From: Yang, X. (Linux) <Xia...@wi...> - 2012-02-16 06:27:17
|
Hi All, I'm trying to develop a product using TPM and trousers-0.3.7, which can decrypt cipher text with RSA keys generated outside TPM. I have already written applications create RSA keys by Tspi_Key_CreateKey(), and sign/verify by Tspi_Hash_Sign()/Tspi_Hash_VerifySignature() with these keys, they work very well on my platform. However, I am wondering now if it is possible to encrypt/decrypt with RSA keys generated outside TPM chips, say by another machine's openssl applications? There is a RSA_generate_keys() function in openssl library, I plann to use it generate RSA key-pair, and encrypt something with the private key. My question is: Does there exist a way for me to set the public key into TPM chip, and let TPM chip decrypt cipher-text with the public key? I am trying use Tspi_SetAttribData(hKey, TSS_TSPATTRIB_KEY_BLOB, TSS_TSPATTRIB_KEYBLOB_PUBLIC_KEY, ...); to set public key into TPM chip, I just have no idea what TSS API I can use to decrypt something with hKey then, or there's such APIs even? Please anyone know anything about this give me a feedback. Thanks in advance so~~ much! Best Regards Edward.Yang (#7023) |