AnsweredAssumed Answered

uni_sign public key hashing

Question asked by Joshua Faust on Dec 27, 2017
Latest reply on Jan 5, 2018 by Joshua Faust

I am re-creating the CSF generation within java as we have a security requirement to use TRNG RSA keys. As such, I am now running into one issue, the hash of the public key for secure boot. I have found the three different functions that are being called to create the SHA256 hash within crypto_utils.c however, the parameters that are being passed do not make much sense to me. So, during my testing process I have been just hashing the public key but I will get the

ERROR :: 400 :: Public key hash comparison failed


I have hashed the public key in all of the following formats but my hashes never match those generated by the uni_sign and all subseqent program calls uni_sign uses:

  1. Standard PEM base64 formatting in ASN.1 with Key Headers
  2. Standard PEM base64 formatting in ASN.1 w/o Key Headers
  3. Binary file (base64 –d) in ASN.1
  4. Binary file (base64-d) raw key (Two big integers)
  5. ASCII representation of Binary File in ASN.1
  6. ASCII representation of Binary File raw


Can someone point me in the right direction? What is the data that needs to be hashed?