[gnutls-devel] GnuTLS | Port openconnect TPM2 code (!1460)

Read-only notification of GnuTLS library development activities gnutls-devel at lists.gnutls.org
Sun Sep 26 16:47:45 CEST 2021

Merge request https://gitlab.com/gnutls/gnutls/-/merge_requests/1460 was reviewed by David Woodhouse

David Woodhouse started a new discussion on lib/tpm2_esys.c: https://gitlab.com/gnutls/gnutls/-/merge_requests/1460#note_687150994

> +				&primary_sensitive,
> +				info->pub.publicArea.type == TPM2_ALG_RSA ?
> +				&primary_template_rsa :

That is going to make you incompatible with OpenConnect and the TPM2 engines. The ephemeral primary used as the parent should *always* be EC, regardless of the type of the child key.

You ought to be able to use the keys from the OpenConnect swtpm test suite (and that would have failed).

Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1460
You're receiving this email because of your account on gitlab.com.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20210926/6069853c/attachment-0001.html>

More information about the Gnutls-devel mailing list