search

tpm2-software / tpm2-tss-engine

OpenSSL Engine for TPM2 devices
https://tpm2-software.github.io
BSD 3-Clause "New" or "Revised" License
151 stars 100 forks source link

Can I generate a TPM private key in tpm-engine? #192

Closed paulduongemail closed 4 years ago

paulduongemail commented 4 years ago

Hi,

I have a question, I noticed in your document, in order to get a pri-pub key pair

First, I need to run this command to get a TPM private key tpm2tss-genkey -a rsa -s 2048 mykey

Then I need to run command openssl rsa -engine tpm2tss -inform engine -in mykey -pubout -outform pem -out mykey.pub in order to get the corresponding public key.

Still now am I on the right track?

So my question is, OpenSSL can generate public key for private key without any extension right? So, do I have to use this tpm-engine to generate public key?

Next, do I have to use tpm2tss-genkey for TPM private key generation?

Is there any way to generate TPM private key with tpm engine?

If so, please tell me what's that looks like.

Thanks!

AndreasFuchsTPM commented 4 years ago

tpm2tss-genkey will generate a TPM private key and public key. Both are stored in the same PEM file. The command you posted will retrieve that key and return it. There is no other way to get the public key.