diff --git a/PythonExamples/README.md b/PythonExamples/README.md index 5dbcfc2..1997655 100644 --- a/PythonExamples/README.md +++ b/PythonExamples/README.md @@ -14,4 +14,28 @@ Each example can be run just by typing `python3 example.py` Each example has an accompanying description as markdown file, plus annotated code. +<<<<<<< HEAD * [quote](quote.md) +======= + * [randomnumber] + * [quote] + +## Notes on TCTI Errors + +When an `ESAPI` object is created it will print out errors as it searches for a suitable TPM devices. For example: + +```bash +~/tpm.dev.tutorials/PythonExamples$ python3 randomnumber.py +ERROR:tcti:src/tss2-tcti/tcti-device.c:442:Tss2_Tcti_Device_Init() Failed to open specified TCTI device file /dev/tpmrm0: No such file or directory +ERROR:tcti:src/tss2-tcti/tctildr-dl.c:154:tcti_from_file() Could not initialize TCTI file: libtss2-tcti-device.so.0 +ERROR:tcti:src/tss2-tcti/tcti-device.c:442:Tss2_Tcti_Device_Init() Failed to open specified TCTI device file /dev/tpm0: No such file or directory +ERROR:tcti:src/tss2-tcti/tctildr-dl.c:154:tcti_from_file() Could not initialize TCTI file: libtss2-tcti-device.so.0 +ERROR:tcti:src/tss2-tcti/tcti-swtpm.c:222:tcti_control_command() Control command failed with error: 1 +ERROR:tcti:src/tss2-tcti/tcti-swtpm.c:330:tcti_swtpm_set_locality() Failed to set locality: 0xa000a +WARNING:tcti:src/tss2-tcti/tcti-swtpm.c:599:Tss2_Tcti_Swtpm_Init() Could not set locality via control channel: 0xa000a +ERROR:tcti:src/tss2-tcti/tctildr-dl.c:154:tcti_from_file() Could not initialize TCTI file: libtss2-tcti-swtpm.so.0 +type is +r is a10ab7558675a56c +as hex 11604288967829464428 +``` +>>>>>>> a53da59 (added random numbers and updated text) diff --git a/PythonExamples/__pycache__/random.cpython-39.pyc b/PythonExamples/__pycache__/random.cpython-39.pyc new file mode 100644 index 0000000..ad2a556 Binary files /dev/null and b/PythonExamples/__pycache__/random.cpython-39.pyc differ diff --git a/PythonExamples/quote.md b/PythonExamples/quote.md index 5cc33e0..dc22575 100644 --- a/PythonExamples/quote.md +++ b/PythonExamples/quote.md @@ -26,18 +26,12 @@ To run type `python3 quote.py` Errors might be generated as the pytss libraries search for a suitable TPM device. If everything is successful then a pretty printed JSON structure will be shown. -## Example Output +## Output + +The following is example output: ```bash -~/tpm.dev.tutorials/PythonExamples$ python3 quote.py -ERROR:tcti:src/tss2-tcti/tcti-device.c:442:Tss2_Tcti_Device_Init() Failed to open specified TCTI device file /dev/tpmrm0: No such file or directory -ERROR:tcti:src/tss2-tcti/tctildr-dl.c:154:tcti_from_file() Could not initialize TCTI file: libtss2-tcti-device.so.0 -ERROR:tcti:src/tss2-tcti/tcti-device.c:442:Tss2_Tcti_Device_Init() Failed to open specified TCTI device file /dev/tpm0: No such file or directory -ERROR:tcti:src/tss2-tcti/tctildr-dl.c:154:tcti_from_file() Could not initialize TCTI file: libtss2-tcti-device.so.0 -ERROR:tcti:src/tss2-tcti/tcti-swtpm.c:222:tcti_control_command() Control command failed with error: 1 -ERROR:tcti:src/tss2-tcti/tcti-swtpm.c:330:tcti_swtpm_set_locality() Failed to set locality: 0xa000a -WARNING:tcti:src/tss2-tcti/tcti-swtpm.c:599:Tss2_Tcti_Swtpm_Init() Could not set locality via control channel: 0xa000a -ERROR:tcti:src/tss2-tcti/tctildr-dl.c:154:tcti_from_file() Could not initialize TCTI file: libtss2-tcti-swtpm.so.0 +~/tpm.dev.tutorials/PythonExamples$ python3 quote.py att= ae= {'attested': {'pcrDigest': '38723a2e5e8a17aa7950dc008209944e898f69a7bd10a23c839d341e935fd5ca', 'pcrSelect': [{'hash': 'sha256', 'pcrSelect': [0, 1, 2, 3]}]}, 'clockInfo': {'clock': 308418200, 'resetCount': 22, 'restartCount': 0, 'safe': 1}, 'extraData': '49616e3132333435', 'firmwareVersion': [538513443, 1455670], 'magic': 4283712327, 'qualifiedSigner': '000bff3ea118be81e7f10ead098c900b93c885785e828bf27d824a87add847b5ec56', 'type': 'attest_quote'} @@ -73,4 +67,6 @@ ae= "type": "attest_quote" } -``` \ No newline at end of file +``` + +The *magic number* of the quote is returned as an integer `4283712327` this corresponds to the better known TPM returned byte sequence `FF544347` in hex. \ No newline at end of file diff --git a/PythonExamples/randomnumber.md b/PythonExamples/randomnumber.md new file mode 100644 index 0000000..17ac548 --- /dev/null +++ b/PythonExamples/randomnumber.md @@ -0,0 +1,30 @@ +# Quote + +This example demonstrates the use of ESAPI.get_random + +The code will: + + * setup the ESAPI interface + * send a TPM_STARTUP clear command + * request 8 random numbers from the TPM + * print out the result + +## Setup and Variables + +No specific setup is required. You may wish to change the number of bytes returned in the `get_random` call. + +## Running + +To run type `python3 quote.py` + +Errors might be generated as the pytss libraries search for a suitable TPM device. If everything is successful then a random number will be shown. + +## Output + +```bash +~/tpm.dev.tutorials/PythonExamples$ python3 randomnumber.py +type is +r is a10ab7558675a56c +as int 11604288967829464428 + +``` \ No newline at end of file diff --git a/PythonExamples/randomnumber.py b/PythonExamples/randomnumber.py new file mode 100644 index 0000000..97a58ec --- /dev/null +++ b/PythonExamples/randomnumber.py @@ -0,0 +1,31 @@ +# +# Import the tpm2_pytss libraries +# + +from tpm2_pytss import * + +# +# Make a connection to a TPM and use the ESAPI interface +# tcti=None means that the pytss libraries will search for an available TCTI +# +# +# When this is run, then as the various TCTI interfaces are searched errors are written if those interfaces are not foud +# + +tpm = ESAPI(tcti=None) + +# +# Send a startup message, just in case (actually this is because I'm using the IBM SW TPM and haven't started it properly) +# + +tpm.startup(TPM2_SU.CLEAR) + +# +# Now to make the quote and return the attested values and signature +# + +r = tpm.get_random( 8 ) + +print("type is ",type(r)) +print("r is ",str(r)) +print("as int ",int(str(r),16)) \ No newline at end of file