]>
Commit | Line | Data |
---|---|---|
e46a2b66 SB |
1 | =head1 NAME |
2 | ||
5311e60e | 3 | swtpm_setup - Swtpm utility to simulate the manufacturing of a TPM 1.2 or 2.0 |
e46a2b66 SB |
4 | |
5 | =head1 SYNOPSIS | |
6 | ||
7 | B<swtpm_setup [OPTIONS]> | |
8 | ||
9 | =head1 DESCRIPTION | |
10 | ||
2bc601bb | 11 | B<swtpm_setup> is a tool that prepares the initial state for a libtpms-based |
e46a2b66 SB |
12 | TPM. |
13 | ||
cf618c3d SB |
14 | For creating the initial state of a TPM 1.2, swtpm_setup must be run either |
15 | as root or as the user the that tcsd requires, which is typically tss. | |
16 | ||
e46a2b66 SB |
17 | The following options are supported: |
18 | ||
19 | =over 4 | |
20 | ||
21 | =item B<--runas <userid>> | |
22 | ||
23 | Use this userid to run swtpm_setup.sh; by default 'tss' is used. | |
24 | ||
25 | =item B<--config <file>> | |
26 | ||
27 | Path to configuration file containing the tool to use for creating | |
28 | certificates; see also B<swtpm_setup.conf> | |
29 | ||
55caf371 SB |
30 | If this parameter is not provided, the default configuration file |
31 | /etc/swtpm_setup.conf will be used. If the environment variable | |
32 | XDG_CONFIG_HOME is set, the configuration file is assumed to be | |
33 | $XDG_CONFIG_HOME/swtpm_setup.conf. | |
34 | ||
3aa53709 | 35 | =item B<--tpm-state <dir>> or B<--tpmstate <dir>> |
e46a2b66 SB |
36 | |
37 | Path to a directory where the TPM's state will be written into; | |
38 | this is a mandatory argument | |
39 | ||
5007f2d0 | 40 | =item B<--tpm <path to executable>> |
e46a2b66 SB |
41 | |
42 | Path to the TPM executable; this is an optional argument and | |
5007f2d0 | 43 | by default the swtpm executable found in the PATH will be used. |
e46a2b66 | 44 | |
15226ad9 SB |
45 | =item B<--tpm2> |
46 | ||
47 | Do setup on a TPM 2; by default a TPM 1.2 is setup. | |
48 | ||
e46a2b66 SB |
49 | =item B<--createek> |
50 | ||
51 | Create the EK | |
52 | ||
15226ad9 SB |
53 | =item B<--allow-signing> |
54 | ||
55 | Create an EK that can sign. This option requires --tpm2. | |
56 | ||
68332550 SB |
57 | Note that the TCG specification "EK Credential Profile For TPM Family 2.0; Level 0" |
58 | suggests in its section on "EK Usage" that "the Endorsement Key can be a | |
59 | created as a decryption or signing key." However, some platforms will | |
60 | not accept an EK as a signing key, or as a signing and encryption key, and | |
61 | therefore this option should be used very carfully. | |
62 | ||
bab61563 SB |
63 | =item B<--decryption> |
64 | ||
65 | Create an EK that can be used for key encipherment. This is the default | |
66 | unless --allow-signing is passed. This option requires --tpm2. | |
67 | ||
08da93a9 SB |
68 | =item B<--ecc> |
69 | ||
70 | Create elliptic curve crypto (ECC) keys; by default RSA keys are generated. | |
71 | ||
e46a2b66 SB |
72 | =item B<--take-ownership> |
73 | ||
74 | Take ownership; this option implies --createek | |
75 | ||
76 | =item B<--ownerpass <password>> | |
77 | ||
78 | Provide custom owner password; default is ooo | |
79 | ||
80 | =item B<--owner-well-known> | |
81 | ||
82 | Use a password of all zeros (20 bytes of zeros) as the owner password | |
83 | ||
84 | =item B<--srkpass <password>> | |
85 | ||
86 | Provide custom SRK password; default is sss | |
87 | ||
88 | =item B<--srk-well-known> | |
89 | ||
90 | Use a password of all zeros (20 bytes of zeros) as the SRK password | |
91 | ||
92 | =item B<--create-ek-cert> | |
93 | ||
94 | Create an EK certificate; this implies --createek | |
95 | (NOT SUPPORTED YET) | |
96 | ||
97 | =item B<--create-platform-cert> | |
98 | ||
99 | Create a platform certificate; this implies --create-ek-cert | |
100 | ||
101 | =item B<--lock-nvram> | |
102 | ||
103 | Lock NVRAM access | |
104 | ||
105 | =item B<--display> | |
106 | ||
107 | At the end display as much info as possible about the configuration | |
108 | of the TPM | |
109 | ||
110 | =item B<--logfile <logfile>> | |
111 | ||
112 | The logfile to log to. By default logging goes to stdout and stderr. | |
113 | ||
114 | =item B<--keyfile <keyfile>> | |
115 | ||
116 | The key file contains an ASCII hex key consisting of 32 hex digits with an | |
117 | optional leading '0x'. This is the key to be used by the TPM emulator | |
118 | for encrypting the state of the TPM. | |
119 | ||
e36d7915 | 120 | =item B<--keyfile-fd <file descriptor>> |
ace4a684 | 121 | |
e36d7915 | 122 | Like B<--keyfile> but the key will be read from the file descriptor. |
ace4a684 | 123 | |
e46a2b66 SB |
124 | =item B<--pwdfile <passphrase file>> |
125 | ||
ace4a684 | 126 | The passphrase file contains a passphrase from which the TPM emulator |
e46a2b66 SB |
127 | will derive the encyrption key from and use the key for encrypting the TPM |
128 | state. | |
129 | ||
ace4a684 SB |
130 | =item B<--pwdfile-fd <file descriptor>> |
131 | ||
132 | Like B<--pwdfile> but the passphrase will be read from the file descriptor. | |
133 | ||
2e260468 SB |
134 | =item B<--ciper <cipher>> |
135 | ||
136 | The cipher may be either aes-cbc or aes-128-cbc for 128 bit AES encryption, | |
137 | or aes-256-cbc for 256 bit AES encryption. The same cipher must be used | |
138 | on the I<swtpm> command line later on. | |
139 | ||
eff9cc16 SB |
140 | =item B<--overwrite> |
141 | ||
142 | Overwrite existing TPM state. All previous state will be erased. | |
143 | If this option is not given and an existing state file is found, an error | |
144 | code is returned. | |
145 | ||
146 | =item B<--not-overwrite> | |
147 | ||
2bc601bb | 148 | Do not overwrite existing TPM state. If existing TPM state is found, the |
eff9cc16 SB |
149 | program ends without an error. |
150 | ||
a8bc74fd SB |
151 | =item B<--vmid <VM ID>> |
152 | ||
153 | Optional VM ID that can be used to keep track of certificates issued | |
026a2efe | 154 | for VMs (or containers). This parameter will be passed through to the tool |
a8bc74fd SB |
155 | used for creating the certificates and may be required by that tool. |
156 | ||
9f4d8af2 SB |
157 | =item B<--pcr-banks <PCR banks>> |
158 | ||
159 | Optional comma-separated list of PCR banks to activate. Providing '-' | |
2bc601bb | 160 | allows a user to skip the selection and activates all PCR banks. By default |
9f4d8af2 SB |
161 | the sha1 and sha256 banks are activated. |
162 | ||
e2951df7 SB |
163 | =item B<--swtpm_ioctl <executable>> |
164 | ||
165 | Pass the path to the swtpm_ioctl executable. By default the swtpm_ioctl | |
166 | in the PATH is used. | |
167 | ||
79edd90c SB |
168 | =item B<--tcsd-system-ps-file <file>> |
169 | ||
170 | A file to copy TCSD's system_ps_file to. The system_ps_file contains the | |
171 | TPM 1.2 SRK public key after taking ownership of the TPM. The file is | |
172 | needed by TCSD for key related functions. | |
173 | ||
174 | This option is only useful with TPM 1.2 and in if ownership is taken. | |
175 | ||
3392e3ed | 176 | =item B<--rsa-keysize <keysize>> (since v0.4) |
6c5b7c2d SB |
177 | |
178 | This option allows to pass the size of a TPM 2 RSA EK key, such as 2048 | |
179 | or 3072. The supported keysizes for a TPM 2 can be queried for using | |
180 | the I<--print-capabilities> option. The default size is 2048 bits for | |
7dc24c2f SB |
181 | both TPM 1.2 and TPM 2. If 'max' is passed, the largest possible key |
182 | size is used. | |
6c5b7c2d | 183 | |
166d7b42 SB |
184 | =item B<--print-capabilities> (since v0.2) |
185 | ||
80d7bb48 SB |
186 | Print capabilities that were added to swtpm_setup after version 0.1. |
187 | The output may contain the following: | |
166d7b42 SB |
188 | |
189 | { | |
190 | "type": "swtpm_setup", | |
191 | "features": [ | |
192 | "cmdarg-keyfile-fd", | |
1974f2ce | 193 | "cmdarg-pwdfile-fd", |
80d7bb48 SB |
194 | "no-tpm12-tools", |
195 | "tpm2-rsa-keysize-2048", | |
196 | "tpm2-rsa-keysize-3072" | |
166d7b42 SB |
197 | ] |
198 | } | |
199 | ||
200 | The meaning of the feature verbs is as follows: | |
201 | ||
202 | =over 4 | |
203 | ||
204 | =item B<cmdarg-key-fd> | |
205 | ||
206 | The I<--keyfile-fd> option is supported. | |
207 | ||
208 | =item B<cmdarg-pwd-fd> | |
209 | ||
210 | The I<--pwdfile-fd> option is supported. | |
211 | ||
1974f2ce SB |
212 | =item B<no-tpm12-tools> |
213 | ||
214 | TPM 1.2 tools cannot be found in the PATH. This means that no certificates can | |
215 | be created since they cannot be written into the NVRAM and the NVRAM cannot be | |
216 | locked. Among the TPM 1.2 setup parameters only I<--createek> can be passed. | |
217 | ||
80d7bb48 SB |
218 | =item B<tpm2-rsa-keysize-2048, ...> |
219 | ||
220 | The shown RSA key sizes are supported for a TPM 2's EK key. If none of the | |
221 | tpm2-rsa-keysize verbs is shown then only RSA 2048 bit keys are supported. | |
222 | ||
166d7b42 SB |
223 | =back |
224 | ||
e46a2b66 SB |
225 | =item B<--help, -h> |
226 | ||
227 | Display the help screen | |
228 | ||
229 | =back | |
230 | ||
026a2efe SB |
231 | =head1 EXAMPLE USAGE |
232 | ||
233 | To simulate manufacturing of a TPM, one would typically run the following command: | |
234 | ||
235 | #> sudo swtpm_setup --tpmstate /tmp/mytpm1/ \ | |
236 | --create-ek-cert --create-platform-cert --lock-nvram | |
237 | ||
238 | Note: since setting up a TPM 1.2 relies on the I<tcsd> for some of its operations, | |
239 | B<swtpm_setup> has to be run as root so that it can invoke the I<tcsd> either as root | |
240 | or tss user. | |
241 | ||
55caf371 SB |
242 | |
243 | A normal user can also simulate the manufacturing of a TPM 2 using the | |
244 | swtpm-localca plugin. The following example assumes that the user has | |
245 | set the environment variable XDG_CONFIG_HOME as follows (using bash for | |
246 | example): | |
247 | ||
248 | export XDG_CONFIG_HOME=~/.config | |
249 | ||
250 | Note: The XDG_CONFIG_HOME variable is part of the XDG Base Directory | |
251 | Specification. | |
252 | ||
253 | The following configuration files need to be created: | |
254 | ||
255 | ~/.config/swtpm_setup.conf: | |
256 | ||
257 | # Program invoked for creating certificates | |
258 | create_certs_tool= /usr/share/swtpm/swtpm-localca | |
259 | create_certs_tool_config = ${XDG_CONFIG_HOME}/swtpm-localca.conf | |
260 | create_certs_tool_options = ${XDG_CONFIG_HOME}/swtpm-localca.options | |
261 | ||
262 | ~/.config/swtpm-localca.conf: | |
263 | ||
264 | statedir = ${XDG_CONFIG_HOME}/var/lib/swtpm-localca | |
265 | signingkey = ${XDG_CONFIG_HOME}/var/lib/swtpm-localca/signkey.pem | |
266 | issuercert = ${XDG_CONFIG_HOME}/var/lib/swtpm-localca/issuercert.pem | |
267 | certserial = ${XDG_CONFIG_HOME}/var/lib/swtpm-localca/certserial | |
268 | ||
269 | ~/.config/swtpm-localca.options: | |
270 | ||
271 | --platform-manufacturer Fedora | |
272 | --platform-version 2.12 | |
273 | --platform-model QEMU | |
274 | ||
a12b09b1 SB |
275 | Note: The tool swtpm-create-user-config-files can be used to create such |
276 | files (with different content): | |
277 | ||
278 | #> /usr/share/swtpm/swtpm-create-user-config-files | |
279 | Writing /home/stefanb/.config/swtpm_setup.conf. | |
280 | Writing /home/stefanb/.config/swtpm-localca.conf. | |
281 | Writing /home/stefanb/.config/swtpm-localca.options. | |
282 | ||
55caf371 SB |
283 | The following commands now create a TPM 2 with an EK and platform |
284 | certificate. The state of the TPM 2 will be stored in the directory | |
285 | ${XDG_CONFIG_HOME}/mytpm1. | |
286 | ||
287 | #> mkdir -p ${XDG_CONFIG_HOME}/mytpm1 | |
288 | #> swtpm_setup --tpm2 --tpmstate ${XDG_CONFIG_HOME}/mytpm1 \ | |
289 | --create-ek-cert --create-platform-cert --lock-nvram | |
290 | ||
291 | ||
e46a2b66 SB |
292 | =head1 SEE ALSO |
293 | ||
294 | B<swtpm_setup.conf> | |
295 | ||
296 | =head1 REPORTING BUGS | |
297 | ||
298 | Report bugs to Stefan Berger <stefanb@linux.vnet.ibm.com> |