Topic: Compatibility between tpm2 and wolftpm!! What Format is wolfTpm using?
I have generated a context file (openssl.ctx) with tpm (but via tpm2_tools). I wanted to know IF and HOW exactly can this be used/imported via wolftpm?
1. Use OpenSSL to create the device's public-private key pair, forgoing TPM protections. i.e., the key material is not protected by the parent object's seed.
openssl req -new -newkey rsa:2048 -keyout $HOME/openssl_private.pem -nodes \ -out "$HOME/openssl.csr" \ -subj "/C=BE/ST=Belgium/L=Brussels/O=CPP-LS/OU=Development/CN=www.tpm.dev" openssl rsa -in "$HOME/openssl_private.pem" -out "$HOME/openssl_public.pem" -pubout
2. Load the non-protected key pair to the TPM. The private portion of an object can be loaded only to the Null hierarchy or the TPM will reject loading it.
tpm2_clear tpm2_loadexternal --hierarchy n \ --key-algorithm rsa \ --public "$HOME/openssl_public.pem" \ --private "$HOME/openssl_private.pem" \ --key-context "$HOME/openssl.ctx" \ --name "$HOME/openssl.name"
How can this file (openssl.ctx) be imported into wolftpm? I tried to convert it into base64 and import does not work. And directly importing it always results in Buffer Overflow from wolftpm side.