hi all, I've managed to set up my Dell Latitude E4310 with Broadcom TPM chip as a PKCS#11 device running CentOS 6.3 (the SRK password needing to be empty was the stumbling block - more on that later). I can import certificates into the cryptoki pkcs11 device, even generate keys but my question is: where are the keys actually stored? I'm used to hardware security tokens, such as Safenet eToken, Feitian ePass and others and in that case the keys reside on the chip/card. Is this also true for TPM devices? If so, how many 2048bit RSA keys can you store in a TPM chip? I managed to generated at least 16 "onboard" 2048bit RSA keys and still no error - how can I find out what the capacity of a TPM is? Also, how can one list the contents of the keys stored on the TPM? let's say the harddisk in my laptop dies at an unfortunate moment - what procedure can I follow to restore the keys (and cryptoki tpm dir structure) ?
Finally: my dual-boot laptop runs CentOS 6 and Windows 7; the win7 tpm.msc does not like an empty SRK password - it even complains that the TPM is unusable. Where is this empty password located in the tpm/trousers code? I just want to redefine to something wellknown so that I can use the TPM chip under both CentOS 6 and Windows 7. Thanks in advance for any advice or answers to my many questions, JJK / Jan Just Keijser ------------------------------------------------------------------------------ Everyone hates slow websites. So do we. Make your web apps faster with AppDynamics Download AppDynamics Lite for free today: http://p.sf.net/sfu/appdyn_d2d_mar _______________________________________________ TrouSerS-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/trousers-users
