hi.. I used your libs on raspb with infineon and works smoothly.. I dont know how to deal with the following requirement: I need to generate a certificate signing request (CSR.. I needed to sign docs in PKCS7) but openSSL needs a tpm private key(not public) in pem format.. Can you help me?.. thanks
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
I can't quote understand the question. First, this is the TPM forum. Is this a TPM or TSS question?
Next. It sounds like you want to sign with a TPM private key. But then you speak of OpenSSL doing the signing. So, is the problem that you have a private key on the TPM that you want to extract in the clear so you can use the TPM key to sign using openssl?
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
no.. I use TPM for signing docs.. but for verifying it must use a certificate from a CA.. so, for CA needs a CSR.. but for generating CSR, a private tpm key is required.. here is an example https://github.com/wolfSSL/wolfTPM/tree/master/examples/csr
Last edit: Octav Matt 2018-09-03
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
hi.. I used your libs on raspb with infineon and works smoothly.. I dont know how to deal with the following requirement: I need to generate a certificate signing request (CSR.. I needed to sign docs in PKCS7) but openSSL needs a tpm private key(not public) in pem format.. Can you help me?.. thanks
I can't quote understand the question. First, this is the TPM forum. Is this a TPM or TSS question?
Next. It sounds like you want to sign with a TPM private key. But then you speak of OpenSSL doing the signing. So, is the problem that you have a private key on the TPM that you want to extract in the clear so you can use the TPM key to sign using openssl?
no.. I use TPM for signing docs.. but for verifying it must use a certificate from a CA.. so, for CA needs a CSR.. but for generating CSR, a private tpm key is required.. here is an example https://github.com/wolfSSL/wolfTPM/tree/master/examples/csr
Last edit: Octav Matt 2018-09-03
I found the solution.. thanks James Bottomley.!
Octav Matt, could you please share the solution ?