Open mhummels opened 2 years ago
I think this software does not support so-called OpenSSL "engines" at all. You might want to try to use something like https://github.com/tpm2-software/tpm2-pkcs11 and then one of the Python's PKCS11 libraries OR use NSS and python-nss (currently being revived)
I am searching for a way to use the TPM2 module to store the private keys of certificates. The idea is to use the TPM2 as secure key store for an own CA. The problem I ran into is that there is actually no implementation of that which is platform independent.
So I got a way using Linux and the openssl-tpm2 provider. The problem is that compiling this for Windows is not an easy task, especially because of the hardware interface to the TPM2 module. So I found that the "correct" way on windows would be to use the CNG for that purposey since it handles that internally (If I got that right in the Microsoft documentation).
Now I come to the point at which I need to have an integration with python, so I found this repository. So far it looks like exactly what I need, except the integration of the TPM2 in openssl on Linux.
Is it possible to integrate the tpm provider into this library to become the 'first' platform independent crypto library with TPM support?