Dear Nestor, Could you please fill an issue on GitHub? It's much simpler for us to follow the issues there.
On Fri, Aug 6, 2021 at 9:13 PM Nestor Melo <nestor.m...@zpesystems.com> wrote: > Greetings, > > > We use a TPM2 device to generate private keys with tpm2-tss-engine: > https://github.com/tpm2-software/tpm2-tss-engine > > While attempting to extract the public key from a TSS2 private key using > OpenSSL 3.0.0-beta2 and tpm2-tss-engine, I received a message "PEM format > not supported": > > openssl rsa -engine libtpm2tss -inform engine -in privkey.pem -pubout > -outform PEM -out pubkey.pem > Engine "tpm2tss" set. > writing RSA key > PEM format not supported > > Although it is recommended to use providers instead of engines with > OpenSSL 3.0.0, are engines still supported? Should the above operation be > expected to work? > > Here is an example of a private key was generated with tpm2-tss-engine's > tpm2tss-genkey: > -----BEGIN TSS2 PRIVATE KEY----- > MIIB8gYGZ4EFCgEDoAMBAQECBEAAAAEEggEYARYAAQALAAYEcgAAABAAEAgAAAEA > AQEAmT8O+ikRX5eTRUsDXrBAephW1YLEITkKxviFzIxF7R1K1jlDIXI8PKhc6tUE > sEDfgTNtldmc3nxPmJBxeAzIQrGAAUjGY74xtvbe6T6muU9FHGVpw1e3LelewFCQ > yR+t36GaOBY+S4Bc0DC0KhSoFakiwYt2vtQvm0W54cwxg7B4aSfcBUNHFPB5J90c > ere/o20QpNvb7mw/kwvoTSzsyQT5qMZALKZeRFZ42991dGWJpnfC30xieXCMoD7z > x5hhc5Uf5EbFtxeWaT2HTfs0h0OxigQSjXdmCJPeJVoMPOoF2FK+PbZwPn2UDKyo > SqhsmZ+9hvkUWylDYiXfm24TUwSBwAC+ACDJpk4p0h4Q3UEtwph3oNy5xR7hya4S > XHqabuThC+xX1AAQDTukmp9lruULdnZALN1Lyw1AMw+7F2BBx786jjOmg9rX+umB > ffGZSs187UAjmfe98XUk9oNsZkgB7HEsDRIOXoET+9R0KI48whV3Z/Kwag+UmErL > KRTOl5zEUenbQi8/CBDVpuxKMyKl6tYc38iNh2rA8Eju9tv+x6kPv/5/JxmXSpgQ > rCSHxBQFxnnITejU/RMqCHMZpCly2A== > -----END TSS2 PRIVATE KEY----- > > If I use instead the TPM2 provider tpm2-openssl > https://github.com/tpm2-software/tpm2-openssl > > the command > openssl rsa -provider tpm2 -in privkey.pem -pubout -outform PEM -out > pubkey.pem > > works, producing: > -----BEGIN PUBLIC KEY----- > MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmT8O+ikRX5eTRUsDXrBA > ephW1YLEITkKxviFzIxF7R1K1jlDIXI8PKhc6tUEsEDfgTNtldmc3nxPmJBxeAzI > QrGAAUjGY74xtvbe6T6muU9FHGVpw1e3LelewFCQyR+t36GaOBY+S4Bc0DC0KhSo > FakiwYt2vtQvm0W54cwxg7B4aSfcBUNHFPB5J90cere/o20QpNvb7mw/kwvoTSzs > yQT5qMZALKZeRFZ42991dGWJpnfC30xieXCMoD7zx5hhc5Uf5EbFtxeWaT2HTfs0 > h0OxigQSjXdmCJPeJVoMPOoF2FK+PbZwPn2UDKyoSqhsmZ+9hvkUWylDYiXfm24T > UwIDAQAB > -----END PUBLIC KEY----- > > > Thank you, > > Nestor Melo > > > -- SY, Dmitry Belyavsky
