ASR-A501 TPM

From ESS-WIKI
Jump to: navigation, search

The Trusted Platform Module (TPM) is a hardware chip that safeguards the security of computer systems. It can securely store sensitive data, preventing it from being stolen. It generates unique identifiers based on hardware and software configurations, which are used for platform authentication. Additionally, it can serve as a hardware random number generator and an encryption accelerator.

ASR-A501 supports one external tpm.

Check TPM Device

List tpm device 

# ls /dev/tpm*
/dev/tpm0 /dev/tpmrm0

It is also possible to check tpm activity with the following command. 

# i2cdump –f –y 6 0x2e

Usage

Here are two ways to use tpm:

1. Python scripts Python scripts can be used to send simple commands to the TPM device. For instance, hereafter is a simple script for sending a TPM2_GetRandom command and requesting 16 random bytes. 

import binascii
with open('/dev/tpm0','r+b',buffering=0) as tpm : tpm.write(binascii.unhexlify(b'80010000000c0000017b0010')) print(tpm.read())

After writing the desired code to a file (for instance named TPM2_GetRandom.py), execute it with the following command: 

# python3 TPM2_GetRandom.py

2. C language scripts In the same way as Python scripts, C language scripts can be used to send commands to the TPM device. The previous example for sending a TPM2_GetRandom command and requesting 16 random bytes is also achieved with the following code: 

#include <stdio.h>
int main() { 
FILE *tpm; char str[] = "\x80\x01\x00\x00\x00\x0c\x00\x00\x01\x7b\x00\x10"; 
char buffer[100]; int i, n; 
tpm = fopen("/dev/tpm0", "rb+"); 
if (tpm == NULL){ 
printf("ERROR: Could not open driver file.\n");
return -1; 
} 
n=fwrite(str, 1, sizeof(str), tpm); 
if (n != sizeof(str)){ printf("ERROR: Could not write bytes to TPM.\n");
fclose(tpm); return -1; } n = fread(buffer, 1, sizeof(buffer), tpm); 
printf("TPM Response: ");
for (i=0; i<n; i++){ printf("%x ", buffer[i]); } 
printf("\n"); fclose(tpm); return 0; }

Save these instructions to a TPM2_GetRandom.c file. C language scripts are different from Python scripts because they have to be compiled before they are executed by the terminal. To compile the script, use the following command: 

# gcc TPM2_GetRandom.c -o TPM2_GetRandom

Then to execute the script: 

# ./TPM2_GetRandom
Retrieved from "https://ess-wiki.advantech.com.tw/wiki/index.php?title=ASR-A501_TPM&oldid=39719"