How to use ESAPI TPM implementation TSS for java

288 views Asked by At

I am working TPM I search a lot on TPM basics and now I installed TPM simulator it runs on port of 2321. Now I have one problem with accessing the TPM so I choose ESAPI to implement TSS for TPM. If there some example code of Java ESAPI for TPM TSS it will be helpful

1

There are 1 answers

0
Kevin W. Wall On

OWASP ESAPI Crypto does not currently support TPM nor the TCG Software Stack (TSS) specification in ESAPI 2.x. (In fact, it's current support for key management at the moment is extremely crude in order to keep it simple. That is being considered as an extension in ESAPI 3 once all the ESAPI modules will be split up into separate jars.)

For now, if need strong cryptography supporting key management and key change operations, I'd suggest looking at Google Tink. (I am leaning towards using Tink as the foundation for ESAPI Crypto in 3.0 releases, which is still a way off.) Tink does support TPM yet (although there is an open GitHub issue for it; see https://github.com/google/tink/issues/389), but it does have some support for some cloud-based HSM-like systems (AWS KMS and maybe AWS CloudHSM and I think there is some support for Azure and Google cloud-based KMS as well).

Also, you may wish to reference Information needed to utilize TPM in Java