pemtpm
pemtpm
is an utility based on ibmtpm20tss-tss
that extracts from the private key in PEM format the arguments:
objectPublic
(TPM2B_PUBLIC)duplicate
(TPM2B_PRIVATE)
Why would I need this utility?
These arguments are needed by the TPM2_Import
command.
If you want to import keys generated by OpenSSL on your TPM, you would need
to run the importpem
utility from the ibmtpm20tss
toolset.
In some environments, importpem
would not be able to execute because of its
size (due to the openssl dependency). Therefore, this utility retrives the
correct arguments to TPM2_Import from the private key removing the hassle to
include ibmtpm20tss
in constrained environments.
How to use it?
Generate a RSA private key with OpenSSL in PEM format:
openssl genrsa -out private.pem 2048
Use pemtpm to get the objectPublic
and duplicate
arguments:
./pemtpm -ipem private.pem -opu opu.bin -opr opr.bin