I'm a newbie in TPM development (using wolfTPM) but I have already some tricky questions :
- is that true that each TMP has its own builtin asymmetric (endorsement) key ? (let's assume yes)
- is it a RSA or a ECC key ? (or one of each)
- is it possible to get the public part of the key ?
- is it possible to get this public key embedded in a certificate ?
(I didn't find any function in the API to do that)
- if it is possible, which CA certificate signs it ?
- is there a certificate chain ending to the TPM's one ?
(then what is the auto-signed certificate at the top of this chain ?)Thanks in advance !
I'm also new to TPM and I only answered 1 question which is the first TMP answer that has a worthy asymmetric key reserved and cannot get the declaration part of the certificate. The rest I will choose someone else to answer,