My goal is to write code that uses TPM features before the OS loads. Is it possible to do that with TSS? If not, what are some other alternatives for libraries that wrap TPM functions into a good API. I saw that in trustedGrub they used memory mapped io for TPM interface, and that's what I'm trying to avoid. Also, if I'm using UEFI instead of BIOS, does it give me any more comfortable interface to use the TPM with?
Can I use TSS to use TPM without OS?
307 Views Asked by user1595304 At
1
There are 1 best solutions below
Related Questions in ENCRYPTION
- Is TLS enough for client server encryption or if dealing with sensitive data, its better to add ur own encryption also. for example leverage AWS SSM?
- Secure Messaging Implementation in C#
- File splitting and encryption
- Large file processing in the web browser
- Java code of AES/GCM/NoPadding encryption algorithm with authentication tag
- AES-256-CBC encryption returning different result in Python and PHP , HELPPP
- Why are encrypted stored procedures taking a long time to execute in SQL Server 2022?
- Why/How does Apache auto-include "DHE" TLS1.2 ciphers while nginx needs "dhparams" file?
- Encrypt in Single Store and Decrypt in SQL Server
- Is it possible to develop a Transparent Data Encryption(TDE) system on macOS now?
- How can I ensure incremental changes in deciphered messages in Python substitution cipher decoding?
- Getting Error Message as "the input string is not a complete block" while Decryting using AES
- Laravel: How to fix "the MAC is invalid" on local environment
- How to encrypt a string and decrypt it using a password
- Willena's sqlite-jdbc-crypt driver for sqlite3 database encryption
Related Questions in TPM
- What could be causing TPM_RC_COMMAND_SIZE error (0x80010000000a00000142) in response to TPM_GETRANDOM?
- TPM 2.0 based TLS handshake fails against RSA-4k Server keys (out-of-range)
- Why OpenSSL doesn`t work with PKCS11-URI?
- Support curl tpm2 access like openssl via handles?
- TPM Key Generation
- Difference between Trusted Platform Module (TPM) and Secure Element (SE)
- Store and retrieve a symmetric AES key in the TPM on windows
- How to Ensure Imported Keys Are Non-Exportable in TPM 2.0?
- TPM issue: error in session attributes of NV_define when trying to connect PCR policy
- How to include TSS.CPP in another Visual Studio Project
- how to securely give access to the container to use private key stored in TPM
- Can TPM2 NVM encrypt data?
- HttpWebRequest returns 403 in Windows Server 2019 to url:microsoft.com
- TPM2 NVM write in EDK2 EFI_DEVICE_ERROR
- How to verify TPM-generated signatures with OpenSSL?
Related Questions in TRUSTED-COMPUTING
- Difference between Trusted Platform Module (TPM) and Secure Element (SE)
- For TPM 1.2, using tpm-tools the tpm_sealdata does not work after a reboot
- Reconstruction of PCR register from ASCII measurements
- Go lang tpm2 library PCR extend, PCR read inconsistency
- Secure management of local counter on Android
- Can Android app on ChromeOS create a KeyPair that is at least SECURITY_LEVEL_TRUSTED_ENVIRONMENT?
- Support of Intel's MLE / DRTM in long mode
- Can we prevent EC2 instance from accessing the plain text data when using the AWS Nitro Enclave for encryption?
- Undefined reference to Tss2_TctiLdr_Initialize
- Should switching between RSASSA-PSS and RSASSA-PKCS1-v1_5 be mindful of other parameters?
- file path of each hash in measurements with TPM
- how to enable TPM measured boot and see pcr values in windows 10?
- What TPM2_GetCapability TPM_HT_LOADED_SESSION is intended to show?
- How to load and use a persistent symmetric key in the TPM?
- TPM: PCR_Event VS PCR_Extend
Trending Questions
- UIImageView Frame Doesn't Reflect Constraints
- Is it possible to use adb commands to click on a view by finding its ID?
- How to create a new web character symbol recognizable by html/javascript?
- Why isn't my CSS3 animation smooth in Google Chrome (but very smooth on other browsers)?
- Heap Gives Page Fault
- Connect ffmpeg to Visual Studio 2008
- Both Object- and ValueAnimator jumps when Duration is set above API LvL 24
- How to avoid default initialization of objects in std::vector?
- second argument of the command line arguments in a format other than char** argv or char* argv[]
- How to improve efficiency of algorithm which generates next lexicographic permutation?
- Navigating to the another actvity app getting crash in android
- How to read the particular message format in android and store in sqlite database?
- Resetting inventory status after order is cancelled
- Efficiently compute powers of X in SSE/AVX
- Insert into an external database using ajax and php : POST 500 (Internal Server Error)
Popular Questions
- How do I undo the most recent local commits in Git?
- How can I remove a specific item from an array in JavaScript?
- How do I delete a Git branch locally and remotely?
- Find all files containing a specific text (string) on Linux?
- How do I revert a Git repository to a previous commit?
- How do I create an HTML button that acts like a link?
- How do I check out a remote Git branch?
- How do I force "git pull" to overwrite local files?
- How do I list all files of a directory?
- How to check whether a string contains a substring in JavaScript?
- How do I redirect to another webpage?
- How can I iterate over rows in a Pandas DataFrame?
- How do I convert a String to an int in Java?
- Does Python have a string 'contains' substring method?
- How do I check if a string contains a specific word?
TSS was designed to be an operating system API that sits between the application and the kernel.
Although technically it would be possible to implement some parts of the TSS at a lower level, I'm not aware of any such implementations. You will have to construct the data to communicate with the TPM yourself. TrustedGrub provides some utility functions that you've already seen (actually some commands are fully implemented), and if you're developing for UEFI, EDK II provides a function to submit a command to TPM 1.2 that you can build on. There is an equivalent one for TPM 2.0. I'm not aware of a higher-level UEFI API.