Re: [openssl-dev] [RFC 0/2] Proposal for seamless handling of TPM based RSA keys in openssl

Tue, 22 Nov 2016 08:14:45 -0800 

In message <1479829450.2376.10.ca...@hansenpartnership.com> on Tue, 22 Nov 2016 
07:44:10 -0800, James Bottomley <james.bottom...@hansenpartnership.com> said:

James.Bottomley> On Tue, 2016-11-22 at 16:32 +0100, Richard Levitte wrote:
James.Bottomley> > In message <1479815862.8937.22.ca...@infradead.org> on Tue, 
22 Nov
James.Bottomley> > 2016 11:57:42 +0000, David Woodhouse <dw...@infradead.org> 
said:
James.Bottomley> > 
James.Bottomley> > dwmw2> Besides, it requires files in the form described by 
the
James.Bottomley> > Portable Data
James.Bottomley> > dwmw2> section of the TSS (1.2) spec. That's a SEQUENCE with 
a blob
James.Bottomley> > type
James.Bottomley> > dwmw2> (which is mostly redundant as in this case we're 
always
James.Bottomley> > talking about
James.Bottomley> > dwmw2> key blobs), the blob length (which is entirely 
redundant) and
James.Bottomley> > then the
James.Bottomley> > dwmw2> actual blob as an OCTET STRING. I don't know of any 
tool which
James.Bottomley> > actually
James.Bottomley> > dwmw2> creates such files.
James.Bottomley> > 
James.Bottomley> > I'm just having a look at the spec (page 151 in
James.Bottomley> > 
http://www.trustedcomputinggroup.org/wp-content/uploads/TSS_1_2_Errat
James.Bottomley> > a_A-final.pdf), and am a bit confused by the TssBlobType 
type.  Which 
James.Bottomley> > is it in practice, an ENUMERATED or an INTEGER?
James.Bottomley> 
James.Bottomley> It's actually here:
James.Bottomley> 
James.Bottomley> 
http://trustedcomputinggroup.org/wp-content/uploads/TPM-Main-Part-2-TPM-Structures_v1.2_rev116_01032011.pdf
James.Bottomley> 
James.Bottomley> It's around page 101, section 10.3 the TPM_KEY12 structure.  
That tells
James.Bottomley> you what to encrypt and how to construct the encrypted part of 
the
James.Bottomley> blob.  It refers to other structures, so you end up doing a 
bit of a
James.Bottomley> pointer chase through the document.

I'm sorry, I have obviously had you a bit confused.  What I'm
currently interested in is decoding the content of a 'TSS KEY BLOB'
PEM file, and I assume that's a TssBlob type, yeah?

Cheers,
Richard

-- 
Richard Levitte         levi...@openssl.org
OpenSSL Project         http://www.openssl.org/~levitte/
-- 
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev

Reply via email to