1tpm2_policyor(1) General Commands Manual tpm2_policyor(1)
2
6 tpm2_policyor(1) - logically OR's two policies together.
7
9 tpm2_policyor [OPTIONS]
10
12 tpm2_policyor(1) - Generates a policy_or event with the TPM. It ex‐
13 pects a session to be already established via tpm2_startauthsession(1).
14 If the input session is a trial session this tool generates a policy
15 digest that compounds two or more input policy digests such that the
16 resulting policy digest requires at least one of the policy events be‐
17 ing true. If the input session is real policy session tpm2_policyor(1)
18 authenticates the object successfully if at least one of the policy
19 events are true.
20
22 · -L, --policy=FILE:
23 File to save the compounded policy digest.
25 · -l, --policy-list=POLICY_FILE_LIST:
27 The list of files for the policy digests that has to be compounded
29 resulting in individual policies being added to final policy digest
30 that can authenticate the object. The list begins with the policy
31 digest hash alg.
32 · -S, --session=FILE:
34 The policy session file generated via the -S option to tpm2_star‐
36 tauthsession(1).
37 References
40 This collection of options are common to many programs and provide in‐
41 formation that many users may expect.
42 · -h, --help=[man|no-man]: Display the tools manpage. By default, it
44 attempts to invoke the manpager for the tool, however, on failure
45 will output a short tool summary. This is the same behavior if the
46 "man" option argument is specified, however if explicit "man" is re‐
47 quested, the tool will provide errors from man on stderr. If the
48 "no-man" option if specified, or the manpager fails, the short op‐
49 tions will be output to stdout.
50 To successfully use the manpages feature requires the manpages to be
52 installed or on MANPATH, See man(1) for more details.
53 · -v, --version: Display version information for this tool, supported
55 tctis and exit.
56 · -V, --verbose: Increase the information that the tool prints to the
58 console during its execution. When using this option the file and
59 line number are printed.
60 · -Q, --quiet: Silence normal tool output to stdout.
62 · -Z, --enable-errata: Enable the application of errata fixups. Useful
64 if an errata fixup needs to be applied to commands sent to the TPM.
65 Defining the environment TPM2TOOLS_ENABLE_ERRATA is equivalent. in‐
66 formation many users may expect.
67
69 The TCTI or "Transmission Interface" is the communication mechanism
70 with the TPM. TCTIs can be changed for communication with TPMs across
71 different mediums.
72 To control the TCTI, the tools respect:
74 1. The command line option -T or --tcti
76 2. The environment variable: TPM2TOOLS_TCTI.
78 Note: The command line option always overrides the environment vari‐
80 able.
81 The current known TCTIs are:
83 · tabrmd - The resource manager, called tabrmd
85 (https://github.com/tpm2-software/tpm2-abrmd). Note that tabrmd and
86 abrmd as a tcti name are synonymous.
87 · mssim - Typically used for communicating to the TPM software simula‐
89 tor.
90 · device - Used when talking directly to a TPM device file.
92 · none - Do not initalize a connection with the TPM. Some tools allow
94 for off-tpm options and thus support not using a TCTI. Tools that do
95 not support it will error when attempted to be used without a TCTI
96 connection. Does not support ANY options and MUST BE presented as
97 the exact text of "none".
98 The arguments to either the command line option or the environment
100 variable are in the form:
101 <tcti-name>:<tcti-option-config>
103 Specifying an empty string for either the <tcti-name> or <tcti-op‐
105 tion-config> results in the default being used for that portion respec‐
106 tively.
107 TCTI Defaults
109 When a TCTI is not specified, the default TCTI is searched for using
110 dlopen(3) semantics. The tools will search for tabrmd, device and
111 mssim TCTIs IN THAT ORDER and USE THE FIRST ONE FOUND. You can query
112 what TCTI will be chosen as the default by using the -v option to print
113 the version information. The "default-tcti" key-value pair will indi‐
114 cate which of the aforementioned TCTIs is the default.
115 Custom TCTIs
117 Any TCTI that implements the dynamic TCTI interface can be loaded. The
118 tools internally use dlopen(3), and the raw tcti-name value is used for
119 the lookup. Thus, this could be a path to the shared library, or a li‐
120 brary name as understood by dlopen(3) semantics.
121
123 This collection of options are used to configure the various known TCTI
124 modules available:
125 · device: For the device TCTI, the TPM character device file for use by
127 the device TCTI can be specified. The default is /dev/tpm0.
128 Example: -T device:/dev/tpm0 or export TPM2TOOLS_TCTI="de‐
130 vice:/dev/tpm0"
131 · mssim: For the mssim TCTI, the domain name or IP address and port
133 number used by the simulator can be specified. The default are
134 127.0.0.1 and 2321.
135 Example: -T mssim:host=localhost,port=2321 or export TPM2TOOLS_TC‐
137 TI="mssim:host=localhost,port=2321"
138 · abrmd: For the abrmd TCTI, the configuration string format is a se‐
140 ries of simple key value pairs separated by a ',' character. Each
141 key and value string are separated by a '=' character.
142 · TCTI abrmd supports two keys:
144 1. 'bus_name' : The name of the tabrmd service on the bus (a
146 string).
147 2. 'bus_type' : The type of the dbus instance (a string) limited to
149 'session' and 'system'.
150 Specify the tabrmd tcti name and a config string of bus_name=com.ex‐
152 ample.FooBar:
153 \--tcti=tabrmd:bus_name=com.example.FooBar
155 Specify the default (abrmd) tcti and a config string of bus_type=ses‐
157 sion:
158 \--tcti:bus_type=session
160 NOTE: abrmd and tabrmd are synonymous. the various known TCTI mod‐
162 ules.
163
165 Creates two sets of PCR data files, one of them being the existing PCR
166 values and other being a set of PCR values that would result if the PCR
167 were extended with a known value. Now create two separate policy di‐
168 gests, each with one set of the PCR values using tpm2_policypcr(1) tool
169 in trial sessions. Now build a policy_or with the two PCR policy di‐
170 gests as inputs. Create a sealing object with an authentication policy
171 compounding the 2 policies with tpm2_policyor and seal a secret. Un‐
172 sealing with either of the PCR sets should be successful.
173 Create two unique pcr policies with corresponding unique sets of
175 pcrs.
176 Start with pcr value 0
178 tpm2_pcrreset 23
179 PCR1 policy
181 tpm2_startauthsession -S session.ctx
182 tpm2_policypcr -S session.ctx -l sha1:23 -L set1.pcr0.policy
184 tpm2_flushcontext session.ctx
186 rm session.ctx
188 PCR2 policy
190 tpm2_pcrextend 23:sha1=f1d2d2f924e986ac86fdf7b36c94bcdf32beec15
191 tpm2_startauthsession -S session.ctx
193 tpm2_policypcr -S session.ctx -l sha1:23 -L set2.pcr0.policy
195 tpm2_flushcontext session.ctx
197 rm session.ctx
199 Create a policyOR resulting from compounding the two unique pcr
201 policies in an OR fashion
202 tpm2_startauthsession -S session.ctx
204 tpm2_policyor -S session.ctx -L policyOR \
206 -l sha256:set1.pcr0.policy,set2.pcr0.policy
207 tpm2_flushcontext session.ctx
209 rm session.ctx
211 Create a sealing object with auth policyOR created above.
213 tpm2_createprimary -C o -c prim.ctx
214 tpm2_create -g sha256 -u sealkey.pub -r sealkey.priv -L policyOR -C prim.ctx \
216 -i- <<< "secretpass"
217 tpm2_load -C prim.ctx -c sealkey.ctx -u sealkey.pub -r sealkey.priv
219 Attempt unsealing by satisfying the policyOR by satisfying SECOND of
221 the two policies.
222 tpm2_startauthsession -S session.ctx --policy-session
224 tpm2_policypcr -S session.ctx -l sha1:23
226 tpm2_policyor -S session.ctx -L policyOR \
228 -l sha256:set1.pcr0.policy,set2.pcr0.policy
229 unsealed=`tpm2_unseal -p session:session.ctx -c sealkey.ctx`
231 echo $unsealed
233 tpm2_flushcontext session.ctx
235 rm session.ctx
237 Extend the pcr to emulate tampering of the system software and hence
239 the pcr value.
240 tpm2_pcrextend 23:sha1=f1d2d2f924e986ac86fdf7b36c94bcdf32beec15
242 Attempt unsealing by trying to satisy the policOR by attempting to
244 satisy one of the two policies.
245 tpm2_startauthsession -S session.ctx --policy-session
247 tpm2_policypcr -S session.ctx -l sha1:23
249 This should fail
251 tpm2_policyor -S session.ctx -L policyOR \
252 -l sha256:set1.pcr0.policy,set2.pcr0.policy
253 tpm2_flushcontext session.ctx
255 rm session.ctx
257 Reset pcr to get back to the first set of pcr value
259 tpm2_pcrreset 23
260 Attempt unsealing by satisfying the policyOR by satisfying FIRST of
262 the two policies.
263 tpm2_startauthsession -S session.ctx --policy-session
265 tpm2_policypcr -S session.ctx -l sha1:23
267 tpm2_policyor -S session.ctx -L policyOR \
269 -l sha256:set1.pcr0.policy,set2.pcr0.policy
270 unsealed=`tpm2_unseal -p session:session.ctx -c sealkey.ctx`
272 echo $unsealed
274 tpm2_flushcontext session.ctx
276 rm session.ctx
278
280 Tools can return any of the following codes:
281 · 0 - Success.
283 · 1 - General non-specific error.
285 · 2 - Options handling error.
287 · 3 - Authentication error.
289 · 4 - TCTI related error.
291 · 5 - Non supported scheme. Applicable to tpm2_testparams.
293
295 It expects a session to be already established via tpm2_startauthses‐
296 sion(1) and requires one of the following:
297 · direct device access
299 · extended session support with tpm2-abrmd.
301 Without it, most resource managers will not save session state between
303 command invocations.
304
306 Github Issues (https://github.com/tpm2-software/tpm2-tools/issues)
307
309 See the Mailing List (https://lists.01.org/mailman/listinfo/tpm2)
310tpm2-tools tpm2_policyor(1)