Re: [Trustedjava-support] EK certificate storage

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 422-6466

Hi...

On 2012-05-28 19:09, dna...@de... wrote:
> Is there a way to to install EK certificates to the the TPM's NV ram

An EK certificate in the TPM's NV ram is located in an NV area with
a well-known index.

If you run jTpmTools nv_decode command you can examine the NV area in
more detail. An example output on an IFX TPM may look like this:

   8 indices in NV storage found
   use '--index xxxxxxxx' for full details
   (append '--raw' for additional raw hex dump of content)
   (append '--dump-file path' to dump the content of index to a file)

   Index         Size        TPUD   Description
   ------------------------------------------------------------------------
   0x20000001     256 bytes  ..U.   tboot Verified Launch Policy
   0x10000001      20 bytes  ...D   deprecated DIR command area from TPM 1.1
   0x1000f000    1704 bytes  ...D   TPM Endorsement Key Certificate
   0x30000001     576 bytes  ..UD   unknown index
   0x50000001      34 bytes  .P.D   Intel TXT INDEX_LCP_DEF
   0x20000002       8 bytes  ..U.   tboot launch error index
   0x50000002      64 bytes  .P.D   Intel TXT INDEX_AUX
   0x40000001      34 bytes  .P..   Intel TXT INDEX_LCP_OWN

Here you see that the EK cert is at index 0x1000f000.
Please see the TPM specifications part 2, chapter 19.1 "TPM_NV_INDEX"
for an explanation of the index number.

You may use the other options of nv_decode to explore the NV data
areas in more detail.

In theory, on a TPM without preloaded EK certificate you may just
setup a correct NV area on your own and load your own certificate.

In practice, we know no one who has ever tried this.

> that have been either self signed or issued by a privacy certificate
> authority?

The EK cert is the proof that there is really a hardware TPM and not
some kind of TPM software emulation on a platform.

You can create your own EK certificate - our tccert library should
provide all the necessary X509 certificate data structures - however
then you have to convince some other party that your self-created
cert is of any value.

> At the moment I am having an issue with collateIdentityRequest Command
> not sending the EK public key in its Identity Proof for manufacturers
> that are not IFX.  Is there a way around this problem?

In the best case a TSS can automatically use the EK cert provided
on-chip as it is in a defined location - see above.

However, depending on the TSS you use you may just provide the EK cert
in a different way. With TrouSerS you may set in tcsd.conf the path
to the EK cert file and TrouSerS then uses this one.

Alternatively, you can explicitly provide the TSS with an EK cert
at program runtime, in jTSS this can be achieved like

  TcITpm tpm = context_.getTpmObject();
  tpm.setAttribData(TcTssConstants.TSS_TSPATTRIB_TPM_CREDENTIAL,
                    TcTssConstants.TSS_TPMATTRIB_EKCERT, ekcertblob);

Please see the TSS specification and our JTpmTools code examples for
more details.

HTH,
Martin