Wyllys Ingersoll wrote a great post today on the
new Trusted Platform Module, and the plugin, pkcs11_tpm.so, that hooks it all into the Oracle Solaris Cryptographic Framework in Oracle Solaris 11 Express 2010.11. You can enable and disable the TPM provider via cryptoadm:
# cryptoadm list -p provider=/usr/lib/security/\$ISA/pkcs11_tpm.so
/usr/lib/security/$ISA/pkcs11_tpm.so: all mechanisms are enabled.
# cryptoadm disable provider=/usr/lib/security/\$ISA/pkcs11_tpm.so mechanism=all
# cryptoadm list -p provider=/usr/lib/security/\$ISA/pkcs11_tpm.so
/usr/lib/security/$ISA/pkcs11_tpm.so: all mechanisms are disabled.
# cryptoadm enable provider=/usr/lib/security/\$ISA/pkcs11_tpm.so mechanism=all
You can find out more about configuring the actual TPM device over on Wyllys's blog.
Posts
No comments:
Post a Comment