- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi @wenzhu,
In TPM2_CreatePrimary, the TPM returns the public part but the private part resides in the TPM. The key can be directly used, so no TPM2_Load is required and 'tpm2_evictcontrol' will make the key objects persistent.
Thanks,
Sneha
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi @wenzhu ,
You can generate keys using 'tpm2_createprimary' command, the RSA/ECC keys will be generated and persistently stored in the TPM.
Please note, running 'TPM2_Clear' would clear the persistent objects. Example for your reference below:
>> tpm2_createprimary -C o -P your_owner_authorization_value -g sha256 -G rsa -c RSAprimary.ctx
>> tpm2_evictcontrol -C o -c RSAprimary.ctx -P your_owner_authorization_value 0x81000004
key persisted in the handle: 0x81000004
To encypt data using this key, you can run 'tpm2_rsaencrypt' and provide the input data to be encrypted (input.txt).
>> tpm2_rsaencrypt -c 0x81000005 -o data_encrypted.txt input.txt
Thanks,
Sneha
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi @Sneha_P , thanks for your supporting. Can I use below command "tpm2_loadexternal -Q -G ecc -r private.ecc.pem -c key.ctx", then save key.ctx to tpm persistently ?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi @wenzhu,
In TPM2_CreatePrimary, the TPM returns the public part but the private part resides in the TPM. The key can be directly used, so no TPM2_Load is required and 'tpm2_evictcontrol' will make the key objects persistent.
Thanks,
Sneha
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content