Discussion:
[TrouSerS-users] Provisioning an empty TPM? (SuperMicro boards)
Jan Schermer
2016-06-14 08:55:53 UTC
Permalink
Hi,
I'm trying to buy AOM-TPM-9655V-S TPM module for my SuperMicro servers.
The *-S variant is provisioned for Intel TXT for server chipsets/procs, there's also *-C variant for i3/i5/i7 and Xeon E3 for workstations/clients.

My distributor doesn't seem to have them in stock and no ETA. But they have lots of "AOM-TPM-9655V" (AKA unprovisioned).
If I understand what that means is it lacks the indexes needed for Intel TXT but also the nvLocked bit is set to 0 - which means all ACLs are off, which is mildly disturing if people are using them in production...

There's something called "Intel Provisioning Utility" which executes in EFI and "provisons" the TPM as *-S or *-C variant but I was not able to get it yet, and sadly my distributor has never heard of it (doh).

Does anybody know whether this is something I can do using only tpm-tools? Can I create all the needed indexes and set the nvLocked bit and get it working properly? (= with TXT working)
Or do I absolutely need this Intel utility because I does something magical I'm not aware of?

Thanks

Jan
Ken Goldman
2016-06-15 17:05:43 UTC
Permalink
Post by Jan Schermer
Does anybody know whether this is something I can do using only
tpm-tools? Can I create all the needed indexes and set the nvLocked
bit and get it working properly? (= with TXT working) Or do I
absolutely need this Intel utility because I does something magical
I'm not aware of?
You can definitely set nvLocked through the API.

I don't know about the TXT indexes.

I also wonder if it comes with an EK certificate? If it doesn't, you
can provision your own, but it won't be trusted by the public.
Jan Schermer
2016-06-15 17:46:29 UTC
Permalink
Hmm, and do they really publish their CAs? I haven't found any in the past.
Also there a Privacy CA when it comes to attestation, so you don't use the provided keys or certificate directly.

Jan
"Public" really means anyone who "trusts" the manufacturer of the chip. If they have a root-of-trust that you can link to the EK cert they put on your chip during manufacturing, you can convince an arbitrary person (the public) that your chip is an authentic TPM. The manufacturer, because they publish the root certificates, becomes a sort of "CA".
If there is no cert on the chip when you get it, you can't establish this chain of trust. You can create your EK, and create your own cert, but then the root-of-trust stops with you.
-Tadd
I got the tools, looks like I can to everything using tpm_nvdefine if needed.
What do you mean trusted by public? EK is not really a "public" certificate in the sense SSL certificates are, there's no CA, just the public portion should be provided by the OEM...
Jan
Post by Ken Goldman
Post by Jan Schermer
Does anybody know whether this is something I can do using only
tpm-tools? Can I create all the needed indexes and set the nvLocked
bit and get it working properly? (= with TXT working) Or do I
absolutely need this Intel utility because I does something magical
I'm not aware of?
You can definitely set nvLocked through the API.
I don't know about the TXT indexes.
I also wonder if it comes with an EK certificate? If it doesn't, you
can provision your own, but it won't be trusted by the public.
------------------------------------------------------------------------------
What NetFlow Analyzer can do for you? Monitors network bandwidth and traffic
patterns at an interface-level. Reveals which users, apps, and protocols are
consuming the most bandwidth. Provides multi-vendor support for NetFlow,
J-Flow, sFlow and other flows. Make informed decisions using capacity planning
reports. http://pubads.g.doubleclick.net/gampad/clk?id=1444514421&iu=/41014381 <http://pubads.g.doubleclick.net/gampad/clk?id=1444514421&iu=/41014381>
_______________________________________________
TrouSerS-users mailing list
https://lists.sourceforge.net/lists/listinfo/trousers-users <https://lists.sourceforge.net/lists/listinfo/trousers-users>
------------------------------------------------------------------------------
What NetFlow Analyzer can do for you? Monitors network bandwidth and traffic
patterns at an interface-level. Reveals which users, apps, and protocols are
consuming the most bandwidth. Provides multi-vendor support for NetFlow,
J-Flow, sFlow and other flows. Make informed decisions using capacity planning
reports. http://pubads.g.doubleclick.net/gampad/clk?id=1444514421&iu=/41014381 <http://pubads.g.doubleclick.net/gampad/clk?id=1444514421&iu=/41014381>
_______________________________________________
TrouSerS-users mailing list
https://lists.sourceforge.net/lists/listinfo/trousers-users <https://lists.sourceforge.net/lists/listinfo/trousers-users>
Tadd Seiff
2016-06-15 18:07:21 UTC
Permalink
I believe you are in luck here because Infineon is, in my experience, maybe
the ONE manufacturer that does this and also puts the EK cert on the chips
when the build them: I'm working with some supermicro boards as well that
have infineons.

http://www.infineon.com/cms/en/product/promopages/optiga_tpm_certificates/#SLB9665xx2.0

That's a link to certs for the 9665 chip which, with any luck, you can link
to your part. That's assuming you even need this, maybe just for the sake
of knowledge.

Disclaimer: I have not done this process, that is authenticating against a
manufacturer's certs, so I can't guarantee this will be helpful and I don't
really know in detail how/if it would work, I just know the general idea.

Hope this is useful.

-Tadd
Post by Jan Schermer
Hmm, and do they really publish their CAs? I haven't found any in the past.
Also there a Privacy CA when it comes to attestation, so you don't use the
provided keys or certificate directly.
Jan
"Public" really means anyone who "trusts" the manufacturer of the chip.
If they have a root-of-trust that you can link to the EK cert they put on
your chip during manufacturing, you can convince an arbitrary person (the
public) that your chip is an authentic TPM. The manufacturer, because they
publish the root certificates, becomes a sort of "CA".
If there is no cert on the chip when you get it, you can't establish this
chain of trust. You can create your EK, and create your own cert, but then
the root-of-trust stops with you.
-Tadd
I got the tools, looks like I can to everything using tpm_nvdefine if needed.
What do you mean trusted by public? EK is not really a "public"
certificate in the sense SSL certificates are, there's no CA, just the
public portion should be provided by the OEM...
Jan
Post by Ken Goldman
Post by Jan Schermer
Does anybody know whether this is something I can do using only
tpm-tools? Can I create all the needed indexes and set the nvLocked
bit and get it working properly? (= with TXT working) Or do I
absolutely need this Intel utility because I does something magical
I'm not aware of?
You can definitely set nvLocked through the API.
I don't know about the TXT indexes.
I also wonder if it comes with an EK certificate? If it doesn't, you
can provision your own, but it won't be trusted by the public.
------------------------------------------------------------------------------
Post by Ken Goldman
What NetFlow Analyzer can do for you? Monitors network bandwidth and
traffic
Post by Ken Goldman
patterns at an interface-level. Reveals which users, apps, and
protocols are
Post by Ken Goldman
consuming the most bandwidth. Provides multi-vendor support for NetFlow,
J-Flow, sFlow and other flows. Make informed decisions using capacity
planning
Post by Ken Goldman
reports.
http://pubads.g.doubleclick.net/gampad/clk?id=1444514421&iu=/41014381
Post by Ken Goldman
_______________________________________________
TrouSerS-users mailing list
https://lists.sourceforge.net/lists/listinfo/trousers-users
------------------------------------------------------------------------------
What NetFlow Analyzer can do for you? Monitors network bandwidth and traffic
patterns at an interface-level. Reveals which users, apps, and protocols are
consuming the most bandwidth. Provides multi-vendor support for NetFlow,
J-Flow, sFlow and other flows. Make informed decisions using capacity planning
reports.
http://pubads.g.doubleclick.net/gampad/clk?id=1444514421&iu=/41014381
_______________________________________________
TrouSerS-users mailing list
https://lists.sourceforge.net/lists/listinfo/trousers-users
Ken Goldman
2016-06-15 20:08:16 UTC
Permalink
Post by Tadd Seiff
http://www.infineon.com/cms/en/product/promopages/optiga_tpm_certificates/#SLB9665xx2.0
That's the link for TPM 2.0. TPM 1.2 may be different, but one can
follow your link over to 1.2.
Post by Tadd Seiff
Disclaimer: I have not done this process, that is authenticating against
a manufacturer's certs, so I can't guarantee this will be helpful
I've done it for TPM 2.0 for two manufacturers, and it all just works.
The next release of my TSS 2.0 (not trousers) will include the root
certificates.

Suggestion: It would be nice if someone gathered up all the 1.2 root
certs and folded them into trousers, or at least put the URLs in the
trousers docs.

Rant: Please encourage TPM vendors to use https links to there
certificates. They are trust anchors, and they should not permit a
man-in-the-middle to substitute counterfeit TPM certificates.
Tadd Seiff
2016-06-15 20:44:33 UTC
Permalink
Post by Ken Goldman
That's the link for TPM 2.0. TPM 1.2 may be different, but one can
follow your link over to 1.2.
Yep, also I saw "2665" and got excited, but the part that Jan mentioned was
"2655", so this might not even be the relevant product family. Although
I'm pretty sure it is an infineon chip on the supermicro parts.

Rant: Please encourage TPM vendors to use https links to there
Post by Ken Goldman
certificates. They are trust anchors, and they should not permit a
man-in-the-middle to substitute counterfeit TPM certificates.
Wow, yikes. Good catch. This works:
https://www.infineon.com/cms/en/product/promopages/optiga_tpm_certificates/
But they should not allow unsecured connections AT ALL.
Post by Ken Goldman
http://www.infineon.com/cms/en/product/promopages/optiga_tpm_certificates/#SLB9665xx2.0
That's the link for TPM 2.0. TPM 1.2 may be different, but one can
follow your link over to 1.2.
Post by Tadd Seiff
Disclaimer: I have not done this process, that is authenticating against
a manufacturer's certs, so I can't guarantee this will be helpful
I've done it for TPM 2.0 for two manufacturers, and it all just works.
The next release of my TSS 2.0 (not trousers) will include the root
certificates.
Suggestion: It would be nice if someone gathered up all the 1.2 root
certs and folded them into trousers, or at least put the URLs in the
trousers docs.
Rant: Please encourage TPM vendors to use https links to there
certificates. They are trust anchors, and they should not permit a
man-in-the-middle to substitute counterfeit TPM certificates.
------------------------------------------------------------------------------
What NetFlow Analyzer can do for you? Monitors network bandwidth and traffic
patterns at an interface-level. Reveals which users, apps, and protocols are
consuming the most bandwidth. Provides multi-vendor support for NetFlow,
J-Flow, sFlow and other flows. Make informed decisions using capacity planning
reports.
http://pubads.g.doubleclick.net/gampad/clk?id=1444514421&iu=/41014381
_______________________________________________
TrouSerS-users mailing list
https://lists.sourceforge.net/lists/listinfo/trousers-users
Phil Lacroute
2016-06-15 20:57:43 UTC
Permalink
The Infineon TPM root certificates are signed by VeriSign, so technically a third party only needs to trust the VeriSign root cert. However pinning to the manufacturer’s root cert is generally a good idea.

Phil
Post by Ken Goldman
Post by Tadd Seiff
http://www.infineon.com/cms/en/product/promopages/optiga_tpm_certificates/#SLB9665xx2.0
That's the link for TPM 2.0. TPM 1.2 may be different, but one can
follow your link over to 1.2.
Post by Tadd Seiff
Disclaimer: I have not done this process, that is authenticating against
a manufacturer's certs, so I can't guarantee this will be helpful
I've done it for TPM 2.0 for two manufacturers, and it all just works.
The next release of my TSS 2.0 (not trousers) will include the root
certificates.
Suggestion: It would be nice if someone gathered up all the 1.2 root
certs and folded them into trousers, or at least put the URLs in the
trousers docs.
Rant: Please encourage TPM vendors to use https links to there
certificates. They are trust anchors, and they should not permit a
man-in-the-middle to substitute counterfeit TPM certificates.
------------------------------------------------------------------------------
What NetFlow Analyzer can do for you? Monitors network bandwidth and traffic
patterns at an interface-level. Reveals which users, apps, and protocols are
consuming the most bandwidth. Provides multi-vendor support for NetFlow,
J-Flow, sFlow and other flows. Make informed decisions using capacity planning
reports. http://pubads.g.doubleclick.net/gampad/clk?id=1444514421&iu=/41014381
_______________________________________________
TrouSerS-users mailing list
https://lists.sourceforge.net/lists/listinfo/trousers-users
David Van Arnem
2016-06-15 20:53:39 UTC
Permalink
Post by Jan Schermer
Hi,
I'm trying to buy AOM-TPM-9655V-S TPM module for my SuperMicro servers.
The *-S variant is provisioned for Intel TXT for server chipsets/procs, there's also *-C variant for i3/i5/i7 and Xeon E3 for workstations/clients.
My distributor doesn't seem to have them in stock and no ETA. But they have lots of "AOM-TPM-9655V" (AKA unprovisioned).
If I understand what that means is it lacks the indexes needed for Intel TXT but also the nvLocked bit is set to 0 - which means all ACLs are off, which is mildly disturing if people are using them in production...
There's something called "Intel Provisioning Utility" which executes in EFI and "provisons" the TPM as *-S or *-C variant but I was not able to get it yet, and sadly my distributor has never heard of it (doh).
Does anybody know whether this is something I can do using only tpm-tools? Can I create all the needed indexes and set the nvLocked bit and get it working properly? (= with TXT working)
Or do I absolutely need this Intel utility because I does something magical I'm not aware of?
Based on a document from 2010 it looks OEMs can get a TPM provisioning
tool for TXT from Intel:

https://downloadmirror.intel.com/18931/eng/Intel%20TXT%20LAB%20Handout.pdf
(section 3.1 on page 12)

It specifically mentions locking the NVRAM, and looks like there's
another tool for defining the NV indices.

I do know that tpm-tools allows for defining NVRAM indices and sizes,
but I do not know which indices/sizes TXT uses.

David
Post by Jan Schermer
Thanks
Jan
------------------------------------------------------------------------------
What NetFlow Analyzer can do for you? Monitors network bandwidth and traffic
patterns at an interface-level. Reveals which users, apps, and protocols are
consuming the most bandwidth. Provides multi-vendor support for NetFlow,
J-Flow, sFlow and other flows. Make informed decisions using capacity
planning reports. https://ad.doubleclick.net/ddm/clk/305295220;132659582;e
_______________________________________________
TrouSerS-users mailing list
https://lists.sourceforge.net/lists/listinfo/trousers-users
--
Thanks,
David Van Arnem
Development Engineer
Computer Measurement Laboratory
David Van Arnem
2016-06-15 20:55:25 UTC
Permalink
Post by David Van Arnem
Post by Jan Schermer
Hi,
I'm trying to buy AOM-TPM-9655V-S TPM module for my SuperMicro servers.
The *-S variant is provisioned for Intel TXT for server chipsets/procs, there's also *-C variant for i3/i5/i7 and Xeon E3 for workstations/clients.
My distributor doesn't seem to have them in stock and no ETA. But they have lots of "AOM-TPM-9655V" (AKA unprovisioned).
If I understand what that means is it lacks the indexes needed for Intel TXT but also the nvLocked bit is set to 0 - which means all ACLs are off, which is mildly disturing if people are using them in production...
There's something called "Intel Provisioning Utility" which executes in EFI and "provisons" the TPM as *-S or *-C variant but I was not able to get it yet, and sadly my distributor has never heard of it (doh).
Does anybody know whether this is something I can do using only tpm-tools? Can I create all the needed indexes and set the nvLocked bit and get it working properly? (= with TXT working)
Or do I absolutely need this Intel utility because I does something magical I'm not aware of?
Oops, I just realized all this information was in your original email.
Sorry, should have re-read...

David
Post by David Van Arnem
Based on a document from 2010 it looks OEMs can get a TPM provisioning
https://downloadmirror.intel.com/18931/eng/Intel%20TXT%20LAB%20Handout.pdf
(section 3.1 on page 12)
It specifically mentions locking the NVRAM, and looks like there's
another tool for defining the NV indices.
I do know that tpm-tools allows for defining NVRAM indices and sizes,
but I do not know which indices/sizes TXT uses.
David
Post by Jan Schermer
Thanks
Jan
------------------------------------------------------------------------------
What NetFlow Analyzer can do for you? Monitors network bandwidth and traffic
patterns at an interface-level. Reveals which users, apps, and protocols are
consuming the most bandwidth. Provides multi-vendor support for NetFlow,
J-Flow, sFlow and other flows. Make informed decisions using capacity
planning reports. https://ad.doubleclick.net/ddm/clk/305295220;132659582;e
_______________________________________________
TrouSerS-users mailing list
https://lists.sourceforge.net/lists/listinfo/trousers-users
--
Thanks,
David Van Arnem
Development Engineer
Computer Measurement Laboratory
Loading...