Previously, tpm2_loadexternal was quite limited. It could only load a public/private file
in the TSS format (aka generated via readpublic or create).
Recently, on master, I have been working on a series that allows loading both the public
and private portions of an object from PEM files.
This way, folks can seamlessly use openssl objects in the TPM. The man pages have been
updated, to show full examples, as well as
tests for this.
1. AES keys (raw key byte files)
2. RSA keys
3. ECC keys
We still need support for XOR and HMAC, but that should follow the AES key code closely.
We dropped support for tpm2_loadexternal for TSS format private objects,
as no command response returns such a structure from the TPM.
Remember, that loadexternal loaded objects have restrictions on their use, since they are
*NOT* tpm managed objects. This is the major
Difference between tpm2_loadexternal and tpm2_import. ECC support has not been added to
tpm2_import at this time.
Show replies by thread