TrouSerS Developer's FAQ

Info for TrouSerS developers. Please send comments, new questions and corrections to

1.0 - Signing

1.0 - Signing

1.1 - What's the difference between the 2 signature schemes?

The main difference in the two signature schemes for TPM keys is who adds the OID data to the signature. When using a key with the TSS_SS_RSASSAPKCS1V15_SHA1 scheme, the TPM will add the SHA-1 OID to the hash you create in the TSP:

If you'd like to sign a hash other than SHA-1, you should use the TSS_SS_RSASSAPKCS1V15_DER scheme. Since the TPM cannot be expected to know all possible hash algorithms, its left up to the user to insert the hash and the OID of the hash he/she uses: Logo