Today, the Trusted Computing for the Java Platform project[1]
released an update of jTSS, a Trusted Software Stack (TSS)
implemented in 100% Java, and jTpmTools, a command-line tool to
exercise various TPM features.
This update adds a comprehensive set of new commands to allow
manipulation of TPM NV storage. This also allows to setup
the proper policies for Trusted Boot[2], a tool to perform a
measured "late launch" via Intel TXT technology.
The new commands are:
* Non Volatile Storage:
nv_decode: decode data in non-volatile storage of the TPM
nv_definespace: define an index and space in TPM NV RAM
nv_lock: set the global lock for the NV storage - FOREVER!
nv_releasespace: release a defined index
nv_write: write data to TPM's NV RAM
* Intel(R) Trusted eXecution Technology (TXT):
txt_policy: create a TXT Launch Control Policy (LCP)
txt_policyinfo: show informations about a LCP file
* TBoot:
tboot_pcr18: calculate value of PCR 18 after trusted boot
tboot_pcr19-22: calculate values of PCRs above PCR 18 after trusted boot
tboot_policy: create and modify TBoot Verified Launch Policy (VLP)
tboot_policyinfo: show informations about a VLP file
This release is EXPERIMENTAL!
You can PERMANENTLY DAMAGE YOUR HARDWARE with this software!
USE AT YOUR OWN RISK!
We succeeded in setting up a measured TBoot on a HP dc7900,
solely by using jTpmTools. However, a Intel DQ45CB got fried upon
executing SINIT.
Thus, your experience may vary.... :-)
This release is a little bit rushed as we are hosting the
4th European Trusted Infrastructure Summerschool[3] this year
and things are kinda hectic currently.
If you come to ETISS - say hello!
Thanks to all who contributed to this release!
Have fun,
Martin
[1] http://trustedjava.sourceforge.net/
[2] http://sourceforge.net/projects/tboot/
[3] http://www.etiss.org/
|
