Created
January 11, 2018 20:22
-
-
Save op-ct/ee837679c72884bc9dc28b770f4d5e5b to your computer and use it in GitHub Desktop.
EL7 TPM2.0 simulator + tpm2-tools
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| FROM centos:7 | |
| MAINTAINER simp@simp-project.org | |
| # EL7-based container to run the TPM2.0 simulator and tpm2-tools | |
| # | |
| # inspired by: | |
| # - https://github.com/starlab-io/docker-tpm2-emulator/blob/master/Dockerfile | |
| # - https://github.com/starlab-io/docker-tpm-emulator/blob/master/Dockerfile | |
| ARG TPM2_SIM_VERSION | |
| ARG TPM2_TOOLS_VERSION | |
| ARG TPM2_TSS_VERSION | |
| ARG TPM2_ABRMD_VERSION | |
| ARG TPM2_SIM_CMD_PORT | |
| ARG TPM2_SIM_PLATFORM_PORT | |
| # ------------------------------------------------------------------------------ | |
| # from: https://github.com/intel/tpm2-tools/wiki | |
| # | |
| # tpm2-tools 3.0.2 | |
| # tpm2-tss 1.3.0 | |
| # tpm2-abrmd 1.2.0 | |
| # ------------------------------------------------------------------------------ | |
| ENV TPM2_SIM_VERSION=${TPM2_SIM_VERSION:-1119} | |
| ENV TPM2_TOOLS_VERSION=${TPM2_TOOLS_VERSION:-3.0.2} | |
| ENV TPM2_TSS_VERSION=${TPM2_TSS_VERSION:-1.3.0} | |
| ENV TPM2_ABRMD_VERSION=${TPM2_ABRMD_VERSION:-1.2.0} | |
| ENV TPM2_SIM_CMD_PORT=${TPM2_SIM_CMD_PORT:-2321} | |
| ENV TPM2_SIM_PLATFORM_PORT=${TPM2_SIM_PLATFORM_PORT:-2322} | |
| # install build dependencies | |
| RUN yum clean all | |
| RUN yum install -y git make autoconf autoconf-archive automake libtool gcc gcc-c++ glibc-headers pkgconfig openssl-devel curl-devel epel-release | |
| RUN rm -rf /var/cache/yum | |
| RUN curl -sSfL https://sourceforge.net/projects/ibmswtpm2/files/ibmtpm${TPM2_SIM_VERSION}.tar.gz/download > ibmtpm.tgz && \ | |
| mkdir ibmtpm && \ | |
| cd ibmtpm && \ | |
| tar -zxf ../ibmtpm.tgz && \ | |
| cd src && \ | |
| make && \ | |
| mv tpm_server /usr/local/bin/ && \ | |
| cd && \ | |
| rm -rf /ibmtpm /ibmtpm.tgz | |
| RUN git clone https://github.com/intel/tpm2-tss.git -b ${TPM2_TSS_VERSION} && \ | |
| cd tpm2-tss && \ | |
| ./bootstrap && \ | |
| ./configure --libdir=/usr/lib64 && \ | |
| make && \ | |
| make install && \ | |
| cd && \ | |
| rm -rf /tpm2-tss | |
| RUN ldconfig | |
| RUN git clone https://github.com/intel/tpm2-tools.git -b ${TPM2_TOOLS_VERSION} && \ | |
| cd tpm2-tools && \ | |
| ./bootstrap && \ | |
| # TODO: having copied this off the internet, find out if `--disable-hardening` is needed | |
| ./configure --disable-hardening --with-tcti-socket --with-tcti-device --prefix=/ && \ | |
| make && \ | |
| make install && \ | |
| cd && \ | |
| rm -rf /tpm2-tools | |
| # TODO: see tpm2-abrmd INSTALL.md for post-installation steps | |
| # have the tpm2 tools always connect to the socket | |
| ENV TPM2TOOLS_TCTI_NAME=socket | |
| # the TPM2 emulator listens on ports 2321 and 2322. | |
| EXPOSE ${TPM2_SIM_CMD_PORT} | |
| EXPOSE ${TPM2_SIM_PLATFORM_PORT} | |
| # Usage: atm, I'm just running the sim and commands interactively within the container: | |
| # | |
| # docker build -t tpm2sim . | |
| # docker run -it tpm2sim | |
| # | |
| # Other things: | |
| # | |
| # * The TPM simulator is at `/usr/local/bin/tpm_server` | |
| # * The tpm2_* commands are a tab-tab away. | |
| # * `--help` currently doesn't work on any of the tpm2_* commands, because | |
| # they can't bring up man pages | |
| # |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Missing "tpm2_flushcontext" command while playing with the simulator in the container build by this Dockerfile.