Topic: Compatibility between tpm2 and wolftpm!! What Format is wolfTpm using?
Hello,
I have generated a context file (openssl.ctx) with tpm (but via tpm2_tools). I wanted to know IF and HOW exactly can this be used/imported via wolftpm?
1. Use OpenSSL to create the device's public-private key pair, forgoing TPM protections. i.e., the key material is not protected by the parent object's seed.
openssl req -new -newkey rsa:2048 -keyout $HOME/openssl_private.pem -nodes \
-out "$HOME/openssl.csr" \
-subj "/C=BE/ST=Belgium/L=Brussels/O=CPP-LS/OU=Development/CN=www.tpm.dev"
openssl rsa -in "$HOME/openssl_private.pem" -out "$HOME/openssl_public.pem" -pubout
2. Load the non-protected key pair to the TPM. The private portion of an object can be loaded only to the Null hierarchy or the TPM will reject loading it.
tpm2_clear
tpm2_loadexternal --hierarchy n \
--key-algorithm rsa \
--public "$HOME/openssl_public.pem" \
--private "$HOME/openssl_private.pem" \
--key-context "$HOME/openssl.ctx" \
--name "$HOME/openssl.name"
How can this file (openssl.ctx) be imported into wolftpm? I tried to convert it into base64 and import does not work. And directly importing it always results in Buffer Overflow from wolftpm side.
Many thanks!