Jarkko Sakkinen
Posts
4802Following
319Followers
489OpenPGP: 3AB05486C7752FE1
Jarkko Sakkinen
jarkko
now "algorithms" is exact description of the available hardware algorithms:
❯ sudo target/debug/tpm2sh algorithms
ecc:bn-p256:sha256
ecc:nist-p256:sha256
keyedhash:sha256
rsa:2048:sha256
it queries the hardware correctly and for RSA it also runs TPM2_TestParms to verify the bit sizes. it was surprsingly hard to get this right but i'd guess this might be even most accurate tool on doing this task (not because it is great but because available software sucks).
❯ sudo target/debug/tpm2sh algorithms
ecc:bn-p256:sha256
ecc:nist-p256:sha256
keyedhash:sha256
rsa:2048:sha256
it queries the hardware correctly and for RSA it also runs TPM2_TestParms to verify the bit sizes. it was surprsingly hard to get this right but i'd guess this might be even most accurate tool on doing this task (not because it is great but because available software sucks).
0
0
0
simple, stupid and super practical:
https://git.kernel.org/pub/scm/linux/kernel/git/jarkko/tpm2-protocol.git/commit/?id=aa88967684edeb10e2601baf94fb259371190523
it's like per commit fuzz testing :-)
https://git.kernel.org/pub/scm/linux/kernel/git/jarkko/tpm2-protocol.git/commit/?id=aa88967684edeb10e2601baf94fb259371190523
it's like per commit fuzz testing :-)
0
0
0
Jarkko Sakkinen
jarkko
I first used clap in tpm2sh, then switched to lexopt and again back to clap because of too much boilerplate code.
The problem I run every single time with clap is how hard it is to control if you actually want to control in detail.
Now I found the ultimate compromise for my situation:
1. I pre-rendered from clap usage and help to usage.txt and help.txt for each subcommand.
2. I changed my subcommands as directories. E.g., from "create-primary.rs" to "create-primary/mod.rs".
3. I deployed the text files to associated directories.
4. Finally I migrated parsing back lexopt.
Intial commit:
59 files changed, 538 insertions(+), 521 deletions(-)
Not too bad. WIth only parsing is just super complicated tool to do that task, or more complicated than necessary, and lexopt adds visibility to code paths so it is overall much more maintainable :-)
Also few redundant edits every once in a while to two txt files per subcommand is IMHO much more maintainable than adjusting generation from the source code.
The problem I run every single time with clap is how hard it is to control if you actually want to control in detail.
Now I found the ultimate compromise for my situation:
1. I pre-rendered from clap usage and help to usage.txt and help.txt for each subcommand.
2. I changed my subcommands as directories. E.g., from "create-primary.rs" to "create-primary/mod.rs".
3. I deployed the text files to associated directories.
4. Finally I migrated parsing back lexopt.
Intial commit:
59 files changed, 538 insertions(+), 521 deletions(-)
Not too bad. WIth only parsing is just super complicated tool to do that task, or more complicated than necessary, and lexopt adds visibility to code paths so it is overall much more maintainable :-)
Also few redundant edits every once in a while to two txt files per subcommand is IMHO much more maintainable than adjusting generation from the source code.
1
0
0
Jarkko Sakkinen
jarkko
After fixing a few bugs where resolution repeats a common pattern I created these
https://git.kernel.org/pub/scm/linux/kernel/git/jarkko/tpm2-protocol.git/commit/?id=f5e0e82aaad3135be73c3f7a35aaec08e78cfe7c
I.e. if a command or response acts weird the dump can be put either "response.txt" or "command.txt" and roundtrip parse-build-compare will be peformed when running either "cargo test" or "make test".
https://git.kernel.org/pub/scm/linux/kernel/git/jarkko/tpm2-protocol.git/commit/?id=f5e0e82aaad3135be73c3f7a35aaec08e78cfe7c
I.e. if a command or response acts weird the dump can be put either "response.txt" or "command.txt" and roundtrip parse-build-compare will be peformed when running either "cargo test" or "make test".
1
0
0
Jarkko Sakkinen
jarkko
@liskin kernel.org "Normies" are like the main filter how i deploy my projects :-)
E.g., in this recent tpm2-protocol i use mailing list partly because i want purposely rise the barrier for contributions. However, tpm2sh is at Github in order to "build the following", market the technological advantages to projects such as Himmeblau (Intune integration from the people who deliver us Samba) and perhaps even get contributors for the actual tech project :-)
E.g., in this recent tpm2-protocol i use mailing list partly because i want purposely rise the barrier for contributions. However, tpm2sh is at Github in order to "build the following", market the technological advantages to projects such as Himmeblau (Intune integration from the people who deliver us Samba) and perhaps even get contributors for the actual tech project :-)
1
0
0
Jarkko Sakkinen
jarkko
@liskin someone should productize "mailhub" and base it on the first class user experience of kernel.org (vger + lore + patchwork) and cli tools (b4, lei). only email can take most and best out of git :-)
even for low-traffic early phase project where i'm mostly talking to myself i get a lot from this as i can search and timeline my mumblings :-) https://lore.kernel.org/tpm-protocol/
at github i feel as i was suffering from artificial dementia. you don't have "history" at github
even for low-traffic early phase project where i'm mostly talking to myself i get a lot from this as i can search and timeline my mumblings :-) https://lore.kernel.org/tpm-protocol/
at github i feel as i was suffering from artificial dementia. you don't have "history" at github
1
0
1
@colinianking I said originally that I'm going to use just one Sunday for this to translate tpm2-scripts to Rust and now it is already four weeks and counting :-) went a bit out of proportions
0
0
1
Jarkko Sakkinen
jarkko
this was hell to fix and locked me from progressing with my swTPM called MockTPM:
https://lore.kernel.org/tpm-protocol/20250902165455.3680143-1-jarkko@kernel.org/
Fixed in https://crates.io/crates/tpm2-protocol/0.10.21
Once MockTPM is mature enough I use it also as the unprivileged default backed for tpm2sh.
That enabled two useful features:
1. Dry-run TPM operations with tpm2sh against swTPM with support also for e.g. persistence.
2. Windows and macOS support! They just compile out device parameter and use MockTPM unconditionally.
#linux #rust #tpm
https://lore.kernel.org/tpm-protocol/20250902165455.3680143-1-jarkko@kernel.org/
Fixed in https://crates.io/crates/tpm2-protocol/0.10.21
Once MockTPM is mature enough I use it also as the unprivileged default backed for tpm2sh.
That enabled two useful features:
1. Dry-run TPM operations with tpm2sh against swTPM with support also for e.g. persistence.
2. Windows and macOS support! They just compile out device parameter and use MockTPM unconditionally.
#linux #rust #tpm
1
0
1
Jarkko Sakkinen
jarkko
Edited 14 days ago
I have now a single unified expression language in tpm2sh, which is used in all PCR and policy commands.
You can e.g., express crazy things like or(pcr("sha256:0"), secret(tpm://0x40000001)) with it for instance.
I’ve replaced three separate pest parsers with a single unified nom parser. So much manual control was required anyhow so that diff was pretty much +- 0.
1
0
2
Jarkko Sakkinen
jarkko
I still need to update tests/runner.rs but this bug took quite a long time to address properly and also this commit message really required effort :-)
https://git.kernel.org/pub/scm/linux/kernel/git/jarkko/tpm2-protocol.git/commit/?h=queue&id=4efa57b484039b8fa9fb41b647b11b623e60fcde
I actually had to re-learn partly how my own software works but it all looks like fairly sound and logical to me :-) Was a good mental exercise really.
#linux #rust #tpm
https://git.kernel.org/pub/scm/linux/kernel/git/jarkko/tpm2-protocol.git/commit/?h=queue&id=4efa57b484039b8fa9fb41b647b11b623e60fcde
I actually had to re-learn partly how my own software works but it all looks like fairly sound and logical to me :-) Was a good mental exercise really.
#linux #rust #tpm
0
0
1
And I added some niceties like for instance:
- When defining a PCR in a policy you can write the data down.
- Altermatively, you can leave it output and the "policy compiler" will read the current PCR value.
Generally it is a great project as without doing tpm2sh simultaneously tpm2-protocol would be shadow of what it is right now. I constantly discover critical bugs while thinking crazy features for this tool :-)
Like one that I have in done is to provide mechanism to do remote attestation from command-line so that you can have e.g., remote attestating applications written in bash.
- When defining a PCR in a policy you can write the data down.
- Altermatively, you can leave it output and the "policy compiler" will read the current PCR value.
Generally it is a great project as without doing tpm2sh simultaneously tpm2-protocol would be shadow of what it is right now. I constantly discover critical bugs while thinking crazy features for this tool :-)
Like one that I have in done is to provide mechanism to do remote attestation from command-line so that you can have e.g., remote attestating applications written in bash.
0
0
0
Jarkko Sakkinen
jarkko
That pipeline system is gone in tpm2sh. It's now about tags such as "tpm://80000001", "data://base64,..." etc. and expressive policy language which is used by everything from pcr functionality to policy definitions.
Had to do the cli extremely wrong, unintuive and pain to maintain to discover what would be actually right in this case. No one has really ever though how to make TPM2 nice to use from command-line so this part of the process :-)
Had to do the cli extremely wrong, unintuive and pain to maintain to discover what would be actually right in this case. No one has really ever though how to make TPM2 nice to use from command-line so this part of the process :-)
1
0
0
Jarkko Sakkinen
jarkko
@Tutanota Apple has always been morally more in the right side than Google ever has been. Apple's ecosystem is *honestly proprietary* i.e. you need to pay for everything, nothing is free, and that is fully transparent.
Google's ecosystem on the other hand is *dishonestly proprietary" where the real payment comes from your privacy, your data etc., and to fully understad what you actually end up paying is hard or impossible to understand in detail, unless you hire an IT specialized legal firm for you to decipher that from Google's legal and contractual documents.
For these reason I don't agree with this comparison :-)
Google's ecosystem on the other hand is *dishonestly proprietary" where the real payment comes from your privacy, your data etc., and to fully understad what you actually end up paying is hard or impossible to understand in detail, unless you hire an IT specialized legal firm for you to decipher that from Google's legal and contractual documents.
For these reason I don't agree with this comparison :-)
0
0
0
Jarkko Sakkinen
jarkko
LF these days is like the prime definition of corporate crap:
https://bsky.app/profile/linuxfoundation.org/post/3lxu6seyxzc2m
https://bsky.app/profile/linuxfoundation.org/post/3lxu6seyxzc2m
0
0
0