Comments (8)
gedw99
commented on September 6, 2024
Go-TPM is a Go library that communicates directly with a TPM device on Linux or Windows machines.
So I need to try on Darwin as I think the api is radically different on Darwin
from age-plugin-tpm.
Foxboron
commented on September 6, 2024
OSX does not use TPMs, they use "Secure Enclave" so that needs this https://github.com/remko/age-plugin-se
I can't guarantee any functionality at this moment as the Google TPM library is getting a new API soon'ish and I'm in the progress of figuring it out.
from age-plugin-tpm.
Foxboron
commented on September 6, 2024
and fwiw, I'm in the process of rewriting the identity handling so we can have TPM keys sealed outside of the TPMs to mitigate the generally small storage space the TPMs has for internal keys.
from age-plugin-tpm.
gedw99
commented on September 6, 2024
Hey
thanks for quickly responding.
right - yep apple goes their own way..
you know way more about it than me.
so when can I dog food it - I can help test and code it
from age-plugin-tpm.
Foxboron
commented on September 6, 2024
You can play around with the tooling using the --swtpm flag or AGE_PLUGIN_TPM_SWTPM=1 environment variable to utilize a software TPM (depends on swtpm), which would allow you to use it outside of your actual TPM.
But keep in mind I don't make any stability guarantees until an eventual 1.0 release.
from age-plugin-tpm.
gedw99
commented on September 6, 2024
No sweat - it’s beta beta .
I will yt it out with the mocking layer you suggested.
I use age currently btw and mkcert. My intent is to make it easy peasy for non techies to run self hosted with good secret practices for the config and days 2 ops.
Also for people to run their own password and passkey software and not need a third party. Either syncing between all their devices independent of OS. Currently passkeys are trapped / synced per OS which reinforces the incumbent OS gateways . It’s possible to instead setup sync cross OS using setup QR codes and other mechanisms .
from age-plugin-tpm.
gedw99
commented on September 6, 2024
I had a play..
https://github.com/remko/age-plugin-se
does not work on my old intel mac :) Will try new mac
But i noticed that this code can easily be turned into golang code so users don't need the brew aspects:
https://github.com/remko/age-plugin-se/tree/main/Sources
so i raised an Issue here : Foxboron/swtpm_test#1
so then it wont be a plugin and all that hassle.
from age-plugin-tpm.
Foxboron
commented on September 6, 2024
As explained over email, this plugin won't support Microsoft Windows and Apple.
from age-plugin-tpm.
Related Issues (14)
- Support pins for the keys HOT 1
- Create ephemeral TPM keys on the recipient side
- Rename AGE_PLUGIN_TPM_SWTPM to AGE_TPM_SWTPM HOT 1
- Performance improvements? HOT 4
- Support ECC keys HOT 1
- Use the new age-piv-p256 recipient
- Sealing keys with PCRs HOT 1
- Program fails when encrypting when there is no permission to the TPM HOT 2
- Implementing Seal support for keys HOT 1
- Save the key context outside of the TPM HOT 2
- Implement a key tag HOT 1
- Implement a proper `setup` command HOT 1
- Encrypting with multiple recipients results in an error upon decryption HOT 9
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from age-plugin-tpm.