Currently, tpmengine require blob of the public key in the file in order to
load matching private key and I think this is the only option. So, unless you
want to fiddle with tmpengine internals this is your only option.
----- Original Message -----
> From: "eye two are" <[email protected]>
> To: "Dmitri Toubelis" <[email protected]>
> Sent: Thursday, March 24, 2016 10:16:37 AM
> Subject: Re: [TrouSerS-users] Converting a TPM key into RSA struct
> for OpenSSL
> Hi thanks for the reply, i am actually currently using the tpmengine
> with OpenSSL but i cant seem to do it without first saving the key
> into a file first and then load the file into the engine with the
> ENGINE_load_private_key function. I am probably missing something,
> so do you know how i can do it without saving the key into a file?
> Any example of the code?
> On Thu, Mar 24, 2016 at 9:43 PM, Dmitri Toubelis <
> [email protected] > wrote:
> > The whole idea behind TPM that you not supposed to do that but
> > there
> > are always exceptions. You may be able to extract private key from
> > TPM if it has MIGRATABLE and LEGACY attributes. And then export it
> > and convert into OpenSSL key.
>
> > There is also another option. You could use `tpmengine` with
> > OpenSSL
> > to do what you need without violating security. I personally use
> > this approach but tpmengine requies the key to be created in a very
> > specific way, so I ended up modifying engine code to fit my
> > requirements.
>
> > > From: "eye two are" < [email protected] >
> >
>
> > > To: "Tadd Seiff" < [email protected] >
> >
>
> > > Cc: [email protected]
> >
>
> > > Sent: Thursday, March 24, 2016 3:16:06 AM
> >
>
> > > Subject: Re: [TrouSerS-users] Converting a TPM key into RSA
> > > struct
> > > for OpenSSL
> >
>
> > > But this (assuming it works) will only create a public key. I
> > > want
> > > to
> > > use the private key with OpenSSL.
> >
>
> > > On Thu, Mar 24, 2016 at 8:40 AM, Tadd Seiff < [email protected]
> > > >
> > > wrote:
> >
>
> > > > I only have a few minutes and can't guarantee this is complete
> > > > or
> > > > tested, but maybe it will help.
> > >
> >
>
> > > > All you really need is the modulus and exponent from the key.
> > > > You
> > > > get
> > > > these via "GetAttribData" in trousers:
> > >
> >
>
> > > > > tss_result = Tspi_GetAttribData(hBind_Key,
> > > > > TSS_TSPATTRIB_RSAKEY_INFO,
> > > >
> > >
> >
>
> > > > > TSS_TSPATTRIB_KEYINFO_RSA_MODULUS, &m_size, &m);
> > > >
> > >
> >
>
> > > > > tss_result = Tspi_GetAttribData(hBind_Key,
> > > > > TSS_TSPATTRIB_RSAKEY_INFO,
> > > >
> > >
> >
>
> > > > > TSS_TSPATTRIB_KEYINFO_RSA_EXPONENT, &e_size, &e);
> > > >
> > >
> >
>
> > > > Then something like this:
> > >
> >
>
> > > > > RSA *rsa = RSA_new();
> > > >
> > >
> >
>
> > > > > rsa->e = BN_bin2bn(e, e_size, rsa->e);
> > > >
> > >
> >
>
> > > > > rsa->n = BN_bin2bn(m, m_size, rsa->n);
> > > >
> > >
> >
>
> > > > -Tadd
> > >
> >
>
> > > > On Tue, Mar 22, 2016 at 9:12 PM eye two are <
> > > > [email protected]
> > > > >
> > > > wrote:
> > >
> >
>
> > > > > Hi, i am trying to convert a TPM key which i obtained from a
> > > > > particular UUID into an RSA struct to be used with OpenSSL.
> > > > > Does
> > > > > anyone have any example code on how to do it?
> > > > > ------------------------------------------------------------------------------
> > > >
> > >
> >
>
> > > > > Transform Data into Opportunity.
> > > >
> > >
> >
>
> > > > > Accelerate data analysis in your applications with
> > > >
> > >
> >
>
> > > > > Intel Data Analytics Acceleration Library.
> > > >
> > >
> >
>
> > > > > Click to learn more.
> > > >
> > >
> >
>
> > > > > http://pubads.g.doubleclick.net/gampad/clk?id=278785351&iu=/4140
> > > > > _______________________________________________
> > > >
> > >
> >
>
> > > > > TrouSerS-users mailing list
> > > >
> > >
> >
>
> > > > > [email protected]
> > > >
> > >
> >
>
> > > > > https://lists.sourceforge.net/lists/listinfo/trousers-users
> > > >
> > >
> >
>
> > > ------------------------------------------------------------------------------
> >
>
> > > Transform Data into Opportunity.
> >
>
> > > Accelerate data analysis in your applications with
> >
>
> > > Intel Data Analytics Acceleration Library.
> >
>
> > > Click to learn more.
> >
>
> > > http://pubads.g.doubleclick.net/gampad/clk?id=278785351&iu=/4140
> >
>
> > > _______________________________________________
> >
>
> > > TrouSerS-users mailing list
> >
>
> > > [email protected]
> >
>
> > > https://lists.sourceforge.net/lists/listinfo/trousers-users
> >
>
------------------------------------------------------------------------------
Transform Data into Opportunity.
Accelerate data analysis in your applications with
Intel Data Analytics Acceleration Library.
Click to learn more.
http://pubads.g.doubleclick.net/gampad/clk?id=278785351&iu=/4140
_______________________________________________
TrouSerS-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/trousers-users
