* Re: [tpm2] TPM questions
@ 2018-10-17 17:26 Philip Tricca
0 siblings, 0 replies; 3+ messages in thread
From: Philip Tricca @ 2018-10-17 17:26 UTC (permalink / raw)
To: tpm2
[-- Attachment #1: Type: text/plain, Size: 3327 bytes --]
With regard to the UEFI TCTI this may be useful:
https://github.com/flihp/tpm2-uefi
Also see the last slide from our LSS talk:
https://events.linuxfoundation.org/wp-content/uploads/2017/11/Getting-Started-with-the-TPM2-Software-Stack-TSS2-Philip-Tricca-Intel-1.pdf
Finding a way to work this back into the tpm2-software GH org is in my
work queue. Feedback would be appreciated.
Philip
On Thu, Oct 11, 2018 at 07:56:11AM +0000, Fuchs, Andreas wrote:
> Some quick answers to parts of your questions:
>
> a) you don't require the simulator. It's just for development
> c) export TSS2_LOG=tcti+debug
> d) use cgdb to step through the code: libtool --mode=execute cgdb --args tpm2_xxx ... or something like this
> e) you can use libtss2-sys.a directly. Thing you need is to implement a new tcti that corresponds to your environment.
>
> Cheers,
> Andreas
>
> ________________________________
> From: tpm2 [tpm2-bounces(a)lists.01.org] on behalf of Alok Pant [alokpant(a)hotmail.com]
> Sent: Wednesday, October 10, 2018 21:39
> To: tpm2(a)lists.01.org; Alok Pant
> Subject: [tpm2] TPM questions
>
>
> Hi TPM Experts,
>
> I come from computer firmware (UEF aka BIOSI) background and have basis understanding of TPM. My goal is to implement the advance TPM capabilities (ex-policy based operation) in PreOS space in firmware/BIOS. With various reverse engineering method I now have basic understanding of Auth/Handle and basic commands such as seal/unseal etc. I am still lost while reading various spec/books and was searching for reference code and sandbox area to better understand the spec/implementation. I came across this wiki - https://github.com/tpm2-software/tpm2-tools/blob/master/INSTALL.md and tried to play with tpm2-tss and tpm2-tools under Ubuntu. This seems helpful but still lot to digest for new-bee like meI need some help as below
>
>
>
> a) I can compile tpm2_tss and tpm2_tools but I get build errors on TPM simulator similar to reported here (https://sourceforge.net/p/ibmswtpm2/discussion/general/thread/8a4aac81/?limit=25) I tried various OpenSSL revision and no luck. Do I need TPM simulator to work and if so how do I fix it
>
>
> b) I can now run various tpm_tools as root (i.e. sudo tpm2_getrandom, sudo get_capabilities -c algorithms) etc so at least I have a good baseline for tpmtools
>
> c) I am interested to print the low level packet that is sent to TPM (request/response buffer). How can I do this? Is there verbose/build time options to print the actual request/response packet send to/from TPM
>
> d) Is there a way to debug (i.e. step through the code) so I can follow the code path and look various variable to better understand the code flow
>
> e) What afford is needed to port this stack in UEFI EDKII and where should I look to start some investigation
>
>
> It seems there are subset of people (you) who understand it very well but there are insufficient books/document for new-comers(me) to get up to speed. I apologize if this is too basic/broad question . Any help/pointers will be greatly appreciated
>
>
> Thanks again for offering help
>
> -Alok
>
>
> _______________________________________________
> tpm2 mailing list
> tpm2(a)lists.01.org
> https://lists.01.org/mailman/listinfo/tpm2
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: [tpm2] TPM questions
@ 2018-10-11 7:56 Fuchs, Andreas
0 siblings, 0 replies; 3+ messages in thread
From: Fuchs, Andreas @ 2018-10-11 7:56 UTC (permalink / raw)
To: tpm2
[-- Attachment #1: Type: text/plain, Size: 2630 bytes --]
Some quick answers to parts of your questions:
a) you don't require the simulator. It's just for development
c) export TSS2_LOG=tcti+debug
d) use cgdb to step through the code: libtool --mode=execute cgdb --args tpm2_xxx ... or something like this
e) you can use libtss2-sys.a directly. Thing you need is to implement a new tcti that corresponds to your environment.
Cheers,
Andreas
________________________________
From: tpm2 [tpm2-bounces(a)lists.01.org] on behalf of Alok Pant [alokpant(a)hotmail.com]
Sent: Wednesday, October 10, 2018 21:39
To: tpm2(a)lists.01.org; Alok Pant
Subject: [tpm2] TPM questions
Hi TPM Experts,
I come from computer firmware (UEF aka BIOSI) background and have basis understanding of TPM. My goal is to implement the advance TPM capabilities (ex-policy based operation) in PreOS space in firmware/BIOS. With various reverse engineering method I now have basic understanding of Auth/Handle and basic commands such as seal/unseal etc. I am still lost while reading various spec/books and was searching for reference code and sandbox area to better understand the spec/implementation. I came across this wiki - https://github.com/tpm2-software/tpm2-tools/blob/master/INSTALL.md and tried to play with tpm2-tss and tpm2-tools under Ubuntu. This seems helpful but still lot to digest for new-bee like meI need some help as below
a) I can compile tpm2_tss and tpm2_tools but I get build errors on TPM simulator similar to reported here (https://sourceforge.net/p/ibmswtpm2/discussion/general/thread/8a4aac81/?limit=25) I tried various OpenSSL revision and no luck. Do I need TPM simulator to work and if so how do I fix it
b) I can now run various tpm_tools as root (i.e. sudo tpm2_getrandom, sudo get_capabilities -c algorithms) etc so at least I have a good baseline for tpmtools
c) I am interested to print the low level packet that is sent to TPM (request/response buffer). How can I do this? Is there verbose/build time options to print the actual request/response packet send to/from TPM
d) Is there a way to debug (i.e. step through the code) so I can follow the code path and look various variable to better understand the code flow
e) What afford is needed to port this stack in UEFI EDKII and where should I look to start some investigation
It seems there are subset of people (you) who understand it very well but there are insufficient books/document for new-comers(me) to get up to speed. I apologize if this is too basic/broad question . Any help/pointers will be greatly appreciated
Thanks again for offering help
-Alok
[-- Attachment #2: attachment.html --]
[-- Type: text/html, Size: 4836 bytes --]
^ permalink raw reply [flat|nested] 3+ messages in thread
* [tpm2] TPM questions
@ 2018-10-10 19:39 Alok Pant
0 siblings, 0 replies; 3+ messages in thread
From: Alok Pant @ 2018-10-10 19:39 UTC (permalink / raw)
To: tpm2
[-- Attachment #1: Type: text/plain, Size: 1998 bytes --]
Hi TPM Experts,
I come from computer firmware (UEF aka BIOSI) background and have basis understanding of TPM. My goal is to implement the advance TPM capabilities (ex-policy based operation) in PreOS space in firmware/BIOS. With various reverse engineering method I now have basic understanding of Auth/Handle and basic commands such as seal/unseal etc. I am still lost while reading various spec/books and was searching for reference code and sandbox area to better understand the spec/implementation. I came across this wiki - https://github.com/tpm2-software/tpm2-tools/blob/master/INSTALL.md and tried to play with tpm2-tss and tpm2-tools under Ubuntu. This seems helpful but still lot to digest for new-bee like meI need some help as below
a) I can compile tpm2_tss and tpm2_tools but I get build errors on TPM simulator similar to reported here (https://sourceforge.net/p/ibmswtpm2/discussion/general/thread/8a4aac81/?limit=25) I tried various OpenSSL revision and no luck. Do I need TPM simulator to work and if so how do I fix it
b) I can now run various tpm_tools as root (i.e. sudo tpm2_getrandom, sudo get_capabilities -c algorithms) etc so at least I have a good baseline for tpmtools
c) I am interested to print the low level packet that is sent to TPM (request/response buffer). How can I do this? Is there verbose/build time options to print the actual request/response packet send to/from TPM
d) Is there a way to debug (i.e. step through the code) so I can follow the code path and look various variable to better understand the code flow
e) What afford is needed to port this stack in UEFI EDKII and where should I look to start some investigation
It seems there are subset of people (you) who understand it very well but there are insufficient books/document for new-comers(me) to get up to speed. I apologize if this is too basic/broad question . Any help/pointers will be greatly appreciated
Thanks again for offering help
-Alok
[-- Attachment #2: attachment.html --]
[-- Type: text/html, Size: 3608 bytes --]
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2018-10-17 17:26 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2018-10-17 17:26 [tpm2] TPM questions Philip Tricca
-- strict thread matches above, loose matches on Subject: below --
2018-10-11 7:56 Fuchs, Andreas
2018-10-10 19:39 Alok Pant
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.