[TrouSerS-users] Generate RSA Key-pair with openssl and Decrypt Cipher with TPM

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 454-5900

Hi All,

I'm trying to develop a product using TPM and trousers-0.3.7, which can decrypt cipher text with RSA keys generated outside TPM.

I have already written applications create RSA keys by Tspi_Key_CreateKey(), and sign/verify by Tspi_Hash_Sign()/Tspi_Hash_VerifySignature() with these keys, they work very well on my platform.
However, I am wondering now if it is possible to encrypt/decrypt with RSA keys generated outside TPM chips, say by another machine's openssl applications?

There is a RSA_generate_keys() function in openssl library, I plann to use it generate RSA key-pair, and encrypt something with the private key.

My question is: Does there exist a way for me to set the public key into TPM chip, and let TPM chip decrypt cipher-text with the public key?

I am trying use Tspi_SetAttribData(hKey, TSS_TSPATTRIB_KEY_BLOB, TSS_TSPATTRIB_KEYBLOB_PUBLIC_KEY, ...); to set public key into TPM chip, I just have no idea what TSS API I can use to decrypt something with hKey then, or there's such APIs even?

Please anyone know anything about this give me a feedback. Thanks in advance so~~ much!

Best Regards
Edward.Yang (#7023)