Menu
▾
▴
trustedjava-support
|
From: Sebastian L. <seb...@gm...> - 2011-01-24 12:14:44
|
Hi List, I'm using a custom written TDDL implementation to be able to connect to multiple software TPM instances. I am currently using the TcTcsProperties class to set an instance ID property which the TDDL can read out to know which TPM to connect to. The problem is that the TcTcsProperties class is designed as singleton so I cannot use it to manage multiple TDDL connections. Is jTSS even designed to work with multiple TPM devices (software emulators)? Any Idea on how to be able to pass an ID over to TCS so it knows which TPM device to talk to? Kind regards, Sebastian. |
|
From: Ronald T. <ron...@ia...> - 2011-01-24 12:27:46
|
Hi Sebastian,
From the architectural point of view, you should use separate instances
of the TCS service for each TPM instance. You can then discern them by
using different port numbers for the SOAP interface.
Practically, there is a bug in the Soap Binding implementation so that
it will ignore your selection in TCIContext.connect("<hostname>") and
will just use the settings from the .ini file. :-/
Do you need to call to several TPMs from the same JVM process/Class
Loader hierarchy? Else, you can just use one app for each TPM and set it
in the ini file.
hth,
Ronald
On 01/24/2011 01:14 PM, Sebastian Luft wrote:
> Hi List,
> I'm using a custom written TDDL implementation to be able to connect
> to multiple software TPM instances. I am currently using the
> TcTcsProperties class to set an instance ID property which the TDDL
> can read out to know which TPM to connect to. The problem is that the
> TcTcsProperties class is designed as singleton so I cannot use it to
> manage multiple TDDL connections.
> Is jTSS even designed to work with multiple TPM devices (software
> emulators)? Any Idea on how to be able to pass an ID over to TCS so it
> knows which TPM device to talk to?
> Kind regards, Sebastian.
--
Dipl.-Ing. Ronald Tögl phone +43 316/873-5502
Secure and Correct Systems fax +43 316/873-5520
IAIK ron...@ia...
Graz University of Technology http://www.iaik.tugraz.at
|
|
From: Thomas W. <tc...@to...> - 2011-01-24 12:41:04
|
Hi, > Is jTSS even designed to work with multiple TPM devices (software > emulators)? Any Idea on how to be able to pass an ID over to TCS so it > knows which TPM device to talk to? I'm not sure if jTSS has seen a re-design but I'd say that the TCS layer of jTSS has been designed to work with one single TPM instance. If you have multiple TPMs you most likely will end up with one TCS instance per TPM. You, however, should be able to open connections to several different TCS (and hence TPM) instances at the TSP level. If you really want to follow your approach of handling mutliple TPMs with one single TCS, this likely will result in a (partial) rewrite of the jTSS TCS layer. Regards, -- Thomas Winkler mail: tc...@to... |
|
From: Sebastian L. <seb...@gm...> - 2011-01-24 15:12:20
|
Hi Thomas, > I'm not sure if jTSS has seen a re-design but I'd say that the TCS layer of > jTSS has been designed to work with one single TPM instance. If you have > multiple TPMs you most likely will end up with one TCS instance per TPM. You, > however, should be able to open connections to several different TCS (and hence > TPM) instances at the TSP level. > > If you really want to follow your approach of handling mutliple TPMs with one > single TCS, this likely will result in a (partial) rewrite of the jTSS TCS > layer. That's exactly what I want. I have one Java application (equals one TSP) running on one JVM and there I want to instantiate several TCS, each with one TDDL connection to one TPM. The problem is: How can I pass different configuration options to each TCS? I can create multiple contexts (connection between TSP and TCS) with TcIContext context0 = new TcTssContextFactory().newContextObject(); but when they accessing TcTcsProperties from inside (i.e. inside TDDL) they all will get the same property values because it is singleton. To summarize: I need a possibility to pass different values to each TCS (TDDL) instance. Regards, Sebastian. |
|
From: Sebastian L. <seb...@gm...> - 2011-01-25 11:27:19
|
Hi list, it's me again. I just noticed that even iaik.tc.tss.impl.java.tddl.TcTddl is implemented as singleton. Doesn't that make it impossible to create different TPM connections inside the same runtime JVM? Regards, Sebastian. |
|
From: Thomas W. <tc...@to...> - 2011-01-25 11:36:34
|
Hi, > I just noticed that even iaik.tc.tss.impl.java.tddl.TcTddl is > implemented as singleton. Doesn't that make it impossible to create > different TPM connections inside the same runtime JVM? Well - not impossible but probably a lot of work (not sure how much). It was never the intention of the jTSS design to run multiple TCS instances in one single JVM. But you have all the jTSS source so if you really need that feature... ;-) I still have not understood why you need several TCS instances in one single JVM. I can understand that you might need several connections to different TCS instances running in different JVMs. From your application's point of view this does not look very different than the (hypothetical) case of multiple connections to different TCS instances in the same VM. And that's something that should be doable with jTSS without much effort. Regards, -- Thomas Winkler mail: tc...@to... |
|
From: Ronald T. <ron...@ia...> - 2011-01-25 13:26:55
|
Hi, Tom is right, and I'll just add some explanation to the discussion. Remember that a TSS such as jTSS consists of TSP and TCS layers, connected by some binding interface (local := reliance on the Java class loader or soap := XML over TCP/IP). You alwayse need a single TCS per hardware TPM, because the TCS has been designed to be a software abstraction and management layer of the chip. There can only be one TCS instance per singleton TPM. You can however run arbitrarily many TCS daemons on your system, if you assign them separate TPMs, storage directories and SOAP port numbers. In each of your applications, you can also load just one instance of the TSP library. However, you can create as many TPMContexts and connections to the TCS layer there as you like. You can also connect those contextes to different TCS services (using the hotfix I sent you). Note that you must use SOAP bindings for this. Thus you should be able to use different TPMs at the same time. Still, this has not been tested and side effects might occur. hth, Ronald On 01/25/2011 12:36 PM, Thomas Winkler wrote: >> I just noticed that even iaik.tc.tss.impl.java.tddl.TcTddl is >> implemented as singleton. Doesn't that make it impossible to create >> different TPM connections inside the same runtime JVM? > I still have not understood why you need several TCS instances in one single > JVM. I can understand that you might need several connections to different TCS > instances running in different JVMs. From your application's point of view this > does not look very different than the (hypothetical) case of multiple > connections to different TCS instances in the same VM. And that's something > that should be doable with jTSS without much effort. -- Dipl.-Ing. Ronald Tögl phone +43 316/873-5502 Secure and Correct Systems fax +43 316/873-5520 IAIK ron...@ia... Graz University of Technology http://www.iaik.tugraz.at |
×
Want the latest updates on software, tech news, and AI?
Get latest updates about software, tech news, and AI from SourceForge directly in your inbox once a month.
Thanks for helping keep SourceForge clean.
X