Hi, In practice, while implementing tpm2sh and its self-contained TPM emulator called "MockTPM", I've noticed that 'tpm2key.asn1.' has a major bottleneck, but luckily it is easy to squash.
Parent handle should never be persisted, as it defies the existential reason of having a file format in the first place. To address this issue I just added couple of optional fields to TPMKey: parentName [6] EXPLICIT OCTET STRING OPTIONAL, parentPubkey [7] EXPLICIT OCTET STRING OPTIONAL By persisting this information TPM2_GetCapability + TPM2_ReadPublic can be used to acquire an appropriate handle. I'd highly recommend to add this quirk to anything that processes this ASN.1 format. BR, Jarkko
