Error Running tpm2-tools in windows against MSSIM
by Arun Sudhir
Hi,
I have managed to compile and run the tpm simulator on Windows as well as
build tpm2-tss and build and run tpm2-tools (after quite a bit if work) on
Windows 10. I looked at the makefile and on windows, created a project for
every tool. IT worked well and built everything. I also got the server up
on port 2321 and set the environment variable TPM2TOOLS_TCTI to
"mssim:host=localhost,port=2321"
I was following instructions listed in
https://github.com/tpm2-software/tpm2-tools/wiki/Getting-Started#introduc...
and
also did not build abrmd.
Since i cannot do tpm2_pcrlist (Unix system command), I decided to do a
tpm2_getrandom as listed here:
https://github.com/tpm2-software/tpm2-tools/wiki/How-to-use-tpm2-tools.
When i executed against the hardware tpm (by default it first executes
against the hardware tpm using tcti-tbs on windows), it worked well for:
*tpm2_getrandom -o random.out 20*
Next, i really wanted to try out a few things, so i set the env
variable TPM2TOOLS_TCTI to mssim:host=127.0.0.1,port=2321 ( i tried
localhost, that failed with a socket connect because it was not resolving
to 127.0.0.1). Now i get this error:
WARNING:esys:api\Esys_GetCapability.c:303:Esys_GetCapability_Finish()
Received TPM Error
ERROR:esys:api\Esys_GetCapability.c:107:Esys_GetCapability() Esys Finish
ErrorCode (0x00000100)
ERROR: Esys_GetCapability(0x100) - tpm:error(2.0): TPM not initialized by
TPM2_Startup or already initialized
ERROR: Unable to run
C:\Users\arunsu\source\repos\tpm2-tools-4.0\vstudio\x64\Debug\tpm2-getrandom.exe
This is only for MSSIM. Anyone knows why ??
1 year, 6 months
How to generate the statically linked executable
by ZhengYu Tsai
Hi everyone,
May i ask does anyone know or fixed similar issue as below ?
Thanks for your reply
Context
- Hardware:
i686
- Operating system :
Ubuntu 16.04.6 LTS
Bug Report
- Expected Behavior
Builds the statically linked executables in tpm2-tools/tools
derek@ubuntu:~/workdir/tpm2-tools$ file tools/tpm2_*
tools/tpm2_activatecredential: ELF 32-bit LSB executable, Intel 80386,
version 1 (GNU/Linux), statically linked, for GNU/Linux 2.6.32,
BuildID[sha1]=91a0834f96856f15537fb75b1d6f822e31b07995, not stripped
- Actual Behavior
Can't compile completely
/usr/bin/ld: attempted static link of dynamic object
`/usr/lib/i386-linux-gnu/libcurl-gnutls.so'
collect2: error: ld returned 1 exit status
Makefile:2170: recipe for target 'tools/tpm2_getekcertificate' failed
make: *** [tools/tpm2_getekcertificate] Error 1
-
Steps to Reproduce
// install tpm2-tss
./configure "CFLAGS=--static" --enable-shared=no
make
sudo make install
// Install tpm2-tools
./configure "CFLAGS=--static" --enable-shared=no --disable-hardening
make
-
Possible Solution
./configure --parameter
or
modify Makefile
1 year, 6 months
[TPM][tpm2_tools] Why tpm2_nvreadlock can't work normally with the attribute "policyread|policywrite|read_stclear"?
by Zhao, Shirley
Hi, all,
I want to define a NV index with attribute "policyread|policywrite|read_stclear", but get error when tpm2_nvreadlock.
Only set the attribute as "policyread|policywrite|ownerwrite|ownerread|read_stclear", tpm2_nvreadlock can work normally.
The following is the steps:
$ tpm2_nvdefine -x 0x1500018 -a 0x40000001 -s 64 -L pcr.policy -t "policyread|policywrite|read_stclear"
$ tpm2_nvwrite -x 0x1500018 -a 0x1500018 -L sha256:7 -o 0 test.bin
$ tpm2_nvread -x 0x1500018 -a 0x1500018 -L sha256:7
$ tpm2_nvreadlock -x 0x1500018 -a 0x1500018
ERROR on line: "82" in file: "tools/tpm2_nvreadlock.c": Failed to lock NVRAM area at index 0x1500018
ERROR on line: "81" in file: "./lib/log.h": Tss2_Sys_NV_ReadLock(0x12F) - tpm:error(2.0): authValue or authPolicy is not available for selected entity
ERROR on line: "166" in file: "tools/tpm2_tool.c": Unable to run tpm2_nvreadlock
Seems tpm2_nvreadlock can't accept the policy option, right?
If so, is there any plan to support policy?
Thanks a lot.
- Shirley
1 year, 6 months
Re: [tpm2] tpm2 Digest, Vol 27, Issue 23
by Trey Weaver
It looked like the command worked OK. It gave me a handle of 0x800000 or something. Then I rebooted my machine and tried the command "tpm2_unseal -c key.ctx" and I got this error:
WARNING:esys:src/tss2-esys/api/Esys_ContextLoad.c:279:Esys_ContextLoad_Finish() Received TPM Error
ERROR:esys:src/tss2-esys/api/Esys_ContextLoad.c:93:Esys_ContextLoad() Esys Finish ErrorCode (0x000001df)
ERROR: Esys_ContextLoad(0x1DF) - tpm:parameter(1):integrity check failed
ERROR: Invalid item handle authorization
ERROR: Unable to run tpm2_unseal
Do I need to do anything before I call the unseal after the power cycle?
Thanks.
On Fri, Sep 20, 2019, at 3:00 PM, tpm2-request(a)lists.01.org wrote:
> Send tpm2 mailing list submissions to
> tpm2(a)lists.01.org
>
> To subscribe or unsubscribe via the World Wide Web, visit
> https://lists.01.org/mailman/listinfo/tpm2
> or, via email, send a message with subject or body 'help' to
> tpm2-request(a)lists.01.org
>
> You can reach the person managing the list at
> tpm2-owner(a)lists.01.org
>
> When replying, please edit your Subject line so it is more specific
> than "Re: Contents of tpm2 digest..."
>
>
> Today's Topics:
>
> 1. Putting a persistant string into the tpm2 using tpm2_tools.
> (Trey Weaver)
> 2. Re: Putting a persistant string into the tpm2 using
> tpm2_tools. (Tadeusz Struk)
>
>
> ----------------------------------------------------------------------
>
> Message: 1
> Date: Fri, 20 Sep 2019 10:34:51 -0400
> From: "Trey Weaver" <treyweaver(a)fastmail.net>
> To: tpm2(a)lists.01.org
> Subject: [tpm2] Putting a persistant string into the tpm2 using
> tpm2_tools.
> Message-ID: <62b22807-115d-444b-af44-b1c0ab16daf9(a)www.fastmail.com>
> Content-Type: text/plain; charset="us-ascii"
>
> I want to put a small string into the TPM2 and be able to recall it
> over restarts. Here is what I have tried:
>
> # put data in file that is to be sealed
> echo "my sealed data" > seal.dat
>
> # create a primary key
> tpm2_createprimary -c primary.ctx
>
> # create a child key in public and private parts
> tpm2_create -C primary.ctx -u obj.pub -r obj.priv
>
> # create a sealed object
> tpm2_create -C primary.ctx -i seal.dat -u obj.pub -r obj.priv
>
> # load the private and public portions into the TPM
> tpm2_load -C primary.ctx -u obj.pub -r obj.priv -c key.ctx
>
> # unseal the data
> tpm2_unseal -c key.ctx
>
> But after a power cycle if I run '*tpm2_unseal -c key.ctx*' I get this error:
>
> *WARNING:esys:src/tss2-esys/api/Esys_ContextLoad.c:279:Esys_ContextLoad_Finish() Received TPM Error ERROR:esys:src/tss2-esys/api/Esys_ContextLoad.c:93:Esys_ContextLoad() Esys Finish ErrorCode (0x000001df) ERROR: Esys_ContextLoad(0x1DF) - tpm:parameter(1):integrity check failed ERROR: Invalid item handle authorization ERROR: Unable to run tpm2_unseal*
>
> I am using the tpm_server (emulator) if that makes any difference.
>
> So what is the best way to load a small string into the tpm2 and be
> able to pull it out anytime in the future, even after power loss.
>
>
> Thanks
>
>
1 year, 6 months
Re: [tpm2] Putting a persistant string into the tpm2 using tpm2_tools.
by Desai, Imran
@treyweaver, the issue you are seeing is that all contexts are invalidated after TPM restart. As @tadeusz suggests you can either make the object persistent using the evict control tool.
If you do this please remember the persistent handle you specify or the one used by the evictcontrol tool like 0x81000000 and now you can unseal with tpm2_unseal -c 0x81000000 even after TPM restarts.
Alternatively you can also repeat the key loading step which gives you a valid key.ctx context file.
Thanks and Regards,
Imran Desai
________________________________________
From: tpm2 [tpm2-bounces(a)lists.01.org] on behalf of tpm2-request(a)lists.01.org [tpm2-request(a)lists.01.org]
Sent: Friday, September 20, 2019 12:00 PM
To: tpm2(a)lists.01.org
Subject: tpm2 Digest, Vol 27, Issue 23
Send tpm2 mailing list submissions to
tpm2(a)lists.01.org
To subscribe or unsubscribe via the World Wide Web, visit
https://lists.01.org/mailman/listinfo/tpm2
or, via email, send a message with subject or body 'help' to
tpm2-request(a)lists.01.org
You can reach the person managing the list at
tpm2-owner(a)lists.01.org
When replying, please edit your Subject line so it is more specific
than "Re: Contents of tpm2 digest..."
Today's Topics:
1. Putting a persistant string into the tpm2 using tpm2_tools.
(Trey Weaver)
2. Re: Putting a persistant string into the tpm2 using
tpm2_tools. (Tadeusz Struk)
----------------------------------------------------------------------
Message: 1
Date: Fri, 20 Sep 2019 10:34:51 -0400
From: "Trey Weaver" <treyweaver(a)fastmail.net>
To: tpm2(a)lists.01.org
Subject: [tpm2] Putting a persistant string into the tpm2 using
tpm2_tools.
Message-ID: <62b22807-115d-444b-af44-b1c0ab16daf9(a)www.fastmail.com>
Content-Type: text/plain; charset="us-ascii"
I want to put a small string into the TPM2 and be able to recall it over restarts. Here is what I have tried:
# put data in file that is to be sealed
echo "my sealed data" > seal.dat
# create a primary key
tpm2_createprimary -c primary.ctx
# create a child key in public and private parts
tpm2_create -C primary.ctx -u obj.pub -r obj.priv
# create a sealed object
tpm2_create -C primary.ctx -i seal.dat -u obj.pub -r obj.priv
# load the private and public portions into the TPM
tpm2_load -C primary.ctx -u obj.pub -r obj.priv -c key.ctx
# unseal the data
tpm2_unseal -c key.ctx
But after a power cycle if I run '*tpm2_unseal -c key.ctx*' I get this error:
*WARNING:esys:src/tss2-esys/api/Esys_ContextLoad.c:279:Esys_ContextLoad_Finish() Received TPM Error ERROR:esys:src/tss2-esys/api/Esys_ContextLoad.c:93:Esys_ContextLoad() Esys Finish ErrorCode (0x000001df) ERROR: Esys_ContextLoad(0x1DF) - tpm:parameter(1):integrity check failed ERROR: Invalid item handle authorization ERROR: Unable to run tpm2_unseal*
I am using the tpm_server (emulator) if that makes any difference.
So what is the best way to load a small string into the tpm2 and be able to pull it out anytime in the future, even after power loss.
Thanks
1 year, 6 months
Putting a persistant string into the tpm2 using tpm2_tools.
by Trey Weaver
I want to put a small string into the TPM2 and be able to recall it over restarts. Here is what I have tried:
# put data in file that is to be sealed
echo "my sealed data" > seal.dat
# create a primary key
tpm2_createprimary -c primary.ctx
# create a child key in public and private parts
tpm2_create -C primary.ctx -u obj.pub -r obj.priv
# create a sealed object
tpm2_create -C primary.ctx -i seal.dat -u obj.pub -r obj.priv
# load the private and public portions into the TPM
tpm2_load -C primary.ctx -u obj.pub -r obj.priv -c key.ctx
# unseal the data
tpm2_unseal -c key.ctx
But after a power cycle if I run '*tpm2_unseal -c key.ctx*' I get this error:
*WARNING:esys:src/tss2-esys/api/Esys_ContextLoad.c:279:Esys_ContextLoad_Finish() Received TPM Error ERROR:esys:src/tss2-esys/api/Esys_ContextLoad.c:93:Esys_ContextLoad() Esys Finish ErrorCode (0x000001df) ERROR: Esys_ContextLoad(0x1DF) - tpm:parameter(1):integrity check failed ERROR: Invalid item handle authorization ERROR: Unable to run tpm2_unseal*
I am using the tpm_server (emulator) if that makes any difference.
So what is the best way to load a small string into the tpm2 and be able to pull it out anytime in the future, even after power loss.
Thanks
1 year, 6 months
swtpm tests question
by Stone, Thomas G
I am trying, unsuccessfully, to see how the TPM_CC_Hash value 0x0000017D gets sent to the swtpm. Additionally, the _test_hashing script is sending the string "1234" to the swtpm and then verifies a twenty byte return, which is 160 bits, against the hash code "97 e9 76 e4 f2 2c d6 d2 4a fd 21 20 85 ad 7a 86 64 7f 2a e5" which does not appear to correspond to to any hash that I separately calculate. Nor do I see where the hashing algorithm to be used is sent to the swtpm (eg 0x0004 for sha1 or 0x000b for sha2.
I was hoping to use the existing tests as templates for new tests such as testing TPM_CC_GetRandom. I can't do that if I cannot find where the TPM_CC_Hash is specified or where the hashing algorithm to use is specified.
The _test_hashing code is
run_swtpm_ioctl ${SWTPM_INTERFACE} -h 1234
if [ $? -ne 0 ]; then
echo "Error: Hash command did not work."
exit 1
fi
# Read PCR 17
Swtpm_open_cmddev ${SWTPM_INTERFACE} 100
RES=$(swtpm_cmd_tx ${SWTPM_INTERFACE} '\x00\xC1\x00\x00\x00\x0E\x00\x00\x00\x15\x00\x00\x00\x11')
exp=' 00 c4 00 00 00 1e 00 00 00 00 97 e9 76 e4 f2 2c d6 d2 4a fd 21 20 85 ad 7a 86 64 7f 2a e5'
if [ "$RES" != "$exp" ]; then
echo "Error: (1) Did not get expected result from TPM_PCRRead(17)"
echo "expected: $exp"
echo "received: $RES"
exit 1
fi
Any pointers will be appreciated. This is the first time I have attempted to use a tpm so the answer is probably something obvious that I am overlooking.
Thomas Stone, CISSP
Information Assurance Engineer Staff
Lockheed Martin Missiles and Fire Control
Phone (407) 356-6913
Cell (919) 812-0607
Email: thomas.g.stone(a)lmco.com<mailto:thomas.g.stone@lmco.com>
1 year, 6 months
Out from Sept 23 - Oct 21
by Roberts, William C
Reminder that I will be gone from Sept 23 - Oct 21. Any emails sent to me will go into the bitbucket. Make sure to add another maintainer to your email or use the list (preferably use the list).
Bill
1 year, 6 months
Incomplete TPM event log on Linux?
by Matthew Dempsky
I'm trying to validate the PCR values computed by my TPM. They're mostly
okay, but PCR 7 is giving me a weird value. I'm wondering if I'm missing
something.
I'm running Debian 10.1 on an X1 Carbon (gen 6). I don't believe I have any
system software installed and configured to use the TPM. (E.g., I have full
disk encryption enabled, but it's currently using a password rather than
the TPM.)
When I run tpm2_pcrread to read the PCRs, I get:
$ sudo tpm2_pcrread | head -9
sha1:
0 : 0x2365D6AB190CC51FD04911A36A6620578F5A15B7
1 : 0x90CDA14DCFA4B62CDE2898625606298C71A94F7C
2 : 0xB2A83B0EBF2F8374299A5B2BDFC31EA955AD7236
3 : 0xB2A83B0EBF2F8374299A5B2BDFC31EA955AD7236
4 : 0x9C27A66C20926B86EA3120FA36CC75D0EE870E0D
5 : 0xA842C2C96B7D8813837174751AEADB5314316ACB
6 : 0xB2A83B0EBF2F8374299A5B2BDFC31EA955AD7236
7 : 0xDB9CFC01DCC5C88ACBE9C6E2DB0E6BC4EA231AC6
And when I replay the event log from
/sys/kernel/security/tpm0/binary_bios_measurements, I get:
$ python sum.py < binary_bios_measurements
0 2365D6AB190CC51FD04911A36A6620578F5A15B7
1 90CDA14DCFA4B62CDE2898625606298C71A94F7C
2 B2A83B0EBF2F8374299A5B2BDFC31EA955AD7236
3 B2A83B0EBF2F8374299A5B2BDFC31EA955AD7236
4 9C27A66C20926B86EA3120FA36CC75D0EE870E0D
5 A842C2C96B7D8813837174751AEADB5314316ACB
6 B2A83B0EBF2F8374299A5B2BDFC31EA955AD7236
7 37A1A97D5F0BE67FBD544A1604C843BCEE4EE3B2
[I've attached the binary_bios_measurement file, and I've also included my
sum.py script below.]
Note that PCRs 0 through 6 match, but PCR 7 has a different value. I
haven't manually written anything into PCR 7, and I get the same mismatched
results even after rebooting.
I noticed that Shim is generating malformed event log entries (see
https://github.com/rhboot/shim/issues/184 for details), but even my
attempts to correct for that don't seem to resolve the discrepancy (not
that I'd expect them to anyway---I'm just running out of ideas).
My best guess is that *something* (Shim? Grub? The Linux kernel? Some
Debian userspace program?) is writing to PCR 7, but not recording a log
entry (or logging somewhere other than binary_bios_measurements). However,
I'm at a loss for what that might be, or how to track it down.
Any recommendations would be greatly appreciated.
Thanks,
Matthew
# sum.py
import hashlib
import struct
import sys
pcrs = ['\x00' * 20] * 8
def extend(pcr, digest):
h = hashlib.sha1()
h.update(pcrs[pcr])
h.update(digest)
pcrs[pcr] = h.digest()
events = sys.stdin.read()
while events:
pcr, kind, digest, size = struct.unpack("<II20sI", events[:32])
events = events[32 + size:]
extend(pcr, digest)
for i, pcr in enumerate(pcrs):
print i, pcr.encode('hex').upper()
1 year, 7 months
Re: [tpm2] Incomplete TPM event log on Linux
by Oliver, Dario N
Hello Matthew,
I had some problems before related to discrepancies between the TPM Event Log and the actual PCR values.
For my case, it was with Fedora and the PCR-9, "Missing TPM Event Log entry for initramfs measurement" (https://bugzilla.redhat.com/show_bug.cgi?id=1730785)
What solved the issue was, apparently, a fedora kernel update. I was initially using a 5.0.16 kernel when I found the issue, and it was solved in the kernel 5.1.17
You have existing parsers as well that will tell which is the measured component (and maybe if something is missing): iml2text, and https://github.com/ValdikSS/binary_bios_measurements_parser
Which version of the debian provided kernel are you using?
Maybe for your case, a kernel update could help too.
------------------------------
Message: 2
Date: Wed, 18 Sep 2019 03:14:57 -0700
From: Matthew Dempsky <matthew(a)dempsky.org>
To: tpm2(a)lists.01.org
Subject: [tpm2] Incomplete TPM event log on Linux?
Message-ID:
<CANKkrzEDDXdGVFRA8QCpP_p-0XnHf10mTjJ+LW-tAtSH=sv2Mg(a)mail.gmail.com>
Content-Type: text/plain; charset="utf-8"
I'm trying to validate the PCR values computed by my TPM. They're mostly okay, but PCR 7 is giving me a weird value. I'm wondering if I'm missing something.
I'm running Debian 10.1 on an X1 Carbon (gen 6). I don't believe I have any system software installed and configured to use the TPM. (E.g., I have full disk encryption enabled, but it's currently using a password rather than the TPM.)
When I run tpm2_pcrread to read the PCRs, I get:
$ sudo tpm2_pcrread | head -9
sha1:
0 : 0x2365D6AB190CC51FD04911A36A6620578F5A15B7
1 : 0x90CDA14DCFA4B62CDE2898625606298C71A94F7C
2 : 0xB2A83B0EBF2F8374299A5B2BDFC31EA955AD7236
3 : 0xB2A83B0EBF2F8374299A5B2BDFC31EA955AD7236
4 : 0x9C27A66C20926B86EA3120FA36CC75D0EE870E0D
5 : 0xA842C2C96B7D8813837174751AEADB5314316ACB
6 : 0xB2A83B0EBF2F8374299A5B2BDFC31EA955AD7236
7 : 0xDB9CFC01DCC5C88ACBE9C6E2DB0E6BC4EA231AC6
And when I replay the event log from
/sys/kernel/security/tpm0/binary_bios_measurements, I get:
$ python sum.py < binary_bios_measurements
0 2365D6AB190CC51FD04911A36A6620578F5A15B7
1 90CDA14DCFA4B62CDE2898625606298C71A94F7C
2 B2A83B0EBF2F8374299A5B2BDFC31EA955AD7236
3 B2A83B0EBF2F8374299A5B2BDFC31EA955AD7236
4 9C27A66C20926B86EA3120FA36CC75D0EE870E0D
5 A842C2C96B7D8813837174751AEADB5314316ACB
6 B2A83B0EBF2F8374299A5B2BDFC31EA955AD7236
7 37A1A97D5F0BE67FBD544A1604C843BCEE4EE3B2
[I've attached the binary_bios_measurement file, and I've also included my sum.py script below.]
Note that PCRs 0 through 6 match, but PCR 7 has a different value. I haven't manually written anything into PCR 7, and I get the same mismatched results even after rebooting.
I noticed that Shim is generating malformed event log entries (see
https://github.com/rhboot/shim/issues/184 for details), but even my attempts to correct for that don't seem to resolve the discrepancy (not that I'd expect them to anyway---I'm just running out of ideas).
My best guess is that *something* (Shim? Grub? The Linux kernel? Some Debian userspace program?) is writing to PCR 7, but not recording a log entry (or logging somewhere other than binary_bios_measurements). However, I'm at a loss for what that might be, or how to track it down.
Any recommendations would be greatly appreciated.
Thanks,
Matthew
# sum.py
import hashlib
import struct
import sys
pcrs = ['\x00' * 20] * 8
def extend(pcr, digest):
h = hashlib.sha1()
h.update(pcrs[pcr])
h.update(digest)
pcrs[pcr] = h.digest()
events = sys.stdin.read()
while events:
pcr, kind, digest, size = struct.unpack("<II20sI", events[:32])
events = events[32 + size:]
extend(pcr, digest)
for i, pcr in enumerate(pcrs):
print i, pcr.encode('hex').upper()
1 year, 7 months