Hello,

 

I am learning about the TSS and TPM techonologies.
I have provisioned the TPM with the default settings, which means I am now using the ECC profile (P_ECCP256SHA256).

However, encryption was a requirement I needed to fulfill. I just didn't know that ECC encryption is currently not supported and now I realize RSA would be a better fit for me.

So here is my question:

• I see there is another profile in /usr/local/etc/tpm2-tss/fapi-profiles, namely P_RSA2048SHA256.json. Is there a way I can encrypt using the RSA profile instead of the ECC one? I tried to re-run tss2_provision, after setting it in fapi-config.json, but it seems this is not the way to proceed. I get the message that the TPM has been already provisioned. What is the correct way of "changing" profile? Is it even possible or do I need to reset the TPM?

Thank you for your help.

Anthony Arrascue