How to get the access to the raw TPM command

Question

How to get the access to the raw TPM command

Closed this issue 2 years ago · 2 comments

I'm trying to dump out the raw TPM command created using different SAPI calls, but I can't find any API for the purpose. Moreover, the cmdBuffer inside TSS2_SYS_CONTEXT can't be accessed, since this last one is an opaque type.

Therefore, is there currently a way to do it?
Thanks!

Answer 1 · 2023-06-20T11:05:53.000Z

In the SAPI there is one command to access the command buffer: Tss2_Sys_GetCpBuffer which returns a pointer to the marshaled command parameters. But this command can only be called between the calls of the SAPI prepare function [cmd]_Prepare and Tss2_Sys_Execute.
TSS provides two machanisms to dump the command buffer:

Create a log to stderr if the environment variable TSS2_LOG ist set.
e.g.: with TSS2_LOG=tcti+trace the commands and responses will be traced.
For tss >= 3.1.0: create a pcap file e.g. with tcti: pcap:device:/dev/tpmrm0
The file tpm2_log.pcap will be created. The TPM commands stored in this file can be inspected with wireshark or with the tpmstream tool from https://github.com/joholl/tpmstream. The file name of the pcap file can be canged by setting the environment variable ENV_PCAP_FILE.

Answer 2 · 2023-06-20T12:28:12.000Z

Thank you so much for the response, Tss2_Sys_GetCpBuffer is exactly what I needed!