Re: [TrouSerS-users] sign with Tspi_Hash_Sign() and check it with RSA_public_decrypt()

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 454-5900

> Date: Fri, 21 Oct 2011 11:19:59 +0000 (UTC)
> From: Jonas <hom...@we...>
> 
> I have not a real problem, but I do not understand the result of
> RSA_pubblic_decrpyt.
> 
> I made a 20 Byte long hash and signed it with the private key of the TPM 
with
> TSPI_HASH_SIGN(). This signature I transfer to another computer which 
has the
> matching public key. There I want to verify the signature and decrypt it 
with
> RSA_PUBLIC_DECRYPT(). This works. But I'm not getting the 20 Byte hash 
alone.
> The function returns a 35 Byte long decrypted hash. The last 20 Byte of 
it is
> the hash value I signed before. And I do not know what are the 15 Bytes 
in
> front. There is no sense for me. And I do not think, that this is right.
> 
> Any ideas?

The 15 bytes are the OID (object identifier). 

See the TPM spec Part 1 31.2.1 or the PKCS#1 standard for details.

Typically, one calls a signature verify function that does the decrypt,
then checks the padding, OID, and hash within the function.  However,
the raw decrypt is very useful for debugging.