yay, now tpm2sh has software digest calculator for policy expressions (which can query e.g. PCR values but does not exercise policy tpm commands), the remaining errata is not a huge stretch:

https://github.com/puavo-org/tpm2sh/issues/2

Many of the things are just minor collapses while turning this over and over again. Sessions need still a bit of work but lot of the functionality is already there...

I'd like to add quote generation etc. for Remote Attestation purposes but it is definitely out of scope and better just to stabilize the command set.

Sessions are represented like this (to be cosmetic tweaked in some places):

session://handle=0x02000000;nonce=135eac83db00e0c691fba1653405e79f8f285964e18add0488337fc7caf90606;attrs=00;key=;alg=sha256

And there's already `--session` argument but further I'll add an environment variable TPM2SH_SESSION, which command not only read but also update (to enable chaining e.g., nonce needs to be updated).

The general gist and main goal of the command set and "command-line experience" is to enable both user interactive experience and also TPM2 access for shell implemented tools such as password managers.

Load loads both external PKCS#8 and TPM ASN.1. Convert command converts PKCS#8 to TPM ASN.1.

So instead of this:

tpm2_createprimary --hierarchy o -G rsa2048 -c owner.txt
tpm2_evictcontrol -c owner.txt 0x81000001
openssl genrsa -out private.pem 2048
tpm2_import -C 0x81000001 -G rsa -i private.pem -u key.pub -r key.priv
tpm2_encodeobject -C 0x81000001 -u key.pub -r key.priv -o key.priv.pem
openssl asn1parse -inform pem -in key.priv.pem -noout -out key.priv.der

You can just:

tpm2sh create-primary rsa:2048:sha256 --output file://owner.txt
openssl genrsa -out private.pem 2048
tpm2sh convert --parent "tpm://0x81000001" file://private.pem --output file://key.priv.der

#linux #rust #tpm

two fun facts about kiova and tampere:

1. last year it was 70th anniversary of twin town friendship between tampere and kiova (tampere is my hown town).
2. kiova has a street called "tampere", which was named in 2014 to celebrate 60th anniversary of friendship, which has lasted well over its "soviet origins".

my generation does not know what it is like to be at war obviously and it would be obnoxious to say that "i get it" when it comes to war at ukraine. however, we owe to our grandparents to not forget, not make compromises and generally not to be ignorant of the situation.

🇺🇦 🇫🇮

The current feature set of upcoming tpm2sh 0.11. It’s quite basic but everything is tested with care and e.g., load does all the import dance for PKCS8 RSA and ECC keys without having to mess with openssl command line. I.e. single robust load command instead of:

tpm2_createprimary --hierarchy o -G ecc -c owner.txt
tpm2_evictcontrol -c owner.txt 0x81000001
openssl ecparam -name prime256v1 -genkey -noout -out private.pem
tpm2_import -C 0x81000001 -G ecc -i private.pem -u key.pub -r key.priv
tpm2_encodeobject -C 0x81000001 -u key.pub -r key.priv -o key.priv.pem
openssl asn1parse -inform pem -in key.priv.pem -noout -out key.priv.der

And generally flows are somewhat polished and will be polished further before released to not have any rough corners. Finally most of non-trivial functionality is tested against built-in TPM emulator MockTPM.

Sometime after 0.11 release I’ll add also --dry-run switch that can exercise TPM commands with the emulator before applying them to the chip.

#linux #rust #tpm

In the end of the day this is superior despite adding up a new trick to my sack of random macro hacks:

tpm_integer!(u8, TpmUint8, Unsigned);
tpm_integer!(i8, TpmInt8, Signed);
tpm_integer!(u16, TpmUint16, Unsigned);
tpm_integer!(i32, TpmInt32, Signed);
tpm_integer!(u32, TpmUint32, Unsigned);
tpm_integer!(u64, TpmUint64, Unsigned);

Now the names match TCG specification names, and they are also first fully zerocopy migrated types. This way previously redundant looking field now is actually self-documenting field.

Other zerocopy types will get the nasty “Cast” postfix up until migration is complete (e.g., TpmBufferCast).

For the record, the last field is used to address exactly one quirk related to TCG specs: TPM_CLOCK_TIME, meaning that “invalid discriminant error” needs too versions :-/

I’m sure we would get numbers going from zero to six, and “get this complex science” as e.g., most of have ability to read, and understand nuances such as the difference between slower and faster… This is DailyWTF proximity enough level bad definition that I tend to like that TPM_CLOCK_TIME exist…

zmodem2 0.1.4 release with split subproject "zmodem2-bin" (cargo install zmodem2-bin).

#rust #zmodem #tty #serial

A literally WYSIWYG pattern for command-line usage and help where each subcommand has a directory with 'mod.rs', 'usage.txt' and 'help.txt':

- Text files are more readable than code generation (unless you are a compiler).
- Text files has factors better outreach than code generation.
- Text files are non-executable read-only data.
- A bug in a static text file is a typo. Typo is a distraction for sure, but it does not radiate software bugs.
- The factor it simplifies command argument processing is much heavier than some minor redundancy that using text files introduces.
- Text files can be read without building a project.

#rust #clap #lexopt

It took a lot of effort but now all parts of running TPM2_Import are fixed in both tpm2sh and TPM2_Import and integration tests runs perfectly.

Last fix: https://github.com/puavo-org/tpm2sh/commit/3627530516fdcc8739b3c7aea6fab6a136201bfa

It's a bidirectional test where both the client and the emulator are based on tpm2-protocol. The other side sends commands and parses responses, and the other side send responses and parses commands.

Given the fair amount of software crypto involved to perform any possible bidirectional handshake it is shows off pretty well how robust the implementation is.

#rust #tpm #linux

While tpm2-protocol feels really stable tpm2sh is still somewhat unstable and has bunch of bugs here and there. It is expected, as tpm2sh served only as a dumpster for test code while developing the protocol crate.

Now that I don't do active development on tpm2-protocol, I'm going to make the first actually somewhat stable 0.11.0 release of tpm2sh.

It has quite verbose interface, which will break also easily for that reason. Thus, before pursuing seriously to the possible bugs, I developed MockTPM, a simple TPM emulator that is used as the "TPM end" for subcommand integration tests..,

#linux #kernel #rust #tpm

This is the gist how you would go on implementing TPM emulator, or vTPM inside confidential computing (SGX, SNP, TDX) enclave:

#linux #kernel #rust #tpm

new uri based json stack with tpm and key objects depending on binding etc. and things start to actually work.

from my daughters 20th anniversary dinner friday :----)

this SVG garbage fuck. is there something we could put .gitattributes, .gitignore or something that would make it not to destroy git grep experience?

I migrated dyn trait (or Box<dyn TpmObject>) as part of tpm2_protocol test suite just to demonstrate that on-wire TPM2 protocol can be dynamically detected without any spurious dependencies ;-)

Screencast demonstrates also the time that it takes to run the full kselftest compatible test suite.

#linux #kernel #tpm #rust

My standalone and kselftest exit code compatible test program might be archaic yes but it sure executes fast as hell compared to running cargo test :-)

On first run it also fully compiles the test program togehter with crate's source code linked into it.

#linux #kernel #tpm #rust

Also this is fucking ridiculous. I mean why not still have different cc's.Ultimate stupidity have to say.

Well... hell... TCG TPM 2.0 specification 184 minus one command coverage.

tpm2sh 0.8.0 with print-stack sink:

I'm quite optimistic that SLOC will be reduced as few months pass as this was put together in a very short period of time :-) i processed the architecture for a year tho in my head so that's why it came together so fast.

tpm2sh starts to look pretty good and has at least the features i want it to have for kernel testing.

tpm2_protocol is "kernel-ready" (including Box<dyn TpmObject>, which is essential for a driver uapi) and this the full list of commands it lacks for 100% TCG TPM 2.0 specification coverage:

https://github.com/puavo-org/tpm2_library/issues/4

I'm pretty much done with this project for the moment :-)

Pretty printer is maturizing too: