Trusted Computing and TPM

Trusted Computing encompasses Trusted Platform Module (TPM) security, secure attestation, full disk encryption, and remote verification of system integrity. This cheatsheet covers tools and commands for TPM management, secure boot, attestation quotes, and trusted boot chains.

Installation

Linux TPM Tools

# Install tpm2-tools on Ubuntu/Debian
sudo apt update
sudo apt install tpm2-tools tpm2-abrmd tpm2-tss tpm2-openssl

# Install on Fedora/RHEL
sudo dnf install tpm2-tools tpm2-abrmd tpm2-tss tpm2-openssl

# Install on Arch
sudo pacman -S tpm2-tools tpm2-abrmd tpm2-tss

# Install attestation tools
sudo apt install ima-evm-utils secureboot-utils

# Install UEFI/Secure Boot tools
sudo apt install efibootmgr mokutil sbsign shim-signed

# Verify TPM is available
tpm2_getcap -l

Windows TPM Tools

# Verify TPM is present
Get-WmiObject -Namespace "root\cimv2\security\microsofttpm" -Class Win32_Tpm

# Install Windows RSAT tools
Add-WindowsCapability -Online -Name "Rsat.BitLocker.Recovery.Tools~~~~0.0.1.0"

# Install TPM management tools
Get-WindowsCapability -Online -Name "*Tpm*"

# Enable TPM in Group Policy (Windows Pro+)
gpedit.msc  # Navigate to: Computer Config > Admin Templates > System > Trusted Platform Module Services

macOS/Darwin

# Install homebrew TPM utilities
brew install tpm2-tools

# Install security tools
brew install efibootmgr gpg

# Verify Secure Boot support
system_profiler SPHardwareDataType | grep Secure

TPM Information and Status

# Check TPM version and capabilities
tpm2_getcap handles-transient
tpm2_getcap algorithms
tpm2_getcap commands

# Get full TPM capability list
tpm2_getcap properties-fixed

# Check TPM2 specific properties
tpm2_getcap -l

# Retrieve TPM manufacturer information
tpm2_readpublic -c 0x81000001

# Check PCR (Platform Configuration Register) status
tpm2_pcrread
tpm2_pcrread sha256:0,1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23

# Read specific PCR bank
tpm2_pcrread -o pcr.bin sha256:0,1,2,3

# Get TPM firmware information
tpm2_readpublic -c 0x81000001 -o owner_key.pub

# Check EK (Endorsement Key)
tpm2_readpublic -c 0x81000001

# Verify TPM is ready
tpm2_startup -c

TPM Key Management

# Create a TPM resident key
tpm2_createprimary -C o -g sha256 -G rsa -c primary.ctx

# Create an object under primary key
tpm2_create -C primary.ctx -g sha256 -G rsa -r key.priv -u key.pub

# Load key into TPM
tpm2_load -C primary.ctx -r key.priv -u key.pub -c key.ctx

# Save public key
tpm2_readpublic -c key.ctx -o key.pub

# Evict persistent key
tpm2_evictcontrol -C o -c key.ctx 0x81000002

# Make key persistent
tpm2_evictcontrol -C o -c primary.ctx 0x81000001

# List all persistent keys
tpm2_getcap handles-persistent

# Delete persistent key
tpm2_evictcontrol -C o 0x81000001

# Import external key into TPM
tpm2_import -C primary.ctx -G rsa -i external.pem -o key.priv -u key.pub

Sealing and Unsealing Data

# Seal data with PCR policy (data locked to system state)
tpm2_seal -C primary.ctx -i secret.txt -o secret.seal -L "pcr:sha256:0,1,2,3,7"

# Unseal data (will only work if PCRs match)
tpm2_unseal -C primary.ctx -i secret.seal -o unsealed.txt

# Seal with password
tpm2_seal -C primary.ctx -i data.txt -o data.seal -L "password:mypassword" -I mypassword

# Seal with policy and password
tpm2_seal -C primary.ctx -i secret.txt -o secret.seal -L "pcr:sha256:0,1,7" -I password123

# Create policy from PCRs
tpm2_pcrread -o pcr.dat sha256:0,1,2,3,7
tpm2_createpolicy --policy-pcr -l sha256:0,1,2,3,7 -f pcr.dat -L pcr.policy

# Get sealed data size
stat -c%s secret.seal

Attestation and PCR Operations

# Generate attestation identity key
tpm2_createak -C endorsement_key -g sha256 -G rsa -s rsassa -o ak.pub -L ak.priv -n ak.name

# Get attestation quote
tpm2_quote -c ak.ctx -l sha256:0,1,2,3,7 -o quote.out -m quote.msg -s quote.sig

# Verify quote signature
tpm2_readpublic -c ak.ctx -o ak.pub
openssl dgst -sha256 -verify ak.pub -signature quote.sig quote.msg

# Get event log (Linux)
cat /sys/kernel/security/tpm0/binary_bios_measurements
cat /sys/kernel/security/integrity/ima/ascii_runtime_measurements

# Parse IMA event log
ima-evm-utils ima_show

# Check secure boot status (Linux)
mokutil --sb-state

# Check secure boot status (Windows)
Get-SecureBootUEFI -Name SecureBoot

# Extend PCR with data
tpm2_pcrextend 0:sha256=0123456789abcdef

# Reset PCR (requires TPM reset)
tpm2_startup --clear

Encryption and Signing

# Sign data with TPM key
tpm2_sign -c key.ctx -g sha256 -m data.txt -o signature.out

# Verify signature
tpm2_verifysignature -c key.pub -g sha256 -m data.txt -s signature.out

# Encrypt with TPM public key
tpm2_readpublic -c key.ctx -o key.pub
openssl pkeyutl -encrypt -pubin -inkey key.pub -in plaintext.txt -out ciphertext.bin

# Decrypt with TPM
tpm2_decrypt -c key.ctx -i ciphertext.bin -o decrypted.txt

# Hash data
tpm2_hash -C primary.ctx -g sha256 -i data.txt -o hash.out

# HMAC with TPM
tpm2_hmac -C key.ctx -g sha256 -i data.txt -o hmac.out

Secure Boot Management

# Check UEFI Secure Boot status (Linux)
secureboot-check
efi-readvar

# Enroll keys (requires physical access or BIOS)
sbkeysync --verbose

# Sign kernel with private key
sbsign --key db.key --cert db.crt vmlinuz-5.10.0 --output vmlinuz-5.10.0.signed

# Check signed binary
sbverify --cert db.crt vmlinuz-5.10.0.signed

# Verify GRUB is signed
sbverify /boot/efi/EFI/ubuntu/grubx64.efi

# Update GRUB with Secure Boot support
grub-mkconfig -o /boot/grub/grub.cfg
grub-install --target=x86_64-efi --efi-directory=/boot/efi --bootloader-id=ubuntu

# List Secure Boot variables
efivar -l

# Delete Secure Boot variable
efivar -d -n <variable_name>

BitLocker and Full Disk Encryption

BitLocker and Full Disk Encryption

Windows BitLocker

# Check BitLocker status
Get-BitLockerVolume -MountPoint "C:"

# Enable BitLocker on C: drive
Enable-BitLocker -MountPoint "C:" -EncryptionMethod Aes256 -UsedSpaceOnly

# Get BitLocker key
Get-BitLockerVolume -MountPoint "C:" | Select-Object -ExpandProperty KeyProtector

# Suspend BitLocker (for maintenance)
Suspend-BitLocker -MountPoint "C:" -RebootCount 1

# Resume BitLocker
Resume-BitLocker -MountPoint "C:"

# Back up recovery key to Active Directory
Backup-BitLockerKeyProtector -MountPoint "C:" -KeyProtectorId "key-id"

# Decrypt volume
Disable-BitLocker -MountPoint "C:"

# Check encryption progress
Get-BitLockerVolume | Select-Object MountPoint, EncryptionPercentage

Linux LUKS Encryption

# Check LUKS device status
cryptsetup luksDump /dev/sda1

# Create LUKS encrypted device
cryptsetup luksFormat /dev/sda1

# Open encrypted device
cryptsetup luksOpen /dev/sda1 encrypted_volume
mount /dev/mapper/encrypted_volume /mnt/secure

# List open LUKS devices
cryptsetup status encrypted_volume

# Change LUKS password
cryptsetup luksChangeKey /dev/sda1

# Add new key slot
cryptsetup luksAddKey /dev/sda1

# Remove key slot
cryptsetup luksRemoveKey /dev/sda1

# Verify LUKS backup header
cryptsetup luksHeaderBackup /dev/sda1 --header-backup-file luks-header.backup

Attestation Workflows

# 1. Full attestation workflow - Create attestation key
tpm2_createak -C 0x81000001 -g sha256 -G rsa -s rsassa -o ak.pub -L ak.priv -n ak.name -N ak.name.priv

# 2. Load attestation key
tpm2_load -C 0x81000001 -r ak.priv -u ak.pub -c ak.ctx

# 3. Get PCR state before application
tpm2_pcrread sha256:0,1,2,3,7 -o pcr.before.dat

# 4. Generate quote with timestamp
tpm2_quote -c ak.ctx -l sha256:0,1,2,3,7 -o quote.out -m quote.msg -s quote.sig --attestation-qualified-signer

# 5. Export quote for verification
openssl dgst -sha256 -verify ak.pub -signature quote.sig quote.msg

# 6. Parse quote data
tpm2_print -t TPMS_ATTEST quote.msg

# 7. Verify event log integrity
cat /sys/kernel/security/tpm0/binary_bios_measurements | tpm2_eventlog

Measured Boot and IMA

# Check IMA status
cat /sys/kernel/security/ima/ascii_runtime_measurements

# Count IMA entries
wc -l /sys/kernel/security/ima/ascii_runtime_measurements

# Monitor IMA in real-time
watch 'wc -l /sys/kernel/security/ima/ascii_runtime_measurements'

# Extend TPM with file hash (manual IMA)
ima-evm-utils ima_extend

# Get EVM extended attributes
getfattr -m "^security" /path/to/file

# Set EVM xattr
setfattr -n security.evm -v <value> /path/to/file

# Display IMA policy
cat /sys/kernel/security/ima/policy

# Load custom IMA policy
echo "measure func=BPRM_CHECK" | sudo tee /sys/kernel/security/ima/policy

TPM 2.0 Advanced Operations

# Create a sealing policy based on specific PCRs
tpm2_pcrread -o pcr.digest sha256:0,1,7
tpm2_createpolicy --policy-pcr -l sha256:0,1,7 -f pcr.digest -L policy.digest

# Seal data with policy
tpm2_seal -C 0x81000001 -i secret.txt -o secret.seal -L policy.digest

# Create session for decryption
tpm2_startauthsession -S session.ctx

# Unseal with policy verification
tpm2_unseal -C 0x81000001 -i secret.seal -L policy.digest -S session.ctx

# Use TPM for TLS certificate generation
tpm2_getcap handles-persistent
tpm2_readpublic -c 0x81000002 -o cert.pub

# Export TPM keys for certificates
tpm2_readpublic -c 0x81000002 -f pem -o key.pem

# Create persistent identity key
tpm2_createprimary -C e -g sha256 -G rsa -c primary.ctx
tpm2_evictcontrol -C o -c primary.ctx 0x81000010

Integration and Real-World Scenarios

Full System Attestation

#!/bin/bash
# Complete system integrity attestation

echo "[*] Starting full system attestation..."

# 1. Get current PCR state
echo "[*] Reading PCRs..."
tpm2_pcrread -o pcr.baseline sha256:0,1,2,3,7

# 2. Create attestation identity
echo "[*] Creating attestation key..."
tpm2_createak -C endorsement.ctx -g sha256 -G rsa -s rsassa -o ak.pub -L ak.priv
tpm2_load -C endorsement.ctx -r ak.priv -u ak.pub -c ak.ctx

# 3. Generate quote
echo "[*] Generating attestation quote..."
tpm2_quote -c ak.ctx -l sha256:0,1,2,3,7 -o quote.out -m quote.msg -s quote.sig

# 4. Collect event logs
echo "[*] Collecting event logs..."
tpm2_eventlog /sys/kernel/security/tpm0/binary_bios_measurements > eventlog.txt

# 5. Verify boot chain
echo "[*] Verifying secure boot chain..."
sbverify /boot/vmlinuz-$(uname -r)

# 6. Export attestation data
echo "[*] Exporting attestation data..."
cat > attestation.json << EOF
{
  "hostname": "$(hostname)",
  "timestamp": "$(date -u +%Y-%m-%dT%H:%M:%SZ)",
  "kernel": "$(uname -r)",
  "secure_boot": "$(mokutil --sb-state)",
  "quote_generated": true
}
EOF

echo "[+] Attestation complete. Data saved to:"
echo "    - quote.out (quote data)"
echo "    - quote.sig (signature)"
echo "    - eventlog.txt (boot chain)"
echo "    - attestation.json (metadata)"

TPM-Based Secret Storage

#!/bin/bash
# Encrypt credentials with TPM sealing

SECRET="$1"
DESCRIPTION="$2"

if [ -z "$SECRET" ] || [ -z "$DESCRIPTION" ]; then
    echo "Usage: $0 <secret> <description>"
    exit 1
fi

# Create sealed secret
echo -n "$SECRET" | tpm2_seal -C 0x81000001 -i - -o "${DESCRIPTION}.seal" -L "pcr:sha256:0,1,7"

echo "[+] Secret sealed: ${DESCRIPTION}.seal"
echo "[*] Secret can only be unsealed if PCRs 0,1,7 match this system state"

# To unseal on same system
# tpm2_unseal -C 0x81000001 -i ${DESCRIPTION}.seal

# To unseal on different system (attestation-based)
# Requires quote verification first

TPM Policy Verification

#!/bin/bash
# Verify system integrity using TPM policies

# Create policy for specific configuration
POLICY_FILE="system.policy"

# Define PCR policy: system only trusts specific firmware/BIOS/kernel
tpm2_createpolicy --policy-pcr -l sha256:0 -f <(tpm2_pcrread -o - sha256:0) \
                  --policy-pcr-num-of-pcrs 1 -L "${POLICY_FILE}"

echo "[*] System integrity policy created"
echo "[*] Hash of policy: $(sha256sum ${POLICY_FILE} | cut -d' ' -f1)"

# Seal TPM key with policy
tpm2_seal -C 0x81000001 -i system_key.pub -o system_key.seal -L "${POLICY_FILE}"

# Verify policy matches
tpm2_readpublic -c 0x81000001 | grep -A5 "Policies"

Troubleshooting

Common TPM Issues

TPM not found or not responding

# Check TPM device
ls -la /dev/tpm*

# Restart TPM service
sudo systemctl restart tpm2-abrmd

# Check systemd service status
sudo systemctl status tpm2-abrmd

# Check kernel module
modinfo tpm
lsmod | grep tpm

# Enable TPM in BIOS (requires physical access)
# Restart system, enter BIOS/UEFI, look for Trusted Platform Module or Security settings

TPM 1.2 vs TPM 2.0 Compatibility

# Check TPM version
tpm2_getcap properties-fixed | grep -i version

# For TPM 1.2 tools
sudo apt install tpm-tools
tpm_version

# Check if TPM is in legacy mode
cat /sys/class/tpm/tpm0/tpm_version_major

Permission Denied Errors

# Check current user permissions
groups $USER

# Add user to tss group
sudo usermod -a -G tss $USER

# Apply new group membership
newgrp tss

# Check TPM permissions
ls -l /dev/tpm*

PCR Mismatch Issues

# Check current PCR values
tpm2_pcrread sha256

# Compare with expected values
cat pcr.baseline

# Reset TPM (destructive, requires TPM reset)
tpm2_startup --clear

# Note: This will clear all TPM keys and seals!

Secure Boot Configuration Issues

# Verify Secure Boot keys are installed
efi-readvar

# Re-enroll keys
sbkeysync --verbose

# Check EFI boot order
efibootmgr

# Verify signed binaries
sbverify /path/to/binary

Debug Commands

# Enable debug output on tpm2-tools
export TPM2TOOLS_LOG_LEVEL=2

# Check TPM session status
tpm2_getcap handles-transient

# List all TPM objects
tpm2_getcap handles-loaded

# Get TPM implementation info
tpm2_getcap properties-variable

# Test TPM connectivity
tpm2_startup -c
echo "TPM is accessible"

Best Practices

Security

• Store TPM keys with restrictive permissions (owned by tss:tss, 0600)
• Use PCR policies to bind secrets to system state
• Regularly update TPM firmware
• Enable Secure Boot to protect boot chain
• Use strong policies that include firmware, bootloader, and kernel PCRs
• Back up TPM recovery keys to secure location
• Never expose private keys from TPM outside the TPM

Operational

• Test attestation workflows in non-production first
• Document baseline PCR values for systems
• Monitor PCR changes and event logs regularly
• Maintain backup of TPM-sealed secrets with recovery keys
• Test unsealing procedures before relying on them
• Schedule regular TPM firmware updates
• Keep event logs for audit and compliance

Compliance

• Document TPM usage for compliance (HIPAA, PCI-DSS, SOC2)
• Enable EVM and IMA for file integrity measurement
• Maintain event log archives for forensics
• Implement monitoring of TPM operations
• Regular integrity verification audits
• Track PCR changes and attestation results

References

• TPM 2.0 Specification
• tpm2-tools Documentation
• Linux Kernel TPM Support
• IMA-EVM Security
• UEFI Secure Boot
• BitLocker Best Practices
• Trusted Computing Group
• Subgraph Secure Boot Documentation

---

Last updated: 2026-03-30