In the 'tpm2' branch, I have added support for client keys stored in a v2.0 TPM. The GnuTLS builds work with either the Intel TSS library (v2.0 onwards, with tss-esys), or with the IBM one. For OpenSSL builds, it uses the openssl_tpm2_engine. We are finalising some details of the PEM storage format (and the licensing of the IBM TSS code), but once that's done I'll push it to master. And an OpenConnect 8.0 release probably won't be far behind. -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/x-pkcs7-signature Size: 5213 bytes Desc: not available URL: <http://lists.infradead.org/pipermail/openconnect-devel/attachments/20181010/c3d14ec9/attachment.bin>
