[gnutls-devel] GnuTLS | Bring support for TPM 2.0 (#594)

Development of GNU's TLS library gnutls-devel at lists.gnutls.org
Fri Aug 9 11:08:04 CEST 2019

David Woodhouse commented:

My test setup: Using the OpenConnect test certificates, with the EC key wrapped using the `create_tpm2_key` tool from openssl_tpm2_engine since the tpm2-tss engine can't wrap keys yet; it can only create them.

~/git/openconnect/tests/certs$ openssl s_server -cert server-cert.pem -key server-key.pem -accept 8443 -verify 1 -tls1_2
~$ openconnect -c ~/git/openconnect/tests/certs/ec-cert.pem -k ~/git/openssl_tpm2_engine/ec.tss localhost:8443 --servercert pin-sha256:xp3scfzy3rOQsv
~/git/gnutls/src$ ./gnutls-cli  --x509keyfile ~/git/openssl_tpm2_engine/ec.tss --x509certfile ~/git/openconnect/tests/certs/ec-cert.pem  --x509cafile ~/git/openconnect/tests/certs/ca.pem localhost:8443 

Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/issues/594#note_201944276
You're receiving this email because of your account on gitlab.com.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20190809/788b4c51/attachment.html>

More information about the Gnutls-devel mailing list