[openssl-dev] [RFC 0/2] Proposal for seamless handling of TPM based RSA keys in openssl
James Bottomley
James.Bottomley at HansenPartnership.com
Tue Nov 22 15:44:10 UTC 2016
On Tue, 2016-11-22 at 16:32 +0100, Richard Levitte wrote:
> In message <1479815862.8937.22.camel at infradead.org> on Tue, 22 Nov
> 2016 11:57:42 +0000, David Woodhouse <dwmw2 at infradead.org> said:
>
> dwmw2> Besides, it requires files in the form described by the
> Portable Data
> dwmw2> section of the TSS (1.2) spec. That's a SEQUENCE with a blob
> type
> dwmw2> (which is mostly redundant as in this case we're always
> talking about
> dwmw2> key blobs), the blob length (which is entirely redundant) and
> then the
> dwmw2> actual blob as an OCTET STRING. I don't know of any tool which
> actually
> dwmw2> creates such files.
>
> I'm just having a look at the spec (page 151 in
> http://www.trustedcomputinggroup.org/wp-content/uploads/TSS_1_2_Errat
> a_A-final.pdf), and am a bit confused by the TssBlobType type. Which
> is it in practice, an ENUMERATED or an INTEGER?
It's actually here:
http://trustedcomputinggroup.org/wp-content/uploads/TPM-Main-Part-2-TPM-Structures_v1.2_rev116_01032011.pdf
It's around page 101, section 10.3 the TPM_KEY12 structure. That tells
you what to encrypt and how to construct the encrypted part of the
blob. It refers to other structures, so you end up doing a bit of a
pointer chase through the document.
James
More information about the openssl-dev
mailing list