[gnutls-devel] GnuTLS | Bring support for TPM 2.0 (#594)
Development of GNU's TLS library
gnutls-devel at lists.gnutls.org
Fri Aug 9 11:08:04 CEST 2019
David Woodhouse commented:
My test setup: Using the OpenConnect test certificates, with the EC key wrapped using the `create_tpm2_key` tool from openssl_tpm2_engine since the tpm2-tss engine can't wrap keys yet; it can only create them.
```
~/git/openconnect/tests/certs$ openssl s_server -cert server-cert.pem -key server-key.pem -accept 8443 -verify 1 -tls1_2
```
```
~$ openconnect -c ~/git/openconnect/tests/certs/ec-cert.pem -k ~/git/openssl_tpm2_engine/ec.tss localhost:8443 --servercert pin-sha256:xp3scfzy3rOQsv
```
```
~/git/gnutls/src$ ./gnutls-cli --x509keyfile ~/git/openssl_tpm2_engine/ec.tss --x509certfile ~/git/openconnect/tests/certs/ec-cert.pem --x509cafile ~/git/openconnect/tests/certs/ca.pem localhost:8443
```
--
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/issues/594#note_201944276
You're receiving this email because of your account on gitlab.com.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20190809/788b4c51/attachment.html>
More information about the Gnutls-devel
mailing list