Feature Request: Decode TIS streams
Closed this issue · 2 comments
While playing with low-level code for interacting with the TPM, I found it useful to sniff the on-the-wire traffic sent via tpm2_* commands to the TPM. It's sometimes much easier to figure out what goes where that way, then by decrypting the specification. There also other applications where having this capability would be useful (such as reverse engineering and security research).
However, on the bus, the byte stream is not a pure CommandResponseStream, but also includes the communication interface between the host and the TPM. The spec supports both TIS (which my chip uses, over SPI) and CRB. TIS is basically a small register interface which is used to communicate the number of bytes which can be written/read from the fifo - the bytes which constitute the actual CommandResponseStream.
Extracting the stream from TIS isn't particularly difficult (you just need to isolate all writes and reads to the register address which represents the FIFO), but it can be laborious and somewhat useless. It seems like something tpmstream should quietly handle on my behalf.
If you're amenable, I'm more than happy to provide some sample captures for devel and testing.
The Spec is TCG PC Client-Specific TPM Interface Specification (TIS).
(*) TIS itself can be layered on top of several possible physical bus types - SPI, LPC (and perhaps I2C). SPI is all I have experience with and what I care about. There may be some protocol details which differ from one to another (such as how flow control works).
I feel you, been there, done that.
I don't think tpmstream is the right tool for the job. However, sigrok (a logic analyser framework) has a decoder for TIS based on SPI and I2C - it's just not merged yet.
sigrokproject/libsigrokdecode#88
If you want to use sigrok and your logic analyzer is supported, I encourage you to give it a try. As a UI, I recommend PulseView. You should be able to just add the decoder scripts before starting sigrok/PulseView.
Thank you, that'll be very useful.