This is a bug, I have filed two tickets:
- signature-alg bug: https://github.com/tpm2-software/tpm2-tools/issues/2997
- symmetric-alg bug:
I have staged a PR to fix this:
Thank you for the detailed bug report. Unfortunately I won't be of much help on the
strongswan side, but hopefully this helps you along.
From: Rodolphe AVERTY <rodolphe.averty(a)free.fr>
Sent: Friday, May 20, 2022 6:27 AM
To: tpm2(a)lists.01.org <tpm2(a)lists.01.org>
Subject: [tpm2] Re: Can't se't signature algorithm when using tpm2_import
I'am trying to import my private key into the TPM (to use it with StrongSwan)
> tpm2_createprimary... .. .
> tpm2_import -G rsa2048:rsassa-sha256 -i private.pem -C parent.ctx -u irsakey.pub -r
> tpm2_load... ..
> tpm2_evictcontrol... ..
Every thing seems to be Ok
But when i use the command :
> pki --print --type private --keyid 0x81000002
TPM 2.0 via
TSS2 v2 available
signature algorithm is NULL with ERROR hash
privkey: RSA 2048 bits
With that i can't use my key with strong swan. The message (Signature algorithm is
null with error hash) indicate that tpm2_import hasn't done its job.
Is there a way to have a signature algorithm with tpm2_import ?
Is this a tpm2_import limitation ?
Or maybe a bug.. .
I am using de debian SID package of tpm2-tools which is a 5.2
Thanks for help
tpm2 mailing list -- tpm2(a)lists.01.org
To unsubscribe send an email to tpm2-leave(a)lists.01.org