Changes between Version 8 and Version 9 of tpm


Ignore:
Timestamp:
04/01/2024 11:26:11 PM (8 months ago)
Author:
Ryan Erbstoesser
Comment:

add secure boot links

Legend:

Unmodified
Added
Removed
Modified

  • tpm

    v8 v9  
    88
    99TPM chips are either compliant with the initial specification or the v2.0+ specification: See [https://en.wikipedia.org/wiki/Trusted_Platform_Module#TPM_1.2_vs_TPM_2.0 TPM v1.2 vs TPM 2.0] for details.
     10
     11Please also read: [wiki:venice/secure_boot Gateworks TPM Wiki when used with Secure Boot]
    1012
    1113== Microchip ATTPM20P
     
    108110}}}
    109111
     112Please also read: [wiki:venice/secure_boot Gateworks TPM Wiki when used with Secure Boot]
     113
    110114== PCR Values
    111115A cryptographic hash (sometimes called a 'digest') is a kind of 'signature' for a set of data. For example the SHA-256 algorithm can be used to generate an almost-unique 256-bit (32-byte) signature (aka 'hash' or 'digest') for a file. Note that this signature/hash/digest is not 'encryption' - it is a one way cryptographic function and is a fixed size for any source of data.
     
    116120
    117121If the stored PCR values in the TPM do not match the currently booting system PCRs, access will not be granted. For example, someone trying to boot a Ubuntu Live CD would not be able to access the TPM key as the PCRs generated from the original disk and stored in the TPM will not match the newly generated PCRs from the boot CD. PCRs use hashing and thus any new value is concatenated with the old and then hashed. This new hash will replace the old hash. The definition of each specific PCR register can be found online.   
     122
     123Please also read: [wiki:venice/secure_boot Gateworks TPM Wiki when used with Secure Boot]
    118124
    119125== TPM Key Flow
     
    127133rm files #remove your working files
    128134}}}
     135
     136Please also read: [wiki:venice/secure_boot Gateworks TPM Wiki when used with Secure Boot]
    129137
    130138== U-Boot
     
    149157}}}
    150158
    151 see also:
     159Please also read: [wiki:venice/secure_boot Gateworks TPM Wiki when used with Secure Boot]
     160
     161Seee also:
    152162 - [https://lwn.net/Articles/571031/ Verified U-Boot]
    153163 - [https://bootlin.com/blog/measured-boot-with-a-tpm-2-0-in-u-boot/ Measured boot with a TPM 2.0 in U-Boot]
    154164
    155165== Additional Resources
    156  * Gateworks Venice Secure Boot Wiki: https://trac.gateworks.com/wiki/venice/secure_boot
     166 * Gateworks Venice Secure Boot Wiki:  [wiki:venice/secure_boot Gateworks TPM Wiki when used with Secure Boot]
    157167 * Security Considerations for Embedded Designs: https://www.gateworks.com/security-considerations-for-embedded-designs-single-board-computers/
    158168 * TPM Specification: https://trustedcomputinggroup.org/resource/pc-client-platform-tpm-profile-ptp-specification/