1tpm2_policyauthorize(1) General Commands Manual tpm2_policyauthorize(1)
2
3
4
6 tpm2_policyauthorize(1) - Allows for mutable policies by tethering to a
7 signing authority.
8
10 tpm2_policyauthorize [OPTIONS]
11
13 tpm2_policyauthorize(1) - This command allows for policies to change by
14 associating the policy to a signing authority and allowing the policy
15 contents to change.
16
17 1. If the input session is a trial session this tool generates a policy
18 digest that associates a signing authority's public key name with
19 the policy being authorized.
20
21 2. If the input session is real policy session tpm2_policyauthorize(1)
22 looks for a verification ticket from the TPM to attest that the TPM
23 has verified the signature on the policy digest before authorizing
24 the policy in the policy digest.
25
27 · -L, --policy=FILE:
28
29 File to save the policy digest.
30
31 · -S, --session=FILE:
32
33 The policy session file generated via the -S option to tpm2_star‐
34 tauthsession(1).
35
36 · -i, --input=FILE:
37
38 The policy digest that has to be authorized.
39
40 · -q, --qualification=FILE_OR_HEX:
41
42 The policy qualifier data signed in conjunction with the input policy
43 digest. This is unique data that the signer can choose to include in
44 the signature and can either be a path or hex string.
45
46 · -n, --name=FILE:
47
48 File containing the name of the verifying public key. This ties the
49 final policy digest with a signer. This can be retrieved with
50 tpm2_readpublic(1)
51
52 · -t, --ticket=FILE:
53
54 The ticket file to record the validation structure. This is generat‐
55 ed with tpm2_verifysignature(1).
56
57 References
59 This collection of options are common to many programs and provide in‐
60 formation that many users may expect.
61
62 · -h, --help=[man|no-man]: Display the tools manpage. By default, it
63 attempts to invoke the manpager for the tool, however, on failure
64 will output a short tool summary. This is the same behavior if the
65 "man" option argument is specified, however if explicit "man" is re‐
66 quested, the tool will provide errors from man on stderr. If the
67 "no-man" option if specified, or the manpager fails, the short op‐
68 tions will be output to stdout.
69
70 To successfully use the manpages feature requires the manpages to be
71 installed or on MANPATH, See man(1) for more details.
72
73 · -v, --version: Display version information for this tool, supported
74 tctis and exit.
75
76 · -V, --verbose: Increase the information that the tool prints to the
77 console during its execution. When using this option the file and
78 line number are printed.
79
80 · -Q, --quiet: Silence normal tool output to stdout.
81
82 · -Z, --enable-errata: Enable the application of errata fixups. Useful
83 if an errata fixup needs to be applied to commands sent to the TPM.
84 Defining the environment TPM2TOOLS_ENABLE_ERRATA is equivalent. in‐
85 formation many users may expect.
86
88 The TCTI or "Transmission Interface" is the communication mechanism
89 with the TPM. TCTIs can be changed for communication with TPMs across
90 different mediums.
91
92 To control the TCTI, the tools respect:
93
94 1. The command line option -T or --tcti
95
96 2. The environment variable: TPM2TOOLS_TCTI.
97
98 Note: The command line option always overrides the environment vari‐
99 able.
100
101 The current known TCTIs are:
102
103 · tabrmd - The resource manager, called tabrmd
104 (https://github.com/tpm2-software/tpm2-abrmd). Note that tabrmd and
105 abrmd as a tcti name are synonymous.
106
107 · mssim - Typically used for communicating to the TPM software simula‐
108 tor.
109
110 · device - Used when talking directly to a TPM device file.
111
112 · none - Do not initalize a connection with the TPM. Some tools allow
113 for off-tpm options and thus support not using a TCTI. Tools that do
114 not support it will error when attempted to be used without a TCTI
115 connection. Does not support ANY options and MUST BE presented as
116 the exact text of "none".
117
118 The arguments to either the command line option or the environment
119 variable are in the form:
120
121 <tcti-name>:<tcti-option-config>
122
123 Specifying an empty string for either the <tcti-name> or <tcti-op‐
124 tion-config> results in the default being used for that portion respec‐
125 tively.
126
127 TCTI Defaults
128 When a TCTI is not specified, the default TCTI is searched for using
129 dlopen(3) semantics. The tools will search for tabrmd, device and
130 mssim TCTIs IN THAT ORDER and USE THE FIRST ONE FOUND. You can query
131 what TCTI will be chosen as the default by using the -v option to print
132 the version information. The "default-tcti" key-value pair will indi‐
133 cate which of the aforementioned TCTIs is the default.
134
135 Custom TCTIs
136 Any TCTI that implements the dynamic TCTI interface can be loaded. The
137 tools internally use dlopen(3), and the raw tcti-name value is used for
138 the lookup. Thus, this could be a path to the shared library, or a li‐
139 brary name as understood by dlopen(3) semantics.
140
142 This collection of options are used to configure the various known TCTI
143 modules available:
144
145 · device: For the device TCTI, the TPM character device file for use by
146 the device TCTI can be specified. The default is /dev/tpm0.
147
148 Example: -T device:/dev/tpm0 or export TPM2TOOLS_TCTI="de‐
149 vice:/dev/tpm0"
150
151 · mssim: For the mssim TCTI, the domain name or IP address and port
152 number used by the simulator can be specified. The default are
153 127.0.0.1 and 2321.
154
155 Example: -T mssim:host=localhost,port=2321 or export TPM2TOOLS_TC‐
156 TI="mssim:host=localhost,port=2321"
157
158 · abrmd: For the abrmd TCTI, the configuration string format is a se‐
159 ries of simple key value pairs separated by a ',' character. Each
160 key and value string are separated by a '=' character.
161
162 · TCTI abrmd supports two keys:
163
164 1. 'bus_name' : The name of the tabrmd service on the bus (a
165 string).
166
167 2. 'bus_type' : The type of the dbus instance (a string) limited to
168 'session' and 'system'.
169
170 Specify the tabrmd tcti name and a config string of bus_name=com.ex‐
171 ample.FooBar:
172
173 \--tcti=tabrmd:bus_name=com.example.FooBar
174
175 Specify the default (abrmd) tcti and a config string of bus_type=ses‐
176 sion:
177
178 \--tcti:bus_type=session
179
180 NOTE: abrmd and tabrmd are synonymous. the various known TCTI mod‐
181 ules.
182
184 Starts a trial session, builds a PCR policy. This PCR policy digest is
185 then an input to the tpm2_policyauthorize(1) along with policy qualifi‐
186 er data and a signer public. The resultant policy digest is then used
187 in creation of objects.
188
189 Subsequently when the PCR change and so does the PCR policy digest, the
190 actual policy digest from the tpm2_policyauthorize(1) used in creation
191 of the object will not change. At runtime the new PCR policy needs to
192 be satisfied along with verification of the signature on the PCR policy
193 digest using tpm2_policyauthorize(1)
194
195 Create a signing authority
196 openssl genrsa -out signing_key_private.pem 2048
197
198 openssl rsa -in signing_key_private.pem -out signing_key_public.pem -pubout
199
200 tpm2_loadexternal -G rsa -C o -u signing_key_public.pem -c signing_key.ctx -n signing_key.name
201
202 Create a policy to be authorized like a PCR policy
203 tpm2_pcrread -opcr0.sha256 sha256:0
204
205 tpm2_startauthsession -S session.ctx
206
207 tpm2_policypcr -S session.ctx -l sha256:0 -f pcr0.sha256 -L pcr.policy
208
209 tpm2_flushcontext session.ctx
210
211 Sign the policy
212 openssl dgst -sha256 -sign signing_key_private.pem -out pcr.signature pcr.policy
213
214 Authorize the policy in the policy digest
215 tpm2_startauthsession -S session.ctx
216
217 tpm2_policyauthorize -S session.ctx -L authorized.policy -i pcr.policy -n signing_key.name
218
219 tpm2_flushcontext session.ctx
220
221 Create a TPM object like a sealing object with the authorized policy
222 based authentication
223
224 tpm2_createprimary -C o -g sha256 -G rsa -c prim.ctx
225
226 tpm2_create -g sha256 -u sealing_pubkey.pub -r sealing_prikey.pub -i- -C prim.ctx -L authorized.policy <<< "secret to seal"
227
228 Satisfy policy and unseal the secret
229 tpm2_verifysignature -c signing_key.ctx -g sha256 -m pcr.policy -s pcr.signature -t verification.tkt -f rsassa
230
231 tpm2_startauthsession \--policy-session -S session.ctx
232
233 tpm2_policypcr -S session.ctx -l sha256:0 -L pcr.policy
234
235 tpm2_policyauthorize -S session.ctx -L authorized.policy -i pcr.policy -n signing_key.name -t verification.tkt
236
237 tpm2_load -C prim.ctx -u sealing_pubkey.pub -r sealing_prikey.pub -c sealing_key.ctx
238
239 unsealed=$(tpm2_unseal -p"session:session.ctx" -c sealing_key.ctx)
240
241 echo $unsealed
242
243 tpm2_flushcontext session.ctx
244
246 Tools can return any of the following codes:
247
248 · 0 - Success.
249
250 · 1 - General non-specific error.
251
252 · 2 - Options handling error.
253
254 · 3 - Authentication error.
255
256 · 4 - TCTI related error.
257
258 · 5 - Non supported scheme. Applicable to tpm2_testparams.
259
261 It expects a session to be already established via tpm2_startauthses‐
262 sion(1) and requires one of the following:
263
264 · direct device access
265
266 · extended session support with tpm2-abrmd.
267
268 Without it, most resource managers will not save session state between
269 command invocations.
270
272 Github Issues (https://github.com/tpm2-software/tpm2-tools/issues)
273
275 See the Mailing List (https://lists.01.org/mailman/listinfo/tpm2)
276
277
278
279tpm2-tools tpm2_policyauthorize(1)