All of lore.kernel.org
 help / color / mirror / Atom feed
* [tpm2] using Esys_Create() API creating a key with AES encryption
@ 2020-04-14  7:38 muthu.smk
  0 siblings, 0 replies; only message in thread
From: muthu.smk @ 2020-04-14  7:38 UTC (permalink / raw)
  To: tpm2

[-- Attachment #1: Type: text/plain, Size: 2142 bytes --]

Hi @williams 
As suggested by you creating this request in the emailing list

I just want to create a "AES key" using TPM , i could find the below sample of RSA key generation using tpm2tss_rsa_genkey() API . Could you help me on sharing the API or sample code block that helps me to generate "AES based key" using TPM ?

rsa = RSA_new();
if (!rsa) {
ERR("out of memory\n");
BN_free(e);
return NULL;
}
if (!tpm2tss_rsa_genkey(rsa, opt.keysize, e, opt.password, opt.parent)) {
BN_free(e);
RSA_free(rsa);
ERR("Error: Generating key failed\n");
return NULL;
}

You have suggested to use - Esys_Create, with the public template filled in for an AES key.
I have found the sample of the same in https://github.com/tpm2-software/tpm2-tss/blob/master/test/integration/esys-encrypt-decrypt.int.c

And the below code block/structure that enable "AES" based key generation was  shared below. Can you please confirm whether am i going in correct direction to achieve my requirement . It would be great if you have any sample code to be shared with me on this front.
...
..
 TPM2B_PUBLIC inPublic2 = {
..
..
.parameters.rsaDetail = {
                 .symmetric = {
                     .algorithm = TPM2_ALG_AES,
                     .keyBits.aes = 128,
                     .mode.aes = TPM2_ALG_CFB},
                 .scheme = {
                      .scheme = TPM2_ALG_NULL
                  },
                 .keyBits = 2048,
                 .exponent = 0,
             },

...
...
}

/* Esys_Create API , which will take above struct inputs filled by user as 
  r = Esys_Create(esys_context,
                    primaryHandle,
                    ESYS_TR_PASSWORD, ESYS_TR_NONE, ESYS_TR_NONE,
                    &inSensitive2,
                    &inPublic2,    /* in this struct we are filling that we required AES based input key gen */
                    &outsideInfo2,
                    &creationPCR2,
                    &outPrivate2,
                    &outPublic2,
                    &creationData2, &creationHash2, &creationTicket2);
                           &creationTicket);

^ permalink raw reply	[flat|nested] only message in thread
only message in thread, other threads:[~2020-04-14  7:38 UTC | newest]

Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2020-04-14  7:38 [tpm2] using Esys_Create() API creating a key with AES encryption muthu.smk

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.