Topic: Signing question with wolftpm
I've already integrated wolfsll with vaultic 405 cryptographic chip and, now, I need to add a tpm 2.0 (nuvoton npct750). In my applicacion, I use wolfssl to sign a very very big CMS file. I already touched wolfssl (and is working 4 years to now) to:
1. receive the data to sign in a stream rather than in a blob
2. sign the content using the private key stored in vaultic.
Now, I'm using wolftpm to access nuvoton and because I'm using wolfssl, I need to use the TPM module to ONLY perform the "encryption with the private key", nothing more (without any extra hashing or padding, simply encryption).
The code I'm using is the following (it is called from inside wolfssl's rsa implementation);
int nuvoton_make_signature(const byte* in, word32 inLen, byte* out, word32* outLen)
int outSz = (int) * outLen;
rc = wolfTPM2_SignHashScheme(
TPM_ALT_RSASSA, // 'sigAlg'
TPM_ALG_SHA256); // 'hashAlg'
*outLen = outSz;
It works fine (the call is returning rc==0) but the result is not a correct signature. I'm supposing than it is adding an extra padding or something else but I'm not sure the correct values for 'sigAlg' and 'hashAlg' parameters.
Could you help me, please?
Thanks in advance!
BTW: Thank you for wolftpm!!! It is amazing!