Comments (5)
Foxboron
commented on May 30, 2024
1
Would you like me to check with Alex and Jim, perhaps also Christ @ Google about this?
The talk from 2021 is just very old at this point. They gave up on trying to implement everything inside the higher-level abstraction tpm2 library in go-tpm and have moved to the tpmdirect implementation from Chris Fenner (Google/TCG) which is a 1:1 implementation of the TPM spec.
It does support session encryption, as you'd expect.
Chris also reviewed my usage of the new API in age-plugin-tpm, and the code reviewed there is mostly copy-pasted to this project.
See Foxboron/age-plugin-tpm#9 (comment)
from ssh-tpm-agent.
Foxboron
commented on May 30, 2024
1
Should also mark this as fixed with 2ab0b32
from ssh-tpm-agent.
tomoveu
commented on May 30, 2024
@Foxboron I remember Alex Wu mentioned during TPMdev2021 conference that Go-tpm does not support parameter encryption session at the time. Back then, Google primarily used go-tpm for virtual TPMs. Later on, encryption session support was added, but I do not know how complete it is.
Would you like me to check with Alex and Jim, perhaps also Christ @ Google about this?
Cheers,
Dimi / Founder of TPM.dev
from ssh-tpm-agent.
tomoveu
commented on May 30, 2024
I am happy that you solved it.
The tpm-direct interface changed things a lot. Originally, go-tpm was made as something that will provide a mild layer for easy of us and safety, and would never give users the direct access (re 2021 go-tpm goals). Funny how things change over time :)
from ssh-tpm-agent.
Foxboron
commented on May 30, 2024
Fixed with 2ab0b32 and ebc50ff
from ssh-tpm-agent.
Related Issues (20)
- Maybe bug: Crashed once when trying to log in HOT 2
- PCR binding support HOT 15
- Problem when proxying agent, breaks at one point HOT 2
- Don't add suffix if user added it already HOT 1
- Load key "/home/jc/.ssh/hh-8192_rsa.tpm": error in libcrypto HOT 3
- Integrity check failed
- Cannot import ecdsa-sha2-nistp384 HOT 5
- host key functionality fails HOT 5
- user key functionality fails HOT 18
- agent-forwarding does not work with certificates HOT 6
- ssh-tpm-add does not have -l functionality HOT 2
- Ed25519 key type support HOT 1
- ArchLinux package doesn't set the executable bit on install
- ssh-tpm-agent --print socket prints value of $SSH_AUTH_SOCK and not its own socket HOT 2
- Change PIN HOT 6
- 0.3.0: default key length not valid HOT 11
- 0.3.0: absolute paths are rewritten
- pinentry uses a non-descriptive name HOT 1
- Support SSH_ASKPASS
- ssh-agent proxy support HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from ssh-tpm-agent.