英文:
How to use ESAPI TPM implementation TSS for java
问题
我正在使用TPM,我在TPM基础知识方面进行了大量搜索,现在我安装了TPM模拟器,它运行在2321端口。
现在我在访问TPM方面遇到了一个问题,所以我选择使用ESAPI来实现TPM的TSS。
如果有一些关于Java ESAPI用于TPM TSS的示例代码,将会很有帮助。
英文:
I am working TPM I search a lot on TPM basics and now I installed TPM simulator it runs on port of 2321.
Now I have one problem with accessing the TPM so I choose ESAPI to implement TSS for TPM.
If there some example code of Java ESAPI for TPM TSS it will be helpful
答案1
得分: 2
OWASP ESAPI Crypto目前不支持ESAPI 2.x中的TPM和TCG软件堆栈(TSS)规范。(实际上,目前它对密钥管理的支持非常粗糙,以保持简单。这在ESAPI 3中被考虑作为扩展,一旦所有的ESAPI模块被拆分成单独的JAR包。)
目前,如果需要支持密钥管理和密钥更改操作的强加密,我建议查看Google Tink。(我倾向于在3.0版本中将Tink作为ESAPI Crypto的基础,但这还需要一段时间。)Tink尚未支持TPM(虽然有一个开放的GitHub问题,参见https://github.com/google/tink/issues/389),但它对一些基于云的类似HSM的系统(如AWS KMS,可能还包括AWS CloudHSM,我认为还对基于Azure和Google云的KMS有一些支持)提供了部分支持。
另外,您可能希望参考https://stackoverflow.com/questions/7127801/information-needed-to-utilize-tpm-in-java。
英文:
OWASP ESAPI Crypto does not currently support TPM nor the TCG Software Stack (TSS) specification in ESAPI 2.x. (In fact, it's current support for key management at the moment is extremely crude in order to keep it simple. That is being considered as an extension in ESAPI 3 once all the ESAPI modules will be split up into separate jars.)
For now, if need strong cryptography supporting key management and key change operations, I'd suggest looking at Google Tink. (I am leaning towards using Tink as the foundation for ESAPI Crypto in 3.0 releases, which is still a way off.) Tink does support TPM yet (although there is an open GitHub issue for it; see https://github.com/google/tink/issues/389), but it does have some support for some cloud-based HSM-like systems (AWS KMS and maybe AWS CloudHSM and I think there is some support for Azure and Google cloud-based KMS as well).
Also, you may wish to reference https://stackoverflow.com/questions/7127801/information-needed-to-utilize-tpm-in-java
通过集体智慧和协作来改善编程学习和解决问题的方式。致力于成为全球开发者共同参与的知识库,让每个人都能够通过互相帮助和分享经验来进步。
评论