| Arun kumar Sekar | 2ac5633 | 2018-03-30 11:20:30 -0700 | [diff] [blame] | 1 | 1. Download TPM emulator - ibmtpm974.tar.gz |
| 2 | (Note: Optional. No need to execute this step if the system has real TPM device on it) |
| Pramod | 76f424e | 2018-03-29 10:22:33 -0700 | [diff] [blame] | 3 | a. cd src/ |
| 4 | b. make |
| 5 | c. Run tpm_server binary - ./tpm_server –rm |
| 6 | |
| 7 | 2. Download TSS version 1.2.0 |
| 8 | a. Run following commands |
| 9 | i. ./bootstrap |
| 10 | ii. ./configure |
| 11 | iii. If you face any error for pkg-config, |
| 12 | 1. export PKG_CONFIG_PATH=/usr/local/lib/pkgconfig |
| 13 | iv. make && make install |
| 14 | |
| 15 | 3. Download tpm2-abrmd version 1.1.1 |
| 16 | a. Run following commands |
| 17 | i. sudo useradd --system --user-group tss |
| 18 | ii. cd tpm2-abrmd |
| 19 | iii. ./bootstrap |
| 20 | iv. ./configure |
| 21 | v. If you face any error for pkg-config, |
| 22 | 1. export PKG_CONFIG_PATH=/usr/local/lib/pkgconfig |
| 23 | vi. make && make install |
| 24 | vii. sudo udevadm control --reload-rules && sudo udevadm trigger |
| 25 | viii. sudo pkill -HUP dbus-daemon |
| 26 | ix. systemctl daemon-reload |
| 27 | b. Run tpm2-abrmd as follows - ./tpm2-abrmd -t socket |
| 28 | c. Check in tpm_server whether following debug prints are resulted in console, after resource manager startup |
| 29 | Client accepted |
| 30 | Client accepted |
| 31 | |
| 32 | 4. Download tpm2-tools version 2.1.0 |
| 33 | a. Run the following commands |
| 34 | i. ./bootstrap |
| 35 | ii. ./configure |
| 36 | iii. make && make install |
| 37 | |
| 38 | 5. Now configure Initialize TPM, configure with Primary key and then save it in TPM’s NV ram |
| Arun kumar Sekar | 2ac5633 | 2018-03-30 11:20:30 -0700 | [diff] [blame] | 39 | (Equivalent of script - initandverify/Init_and_create_tpm_primary.sh, you can run that script) |
| Pramod | 76f424e | 2018-03-29 10:22:33 -0700 | [diff] [blame] | 40 | a. Initialize TPM |
| 41 | i. tpm2_startup -clear -T tabrmd –V |
| 42 | b. Take ownership |
| 43 | i. tpm2_takeownership -o new -e new -l new -T tabrmd –V |
| 44 | c. Create Primary Key |
| 45 | i. tpm2_createprimary -P new -A o -g 0x000B -G 0x0001 -T tabrmd -V -C PrimaryKeyBlob |
| 46 | d. Save primary Key in NV ram |
| 47 | i. tpm2_evictcontrol -A o -c ./PrimaryKeyBlob -S 0x81000011 -T tabrmd -V -P new |
| 48 | e. Check Primary Keys public portion |
| 49 | i. tpm2_readpublic -H 0x81000011 --opu out_primary_public -T tabrmd –V |
| 50 | f. If all the above commands are successful then TPM emulator, TPM resource manager and TPM tools are working fine |
| 51 | |
| Arun kumar Sekar | 2ac5633 | 2018-03-30 11:20:30 -0700 | [diff] [blame] | 52 | 6. Now compile the TPM duplication and import tools with "make" command (after creation of Makefile) and run it as per instructions. |
| 53 | use "./ossl_tpm_duplicate --help" for usage. |
| 54 | use "./ossl_tpm_import --help" for usage. |
| Pramod | 76f424e | 2018-03-29 10:22:33 -0700 | [diff] [blame] | 55 | |
| 56 | 7. Note: If you restart tpm_server, then you have to restart TPM resource manager too. And the repeat from step 5. |
| 57 | |