[gnutls-devel] GnuTLS | Bring support for TPM 2.0 (#594)
Development of GNU's TLS library
gnutls-devel at lists.gnutls.org
Fri Jul 12 07:24:18 CEST 2019
Nikos Mavrogiannopoulos commented:
> Both OpenSSL ENGINEs (the TCG tss2-tpm-engine and James's IBM TSS openssl_tpm2_engine) create them. Only the latter can do so by wrapping existing keys; the TCG one is limited to creating new keys.
> A standalone tool to convert the bare pub and priv blobs and additional metadata into this form would also be a useful contribution to the TCG tools. We have also talked about making the TCG PKCS#11 capable of exporting and importing keys in this form.
Ideally `tpm2-tools` output this form, so that a user doesn't need to figure out what to do with the output file. For the purpose of gnutls we can modify `certtool` to do this conversion but that is a usability nightmare.
> You have made me want to clean up some of the duplication and some of the gratuitous differences between my TCG and IBM implementations. Should I do that now or wait for what you are doing?
I'm only using the TCG implementation in that branch due to license.
--
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/issues/594#note_191052573
You're receiving this email because of your account on gitlab.com.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20190712/1fa3b20d/attachment-0001.html>
More information about the Gnutls-devel
mailing list