Menu
▾
▴
Re: [Trustedjava-support] Check signature with public key from remote peer
|
From: rinberg\@libero\.it <ri...@li...> - 2007-08-28 08:49:28
|
> It cannot be done. > In asymmetric cryptography in general you can only ENcrypt with the > public key and only DEcrypt with the private key. That's what it is all= > about. Hi Ronald, thank you for the detailed answer. What I have to do is sign an hash on the local system with the key I crea= ted. The hash is the IMA measures list digest (but as far as I have a TPM= Emulator, I'm computing the digest myself, I'm not getting the one from = the PCR register). All I have to do is check that the the signature of th= e IMA list digest on the remote system is valid. How could I sign (with private key) a byte array and verify the signature= on the remote host with its public one? Isn't this the basic HMAC messag= e authentication scheme? Just to clarify...My target is to sign this list digest locally and verif= y the signature on a remote host that knows the public key (with a certif= icate maybe in future) of the local system. What I have right now is a ke= y successfully loaded locally in the TPM, how could I do it? Thank you in advance, any help would be appreciated. Best Regards, Rinaldo Bergamini |
