How do we use tpm function of SLM9670?

Hi @snehapra, SLM9670 can support xczu19 of Xilinx Arm Soc board?

Best regards

Wen Zhu

Hi @wenzhu,

There is no specific material for xczu19 of Xilinx Arm. Infineon TPM offeres reference application note of ARM platform which is RPi 3 or 4 under Linux environment to TPM2.0. You can bring up SLM9670 via SPI TPM2.0 driver under Linux, according to the setup of this.

Thanks,

Sneha

Hi @wenzhu,

TPMs can generate private keys and store them securely. You can use TPM2_Create() and TPM2_CreatePrimary() to generate key pairs in TPM and usage of these commands are explained in the TCG Spec along with definitions of other TPM commands. This can be a starting point for understanding various commands and its usage. 
Additionally, you can check TPM Explorer, which is a GUI-based tool for users to get familiarized with TPM2.0 quickly.

Hi @Sneha_P, do you have Implementation examples of a Linux^®-based Integrity Measurement Architecture using OPTIGA^TM TPM that I can refer？

Best regards

Wen Zhu

Hi @snehapra, how can I find the TPM lib include these API?

Best regards

Wen Zhu

Hi @wenzhu,

As mentioned earlier, TPMs can generate private keys and store them securely. You can use TPM2_Create() and TPM2_CreatePrimary() commands along with owner authorization value to generate key pairs in TPM. Please refer to the TCG Command Spec for detailed explanation of these commands. 

Hi @Sneha_P , when execute command ' tpm2_createprimary', but take error. Can you give me some help? Print below:

tpm2_createprimary -c primary.ctx

** (process:1109): CRITICAL **: 00:02:08.409: failed to allocate dbus proxy object: Error calling StartServiceByName for com.intel.tss2.Tabrmd: Cannot do system-bus activation with no user

WARNING:tcti:../tpm2-tss-3.0.3/src/tss2-tcti/tctildr.c:79:tcti_from_init() TCTI init for function 0xffff9cf04260 failed with a0008
WARNING:tcti:../tpm2-tss-3.0.3/src/tss2-tcti/tctildr.c:109:tcti_from_info() Could not initialize TCTI named: tcti-abrmd
ERROR:tcti:../tpm2-tss-3.0.3/src/tss2-tcti/tctildr-dl.c:154:tcti_from_file() Could not initialize TCTI file: libtss2-tcti-tabrmd.so.0
WARNING:tcti:../tpm2-tss-3.0.3/src/util/io.c:252:socket_connect() Failed to connect to host 127.0.0.1, port 2321: errno 111: Connection refused
ERROR:tcti:../tpm2-tss-3.0.3/src/tss2-tcti/tcti-swtpm.c:592:Tss2_Tcti_Swtpm_Init() Cannot connect to swtpm TPM socket
WARNING:tcti:../tpm2-tss-3.0.3/src/tss2-tcti/tctildr.c:79:tcti_from_init() TCTI init for function 0xffff9c1679e0 failed with a000a
WARNING:tcti:../tpm2-tss-3.0.3/src/tss2-tcti/tctildr.c:109:tcti_from_info() Could not initialize TCTI named: tcti-swtpm
ERROR:tcti:../tpm2-tss-3.0.3/src/tss2-tcti/tctildr-dl.c:154:tcti_from_file() Could not initialize TCTI file: libtss2-tcti-swtpm.so.0
ERROR:tcti:../tpm2-tss-3.0.3/src/tss2-tcti/tctildr-dl.c:254:tctildr_get_default() No standard TCTI could be loaded
ERROR:tcti:../tpm2-tss-3.0.3/src/tss2-tcti/tctildr.c:416:Tss2_TctiLdr_Initialize_Ex() Failed to instantiate TCTI
ERROR: Could not load tcti, got: "(null)"

Best regards

Wen Zhu

Hi @wenzhu,

Could you try: ls -l /dev/tpm* to check if /dev/tpm0 or /dev/tpmrm0 exists. Also, if read/write commands work (tpm2_nv_write/read) from the tpm2-tools.

Hi @Sneha_P , print below:

root@ORU3668_MAIN:~# tpm2_nvread

** (process:1140): CRITICAL **: 00:02:35.357: failed to allocate dbus proxy object: Error calling StartServiceByName for com.intel.tss2.Tabrmd: Cannot do system-bus activation with no user

WARNING:tcti:../tpm2-tss-3.0.3/src/tss2-tcti/tctildr.c:79:tcti_from_init() TCTI init for function 0xffffa36f1260 failed with a0008
WARNING:tcti:../tpm2-tss-3.0.3/src/tss2-tcti/tctildr.c:109:tcti_from_info() Could not initialize TCTI named: tcti-abrmd
ERROR:tcti:../tpm2-tss-3.0.3/src/tss2-tcti/tctildr-dl.c:154:tcti_from_file() Could not initialize TCTI file: libtss2-tcti-tabrmd.so.0
WARNING:tcti:../tpm2-tss-3.0.3/src/util/io.c:252:socket_connect() Failed to connect to host 127.0.0.1, port 2321: errno 111: Connection refused
ERROR:tcti:../tpm2-tss-3.0.3/src/tss2-tcti/tcti-swtpm.c:592:Tss2_Tcti_Swtpm_Init() Cannot connect to swtpm TPM socket
WARNING:tcti:../tpm2-tss-3.0.3/src/tss2-tcti/tctildr.c:79:tcti_from_init() TCTI init for function 0xffffa21449e0 failed with a000a
WARNING:tcti:../tpm2-tss-3.0.3/src/tss2-tcti/tctildr.c:109:tcti_from_info() Could not initialize TCTI named: tcti-swtpm
ERROR:tcti:../tpm2-tss-3.0.3/src/tss2-tcti/tctildr-dl.c:154:tcti_from_file() Could not initialize TCTI file: libtss2-tcti-swtpm.so.0
ERROR:tcti:../tpm2-tss-3.0.3/src/tss2-tcti/tctildr-dl.c:254:tctildr_get_default() No standard TCTI could be loaded
ERROR:tcti:../tpm2-tss-3.0.3/src/tss2-tcti/tctildr.c:416:Tss2_TctiLdr_Initialize_Ex() Failed to instantiate TCTI
ERROR: Could not load tcti, got: "(null)"
root@ORU3668_MAIN:~# Radio Service time out

root@ORU3668_MAIN:~#
root@ORU3668_MAIN:~# ls /dev/tpm*
/dev/tpm0 /dev/tpmrm0
root@ORU3668_MAIN:~#

Hi @wenzhu,

Can you try "sudo ldconfig" followed by "systemctl status tpm2-abrmd.service" and let me know the result of it?

To install tpm2-abrmd follow the steps provided in the INSTALL.md https://github.com/tpm2-software/tpm2-abrmd/blob/master/INSTALL.md

Note: These steps are for 2.0.0 of tpm2-abrmd and raspbian linux.

Hi @Sneha_P , print below:

root@ORU3668_MAIN:~# service tpm2-abrmd status
Usage: tpm2-abrmd {start|stop|restart|force-reload|status}
root@ORU3668_MAIN:~# sudo ldconfig
root@ORU3668_MAIN:~#

Thanks