[barbican] TPM2.0 backend

Balázs Gibizer balazs.gibizer at est.tech
Tue Jan 28 13:30:26 UTC 2020



On Mon, Jan 20, 2020 at 10:00, Balázs Gibizer 
<balazs.gibizer at est.tech> wrote:
> Hi,
> 
> Looking at the Barbican documentation I see that the secrets can be
> stored on disk (SimpleCrypto backend) or in a HW vendor specific HSM
> module. Is there a way to use a TPM 2.0 device as the backend of
> Barbican via something like [1]?

On the today's barbican IRC meeting I got my question answered. In 
short it is feasible but at the moment no barbican in-tree 
implementation exists. Also barbican would accept such contribution.


Cheers,
gibi

[2] 
http://eavesdrop.openstack.org/meetings/barbican/2020/barbican.2020-01-28-13.05.log.html#l-47

> 
> Cheers,
> gibi
> 
> [1] https://github.com/tpm2-software/tpm2-pkcs11
> 
> 
> 





More information about the openstack-discuss mailing list