diff options
Diffstat (limited to 'tpm-tools')
-rw-r--r-- | tpm-tools/INSTALL | 53 | ||||
-rw-r--r-- | tpm-tools/LICENSE | 14 | ||||
-rw-r--r-- | tpm-tools/README | 17 | ||||
-rwxr-xr-x | tpm-tools/initandverify/Duplicate.sh | 6 | ||||
-rwxr-xr-x | tpm-tools/initandverify/ImportTpmKey.sh | 6 | ||||
-rwxr-xr-x | tpm-tools/initandverify/Init_and_create_tpm_primary.sh | 58 | ||||
-rwxr-xr-x | tpm-tools/initandverify/Sign_Verify_test.sh | 35 | ||||
-rw-r--r-- | tpm-tools/initandverify/private.pem | 27 | ||||
-rw-r--r-- | tpm-tools/initandverify/public.pem | 9 |
9 files changed, 0 insertions, 225 deletions
diff --git a/tpm-tools/INSTALL b/tpm-tools/INSTALL deleted file mode 100644 index a33bc6b..0000000 --- a/tpm-tools/INSTALL +++ /dev/null @@ -1,53 +0,0 @@ -1. Download TPM emulator - ibmtpm974.tar.gz - a. cd src/ - b. make - c. Run tpm_server binary - ./tpm_server –rm - -2. Download TSS version 1.2.0 - a. Run following commands - i. ./bootstrap - ii. ./configure - iii. If you face any error for pkg-config, - 1. export PKG_CONFIG_PATH=/usr/local/lib/pkgconfig - iv. make && make install - -3. Download tpm2-abrmd version 1.1.1 - a. Run following commands - i. sudo useradd --system --user-group tss - ii. cd tpm2-abrmd - iii. ./bootstrap - iv. ./configure - v. If you face any error for pkg-config, - 1. export PKG_CONFIG_PATH=/usr/local/lib/pkgconfig - vi. make && make install - vii. sudo udevadm control --reload-rules && sudo udevadm trigger - viii. sudo pkill -HUP dbus-daemon - ix. systemctl daemon-reload - b. Run tpm2-abrmd as follows - ./tpm2-abrmd -t socket - c. Check in tpm_server whether following debug prints are resulted in console, after resource manager startup - Client accepted - Client accepted - -4. Download tpm2-tools version 2.1.0 - a. Run the following commands - i. ./bootstrap - ii. ./configure - iii. make && make install - -5. Now configure Initialize TPM, configure with Primary key and then save it in TPM’s NV ram - a. Initialize TPM - i. tpm2_startup -clear -T tabrmd –V - b. Take ownership - i. tpm2_takeownership -o new -e new -l new -T tabrmd –V - c. Create Primary Key - i. tpm2_createprimary -P new -A o -g 0x000B -G 0x0001 -T tabrmd -V -C PrimaryKeyBlob - d. Save primary Key in NV ram - i. tpm2_evictcontrol -A o -c ./PrimaryKeyBlob -S 0x81000011 -T tabrmd -V -P new - e. Check Primary Keys public portion - i. tpm2_readpublic -H 0x81000011 --opu out_primary_public -T tabrmd –V - f. If all the above commands are successful then TPM emulator, TPM resource manager and TPM tools are working fine - -6. Now compile the TPM duplication tool with "make" command and run it as per instructions. use "./ossl_tpm_util --help" for usage. - -7. Note: If you restart tpm_server, then you have to restart TPM resource manager too. And the repeat from step 5. - diff --git a/tpm-tools/LICENSE b/tpm-tools/LICENSE deleted file mode 100644 index 366ca6c..0000000 --- a/tpm-tools/LICENSE +++ /dev/null @@ -1,14 +0,0 @@ -/* Copyright 2018 Intel Corporation, Inc -* -* Licensed under the Apache License, Version 2.0 (the "License"); -* you may not use this file except in compliance with the License. -* You may obtain a copy of the License at -* -* http://www.apache.org/licenses/LICENSE-2.0 -* -* Unless required by applicable law or agreed to in writing, software -* distributed under the License is distributed on an "AS IS" BASIS, -* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -* See the License for the specific language governing permissions and -* limitations under the License. -*/ diff --git a/tpm-tools/README b/tpm-tools/README deleted file mode 100644 index a49420c..0000000 --- a/tpm-tools/README +++ /dev/null @@ -1,17 +0,0 @@ - -After the installation of steps as given in the INSTALL document, -follow the steps below. - -After you have installed the tools in "Duplicate" and "Import" directory - -1. Run the Init_and_create_tpm_primary.sh to initialize the connection to TPM -and load the primary key into the TPM - -2. Run the Duplicate.sh which takes RSA private key in pem format as input and -generates TPM structured buffers - -3. Run the ImportTpmKey.sh which takes the generated buffers from the "Duplicate tool" -and generates the private and public portion of the tpm loaded key - -4. Run the Sign_Verify_test.sh which loads the key and does the sign and verify -operation diff --git a/tpm-tools/initandverify/Duplicate.sh b/tpm-tools/initandverify/Duplicate.sh deleted file mode 100755 index fd95c09..0000000 --- a/tpm-tools/initandverify/Duplicate.sh +++ /dev/null @@ -1,6 +0,0 @@ -#!/bin/sh - -echo "../duplicate/ossl_tpm_duplicate -pemfile ./private.pem -parentPub out_parent_public -dupPub dupPub -dupPriv dupPriv -dupSymSeed dupSymseed -dupEncKey dupEncKey" -rm -f dupPub dupPriv dupSymseed dupEncKey -../duplicate/ossl_tpm_duplicate -pemfile ./private.pem -parentPub out_parent_public -dupPub dupPub -dupPriv dupPriv -dupSymSeed dupSymseed -dupEncKey dupEncKey - diff --git a/tpm-tools/initandverify/ImportTpmKey.sh b/tpm-tools/initandverify/ImportTpmKey.sh deleted file mode 100755 index 0ff4848..0000000 --- a/tpm-tools/initandverify/ImportTpmKey.sh +++ /dev/null @@ -1,6 +0,0 @@ -#!/bin/sh - -echo "../import/ossl_tpm_import -H 0x81000011 -dupPub dupPub -dupPriv dupPriv -dupSymSeed dupSymseed -dupEncKey dupEncKey -pub outPub -priv outPriv" -rm -f outPub outPriv -../import/ossl_tpm_import -H 0x81000011 -dupPub dupPub -dupPriv dupPriv -dupSymSeed dupSymseed -dupEncKey dupEncKey -pub outPub -priv outPriv - diff --git a/tpm-tools/initandverify/Init_and_create_tpm_primary.sh b/tpm-tools/initandverify/Init_and_create_tpm_primary.sh deleted file mode 100755 index 6863102..0000000 --- a/tpm-tools/initandverify/Init_and_create_tpm_primary.sh +++ /dev/null @@ -1,58 +0,0 @@ -#!/bin/sh - -case "$1" in - ---out-public) - out_primary_public=$2 - ;; - ---help) - echo "$0 [--out-public primaty_public_bin_file (optional)]" - exit 0 - ;; - -*) - out_primary_public="out_parent_public" - ;; - -esac - -#echo "out-public file: $out_primary_public" - -# TPM initialize -echo "tpm2_startup -clear -T tabrmd -V" -tpm2_startup -clear -T tabrmd -V -if [ $? -ne 0 ]; then echo; echo -e "${RED}Error, Exit."; exit 1; fi -echo "" - -# Take ownership -echo "tpm2_takeownership -o new -e new -l new -T tabrmd -V" -tpm2_takeownership -o new -e new -l new -T tabrmd -V -if [ $? -ne 0 ]; then echo; echo -e "${RED}Error, Exit."; exit 1; fi -echo "" - -# Create Primary Key in RH_OWNER hierarchy -rm -f PrimaryKeyBlob -echo "tpm2_createprimary -P new -A o -g 0x000B -G 0x0001 -T tabrmd -V -C PrimaryKeyBlob" -tpm2_createprimary -P new -A o -g 0x000B -G 0x0001 -T tabrmd -V -C PrimaryKeyBlob -if [ $? -ne 0 ]; then echo; echo -e "${RED}Error, Exit."; exit 1; fi -echo "" - -# Store Primary Key in TPMs NV RAM -echo "tpm2_evictcontrol -A o -c ./PrimaryKeyBlob -S 0x81000011 -T tabrmd -V -P new" -tpm2_evictcontrol -A o -c ./PrimaryKeyBlob -S 0x81000011 -T tabrmd -V -P new -if [ $? -ne 0 ]; then echo; echo -e "${RED}Error, Exit."; exit 1; fi -echo "" -rm -f PrimaryKeyBlob - -# To test, Read public portion of TPM primary key with stored handle -rm -f $out_primary_public -echo "tpm2_readpublic -H 0x81000011 --opu $out_primary_public -T tabrmd -V" -tpm2_readpublic -H 0x81000011 --opu $out_primary_public -T tabrmd -V -if [ $? -ne 0 ]; then echo; echo -e "${RED}Error, Exit."; exit 1; fi -echo "" - - -# Some TPM commands to test -#tpm2_load -c PrimaryKeyBlob -u outPub -r outPriv -n ChildKeyName -C ContextChild - diff --git a/tpm-tools/initandverify/Sign_Verify_test.sh b/tpm-tools/initandverify/Sign_Verify_test.sh deleted file mode 100755 index 660dff9..0000000 --- a/tpm-tools/initandverify/Sign_Verify_test.sh +++ /dev/null @@ -1,35 +0,0 @@ -#!/bin/sh - -echo "hello world.." > hello_tpm.txt - -# Load the Child context in TPM -rm -f ChildKeyName ContextChild -tpm2_load -H 0x81000011 -u outPub -r outPriv -n ChildKeyName -C ContextChild - -echo "tpm2_hash -H o -g 0x00B -I hello_tpm.txt -o hello_tpm_hash.bin -t outTicket" -rm -f hello_tpm_hash.bin outTicket -tpm2_hash -H o -g 0x00B -I hello_tpm.txt -o hello_tpm_hash.bin -t outTicket -echo "" - -echo "tpm2_sign -c ContextChild -g 0x000B -m hello_tpm.txt -s hello_tpm.sig" -rm -f hello_tpm.sig -tpm2_sign -c ContextChild -g 0x000B -m hello_tpm.txt -s hello_tpm.sig -echo "" - -echo "tpm2_verifysignature -c ContextChild -g 0x000b -m hello_tpm.txt -s hello_tpm.sig -t tk.sig" -rm -f tk.sig -tpm2_verifysignature -c ContextChild -g 0x000b -m hello_tpm.txt -s hello_tpm.sig -t tk.sig -echo "" - -echo "Extracting signature from TPM format" -echo "dd if=hello_tpm.sig of=hello_tpm.sig.raw bs=1 skip=6 count=256" -rm -f hello_tpm.sig.raw -dd if=hello_tpm.sig of=hello_tpm.sig.raw bs=1 skip=6 count=256 -echo "" - -echo "openssl dgst -verify public.pem -keyform pem -sha256 -signature hello_tpm.sig.raw hello_tpm.txt" -openssl dgst -verify public.pem -keyform pem -sha256 -signature hello_tpm.sig.raw hello_tpm.txt -echo "" - -rm -f hello_tpm_hash.bin outTicket tk.sig - diff --git a/tpm-tools/initandverify/private.pem b/tpm-tools/initandverify/private.pem deleted file mode 100644 index 4ac26a2..0000000 --- a/tpm-tools/initandverify/private.pem +++ /dev/null @@ -1,27 +0,0 @@ ------BEGIN RSA PRIVATE KEY----- -MIIEpAIBAAKCAQEAxTuMhW1v3lPZWp7yoxngkVvqctJsuSA4F3LsGVB/Sz8shqQA -YGcoiVPP0jZM91V//FvyJIbMmV0+/05wedOm4gQk0PvJ/uIyiSb7eGFuqph0mmtt -FZRB1J7h7Wl84QIKqz7xLZdkjwPlr7t3cl2w/0CJ8ighTpDj0Vkqf15EYp67WLmL -kaF8Z+HB/pkZbLXFqSfAlblhqHQYsx4+Qv9r1uiziD90g2/Vx2TSRI1YSGkmDJOQ -pPK9IjUWIsUQDa4cmKen32bGjMgLcz2qpNf3o9uD4zp51zVIpYcEGzXNLn3yl/vy -57rhXHd83bSSLD67B1HCNF3Pt/jwWwUVOS5WfwIDAQABAoIBAB4EQBCWZS4a6Ltn -8VltOMYmjPnImI9cHe1Dqjb4D0duZ+Jd10jUqlCsFrbRWMlTk9TeUW3Jrh2xGUNV -trxzv7QqGUhM6aMG3dYNvrvFaEhCR4ywyLs+Av7O52dwZHcCDomdXKspnT4+w5gJ -Gdan96YBNn1KKjeAyYs03MjhmdrANS245NYSHzWWDt1nQDr6mpgaRO2+Ev3/08Mr -OQHBx6UFP0uQwFXNLUVJ8j8xqnI6HoBaFBHnra86auWZbq3giA0G1XfNwoC/s72P -Sd5MHtBBRkvLFbxZH6cad/mQ0CBgtjiYUzizqnz7mEUNQeriNiQqMA3tXS3iG540 -BoKIBmECgYEA5YokyUoARMzncKE0UWoKytKMKgF5l+5sV1o7jltHVVr1X2bFLaMk -a+BX1Rra5H5t4XVtjgf5IA8ta0AUaUE5OI8VlCTQGeDRLHZfCFIRF1oGuj834vk7 -KNQb9njd9AqQNT25P2Olr+pDLroO1WE7wdhHos3tRJ9+3jGAs5gZiNkCgYEA2/gB -Xb5+VDSjPqRVZAHGGEkcTlpEmDAgqHnrQVvq+YL11fvMNSbkACTGDtf5+BP9Z73j -7ubMjaapke/f0eKaAbgvMjRfEo48rAhXigB9Vo0TZn0DN6h3LC7+9/h14tz23JTE -RYiGqTDAhCAeFu5TYvjs9anAsqRGsu48ceM8gxcCgYEA4PKq7mEJNmOghK5WuVq0 -zOPd3OSpJw3POyQArZgipjGHukDbB8iTzuyC5yN0VOzZ/lO4U7LYoGR/XFXmKuhy -jU0cFpylHFdIZsxygZL7kOj3ItsFh/g7091asgbtbVZU0Ph2bPrYyzdHM6m/E7pA -d83fFlu9JL0x9cqJmHd8vrECgYAsJ00G5yzudB5sfYoSZ/S+fTZsV9w6/DYh+08I -sI2rBemYyVFFPgg4KymCY0Hu1PxhrZEqLDPVHyYcgBzaQXUOcU0v86k9zUVKduYz -ckO2ctz5DpDtxCgfu1M8rSfkoNwAjPAU0QHOxlVucA/6JF6imDrgWPGwKh9y3TVO -2wETgwKBgQDYHZJLwvi8H4+qGTb96iV/GswAccQm4dEKTLmX7NsQQl1A2l8TevAi -ti/uWIFUf6S8IAVEccVvwoTOSadO06Q/OOnA8tDd6/iV2PMPJC1zm1gJ8iVxX1gr -bSXwvznIEnHO6dx4MjofdEVdR5btCEdJ+gcbAIUpl/6+Q7eaUwAHyA== ------END RSA PRIVATE KEY----- diff --git a/tpm-tools/initandverify/public.pem b/tpm-tools/initandverify/public.pem deleted file mode 100644 index fcbaa99..0000000 --- a/tpm-tools/initandverify/public.pem +++ /dev/null @@ -1,9 +0,0 @@ ------BEGIN PUBLIC KEY----- -MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxTuMhW1v3lPZWp7yoxng -kVvqctJsuSA4F3LsGVB/Sz8shqQAYGcoiVPP0jZM91V//FvyJIbMmV0+/05wedOm -4gQk0PvJ/uIyiSb7eGFuqph0mmttFZRB1J7h7Wl84QIKqz7xLZdkjwPlr7t3cl2w -/0CJ8ighTpDj0Vkqf15EYp67WLmLkaF8Z+HB/pkZbLXFqSfAlblhqHQYsx4+Qv9r -1uiziD90g2/Vx2TSRI1YSGkmDJOQpPK9IjUWIsUQDa4cmKen32bGjMgLcz2qpNf3 -o9uD4zp51zVIpYcEGzXNLn3yl/vy57rhXHd83bSSLD67B1HCNF3Pt/jwWwUVOS5W -fwIDAQAB ------END PUBLIC KEY----- |