IBM TPM Attestation Client Server Wiki
IBM's TPM 2.0 Attestation Client Server
Status: Alpha
Brought to you by:
kagoldman
Welcome to your wiki!
This is the default page, edit it as you see fit. To add a new page simply reference it within brackets, e.g.: [SamplePage].
The wiki uses Markdown syntax.
If the ACS project is not in the same directory as the TSS and utilities. libibmtss.so, libibmtssutils.so and possibly libibmtssutils12 have to be in the library path.
Revision 1658
This revision was driven by the UEFI parser. The client sends EV_NO_ACTION events, since they can affect PCR 0. The server similarly processes EV_NO_ACTION events. The server propagates the first informative event, since a future UEFI parser potentially needs the pre-OS event log version.
Revision 1630
This revision improves the quote performance. It reconstructs the PCRs in the first pass from the event logs rather than using the client supplied values. This is enabled by a new IMA guarantee that the event append - extend is atomic even in a multithreaded case.
Revision 1470
This revision has a few minor changes.
Revision 1362
This revision matches the newer IBM TSS releases, which renames the include directory and library at the request of a Linux distro.
Minor changes:
Revision 1242
This is a significant update.
Revision 976
Added a new web page to display the BIOS event log, with approporiate links
Minor improvements include:
Revision 898
This is a significant update with support for EC (elliptic curve) keys. clientek can provision a SW TPM with an EC EK certificate. clientenroll can enroll an EC attestation key using the EC EK certificate. client and server can validate EC signed quotes.
Revision 873
Revision 834
Last edit: Ken Goldman 2021-01-29