Trusted Platform Module 2.0 » History » Version 2
Andreas Steffen, 18.02.2017 16:40
| 1 | 1 | Andreas Steffen | h1. Trusted Platform Module |
|---|---|---|---|
| 2 | 1 | Andreas Steffen | |
| 3 | 2 | Andreas Steffen | h2. Connect to a TPM 2.0 device |
| 4 | 2 | Andreas Steffen | |
| 5 | 2 | Andreas Steffen | In order to connect to a TPM 2.0 hardware or firmware device, the TSS2 stack developed by Intel is needed. Since the official Ubuntu *tpm2-tss* package is very old (Version 0.98) and the TPM resource manager TCTI interface has changed several times since, strongSwan currently is based on a recent version drawn from the TPM2-TSS git repository https://github.com/01org/TPM2.0-TSS. |
| 6 | 2 | Andreas Steffen | |
| 7 | 2 | Andreas Steffen | In order to avoid TCTI interface incompatibilities, the latatest *tpm2-tools* version should be fetched from https://github.com/01org/tpm2.0-tools. |
| 8 | 2 | Andreas Steffen | |
| 9 | 2 | Andreas Steffen | h2. Private Key Access via VICI interface |
| 10 | 2 | Andreas Steffen | |
| 11 | 1 | Andreas Steffen | Configuration of TPM private key access in *swanctl.conf* |
| 12 | 1 | Andreas Steffen | |
| 13 | 1 | Andreas Steffen | secrets { |
| 14 | 1 | Andreas Steffen | token_ak_rsa { |
| 15 | 1 | Andreas Steffen | handle = 81010002 |
| 16 | 1 | Andreas Steffen | } |
| 17 | 1 | Andreas Steffen | token_ak_ecc { |
| 18 | 1 | Andreas Steffen | handle = 81010004 |
| 19 | 1 | Andreas Steffen | } |
| 20 | 1 | Andreas Steffen | } |