On Tue, 2018-09-18 at 00:24 -0500, Denis Kenzior wrote:
Hi David,
On 09/18/2018 10:50 AM, David Howells wrote:
Denis Kenzior <denkenz@xxxxxxxxx> wrote:
openssl asn1parse -inform pem -in /tmp/privkey.2048.tpm -noout \
-out /tmp/privkey.2048.der
You can use "... -out - | ..." instead.
Aha! okay, that is even more elegant. Your openssl-fu is better than
mine :)
'grep -v ^----- | base64 -d' also works most of the time :)
You are passing the raw DER to the kernel in both cases, right? And the
kernel just happens to know that if it receives a bare OCTET-STRING
it's supposed to treat it as a TPMv1.2 key?