* [tpm2] RSA key pairs are gone when I reboot
@ 2019-12-03 15:54 Frederick Gotham
0 siblings, 0 replies; only message in thread
From: Frederick Gotham @ 2019-12-03 15:54 UTC (permalink / raw)
To: tpm2
[-- Attachment #1: Type: text/plain, Size: 803 bytes --]
I use OpenSSL to generate an RSA key pair:
openssl genrsa -out private.pem 2048
I then use the utility "tpm2_ptool" to load the key pair into the TPM2 chip:
tpm2_ptool init
tpm2_ptool addtoken --pid=1 --sopin=mysopin --userpin=123456 --label monkey
tpm2_ptool import --userpin 123456 --privkey private.pem --label
monkey --algorithm rsa
I am able to confirm that the key pair is inside the TPM2 chip by
using ssh-keygen:
ssh-keygen -D libtpm2_pkcs11.so
The output from ssh-keygen confirms that the keys are in there.
Next. . . I reboot my device, and the keypair is gone. It's no longer
in there. So it appears that the key was only in RAM and then it gets
wiped upon reboot.
How do I store an RSA key pair persistently/permanently inside the TPM2 chip?
^ permalink raw reply [flat|nested] only message in thread
only message in thread, other threads:[~2019-12-03 15:54 UTC | newest]
Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2019-12-03 15:54 [tpm2] RSA key pairs are gone when I reboot Frederick Gotham
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.