Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Load TSS2 Private Key generated with tpm2tss-genkey #312

Open
DanielEjnar opened this issue Oct 11, 2022 · 2 comments
Open

Load TSS2 Private Key generated with tpm2tss-genkey #312

DanielEjnar opened this issue Oct 11, 2022 · 2 comments

Comments

@DanielEjnar
Copy link

I am trying to use an existing private key made using tpm2tss-genkey (a PEM encoded private key), but cannot seem to find a way to import it correctly.
I see no direct possibility to import it using go-tpm, so I have tried importing it using tpm2tools by running tpm2_loadexternal -r private.key -T device:/dev/tpmrm0 -c private.ctx to get a context file and then load that file in the following way

rwc, err := tpm2.OpenTPM("/dev/tpmrm0")
b, err := ioutil.ReadFile("primary.ctx")
kh, err := tpm2.ContextLoad(rwc, b)

The issue is I get err == EOF, and that doesn't really tell me what is going wrong.

Essentially my question is: Are there any way to import the private key to use it with go-tpm?
@dwmw2
Copy link

dwmw2 commented Oct 9, 2023

I've implemented this in aws/rolesanywhere-credential-helper#38 but it would be good for go-tpm to support it directly.

@dwmw2 dwmw2 mentioned this issue Oct 9, 2023
Open
@Foxboron
Copy link
Contributor

Foxboron commented Mar 1, 2024

I've implemented go-tpm-keyfiles as a standalone library thing.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@dwmw2 @Foxboron @DanielEjnar