search

tpm2-software / tpm2-pkcs11

A PKCS#11 interface for TPM2 hardware
https://tpm2-software.github.io
Other
271 stars 106 forks source link

Mutual Authentication TLS #145

Closed roberto497 closed 5 years ago

roberto497 commented 5 years ago

Is it possible to use in curl or firefox for mutual tls, I need to make requests for my api using tpm?

flihp commented 5 years ago

Throwing out a few ideas:

  1. Last I tried (years ago) NSS has good PKCS#11 support. Firefox uses NSS so maybe you can configure Firefox to use TPM2 PKCS#11 through NSS?
  2. Most distros have a curl package built to use openssl. Should be possible to use TPM2 OpenSSL engine https://github.com/tpm2-software/tpm2-tss-engine to use TPM2 for auth?
williamcroberts commented 5 years ago

For Firefox you should be able to use this project once we have certificate support. Theirs also OpenSC's pkcs11 to OpenSSL engine library you could plug the TPM2 OSSL engine into.

Mutual TLS might work right now, I have known users using it for that, but I don't know how they configure it.