| 256 | | ** TPM / Crypto |
| 257 | | |
| 258 | | The board contains an onboard Microchip ATTPM20P-H6MA1-10 TPM connected to the SPI1 bus. |
| 259 | | |
| 260 | | This is compliant to the Trusted Computing Group (TCG) Trusted Platform Module (TPM) Version 2.0, |
| 261 | | r116 Trusted Platform Module Library. See link here: [https://trustedcomputinggroup.org/ Link] |
| 262 | | |
| 263 | | Cryptographic Support for: |
| 264 | | - HMAC |
| 265 | | - AES-128 |
| 266 | | - SHA-1 |
| 267 | | - SHA-256 |
| 268 | | - ECC BN_P256, ECCNIST_P256 |
| 269 | | -RSA 1024-2048 bit keys |
| 270 | | |
| 271 | | It is controlled via generic TCG SPI Linux driver. TPM 2.0 provides direct access via /dev/tpm0 (with one client at a time), and can be accessed through the tpm2-abrmd resource manager daemon, or kernel-managed access via /dev/tpmrm0 |
| 272 | | |
| 273 | | The TPM device is at /dev/tpm0 |
| 274 | | |
| 275 | | The TPM tool set (over 100 different commands) can be installed with the following command: |
| 276 | | {{{ |
| 277 | | apt install tpm2-tools tpm2-abrmd |
| 278 | | }}} |
| 279 | | |
| 280 | | Example tpm2-tools showing the properties: |
| 281 | | {{{ |
| 282 | | root@jammy-malibu:~# tpm2_getcap properties-fixed |
| 283 | | TPM2_PT_FAMILY_INDICATOR: |
| 284 | | raw: 0x322E3000 |
| 285 | | value: "2.0" |
| 286 | | TPM2_PT_LEVEL: |
| 287 | | raw: 0 |
| 288 | | TPM2_PT_REVISION: |
| 289 | | raw: 0x77 |
| 290 | | value: 1.19 |
| 291 | | TPM2_PT_DAY_OF_YEAR: |
| 292 | | raw: 0x42 |
| 293 | | TPM2_PT_YEAR: |
| 294 | | raw: 0x7DE |
| 295 | | TPM2_PT_MANUFACTURER: |
| 296 | | raw: 0x4D434850 |
| 297 | | value: "MCHP" |
| 298 | | TPM2_PT_VENDOR_STRING_1: |
| 299 | | raw: 0x0 |
| 300 | | value: "" |
| 301 | | etc..... |
| 302 | | |
| 303 | | }}} |
| 304 | | |
| 305 | | |
| 306 | | |
| 307 | | ** JTAG Programming & Firmware/OS Update |
| | 256 | == TPM / Crypto |
| | 257 | |
| | 258 | See [wiki:tpm] |
| | 259 | |
| | 260 | |
| | 261 | == JTAG Programming & Firmware/OS Update |
