[strongSwan] TPM2.0 and ESAPI
Andreas Steffen
andreas.steffen at strongswan.org
Tue Jun 26 17:07:43 CEST 2018
Cześć Piotr,
I've been aware of the emerging ESAPI which is indeed offering increased
security in the communication with the TPM 2.0 and [hopefully] easier
session handling but I wanted to wait for the 2.0.0 stable release,
which apparently happened 5 days ago.
Porting the strongSwan tpm plugin to ESAPI would be made much easier if
the tpm2-tools would also adopt the ESAPI session handling, thus
offering example code on how the new API is supposed to be used.
Pozdrowienia
Andreas
On 26.06.2018 08:35, Piotr Parus wrote:
> Hello!
>
> From the source code I see that when strongswan uses TPM2.0 chip it
> uses TSS System API (SAPI) without sessions. Does the strongswan
> maintainers have plans to switch to Enhanced System API (ESAPI) which
> enables easier session handling and encrypting transmission on the wire
> to the TPM chip?
>
> Best regards,
>
> Piotr Parus
>
--
======================================================================
Andreas Steffen andreas.steffen at strongswan.org
strongSwan - the Open Source VPN Solution! www.strongswan.org
Institute for Networked Solutions
HSR University of Applied Sciences Rapperswil
CH-8640 Rapperswil (Switzerland)
===========================================================[INS-HSR]==
More information about the Users
mailing list