How to choose bn_p256 curve in function tpm2_create?

[tsunaley]

hallo, Ecdaa signature requires BN_P256 curve, but function tpm2_create can not choose bn_p256 curve, I want to kwon How to choose bn_p256 curve in function tpm2_create. Thanks!

[idesai]

Those must be specified with algorithms specifiers https://tpm2-tools.readthedocs.io/en/latest/man/common/alg/.

Are you using FAPI tools? Can you show what you tried and failed in your script?

[tsunaley]

@idesai Thank you! I tried using tpm2-tools for ecdaa signatures, but the ecdaa algorithm should be based on a pairing-friendly curve like bn-p256. I can not verify the signature by using the curve in the algorithms specifiers https://tpm2-tools.readthedocs.io/en/latest/man/common/alg/, because they are not pairing-friendly. Would you consider adding bn-p256 curve in tpm2-tools for ecdaa signatures?

[idesai]

@idesai Thank you! I tried using tpm2-tools for ecdaa signatures, but the ecdaa algorithm should be based on a pairing-friendly curve like bn-p256. I can not verify the signature by using the curve in the algorithms specifiers https://tpm2-tools.readthedocs.io/en/latest/man/common/alg/, because they are not pairing-friendly. Would you consider adding bn-p256 curve in tpm2-tools for ecdaa signatures?

Sounds good. Can you please share what you tried and failed in a script. I want to make sure when the support is added there is an integration test that captures your use case.