mrcdb
commented
4 years ago Hi Kent,
You may try this simple bash tool I wrote (extended actually) to generate and load an EK certificate in a TPM 2.0 simulator.
https://github.com/mrcdb/tpm2_ek_cert_generator https://github.com/mrcdb/tpm2_ek_cert_generator
It has been tested with MS TPM2.0 sim some time ago, but I have not had a chance to try it lately. I hope it works for you.
Il giorno 15 apr 2020, alle ore 19:02, Kent Thompson notifications@github.com ha scritto:
My understanding is that (when started) the tpm-simulator does not have a manufacturer's endorsement key. This is a problem for me in that I can't simulate hardware devices (ex. Infineon TPM2) where the EK is present at nvindex 0x1c00002.
Are there any instructions on how to use openssl and tpm2-tools (tss) to prepare the tpm-simulator with a manufacture's endorsement key? The only thing I have found is at https://google.github.io/tpm-js/#pg_certificates https://google.github.io/tpm-js/#pg_certificates.
— You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHub https://github.com/microsoft/ms-tpm-20-ref/issues/47, or unsubscribe https://github.com/notifications/unsubscribe-auth/ACTZCS2GMJF23HW3S4DX2G3RMXSDVANCNFSM4MIXZMYA.
kwtj43
My understanding is that (when started) the tpm-simulator does not have a manufacturer's endorsement key. This is a problem for me in that I can't simulate hardware devices (ex. Infineon TPM2) where the EK is present at nvindex 0x1c00002.
Are there any instructions on how to use openssl and tpm2-tools (tss) to prepare the tpm-simulator with a manufacture's endorsement key? The only thing I have found is at https://google.github.io/tpm-js/#pg_certificates.