Hi everyone,

Did somebody understand how to use the TPM engine with wpa_supplicant?
I follow that
http://w1.fi/gitweb/gitweb.cgi?p=hostap.git;a=blob_plain;f=wpa_supplicant/examples/openCryptoki.conf;hb=HEAD

My wpa_supplicant.conf is:

ctrl_interface=/var/run/wpa_supplicant
ap_scan=0
eapol_version=2
pkcs11_engine_path=/usr/local/ssl/lib/engines/libtpm.so
network={

key_mgmt=IEEE8021X
eap=TLS
eapol_flags=0

engine=1
engine_id="tpm"
key_id="...clienttpm_key"
pin="userpin"

ca_cert="/.../cacert.pem"
client_cert="/.../clienttpm_cert.pem"
# private_key="/.../clienttpm_key"
# private_key_passwd="pass"

identity="someid"
password="pass"
}

I create the key with the "create_tpm_key" from the libengine-tpm-openssl.
I set the path to this key in "key_id" because key_id is sent to
"tpm_engine_load_key" and represent the path to the key file.

And the output error given by wpa_supplicant is :
ENGINE: engine initialized
ENGINE: cannot load private key with id '.../clienttpm_key'
[error:8006F06D:tpm engine:TPM_ENGINE_LOAD_KEY:request failed]

"TPM_ENGINE_LOAD_KEY:request failed" come from "e_tpm.c", function
"tpm_engine_load_key", when this is reached :
TSSerr(TPM_F_TPM_ENGINE_LOAD_KEY, TPM_R_REQUEST_FAILED);

But this could happenned in multiple place in the code


So I'm trapped.
Thank's in advance!


J.