From: Fuchs, Andreas <andreas.fuchs(a)sit.fraunhofer.de>
Sent: Tuesday, July 21, 2020 3:05 AM
To: phani.srinivas(a)in.abb.com; tpm2(a)lists.01.org
Subject: [tpm2] Re: Information Needed on FAPI Usage
* Does FAPI_createKey support symmetric key creation
No it does not. Reason is that most TPMs do not support it.
* Is there any Template for the crypto profile used in FAPI
I don't know what you mean by this?
By default, our implementation comes with two example profiles. RSA2kSHA256
and ECCP256SHA256 to be chosen in fapi-config file.
* How to specify the Unique value in the profile while creating the SRK
This is currently not forseen. Is this really necessary ?
We're currently using the most-used template.
Andreas is this not true, am I misreading the code?
My response yesterday:
I don't think there is.... the SRK follows the EK but with a few
So the unique values come from reading the NV index and it looks like
ifapi_init_primary_async() handles that case.
> * Can multiple profiles be used in FAPI and provisioned individually
> Yes, you can provision multiple profiles by changing the profile in the config and
> calling provision again.
> Just make sure that the persistent handles for the SRKs do not collide (inside the
> Then you can always access all provisioned profiles.
> Hope this helps,
> tpm2 mailing list -- tpm2(a)lists.01.org
> To unsubscribe send an email to tpm2-leave(a)lists.01.org