面試一個小公司,TPM相關概念

準備面試一個小公司，在面試邀請郵件中提出了這樣一個要求（not required）:

".. one item we will likely discuss with you is software called the TPM Software Stack (TSS) 2.0.  ......   The purpose for this discussion is that we use software like this in some of our projects and we would like to try to get a feel for how you learn about new technologies and how quickly you can pick up new and complex concepts and ideas.  It is not required, but if you are able to read up about TPM 2.0 and/or download some of the software and see if you can get it to work prior to the interview, that will better enable us to assess your work approach." 

 

歷來就沒有聽過這些概念，從頭開始看吧！

1. Trusted Platform Module: A Trusted Platform Module is a specialized chip on an endpoint device that stores RSA encryption keys specific to the host system for hardware authentication.

2. RSA: apublic-key encryption technology developed by RSA Data Security, Inc. The acronym stands for Rivest, Shamir, and Adelman, the inventors of the technique.

3. The Trusted Computing Group (TCG) is a not-for-profit organization that was formed in 2003 to define, develop and promote security specifications for computers and networks. These standards help protect data, hardware and other resources from compromise, damage or theft by malicious entities without adversely impacting the rights of individuals or businesses who participate. The TCG is headquartered in Portland, Oregon.

4. the TCG Software Stack(TSS) specifies the software layer for application developers to use functions provided by a Trusted Platform Module.The TCG has standardized a software stack that acts above the TPM chip and includes the TPM device driver and TSS. TSS is a Trusted Computing API that provides applications access to the TPM trusted computing functions。

5. The Trusted Computing Group (TCG) is an industryconsortium of important IT-enterprises that has published a list of documents specifying building blocks to realize a trusted IT-infrastructure.

The main documents include the TPM specification defining a hardware module providing protected keys and cryptographic functions,

the Trusted Network Connect(TNC) specification defining prototols and formates on the network level,

and the TCG Software Stack(TSS) specification defining software layers to access the TPM.

6. TrouSerS - An open-source TCG Software Stack implementation

7. IBM's TPM2.0 TSS

8. RHEL: Red Hat Enterprise Linux

    Fedora:

--------------------------------------------------------------

1. 安裝ibmtpm

下載ibmtpm後使用命令 tar -zxvf filename.tar.gz 解壓, 而後 cd ...tmp2\src， 而後 make

若是發現錯誤，有多是沒有安裝Openssl， 安裝Openssl 的命令爲：sudo apt-get install openssl

若是此時make還沒法成功，且錯誤相似以下，那麼須要使用 sudo apt-get install -y libssl-dev

pi@pi3:~/ibmtpm/src $ make
/usr/bin/gcc -Wall -Wmissing-declarations -Wmissing-prototypes -Wnested-externs -Werror -Wsign-compare -c -ggdb -O0 -DTPM_POSIX -D_POSIX_ -I../utils -I. AlgorithmCap.c -o AlgorithmCap.o In file included from LibSupport.h:90:0,  from Tpm.h:67,  from AlgorithmCap.c:67: TpmToOsslHash.h:72:25: fatal error: openssl/evp.h: No such file or directory  #include <openssl/evp.h>  ^ compilation terminated. makefile:79: recipe for target 'AlgorithmCap.o' failed make: *** [AlgorithmCap.o] Error 1

在成功make後，在src下會生成一個tpm_server 的文件

進入到此文件所在目錄後，直接 ./tpm_server 就能夠執行此文件。

至此，tpm_server 已經開啓了。

2. 安裝ibmtss

下載ibmtss後，解壓，進入到utils目錄後，make一下，成功後 ./reg.sh -a 就開始了迴歸測試