I was wondering if someone has ideas about integrating the TPM with
Recently I started looking into supporting Secure Device Connection
Protocol (SDCP, ) in libfprint. The general idea is to verify that
the Fingerprint reader can be trusted, but I initially also imagined
that further use-cases like unsealing data in a TPM may be possible
(e.g. to retrieve disk encryption keys).
However, looking into it more, my current conclusion is that there is
little to no advantage to use the TPM. At least not unless one also has
a trusted (userspace) program which is capable of signing TPM
authorizations. One could easily offload the required parts into a
small helper, but that may require ensuring it runs in a trusted
Microsoft seems to run relevant parts as trustlets that are walled off
from the rest of the system. That seems sensible to me, but it also
means requiring all the infrastructure for execution and signing and I
doubt that is feasible currently.
Right now I'll probably go the way of not using the TPM at all. But I
am really not an expert for this. So should someone see scenarios where
a TPM is actually helpful in this context, then I would like to hear
PS: A quick summary of how SDCP works:
* Device has a private ECC key that signs the firmware and ephemeral
keys during boot (and is inaccessible afterwards)
* A certificate proofs that this key was provisioned in factory
* Device builds a shared secret with the host (s)
* Device sends id, HMAC_SHA256(s, "identify" || nonce || id)
when the finger "id" was presented.
* The HMAC proofs knowledge of the shared secret and authorizes the
I would like to know if it is possible to calculate name of AK generated by host on a remote server? I have read about remote attestation. To ensure the AK matches EK we have to make credential using name of the AK. To achieve this we have to either:
a) calculate name of the AK on server
b) receive name of the AK from host and believe it's a name for a proper AK
Am I missing something?
I have searched for explanation in docs posted on TCG's site, but I just can't find anything useful for nameAlg.
I would be thankful for any help or advice :D
Ubuntu focal with WSL, abrmd compiled from source
After about 5 minutes of sending commands, abrmd crashes. I originally
found it with keylime, but I can reproduce it with a simple bash loop on
abrmd exits, the tool output is:
** (process:21067): CRITICAL **: 17:25:10.862: failed to allocate dbus
proxy object: Could not connect: Connection refused
WARNING:tcti:src/tss2-tcti/tctildr.c:79:tcti_from_init() TCTI init for
function 0x7ff5f6dbbe10 failed with a0008
WARNING:tcti:src/tss2-tcti/tctildr.c:109:tcti_from_info() Could not
initialize TCTI named: tcti-abrmd
ERROR:tcti:src/tss2-tcti/tctildr-dl.c:154:tcti_from_file() Could not
initialize TCTI file: tabrmd
to instantiate TCTI
ERROR: Could not load tcti, got: "tabrmd:bus_name=com.intel.tss2.Tabrmd"
How would I debug?
I would expect that nothing that a single application does should crash
Ken Goldman kgoldman(a)us.ibm.com
This is my variation on what seems to be a frequent issue. Ubuntu groovy,
abrmd installed with apt.
tpm2-abrmd --tcti=mssim (not as root)
Gives this error:
** (tpm2-abrmd:2275): CRITICAL **: 14:38:22.835: Failed to acquire DBus
name com.intel.tss2.Tabrmd. UID 1000 must be allowed to "own" this name.
Check DBus config and check that this is running as user tss or root.
How should I 'own' this name?
What's 'DBUS config' and what should be checked
What is 'this' that should be running as user tss or root?
UID 1000 is kgold
My tpm2-abrmd.conf was edited to add:
Ken Goldman kgoldman(a)us.ibm.com
The question has come up about how to get TPM applications to happily
coexist with minimal coordination.
One issue in the owner hierarchy is we want each application to to be
able to manage it's own objects but not affect those of the other
So for example, we only want application A to be able to evict
persistent handles owned by that application and not those of another
If I understand, tpm2_evictcontrol command, the authorization is on the
hierarchy and not on the object. Maybe I am thinking about this wrong,
but is there a way in the authorization to look at some property of the
object and tell who "owns" it and then figure out if this should be
allowed or not ?
Otherwise, I think, we end up building some other software which knows
how to authorize this on the hierarchy and keeps track of who owns what
and then issues the eviction only when the owner of an object is the
Am open to any suggestions.
I tried tpm2_import with the -p option with a password, and it doesn't
seem to work for me.
Subsequent tpm2_rsadecrypt commands using the key from the import seem
to work fine without any -p option.
* Does import work with -p ? Is there something I have overlooked in this?
I understand that tpm2_rsaencrypt does not take the -p option in line
with the idea of using a "public" key.
* Is it correct to say that if I want to have authorization on
encryption, I have to use tpm2_encryptdecrypt (i.e. use symmetric keys) ?
tpm2-pkcs11 version 1.6.0-rc0:
With the following CHANGELOG:
### 1.6.0-rc0 - 2021-04-26
* Spelling and grammar fixes throughout the project.
* tpm2_ptool: fix bug in verify commandlet where `--sopin` leads to local variable referenced before assignment. See #624.
* Docs: add a document describing SSH Hostkey configuration using tpm2-pkcs11.
* Support changes in tpm2-tss-engine using TPM2_RH_OWNER instead of 0.
* Since upstream commit tpm2-software/tpm2-tss-engine@06f57a3.
* Fix endian issue in test_db.
* Fix tpm2_ptool error messages when exceptions are raised during execution of tpm2-tools commands.
* Support CKA_DERIVE=true which will support the newest pkcs11-tool EC template.
* Fix requirement of having ESYS >= 2.4, see #632 for details.
* Fix docs/INITIALIZING.md reference to `--pobj-pin`, should be `--hierarchy-auth`.
* Fix missing libyaml dependency in documentation.
* Fix bug in DB update logic where errors in handlers were ignored.
* Fix NPD bug when ESAPI and FAPI return 0 tokens.
* Add support for over TPM sized AES buffers.
* Add support for mechanism CKM_AES_CBC_PAD.
* Add support for mechanism CKM_AES_CTR.
* Add support for RSA 3072 (3k) keys.
* Remove usage of function Esys_TR_GetTpmHandle. FAPI Backend will no longer depend on ESAPI 2.4 or
* Add **Experimental** RSA 4096 support. **Use at your own risk**.
My project specifies branch 3.X, which fails because it uses python, not
checking for module yaml in python... Traceback (most recent call last):
File "<stdin>", line 1, in <module>
ImportError: No module named yaml
I tried instead branch 3.0.x. Is that newer or older than 3.X.
This one failed because - what - sapi is not installed or it's the wrong
checking for sapi >= 1.3.0 sapi < 2.0.0... no
The tpm2-tss is 2.4.x. The project wants 2.0.x but that did not build.
Is there a patch for 3.X or 3.0.X that I can use to build?
Ken Goldman kgoldman(a)us.ibm.com