Translate

Image of Linux Kernel Development (3rd Edition)
Image of Beginning Google Maps API 3
Image of Advanced Programming in the UNIX Environment, Second Edition (Addison-Wesley Professional Computing Series)
Image of Android Wireless Application Development

Accessing TPM Functionality From UEFI Shell - Part 1

A Trusted Platform Module (TPM) is, traditionally, a hardware device (chip) designed to enable commodity computing platforms (think laptop or personal computer) to achieve greater levels of security than non-TPM equipped platform. There are over 600 million installed TPMs, mostly in high-end laptops made by Lenovo, HP, Dell, Toshiba and others. TPMs are manufactured by many chip producers including Atmel, STMicroelectronics and Toshiba. Via it’s Trusted Execution Technology (TXT), Intel now incorporates TPM functionality in many of its current processors. TPM technology is specified by the Trusted Computing Group (TCG), an industry consortium that includes Intel, Microsoft, AMD, IBM, HP,

UEFI Shell Utility to Display TPM 1.2 Event Log

The TCG Trusted Platform Module (TPM) 1.2 library specification provides a mechanism for accessing TPM event log details. This post describes a simple UEFI shell utility which can be used to display the TPM event logs. It uses the TrEE protocol which I described in an earlier post this year and so will only work with a TPM which supports the TrEE protocol. The Intel PTT is one such TPM. Here is the source code for the utility: // // Copyright (c) 2015 Finnbarr P. Murphy. All rights reserved. // // Display all the TCG TrEE log entries // //

UEFI Shell Utility to Display TPM TrEE Capabilities

With the drive towards hardening platform firmware, for example Microsoft’s Secure Boot initiative, I have decided to explore what forensic artifacts concerning TCG Trusted Platform Module (TPM) can be retrieved from the UEFI shell command line. The EFI Trusted Execution Environment (TrEE) protocol implements a subset of the TPM 2.0 library specification. Microsoft pushed the TrEE protocol due to the delay in finalizing the TCG EFI Protocol Specification Family “2.0”. As of the date of this post, this TCG specification is currently at the public review stage. This post provides the source code for a small UEFI shell utility that