Access OPTIGA™ TPM 2.0 [1] on your Windows machine using TPM Base Services (TBS). The TBS feature is a system service that allows transparent sharing of the Trusted Platform Module (TPM) resources.
The project will interact with your Windows' TPM. Be cautious or risk losing your precious data!
- Tested on a Windows 10 machine with the following specifications:
- Using the Windows TPM utility (tpm.msc) to check if your machine has an Infineon (IFX) TPM 2.0:
- Install IntelliJ IDEA [2], community version will do
Download Microsoft TSS project (forked from [3]):
$ git clone https://github.com/wxleong/TSS.MSR
$ git checkout develop-tbs-optiga-tpm-release-1.0
Start IntelliJ IDEA with "Run as Administrator" and open the Maven project TSS.MSR/TSS.Java
. The IDEA will resolve Maven dependencies, wait for it to complete.
Start IntelliJ IDEA with "Run as Administrator", build and run the JUnit tests in TSS.MSR/TSS.Java/src/test/TSSMainTests.java
:
main()
: The main test campaignclean()
: To clean up any persistent keys, transient keys, and open sessions from runningmain()
Addressed failures:
Test case | Error | Info | Workaround |
---|---|---|---|
DrsClient.runProvisioningSequence() |
AES encryption/decryption | Not supported by TPM | Switched to software AES, check commit 4667abb |
DrsClient.runProvisioningSequence() |
ActivateCredential | Need administrator permission | Run as Administrator |
hash() |
Hashing algorithm SHA384 | Not supported by TPM | Excluded from test |
pcr1() |
TPM2_PCR_Extend/TPM2_PCR_Event | Need administrator permission | Run as Administrator |
primaryKeys() |
rsaPrimary.outPublic.validateSignature(dataToSign, rsaSigPss) |
Expected to fail, check the note | Fixed in commit f413909 |
primaryKeys() |
eccPrimary.outPublic.validateSignature() |
Expected to fail, check the note | Fixed in commit 4337653 |
softwareKeys() |
tpm.LoadExternal() |
Encountered intermittent error TPM ERROR: {BINDING} , due to the quality of software generated RSA keys |
Fixed in commit 7eca140 |
softwareKeys() |
tpm.Sign() |
Encountered error TPM ERROR: {HANDLE} |
Fixed in commit 3575aed |
[1] https://www.infineon.com/cms/en/product/security-smart-card-solutions/optiga-embedded-security-solutions/optiga-tpm/
[2] https://www.jetbrains.com/idea/
[3] https://github.com/microsoft/TSS.MSR
This project is licensed under the MIT License - see the LICENSE file for details.