tcti-cmd − TPM2 Sub-process Command TCTI library
A TPM Command Transmission Interface (TCTI) module for interaction with a sub-process.
tcti-cmd is a library that abstracts the details of direct communication with the interface and protocol exposed by a sub-process that can receive and transmit raw TPM2 command and response buffers. The interface exposed by this library is defined in the “TSS System Level API and TPM Command Transmission Interface Specification” specification.
For example, if
you wanted to use the tpm2_send(1) command as the
sub-process to send data to and from the TPM, one could do
so like this:
tpm2_getrandom -T "cmd:tpm2_send -s" --hex 4
A more useful
example would be connecting to a remote machine using ssh
and interacting with the remote machine’s TPM as if it
were local. This uses tpm2_send(1) on a remote machine and
uses ssh as the sub-process to create the tunnel to the
remote machine. If encrypted sessions are used, the remote
machine is blinded to the TPM data and cannot interpose on
that traffic.
tpm2_getrandom -T "cmd:ssh remotehost tpm2_send"
-s --hex 4
TPM2 Software Project <https://github.com/tpm2-software/tpm2-tss>
Tss2_Tcti_Device_Init(3), Tss2_Tcti_Socket_Init(3), Tss2_TctiLdr_Initialize(3), Tss2_TctiLdr_Finalize(3), tcti-device(7), tcti-socket(7), tcti-tabrmd(7), tpm2-abrmd(8)
This page is part of release 4.0.1 of Open Source implementation of the TCG TPM2 Software Stack (TSS2). A description of the project, information about reporting bugs, and the latest version of this page can be found at https://github.com/tpm2-software/tpm2-tss/.