Here you can find tutorials, examples and documentation on TPM functionality and different commands you can run. We use initially the tpm2-tools for Linux as the basis.
These documents are meant to introduce basic concepts and commands that you can use on the TPM.
The code examples included in these files can be tested with the simulator provided by the docker container available in this repository or you can test these against a real TPM.
We also include information for the ELTT2 tool from Infineon - another useful tool for interacting with the TPM and one that will compile and run completely stand-alone wihtout any additional libraries on pretty much any Unix/Linux system.
While there is no strict order, if this is the first time you are here or you wish to work through in a proper methodological way then this is the order you should work through this course.
- Random covers the random number generator capabilities on the TPM.
- Objects introduces the different kinds of objects you can store in a TPM and how to access and use them.
- Keys contains an explanation of how the keys in the TPM work, as well as how to generate, load and use keys in the TPM.
- NVRAM explains how to use the TPM's Non-Volatile RAM as secure storage.
- PCRs introduces the Platform configuration Registers (PCRs), which are used for storing measurements of a platform.
- Quoting covers the quoting mechanism, which is used to obtain measuremens from a TPM for remote attestation purposes.
A Summary of all commands introduced is found in:
- Command Summary provides a summary of some of the TPM commands available and their posible use cases.
A set of exercises for the above can be found here:
- Exercises exercises (surprisingly)
While the eltt2 code is not included in our container we have provided a short introduction to its operation.
- ELTT covers basic usage of Infineon's eltt2 tool for embedded systems. Very useful for all devices!