Hello
Thank you for inputs. Now its working properly. There was a problem due to
wrong hash length parameter. Mistakenly, I have used that.
Changes that I have done -
ret = RSA_verify(NID_sha1,hash, SHA_DIGEST_LENGTH,
signature,signatureLength, rsa);
On 12 April 2017 at 19:51, Ken Goldman <[email protected]> wrote:
> A few inline comments. However, I am not a TSS expert. Does someone have
> a better idea?
>
> Also, if you're stuck, bisecting the problem helps debug.
>
> Rather than use RSA_verify, do a raw public key encrypt. If you see
> PKCS1 padding, the OID, and a hash, then the keys are correct but the hash
> on the sign and verify don't match. If you see random numbers, than the
> public and private keys don't match.
>
> On 4/12/2017 4:46 AM, Promila Jangra wrote:
>
>> Hello Ken
>>
>> Thank you for responding. I also implement the same and posting the code
>> below. But still I got wrong verification result. RSA_verify API return
>> zero for the same input signature verification. Please correct me if I
>> am doing something wrong. If you have sample code then share the same.
>>
>> To get the TPM public key modulus and exponent-
>> result=Tspi_Key_CreateKey(hSigning_Key,hSRK,0);
>>
>> result = Tspi_GetAttribData(hSigning_Key, TSS_TSPATTRIB_RSAKEY_INFO,
>> TSS_TSPATTRIB_KEYINFO_RSA_MODULUS, &pubKeyModulusLen, &pubKeyModulus);
>>
>
> I assume that this is correct. Perhaps check that the length is 256, that
> it's bytes, not bits.
>
> result = Tspi_GetAttribData(hSigning_Key, TSS_TSPATTRIB_RSAKEY_INFO,
>> TSS_TSPATTRIB_KEYINFO_RSA_EXPONENT, &pubKeyExponentLen, &pubKeyExponent);
>>
>
> Does this return 0 (the TPM default) or 0x10001. You may have to map from
> the default to the actual value.
>
> To construct the RSA key pair using opnessl:
>> RSA *rsa = RSA_new();
>> rsa->e = BN_bin2bn(pubKeyExponent, pubKeyExponentLen, rsa->e);
>> rsa->n = BN_bin2bn(pubKeyModulus, pubKeyModulusLen, rsa->n);
>>
>
> I'm not sure that RSA_new allocates the e and n bignums. Perhaps try
> passing in NULL to the BN-bin2bn functions.
>
> SHA1(data, strlen(data)+1, hash);
>>
>> ret = RSA_verify(NID_sha1, hash, SHA256_DIGEST_LENGTH,
>> signature,signatureLength, rsa);
>>
>
> It is odd that you create a SHA-1 hash and then say its a SHA-256 length.
>
>
--
Thanks & Regards
Promila Jangra
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
TrouSerS-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/trousers-users
