Open mikhailuwu opened 2 weeks ago
Using TSS2 library for all TPM interactions. sh_cipher_policy_t should contain a reference of some sort to the key in TPM for an access function.
Implementing sh_get_key, unfinished.
Implementing sh_tpm_store_key, unfinished.
The current crypto key store is insufficient in terms of exposure.
Implement a user configurable system including support for TPM-based key store (highly secure), regular protected memory (less secure), and perhaps an internet resource such as a trusted server where the key exchange happens through some asymmetric encryption (somewhat secure).
This can be an additional sh_malloc parameter.
Implement checks as well if TPM is available for application use on the system.