[openssl-users] OpenSSL Engine for TPM

Jan Just Keijser janjust at nikhef.nl
Fri Jul 7 14:39:53 UTC 2017


On 06/07/17 06:39, Christian Hohnstädt wrote:
> The trousers project has one.
> https://sourceforge.net/projects/trousers/files/OpenSSL%20TPM%20Engine/
agreed, but this engine  does not really put the keys inside the TPM - instead it sets up a local repository that is encrypted 
using a key from the TPM. If you look at the way it is designed, it is not really secure (as it's not impossible to find the 
password that was used to encrypt the keys with).

> Am 5. Juli 2017 06:47:24 MESZ schrieb Devang Kubavat <devang.kubavat at in.abb.com>:
>     Hi All,
>       1.  Is there any built-in OpenSSL Engine to access the TPM ?
>       2.  Is there any other OpenSSL Engine to access the TPM ? If Yes, How can we configure in OpenSSL libraries to use that
>     engine ?
>     Please guide me. Thanks.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20170707/1f3deb59/attachment-0001.html>

More information about the openssl-users mailing list