creates keys and TELLS YOU the RSA pub key, no the other way
>> around.
>>
>> -Tadd
>>
>>
>> On Tue, Mar 8, 2016 at 2:43 PM Ken Goldman <[email protected]> wrote:
>>
>>> On 3/8/2016 3:24 AM, eye two are wrote:
>>> > I am trying to verify a signature using a public key from an X509
>>> > certificate generated with the tpm engine.
>>> >
>>>
>>> I'm not a trousers expert, but I will note that:
>>>
>>> 1 - TPM 1.2 cannot do signature verification.
>>>
>>> 2- With TPM 1.2, one cannot load a key unless you have both the public
>>> and (wrapped) private part.
>>>
>>> Could #2 be related to your problem?
>>>
>>>
>>>
>>>
>>> ------------------------------------------------------------------------------
>>> Transform Data into Opportunity.
>>> Accelerate data analysis in your applications with
>>> Intel Data Analytics Acceleration Library.
>>> Click to learn more.
>>> http://makebettercode.com/inteldaal-eval
>>> _______________________________________________
>>> TrouSerS-users mailing list
>>> [email protected]
>>> https://lists.sourceforge.net/lists/listinfo/trousers-users
>>>
>>
>>
>> ------------------------------------------------------------------------------
>> Transform Data into Opportunity.
>> Accelerate data analysis in your applications with
>> Intel Data Analytics Acceleration Library.
>> Click to learn more.
>> http://makebettercode.com/inteldaal-eval
>> _______________________________________________
>> TrouSerS-users mailing list
>> [email protected]
>> https://lists.sourceforge.net/lists/listinfo/trousers-users
>>
>>
>
>
> ------------------------------------------------------------------------------
> Transform Data into Opportunity.
> Accelerate data analysis in your applications with
> Intel Data Analytics Acceleration Library.
> Click to learn more.
> http://pubads.g.doubleclick.net/gampad/clk?id=278785111&iu=/4140
> _______________________________________________
> TrouSerS-users mailing list
> [email protected]
> https://lists.sourceforge.net/lists/listinfo/trousers-users
>
>
------------------------------------------------------------------------------
Transform Data into Opportunity.
Accelerate data analysis in your applications with
Intel Data Analytics Acceleration Library.
Click to learn more.
http://pubads.g.doubleclick.net/gampad/clk?id=278785111&iu=/4140
_______________________________________________
TrouSerS-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/trousers-users
