Hi everyone,
Did somebody understand how to use the TPM engine with wpa_supplicant?
I follow that
http://w1.fi/gitweb/gitweb.cgi?p=hostap.git;a=blob_plain;f=wpa_supplicant/examples/openCryptoki.conf;hb=HEAD
My wpa_supplicant.conf is:
ctrl_interface=/var/run/wpa_supplicant
ap_scan=0
eapol_version=2
pkcs11_engine_path=/usr/local/ssl/lib/engines/libtpm.so
network={
key_mgmt=IEEE8021X
eap=TLS
eapol_flags=0
engine=1
engine_id="tpm"
key_id="...clienttpm_key"
pin="userpin"
ca_cert="/.../cacert.pem"
client_cert="/.../clienttpm_cert.pem"
# private_key="/.../clienttpm_key"
# private_key_passwd="pass"
identity="someid"
password="pass"
}
I create the key with the "create_tpm_key" from the libengine-tpm-openssl.
I set the path to this key in "key_id" because key_id is sent to
"tpm_engine_load_key" and represent the path to the key file.
And the output error given by wpa_supplicant is :
ENGINE: engine initialized
ENGINE: cannot load private key with id '.../clienttpm_key'
[error:8006F06D:tpm engine:TPM_ENGINE_LOAD_KEY:request failed]
"TPM_ENGINE_LOAD_KEY:request failed" come from "e_tpm.c", function
"tpm_engine_load_key", when this is reached :
TSSerr(TPM_F_TPM_ENGINE_LOAD_KEY, TPM_R_REQUEST_FAILED);
But this could happenned in multiple place in the code
So I'm trapped.
Thank's in advance!
J.
------------------------------------------------------------------------------
_______________________________________________
TrouSerS-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/trousers-users
