Skip to content
GitLab
    • Why GitLab
    • Pricing
    • Contact Sales
    • Explore
  • Why GitLab
  • Pricing
  • Contact Sales
  • Explore
  • Sign in
  • Get free trial
  • gnutls gnutls
  • GnuTLS GnuTLS
  • Issues
  • #594

Bring support for TPM 2.0

TPMv2.0 is a completely different beast to TPM 1.2, and needs to be added on top of TPM 1.2 because the TPMv1.2 hardware is still in common use.

The TPMv2.0 model still doesn't lend itself well to being exposed via PKCS#11 completely, just as TPMv1.2 didn't. There is a different format for the PEM storage of wrapped keys, and there are different fields to be included in a TPMv2.0-capable update to the TPM URI draft, but I think it still makes sense to support them in the same way we do TPMv1.2.

We should

  • extend the current code to TPM 2.0,
  • add support for transparent loading of TPM2 wrapped keys (PEM-formatted) by gnutls_privkey_import_x509_raw and possibly gnutls_x509_privkey_import.
Edited Oct 26, 2018 by Nikos Mavrogiannopoulos
Assignee
Assign to
Time tracking