Open mcarbonneaux opened 8 months ago
yes it's absolutely possible. https://github.com/microsoft/ms-tpm-20-ref
its to difficult to backup. please keep them on the disc, if thats not safe enough for you use bitlocker ;)
its to difficult to backup. please keep them on the disc, if thats not safe enough for you use bitlocker ;)
precisely the purpose of the tpm is to not be able to extract it, and in this case my need is for it to serve as authentication of the device.
when you store it in a fido hardware key you can't backup the keys precisely although it allows you to do the same thing with a PC.
and the risk of storing secrets (event with bitlocker) on disk is that a program can steal them...
there a possiblilty to add the possibility to store the keys in TPM in place of DPAPI ?