Desktop version

Home arrow Computer Science arrow A Practical Guide to TPM 2.0

Setting Up the Software Stack

The two software stacks you can use to communicate with the TPM are TSS 2.0 and

TSS 2.0

TSS is a TCG standard for the TCG software stack. TSS 2.0 can be built on (and link to applications for) Windows and Linux. It consists of five or six layers and is implemented in C code except for a couple of Java layers. The layers at which TPM 2.0 code can be developed are as follows:

System API (SAPI): The lowest layer in TSS 2.0, which provides software functions for performing all variants of all TPM 2.0 functions. This layer also has tests that you can run against it. It requires detailed knowledge about TPM 2.0.

Enhanced System API (ESAPI): The next layer in TSS 2.0. It sits directly on top of the SAPI. This layer provides a lot of the glue code for doing encryption and decryption, HMAC sessions, policy sessions, and auditing. It also requires detailed knowledge about TPM 2.0, but it makes session handling much easier.

Feature API: The layer to which most applications should be written. It provides APIs that isolate you from the messiness of the TPM 2.0 specification.

Feature API Java: Layer that sits on top of the C code and performs the translation between C and Java so that Java applications can use TSS.

As of this writing, TSS 2.0 is implemented only at the System API level and includes a linked-in device driver for talking to the simulator. Currently, this code is only available to TCG members at To access to the code, you must contact the TCG TSS workgroup chair to get permission. Follow the directions in the readme.docx file to install it and run the test code against the simulator.

As noted previously, you can download from, and then install it. To understand it, review the file: Using the TSS.Net Library.docx. Unfortunately, this doesn't tell you how to build and run the code examples. The samplesWindows8 directory contains separate directories for sample projects; you can follow these directions for the GetRandom example and then apply those steps to other examples:

1. In Windows Explorer, open the solution file: ss.sln.

2. Respond with OK to the prompts for loading the various projects.

3. Select Build > Build Solution.

4. Start the simulator. (See the earlier directions.)

5. Run the GetRandom executable: tss.netsamplesWindows8 GetRandominDebugGetRandom.exe -tcp 10 (10 is the number of random bytes).

You can now run other sample programs in a similar manner. Try them out!


Now that you have an execution environment (or maybe both of them) set up, you're ready to run the code samples from the following chapters of the book.

The next chapter describes the TCG Software Stack, TSS. This software stack is currently being defined and implemented and will be freely available under an open source license to application programmers. It's used for some of the subsequent code examples in this book.

< Prev   CONTENTS   Next >

Related topics