tpm2-tss-engine icon indicating copy to clipboard operation
tpm2-tss-engine copied to clipboard

Published 20 hours ago verified publisher icon tpm2-software

Implement OpenSSL EVP_PKEY methods for EC/RSA keys

Open raghuncstate opened this issue 6 years ago • 2 comments

Request to implement the OpenSSL EVP_PKEY api's for the engine. This way, we can use TPM keys to sign X509 certificate using the OpenSSL x509 APIs and almost any EVP API's. We can also hook up the engine to digest using the TPM which may be useful when we want to sign using a restricted signing key. This will require hooking/assigning the engine when the EVP_PKEYS are created during loadkey and also implementing the EVP_PKEY_METHODS. Patches welcome ?

raghuncstate avatar Jan 08 '19 17:01 raghuncstate

@raghuncstate Patches are allways welcome ! ;-)

I think, I'd like most about this, that no external program would be required for generating TPM keys. Do I understand this correctly ?

AndreasFuchsTPM avatar Jan 10 '19 22:01 AndreasFuchsTPM

Correct. That would be one of the benefits. Opened PR #89

raghuncstate avatar Mar 01 '19 03:03 raghuncstate