Version 3 (modified by 12 months ago) ( diff ) | ,
---|
Trusted Protection Module
Gateworks has an optional TPM on some SBCs.
The below models can optionally have it loaded:
- Malibu GW8901
- Venice:
- GW74xx-B
- GW73xx-F
- GW72xx-F
- GW71xx-E
The boards can contain an onboard Microchip ATTPM20P-H6MA1-10 TPM connected to the SPI bus.
This is compliant to the Trusted Computing Group (TCG) Trusted Platform Module (TPM) Version 2.0, r116 Trusted Platform Module Library. See link here: Link
Cryptographic Support for:
- HMAC
- AES-128
- SHA-1
- SHA-256
- ECC BN_P256, ECCNIST_P256 -RSA 1024-2048 bit keys
It is controlled via generic TCG SPI Linux driver. TPM 2.0 provides direct access via /dev/tpm0 (with one client at a time), and can be accessed through the tpm2-abrmd resource manager daemon, or kernel-managed access via /dev/tpmrm0
The TPM device is at /dev/tpm0
The TPM tool set (over 100 different commands) can be installed with the following command:
apt install tpm2-tools tpm2-abrmd
Example tpm2-tools showing the properties:
root@jammy-malibu:~# tpm2_getcap properties-fixed TPM2_PT_FAMILY_INDICATOR: raw: 0x322E3000 value: "2.0" TPM2_PT_LEVEL: raw: 0 TPM2_PT_REVISION: raw: 0x77 value: 1.19 TPM2_PT_DAY_OF_YEAR: raw: 0x42 TPM2_PT_YEAR: raw: 0x7DE TPM2_PT_MANUFACTURER: raw: 0x4D434850 value: "MCHP" TPM2_PT_VENDOR_STRING_1: raw: 0x0 value: "" etc.....