1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
|
#!/bin/bash
#
###############################################################################
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
################################################################################
#
# Builds/installs a TPM 1.2 simulator + trousers, on a debian-based system.
# USAGE: ./setup_tpm12_simulator.sh <working dir>
set -e
SIMULATOR_TARBALL_URL="https://sourceforge.net/projects/ibmswtpm/files/tpm4769tar.gz/download"
SIMULATOR_TAR_SHA256="bb0a3f8003ca8ba71eb4a0852f0eb35a112297e28fce8e166412d4b2202c5010"
if [[ "${1}" == "" ]]; then
>&2 echo "Error: Must specify the working directory as the first argument."
exit 1
fi
PROJECT_ROOT=$(pwd)
BUILD_BASE="${1%/}" # Trim any trailing slash.
SIMULATOR_SRC="${BUILD_BASE}/simulator"
setup_build_base () {
if [[ ! -d "${BUILD_BASE}" ]] && [[ -e "${BUILD_BASE}" ]]; then
>&2 echo "Error: '${BUILD_BASE}' is not a directory."
exit 1
fi
if [[ ! -e "${BUILD_BASE}" ]]; then
mkdir -pv "${BUILD_BASE}"
fi
sudo apt-get -y install libssl-dev build-essential make trousers libtool autoconf tpm-tools
}
fetch_simulator () {
TARBALL="${BUILD_BASE}/sim.tar.gz"
if [[ ! -f "${TARBALL}" ]]; then
wget -q -O "${TARBALL}" "${SIMULATOR_TARBALL_URL}"
fi
HSH=$(sha256sum "${TARBALL}" | cut -d" " -f1)
if [[ "${HSH}" != "${SIMULATOR_TAR_SHA256}" ]]; then
>&2 echo "'${TARBALL}' does not match expected SHA256."
>&2 echo "Got: ${HSH}"
>&2 echo "Want: ${SIMULATOR_TAR_SHA256}"
exit 2
fi
mkdir -pv "${SIMULATOR_SRC}"
tar -zxf "${TARBALL}" --directory "${SIMULATOR_SRC}"
}
build_simulator () {
cp -v "${SIMULATOR_SRC}/tpm/makefile-tpm" "${SIMULATOR_SRC}/tpm/Makefile"
cd "${SIMULATOR_SRC}/tpm" && make -j4
cd "${SIMULATOR_SRC}/libtpm" && ./autogen
cd "${SIMULATOR_SRC}/libtpm" && ./configure
cd "${SIMULATOR_SRC}/libtpm" && make -j4
}
run_simulator () {
mkdir -pv "${BUILD_BASE}/NVRAM"
export TPM_PORT='6545'
export TPM_PATH="${BUILD_BASE}/NVRAM"
export TPM_SERVER_NAME='localhost'
export TPM_SERVER_PORT='6545'
${SIMULATOR_SRC}/tpm/tpm_server &
SIM_PID=$!
echo "${SIM_PID}" > "${BUILD_BASE}/sim_pid"
disown
sleep 2
}
setup_tpm () {
echo "Initializing the TPM..."
${SIMULATOR_SRC}/libtpm/utils/tpminit
echo "Starting the TPM..."
${SIMULATOR_SRC}/libtpm/utils/tpmbios -cs
${SIMULATOR_SRC}/libtpm/utils/tpminit
${SIMULATOR_SRC}/libtpm/utils/tpmbios -cs
}
run_tcsd () {
export TCSD_TCP_DEVICE_PORT='6545'
sudo -E -u tss -g tss /usr/sbin/tcsd -f -e &
TCSD_PID=$!
echo "${TCSD_PID}" > "${BUILD_BASE}/tcsd_pid"
disown
sleep 1
tpm_createek
tpm_takeownership -yz
tpm_nvdefine -i 268496896 -z -s 3800 -p OWNERWRITE
go run -v "${PROJECT_ROOT}/ci/gen_ekcert.go"
sleep 1
}
setup_build_base
fetch_simulator
build_simulator
run_simulator
setup_tpm
run_tcsd
|
