[gnutls-devel] GnuTLS | Port openconnect TPM2 code (!1460)
Read-only notification of GnuTLS library development activities
gnutls-devel at lists.gnutls.org
Sat Oct 16 18:46:08 CEST 2021
Daiki Ueno commented on a discussion on lib/tpm2_esys.c: https://gitlab.com/gnutls/gnutls/-/merge_requests/1460#note_705545575
> + if (tpm2_pin(info->pin_info, "tpm2:", hierarchy_name, pass, sizeof(pass))) {
> + return gnutls_assert_val(GNUTLS_E_TPM_KEY_PASSWORD_ERROR);
> + }
> + install_tpm_passphrase(&info->ownerauth, pass);
> + info->need_ownerauth = false;
> + }
> + rc = Esys_TR_SetAuth(ctx, hierarchy, &info->ownerauth);
> + if (rc) {
> + _gnutls_debug_log("tpm2: Esys_TR_SetAuth failed: 0x%x\n", rc);
> + return gnutls_assert_val(GNUTLS_E_TPM_ERROR);
> + }
> + rc = Esys_CreatePrimary(ctx, hierarchy,
> + ESYS_TR_PASSWORD, ESYS_TR_NONE, ESYS_TR_NONE,
> + &primary_sensitive,
> + info->pub.publicArea.type == TPM2_ALG_RSA ?
> + &primary_template_rsa :
OK, I've reverted it back to use ECC primary and also check capabilities as in tpm2-tss-engine.
--
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1460#note_705545575
You're receiving this email because of your account on gitlab.com.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20211016/ab56f2d1/attachment-0001.html>
More information about the Gnutls-devel
mailing list