1tpm2_policyor(1) General Commands Manual tpm2_policyor(1)
2
3
4
6 tpm2_policyor(1) - logically OR's two policies together.
7
9 tpm2_policyor [OPTIONS]
10
12 tpm2_policyor(1) - Generates a policy_or event with the TPM. It ex‐
13 pects a session to be already established via tpm2_startauthsession(1).
14 If the input session is a trial session this tool generates a policy
15 digest that compounds two or more input policy digests such that the
16 resulting policy digest requires at least one of the policy events be‐
17 ing true. If the input session is real policy session tpm2_policyor(1)
18 authenticates the object successfully if at least one of the policy
19 events are true.
20
22 · -L, --policy=FILE:
23
24 File to save the compounded policy digest.
25
26 · -l, --policy-list=POLICY_FILE_LIST:
27
28 The list of files for the policy digests that has to be compounded
29 resulting in individual policies being added to final policy digest
30 that can authenticate the object. The list begins with the policy
31 digest hash alg.
32
33 · -S, --session=FILE:
34
35 The policy session file generated via the -S option to tpm2_star‐
36 tauthsession(1).
37
38 References
40 This collection of options are common to many programs and provide in‐
41 formation that many users may expect.
42
43 · -h, --help=[man|no-man]: Display the tools manpage. By default, it
44 attempts to invoke the manpager for the tool, however, on failure
45 will output a short tool summary. This is the same behavior if the
46 "man" option argument is specified, however if explicit "man" is re‐
47 quested, the tool will provide errors from man on stderr. If the
48 "no-man" option if specified, or the manpager fails, the short op‐
49 tions will be output to stdout.
50
51 To successfully use the manpages feature requires the manpages to be
52 installed or on MANPATH, See man(1) for more details.
53
54 · -v, --version: Display version information for this tool, supported
55 tctis and exit.
56
57 · -V, --verbose: Increase the information that the tool prints to the
58 console during its execution. When using this option the file and
59 line number are printed.
60
61 · -Q, --quiet: Silence normal tool output to stdout.
62
63 · -Z, --enable-errata: Enable the application of errata fixups. Useful
64 if an errata fixup needs to be applied to commands sent to the TPM.
65 Defining the environment TPM2TOOLS_ENABLE_ERRATA is equivalent. in‐
66 formation many users may expect.
67
69 The TCTI or "Transmission Interface" is the communication mechanism
70 with the TPM. TCTIs can be changed for communication with TPMs across
71 different mediums.
72
73 To control the TCTI, the tools respect:
74
75 1. The command line option -T or --tcti
76
77 2. The environment variable: TPM2TOOLS_TCTI.
78
79 Note: The command line option always overrides the environment vari‐
80 able.
81
82 The current known TCTIs are:
83
84 · tabrmd - The resource manager, called tabrmd
85 (https://github.com/tpm2-software/tpm2-abrmd). Note that tabrmd and
86 abrmd as a tcti name are synonymous.
87
88 · mssim - Typically used for communicating to the TPM software simula‐
89 tor.
90
91 · device - Used when talking directly to a TPM device file.
92
93 · none - Do not initalize a connection with the TPM. Some tools allow
94 for off-tpm options and thus support not using a TCTI. Tools that do
95 not support it will error when attempted to be used without a TCTI
96 connection. Does not support ANY options and MUST BE presented as
97 the exact text of "none".
98
99 The arguments to either the command line option or the environment
100 variable are in the form:
101
102 <tcti-name>:<tcti-option-config>
103
104 Specifying an empty string for either the <tcti-name> or <tcti-op‐
105 tion-config> results in the default being used for that portion respec‐
106 tively.
107
108 TCTI Defaults
109 When a TCTI is not specified, the default TCTI is searched for using
110 dlopen(3) semantics. The tools will search for tabrmd, device and
111 mssim TCTIs IN THAT ORDER and USE THE FIRST ONE FOUND. You can query
112 what TCTI will be chosen as the default by using the -v option to print
113 the version information. The "default-tcti" key-value pair will indi‐
114 cate which of the aforementioned TCTIs is the default.
115
116 Custom TCTIs
117 Any TCTI that implements the dynamic TCTI interface can be loaded. The
118 tools internally use dlopen(3), and the raw tcti-name value is used for
119 the lookup. Thus, this could be a path to the shared library, or a li‐
120 brary name as understood by dlopen(3) semantics.
121
123 This collection of options are used to configure the various known TCTI
124 modules available:
125
126 · device: For the device TCTI, the TPM character device file for use by
127 the device TCTI can be specified. The default is /dev/tpm0.
128
129 Example: -T device:/dev/tpm0 or export TPM2TOOLS_TCTI="de‐
130 vice:/dev/tpm0"
131
132 · mssim: For the mssim TCTI, the domain name or IP address and port
133 number used by the simulator can be specified. The default are
134 127.0.0.1 and 2321.
135
136 Example: -T mssim:host=localhost,port=2321 or export TPM2TOOLS_TC‐
137 TI="mssim:host=localhost,port=2321"
138
139 · abrmd: For the abrmd TCTI, the configuration string format is a se‐
140 ries of simple key value pairs separated by a ',' character. Each
141 key and value string are separated by a '=' character.
142
143 · TCTI abrmd supports two keys:
144
145 1. 'bus_name' : The name of the tabrmd service on the bus (a
146 string).
147
148 2. 'bus_type' : The type of the dbus instance (a string) limited to
149 'session' and 'system'.
150
151 Specify the tabrmd tcti name and a config string of bus_name=com.ex‐
152 ample.FooBar:
153
154 \--tcti=tabrmd:bus_name=com.example.FooBar
155
156 Specify the default (abrmd) tcti and a config string of bus_type=ses‐
157 sion:
158
159 \--tcti:bus_type=session
160
161 NOTE: abrmd and tabrmd are synonymous. the various known TCTI mod‐
162 ules.
163
165 Creates two sets of PCR data files, one of them being the existing PCR
166 values and other being a set of PCR values that would result if the PCR
167 were extended with a known value. Now create two separate policy di‐
168 gests, each with one set of the PCR values using tpm2_policypcr(1) tool
169 in trial sessions. Now build a policy_or with the two PCR policy di‐
170 gests as inputs. Create a sealing object with an authentication policy
171 compounding the 2 policies with tpm2_policyor and seal a secret. Un‐
172 sealing with either of the PCR sets should be successful.
173
174 Create two unique pcr policies with corresponding unique sets of
175 pcrs.
176
177 Start with pcr value 0
178 tpm2_pcrreset 23
179
180 PCR1 policy
181 tpm2_startauthsession -S session.ctx
182
183 tpm2_policypcr -S session.ctx -l sha1:23 -L set1.pcr0.policy
184
185 tpm2_flushcontext session.ctx
186
187 rm session.ctx
188
189 PCR2 policy
190 tpm2_pcrextend 23:sha1=f1d2d2f924e986ac86fdf7b36c94bcdf32beec15
191
192 tpm2_startauthsession -S session.ctx
193
194 tpm2_policypcr -S session.ctx -l sha1:23 -L set2.pcr0.policy
195
196 tpm2_flushcontext session.ctx
197
198 rm session.ctx
199
200 Create a policyOR resulting from compounding the two unique pcr
201 policies in an OR fashion
202
203 tpm2_startauthsession -S session.ctx
204
205 tpm2_policyor -S session.ctx -L policyOR \
206 -l sha256:set1.pcr0.policy,set2.pcr0.policy
207
208 tpm2_flushcontext session.ctx
209
210 rm session.ctx
211
212 Create a sealing object with auth policyOR created above.
213 tpm2_createprimary -C o -c prim.ctx
214
215 tpm2_create -g sha256 -u sealkey.pub -r sealkey.priv -L policyOR -C prim.ctx \
216 -i- <<< "secretpass"
217
218 tpm2_load -C prim.ctx -c sealkey.ctx -u sealkey.pub -r sealkey.priv
219
220 Attempt unsealing by satisfying the policyOR by satisfying SECOND of
221 the two policies.
222
223 tpm2_startauthsession -S session.ctx --policy-session
224
225 tpm2_policypcr -S session.ctx -l sha1:23
226
227 tpm2_policyor -S session.ctx -L policyOR \
228 -l sha256:set1.pcr0.policy,set2.pcr0.policy
229
230 unsealed=`tpm2_unseal -p session:session.ctx -c sealkey.ctx`
231
232 echo $unsealed
233
234 tpm2_flushcontext session.ctx
235
236 rm session.ctx
237
238 Extend the pcr to emulate tampering of the system software and hence
239 the pcr value.
240
241 tpm2_pcrextend 23:sha1=f1d2d2f924e986ac86fdf7b36c94bcdf32beec15
242
243 Attempt unsealing by trying to satisy the policOR by attempting to
244 satisy one of the two policies.
245
246 tpm2_startauthsession -S session.ctx --policy-session
247
248 tpm2_policypcr -S session.ctx -l sha1:23
249
250 This should fail
251 tpm2_policyor -S session.ctx -L policyOR \
252 -l sha256:set1.pcr0.policy,set2.pcr0.policy
253
254 tpm2_flushcontext session.ctx
255
256 rm session.ctx
257
258 Reset pcr to get back to the first set of pcr value
259 tpm2_pcrreset 23
260
261 Attempt unsealing by satisfying the policyOR by satisfying FIRST of
262 the two policies.
263
264 tpm2_startauthsession -S session.ctx --policy-session
265
266 tpm2_policypcr -S session.ctx -l sha1:23
267
268 tpm2_policyor -S session.ctx -L policyOR \
269 -l sha256:set1.pcr0.policy,set2.pcr0.policy
270
271 unsealed=`tpm2_unseal -p session:session.ctx -c sealkey.ctx`
272
273 echo $unsealed
274
275 tpm2_flushcontext session.ctx
276
277 rm session.ctx
278
280 Tools can return any of the following codes:
281
282 · 0 - Success.
283
284 · 1 - General non-specific error.
285
286 · 2 - Options handling error.
287
288 · 3 - Authentication error.
289
290 · 4 - TCTI related error.
291
292 · 5 - Non supported scheme. Applicable to tpm2_testparams.
293
295 It expects a session to be already established via tpm2_startauthses‐
296 sion(1) and requires one of the following:
297
298 · direct device access
299
300 · extended session support with tpm2-abrmd.
301
302 Without it, most resource managers will not save session state between
303 command invocations.
304
306 Github Issues (https://github.com/tpm2-software/tpm2-tools/issues)
307
309 See the Mailing List (https://lists.01.org/mailman/listinfo/tpm2)
310
311
312
313tpm2-tools tpm2_policyor(1)