From: <Andreas.Fuchs@infineon.com>
To: al.garnier.trad@gmail.com, tpm2@lists.linuxfoundation.org
Subject: Re: [Tpm2] Windows TBS and using tpm2-tss FAPI
Date: Wed, 29 Nov 2023 08:04:09 +0000 [thread overview]
Message-ID: <929c5dd33de64b258fdcd3a40aa83669@infineon.com> (raw)
In-Reply-To: <CANbXECnRoE2R3mog=aj_qDYFkDj-fvwYkpoZNVyyayyEHXHyrQ@mail.gmail.com>
[-- Attachment #1: Type: text/plain, Size: 1973 bytes --]
Hi Alexis,
that sounds like a lot of great work.
So ESYS should be working just fine. I had no problems using it just like under linux.
Can you tell me what your problems are ?
Regarding FAPI; yes the provisioning is something we have to figure out.
The reason is that Windows will already do some of these steps, such as setting auth values and making keys persistent.
I’d love to help here.
Do you already have the FAPI modules for file storage ported over to windows ?
Cheers,
Andreas
From: Tpm2 <tpm2-bounces@lists.linuxfoundation.org> On Behalf Of Alexis Garnier
Sent: Dienstag, 28. November 2023 19:42
To: tpm2@lists.linuxfoundation.org
Subject: [Tpm2] Windows TBS and using tpm2-tss FAPI
Caution: This e-mail originated outside Infineon Technologies. Do not click on links or open attachments unless you validate it is safe<https://intranet-content.infineon.com/explore/aboutinfineon/rules/informationsecurity/ug/SocialEngineering/Pages/SocialEngineeringElements_en.aspx>.
Hello,
I have been trying to implement a solution using the tpm2-tss FAPI to talk to a Windows TPM, via the TCTI TBS.
I have used the FAPI successfully on Linux and thought that by using the Visual Studio existing solution in tpm2-tss and porting the tpm2-tss FAPI on top I might be able to have something working.
Whilst part of the solution seems to work, the Windows TPM has been uncooperative on a lot of instances, first during the startup sequence when trying to get capabilities, among other things.
I'm also assuming the provisioning process based on the fapi profiles process will not work for TBS.
My question is simple, has there ever been a successful ESYS implementation on Windows ? One with examples I might be able to base myself on to try and make it work ?
I might be a bit green when it comes to working with TPMs so I apologize if my request seems ignorant.
Thanks in advance for your help
Regards,
Alexis Garnier
[-- Attachment #2: Type: text/html, Size: 7093 bytes --]
prev parent reply other threads:[~2023-11-29 8:04 UTC|newest]
Thread overview: 2+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-11-28 18:41 [Tpm2] Windows TBS and using tpm2-tss FAPI Alexis Garnier
2023-11-29 8:04 ` Andreas.Fuchs [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=929c5dd33de64b258fdcd3a40aa83669@infineon.com \
--to=andreas.fuchs@infineon.com \
--cc=al.garnier.trad@gmail.com \
--cc=tpm2@lists.linuxfoundation.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox