I have a file that I want to hash using the TPM, and then sign it using the TPM's private key. I also need to get the public key pair as I need to decrypt it later..
I have the tpm downloaded and all set. Can someone help me with this please as I am new to this?
Thanks alot!
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
To hash, you can use the TPM "hash" utility as sample code. However, it's typically faster to hash external to the TPM if possible.
To sign, see the "sign" sample. You'll first have to create and load a signing key. Read about "createprimary", "createloaded", or "create" + "load" and decide which is better for your application. All three have sample code.
All three return the public key, but you can also get it later using "readpublic" if your security model permits it.
You don't decrypt with a public key. That's a private key operation.
Asuming you meant that you want to verify the signature with the public key, the "sign" sample shows how to do it external to the TPM, while "verifysignature" shows how to do it on the TPM. Off chip is faster, if possible for you.
Finally, the regression tests in .../regtests have sample scripts for how to do these functions from the command line.
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
I have established the TPM server and client over TCP/IP and want to be able to do that using the TPM utils, since I have read we can use their commands to hash and sign. I tried to use "./getpubek" to get the public key but was not able to locate it.
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
I hope you realize that TPM 2.0 is a different API from TPM 1.2. So commands like getpubek do not exist. That's why I wasn't sure what TPM you were using. Although the concepts are the same, the 2.0 API is 100% new.
Last edit: Ken Goldman 2017-03-28
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
In the utils folder, I can see files such as getpubek, which means that I am not using TPM 2.0 as you explained to me. Can you guide me based on the version I have please? I am sorry for the confusion I caused I was not aware of the different API's
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
hello,
I have a file that I want to hash using the TPM, and then sign it using the TPM's private key. I also need to get the public key pair as I need to decrypt it later..
I have the tpm downloaded and all set. Can someone help me with this please as I am new to this?
Thanks alot!
Finally, the regression tests in .../regtests have sample scripts for how to do these functions from the command line.
I have established the TPM server and client over TCP/IP and want to be able to do that using the TPM utils, since I have read we can use their commands to hash and sign. I tried to use "./getpubek" to get the public key but was not able to locate it.
OK. TPM 2.0. Now we can get to work.
I hope you realize that TPM 2.0 is a different API from TPM 1.2. So commands like getpubek do not exist. That's why I wasn't sure what TPM you were using. Although the concepts are the same, the 2.0 API is 100% new.
Last edit: Ken Goldman 2017-03-28
I used the tpm version in this link: https://sourceforge.net/projects/ibmswtpm/files/ - tpm4720.tar.gz. Can you please tell me which TPM version API should be used?
Thank you
From the summary page of this project:
See the companion IBM TPM at https://sourceforge.net/projects/ibmswtpm2/
Thanks alot for your help and time, will check it.
In the utils folder, I can see files such as getpubek, which means that I am not using TPM 2.0 as you explained to me. Can you guide me based on the version I have please? I am sorry for the confusion I caused I was not aware of the different API's
From the summary page of this project:
See the companion IBM TPM at https://sourceforge.net/projects/ibmswtpm2/