Software TPM Introduction

The software TPM is targeted toward application development, education, and virtualization.

Software Development

The intent is that an application can be developed using the software TPM. The application should then run using a hardware TPM without changes.

Advantages of this approach:

In contrast to a hardware TPM, it runs on many platforms and it's generally faster.
Application software errors are easily reversed by simply removing the TPM state and starting over.
Difficult crypto errors are quickly debugged by looking inside the TPM. The extensive tracing supports remote diagnosis and support.
The tracing and ability to step through code, as well as the supporting TPM demo utilities, help to understand how a TPM works.
The TPM defaults to minimal resources, although this is easily changed. Since hardware TPM resources (e.g., key and session slots) vary, this default helps detect an application that might not be portable to TPMs from different vendors.
See also the TPM Proxy

This package contains four modules (the items in the green boxes):

Software TPM: A complete TPM 1.2 implementation. Portions of the specification are reproduced with permission of the Trusted Computing Group.
libtpm: A library of low level demo TPM function calls
Utilities: A set of demo command line utilities and a TPM regression test using libtpm
TPM Proxy: Proxies used to connect a TCP/IP based TPM interface to a hardware TPM device driver
Trousers Interface: Instructions for running the SW TPM with Trousers
TCG TPM Test Suite: Instructions for running the SW TPM with the TCG TPM Test Suite

The IBM Software TPM can be downloaded here.

See also the TrouSers TSS for Linux, the Linux Integrity Subsystem and Open Platform Trust Services (OpenPTS).

Architecture

The typical Software TPM interface is TCP/IP sockets. The block diagram shows that many host applications, such as the Trousers TSS , the IBM TPM utilities and regression test, the TCG TPM test suite, and the IBM DAA test suite all support this socket interface.

Some advantages are:

An application can connect to more than one TPM. For example, TPM to TPM key migration is easily tested.
Using the TPM proxy, an application can transparently switch between software and hardware TPMs
An application can connect to a remote hardware TPM, allowing application debug on a platform that does not have a TPM, where the platform hosting the TPM does not currently support the application, or where the application developer is at a remote location.
The TPM can be halted and restarted, or the platform rebooted, without stopping the application.
A proxy in the socket path can intercept and trace TPM commands and responses.

Software TPM

The features include:

Current to TPM 1.2 revision 116 with updates to 117
Coded in C
Interfaces
- TCP/IP or Unix domain sockets
  - multiple TPMs
  - multiple operating systems
  - mix hardware and software TPMs
  - simple TPM server reboot
  - scripting tester
- direct function call
- does not simulate TIS registers or the LPC bus
Platforms
- Windows XP 32 and 64 bit
- Linux 32 and 64 bit
- AIX PPC
- IBM Cell processor (not included)
- IBM Crypto Coprocessor (not included)
Uses openSSL 0.9.8 or 1.0.0 crypto library
#ifdef's for
- PC Client
- TPM 1.1 (not well tested)
- tracing
- TPM_Init
Optional callbacks for
- locality
- physical presence
- GPIO
Environment variables for
- NVRAM directory
- Socket hostname and port, Unix domain socket
Goal was correct, portable, maintainable code
Goal was not performance, code size, memory size
Options implemented
- All optional commands, all deprecated commands
- audit
- Optional key sizes
- AES for ADIP and transport, CTR and OFB mode
Testing
- IBM regression test
- TCG TPM test suite
- IBM Zurich DAA test
- Trousers TSS regression test
- Key migration to/from hardware TPM

libtpm

libtpm supports the Utilities. It compiles to a shared object or DLL. It provides a low level API to TPM command ordinals.

Here is some background material.

Linux: The TPM interfaces are TCP/IP sockets to the Software TPM or TPM Proxy, Unix domain sockets, or the hardware TPM device driver.
Windows: The TPM interfaces is TCP/IP sockets only. Use the TPM Proxy to connect to a hardware TPM device driver.

Utilities

Utilities is a number of command line programs. Each typically maps directly to TPM command ordinals, but some support authorization session setup or context saving.

In general, the -h option provides help for each program.

TPM Proxy

The TPM Proxy acts on one side as a TCP/IP socket server and on the other side as an interface to the TPM device driver. It passes commands from the socket to the device driver and passes responses from the device driver to the socket.

The proxies are useful in cases such as:

Connecting the libtpm Windows version (socket only) to a Windows hardware TPM.
The host application supports TCP/IP sockets but is not ported to the platform where the TPM is running. Porting the proxy is easier than porting the application.
One application can connect to more than one TPM, with some TPMs running on another platform.
The proxy, in verbose mode, will trace each TPM command and response packet. This aids debugging, especially in cases where the application itself does not trace. Both the Trousers TSS and libtpm support the socket interface.
While libtpm and thus the utilities support both socket and device driver interfaces, it is often more convenient to compile once for sockets and use the proxy.

Trousers Interface

The Trousers TSS can interface to the SW TPM using TCP/IP sockets. Here are some instructions. Please provide feedback.

TCG TPM Test Suite

To interface the TCG TPM Test Suite to the SW TPM using TCP/IP sockets:

Start the tpmtest program with the -HSC hostname:port options, where hostname is the host where the TPM is running, possibly localhost, and port is the socket port number that the TPM is listening on.