fmaury/tpm.dev.tutorials
1
0
Fork 0
mirror of https://github.com/tpm2dev/tpm.dev.tutorials.git synced 2025-05-17 20:43:51 +00:00
Code Issues Projects Releases Packages Wiki Activity

added random number to quote

Browse source
This commit is contained in:
Ian 2022-02-28 20:39:57 +02:00
parent 06f84f29f3
commit 3adf48c399
2 changed files with 43 additions and 6 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

27
PythonExamples/quote.md
View file

@ -9,6 +9,10 @@ The code will:
* request a quote using the given attestation key, pcrs and extradata
* unmarshal the returned data structures and print these as a python dict and convert to JSON and pretty print
then as a bonus example
* generate a random number from the TPM and use that as the extra data to the quote
## Setup and Variables
The following code might need to be modified for you local setup
@ -31,10 +35,18 @@ Errors might be generated as the pytss libraries search for a suitable TPM devic
The following is example output:
```bash
~/tpm.dev.tutorials/PythonExamples$ python3 quote.py
att= <tpm2_pytss.types.TPMS_ATTEST object at 0x7f5fb10419d0>
~/tpm.dev.tutorials/PythonExamples$ python3 quote.py
ERROR:tcti:src/tss2-tcti/tcti-device.c:442:Tss2_Tcti_Device_Init() Failed to open specified TCTI device file /dev/tpmrm0: No such file or directory
ERROR:tcti:src/tss2-tcti/tctildr-dl.c:154:tcti_from_file() Could not initialize TCTI file: libtss2-tcti-device.so.0
ERROR:tcti:src/tss2-tcti/tcti-device.c:442:Tss2_Tcti_Device_Init() Failed to open specified TCTI device file /dev/tpm0: No such file or directory
ERROR:tcti:src/tss2-tcti/tctildr-dl.c:154:tcti_from_file() Could not initialize TCTI file: libtss2-tcti-device.so.0
ERROR:tcti:src/tss2-tcti/tcti-swtpm.c:222:tcti_control_command() Control command failed with error: 1
ERROR:tcti:src/tss2-tcti/tcti-swtpm.c:330:tcti_swtpm_set_locality() Failed to set locality: 0xa000a
WARNING:tcti:src/tss2-tcti/tcti-swtpm.c:599:Tss2_Tcti_Swtpm_Init() Could not set locality via control channel: 0xa000a
ERROR:tcti:src/tss2-tcti/tctildr-dl.c:154:tcti_from_file() Could not initialize TCTI file: libtss2-tcti-swtpm.so.0
att= <tpm2_pytss.types.TPMS_ATTEST object at 0x7f0bebf19070>
ae= <class 'dict'>
{'attested': {'pcrDigest': '38723a2e5e8a17aa7950dc008209944e898f69a7bd10a23c839d341e935fd5ca', 'pcrSelect': [{'hash': 'sha256', 'pcrSelect': [0, 1, 2, 3]}]}, 'clockInfo': {'clock': 308418200, 'resetCount': 22, 'restartCount': 0, 'safe': 1}, 'extraData': '49616e3132333435', 'firmwareVersion': [538513443, 1455670], 'magic': 4283712327, 'qualifiedSigner': '000bff3ea118be81e7f10ead098c900b93c885785e828bf27d824a87add847b5ec56', 'type': 'attest_quote'}
{'attested': {'pcrDigest': '38723a2e5e8a17aa7950dc008209944e898f69a7bd10a23c839d341e935fd5ca', 'pcrSelect': [{'hash': 'sha256', 'pcrSelect': [0, 1, 2, 3]}]}, 'clockInfo': {'clock': 313399693, 'resetCount': 24, 'restartCount': 0, 'safe': 1}, 'extraData': '49616e3132333435', 'firmwareVersion': [538513443, 1455670], 'magic': 4283712327, 'qualifiedSigner': '000bff3ea118be81e7f10ead098c900b93c885785e828bf27d824a87add847b5ec56', 'type': 'attest_quote'}
{
"attested": {
@ -52,8 +64,8 @@ ae= <class 'dict'>
]
},
"clockInfo": {
"clock": 308418200,
"resetCount": 22,
"clock": 313399693,
"resetCount": 24,
"restartCount": 0,
"safe": 1
},
@ -67,6 +79,11 @@ ae= <class 'dict'>
"type": "attest_quote"
}
With randomly generated extra data: 0c830dd1a9dd50c0
ae2= <class 'dict'>
{'attested': {'pcrDigest': '38723a2e5e8a17aa7950dc008209944e898f69a7bd10a23c839d341e935fd5ca', 'pcrSelect': [{'hash': 'sha256', 'pcrSelect': [0, 1, 2, 3]}]}, 'clockInfo': {'clock': 313399694, 'resetCount': 24, 'restartCount': 0, 'safe': 1}, 'extraData': '30633833306464316139646435306330', 'firmwareVersion': [538513443, 1455670], 'magic': 4283712327, 'qualifiedSigner': '000bff3ea118be81e7f10ead098c900b93c885785e828bf27d824a87add847b5ec56', 'type': 'attest_quote'}
```
The *magic number* of the quote is returned as an integer `4283712327` this corresponds to the better known TPM returned byte sequence `FF544347` in hex.

22
PythonExamples/quote.py
View file

@ -76,4 +76,24 @@ print("ae=",type(ae),"\n",ae)
#
js = json.dumps(ae,indent=4)
print("\n",js)
print("\n",js)
#
# Now we'll do the same, except we'll generate the nonce using the TPM's random number generator
#
r = tpm.get_random( 8 )
extradata_to_use = TPM2B_DATA(str(r))
print("\nWith randomly generated extra data: ",str(r))
quote,signature = tpm.quote(
handle, pcrsels, extradata_to_use
)
att,_ = TPMS_ATTEST.unmarshal( bytes(quote) )
enc = json_encdec()
ae = enc.encode(att)
print("ae2=",type(ae),"\n",ae)