Introduction
TPM 1.2密碼算法:RSA加密、RSA簽名、RSA-DAA、SHA1、HMAC,並沒有要求支持對稱算法。
TPM 2.0算法支持:RSA加密和簽名、ECC加密和簽名、ECC-DAA、ECDH、SHA1、SHA256、HMAC、AES,而且廠商可以隨意使用TCG IDs來增加新的算法。
Software TPM Emulator
https://github.com/stefanberger/swtpm
Libtpms-based TPM emulator with socket, character device, and Linux CUSE interface.
Programming
Golang JWT TPM
https://github.com/salrashid123/golang-jwt-tpm
Generate and verify JWT tokens with Trusted Platform Module (TPM)
Go TPM
https://github.com/google/go-tpm
Go-TPM is a Go library that communicates directly with a TPM device on Linux or Windows machines.
Nginx with TPM SSL
https://github.com/tpm2-software/tpm2-tss-engine
https://github.com/tpm2-software/tpm2-openssl
https://blog.salrashid.dev/articles/2021/nginx_with_tpm_ssl/
How to configure nginx to use a certificate generated on a Trusted Platform Module (TPM) … and in my case, on a raspberry pi with one of these:
SSH agent for TPM
https://github.com/Foxboron/ssh-tpm-agent
ssh-tpm-agent
is a ssh-agent compatible agent that allows keys to be created by the Trusted Platform Module (TPM) for authentication towards ssh servers.
TPM Samples
https://github.com/salrashid123/tpm2
TPM2 samples with go-tpm and tpm2_tools
Reference
- https://read01.com/KOJL05.html
- ISO/IEC 11889:2015