On 2012-08-09 20:40, Joanna Rutkowska wrote: > Is there any command line tool (perhaps one of the tboot tools) that > could let me read it and save it in a nice format, e.g. x509, so I can > later analyze it using e.g. openssl?
You can use jTpmTools with jTSS[1] to view, decode, dump and play with a TPM's NV memory. The nv_decode command is your friend. $ jtt nv_decode --index 0x1000f000 --dump-file ek.cert -o $OWNER_PW The EK cert itself is already in x509 format, but it is wrapped in an additional data structure called TCG_FULL_CERT which is again wrapped by TCG_PCCLIENT_STORED_CERT. If you just strip the first 7 byte you should be able to decode it with other tools. However, you might get an error because of additional data after the x509 structure. $ dd if=ek.cert of=ek.x509 skip=7 bs=1 If you like a more lightweight solution you might look at IBM's libtpm[2]. > joanna. Michael [1] http://trustedjava.sourceforge.net/ [2] http://ibmswtpm.sourceforge.net/ ------------------------------------------------------------------------------ Live Security Virtual Conference Exclusive live event will cover all the ways today's security and threat landscape has changed and how IT managers can respond. Discussions will include endpoint security, mobile security and the latest in malware threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ _______________________________________________ tboot-devel mailing list tboot-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/tboot-devel
