So do you mean that when i save the blob only the public part will be in
the file and not the private part of the key?
On Thu, Mar 24, 2016 at 10:39 PM, Dmitri Toubelis <
[email protected]> wrote:
> Currently, tpmengine require blob of the public key in the file in order
> to load matching private key and I think this is the only option. So,
> unless you want to fiddle with tmpengine internals this is your only option.
> ------------------------------
>
> *From: *"eye two are" <[email protected]>
> *To: *"Dmitri Toubelis" <[email protected]>
> *Sent: *Thursday, March 24, 2016 10:16:37 AM
>
> *Subject: *Re: [TrouSerS-users] Converting a TPM key into RSA struct for
> OpenSSL
>
> Hi thanks for the reply, i am actually currently using the tpmengine with
> OpenSSL but i cant seem to do it without first saving the key into a file
> first and then load the file into the engine with
> the ENGINE_load_private_key function. I am probably missing something, so
> do you know how i can do it without saving the key into a file? Any example
> of the code?
>
> On Thu, Mar 24, 2016 at 9:43 PM, Dmitri Toubelis <
> [email protected]> wrote:
>
>> The whole idea behind TPM that you not supposed to do that but there are
>> always exceptions. You may be able to extract private key from TPM if it
>> has MIGRATABLE and LEGACY attributes. And then export it and convert into
>> OpenSSL key.
>>
>> There is also another option. You could use `tpmengine` with OpenSSL to
>> do what you need without violating security. I personally use this approach
>> but tpmengine requies the key to be created in a very specific way, so I
>> ended up modifying engine code to fit my requirements.
>>
>> ------------------------------
>>
>> *From: *"eye two are" <[email protected]>
>> *To: *"Tadd Seiff" <[email protected]>
>> *Cc: *[email protected]
>> *Sent: *Thursday, March 24, 2016 3:16:06 AM
>> *Subject: *Re: [TrouSerS-users] Converting a TPM key into RSA struct
>> for OpenSSL
>>
>>
>> But this (assuming it works) will only create a public key. I want to use
>> the private key with OpenSSL.
>>
>> On Thu, Mar 24, 2016 at 8:40 AM, Tadd Seiff <[email protected]> wrote:
>>
>>> I only have a few minutes and can't guarantee this is complete or
>>> tested, but maybe it will help.
>>>
>>> All you really need is the modulus and exponent from the key. You get
>>> these via "GetAttribData" in trousers:
>>>
>>> tss_result = Tspi_GetAttribData(hBind_Key, TSS_TSPATTRIB_RSAKEY_INFO,
>>> TSS_TSPATTRIB_KEYINFO_RSA_MODULUS, &m_size, &m);
>>>
>>> tss_result = Tspi_GetAttribData(hBind_Key, TSS_TSPATTRIB_RSAKEY_INFO,
>>> TSS_TSPATTRIB_KEYINFO_RSA_EXPONENT, &e_size, &e);
>>>
>>>
>>> Then something like this:
>>>
>>> RSA *rsa = RSA_new();
>>> rsa->e = BN_bin2bn(e, e_size, rsa->e);
>>> rsa->n = BN_bin2bn(m, m_size, rsa->n);
>>>
>>> -Tadd
>>>
>>>
>>> On Tue, Mar 22, 2016 at 9:12 PM eye two are <[email protected]>
>>> wrote:
>>>
>>>> Hi, i am trying to convert a TPM key which i obtained from a particular
>>>> UUID into an RSA struct to be used with OpenSSL. Does anyone have any
>>>> example code on how to do it?
>>>>
>>>> ------------------------------------------------------------------------------
>>>> Transform Data into Opportunity.
>>>> Accelerate data analysis in your applications with
>>>> Intel Data Analytics Acceleration Library.
>>>> Click to learn more.
>>>> http://pubads.g.doubleclick.net/gampad/clk?id=278785351&iu=/4140
>>>> _______________________________________________
>>>> TrouSerS-users mailing list
>>>> [email protected]
>>>> https://lists.sourceforge.net/lists/listinfo/trousers-users
>>>>
>>>
>>
>>
>> ------------------------------------------------------------------------------
>> Transform Data into Opportunity.
>> Accelerate data analysis in your applications with
>> Intel Data Analytics Acceleration Library.
>> Click to learn more.
>> http://pubads.g.doubleclick.net/gampad/clk?id=278785351&iu=/4140
>> _______________________________________________
>> TrouSerS-users mailing list
>> [email protected]
>> https://lists.sourceforge.net/lists/listinfo/trousers-users
>>
>>
>>
>
>
------------------------------------------------------------------------------
Transform Data into Opportunity.
Accelerate data analysis in your applications with
Intel Data Analytics Acceleration Library.
Click to learn more.
http://pubads.g.doubleclick.net/gampad/clk?id=278785351&iu=/4140
_______________________________________________
TrouSerS-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/trousers-users
