User:Joh Ho/sandbox

The TPM Software Stack (TSS), or TCG Software Stack, is the specification of a software stack for facilitating the use of the Trusted Platform Module (TPM) by the Trusted Computing Group (TCG). Even though the TSS specification is still being worked on at the moment, it is already being adopted by software providers. The specification defines several APIs that simplify implementing a TPM 2.0 in an end product.

The TSS was developed to enable the operating system and applications to easily share the system's TPM. While there are several implementations that utilize the term TSS, some of them do not claim to be compliant with the specification be the TCG.

Among other things, the TSS provides synchronous and asynchronous function calls for communicating with the TPM, handles the marshalling/unmarshalling needed for communication with a TPM and enables the encrypting of the data stream to the TPM stopping side-channel attacks (hardware probing) attacks (achieving Common Criteria Evaluation Assurance Level (EAL) 4++). Additionally, the TSS simplifies the context and session management needed, providing varying levels of abstraction (depending on the TSS API layer used). The code footprint of the TSS can range from IoT applications (no file system, no heap, etc.) up to server applications.

Specification Documents
The specification of the TSS is divided into several documents. Above all, the structure of the TSS and a list of all documents which are part of the specification are given by the TCG TSS 2.0 Overview and Common Structures Specification. There are six subordinated documents, which are part of the specification:


 * TCG TSS 2.0 Feature API (FAPI) Specification


 * TCG TSS 2.0 Enhanced System API (ESAPI) Specification


 * TCG TSS 2.0 System Level API (SAPI) Specification


 * TCG TSS 2.0 Marshaling/Unmarshaling API Specification


 * TCG TSS 2.0 TPM Command Transmission Interface (TCTI) API Specification


 * TCG TSS 2.0 Tab and Resource Manager Specification

Architecture
The TSS consists of multiple API layers which offer a distinct level of abstraction (starting with the highest level of abstraction): Feature API (FAPI), Enhanced System API (ESAPI), System API (SAPI), TPM Command Transmission Interface (TCTI), TPM Access Broker (TAB), Resource Manager (RM), and Device Driver.

Feature API (FAPI)
The Feature API Specification (FAPI) as described in the TCG TSS 2.0 Feature API (FAPI) Specification (which is still a draft) is the most high-level API and covers about 80% of the common use cases. It's focus is minimizing both the number of functions calls necessary and the number of parameters per call. To this end, default algorithms, key sizes, signing schemes etc. can be specified in profile files. On the other hand, the FAPI does not enable each and every capability of the TPM.

Enhanced System API (ESAPI)
The Enhanced System API (ESAPI) as described in the TCG TSS 2.0 Enhanced System API (ESAPI) Specification is intended to sit on top of the SAPI. It reduces programming complexity by providing session management additionally to the base SAPI functions. Unlike the SAPI layer, cryptographic operations (e.g. encryption/decryption, HMACs) ensure the security of the communication and defeat sideband attacks involving the data bus to the TPM. While the ESAPI does not require a file system, it indeed requires to allocate dynamic memory.

System API (SAPI)
The System API (SAPI) as described in TCG TSS 2.0 System Level API (SAPI) Specification enables access to all features of the TPM 2.0. The SAPI is a 1-to-1 mapping of the TPM's commands specified in TPM 2.0 Library Specification Part 3: Commands and provides both a synchronous and asynchronous function for each command.

To enable the development of applications for embedded devices, minimizing the memory footprint of the SAPI library code was taken into consideration. Thus, the SAPI code is does not require to allocate dynamic memory. Usually, the developer is responsible to allocate memory used by the SAPI. To enable the usage of the TPM on systems with limited processing power, the SAPI does not perform any cryptographic operations.

TPM Command Transmission Interface (TCTI)
TPM Command Transmission Interface (TCTI) as described in the TCG TSS 2.0 TPM Command Transmission Interface (TCTI) API Specification provides a standard interface to transmit and receive byte streams to and from the TPM. This abstraction enables the substitution of the underlying driver and device transparently, i.e. without the application being aware. For instance, the TSS can communicate with the driver of a hardware TPM as well as a TPM simulator for testing and debugging.

TPM Access Broker and Resource Manager (TAB/RM)
Usually, the TPM Access Broker (TAB) and the Resource Manager (RM) are combined in the same software module. The TAB as described in the TCG TSS 2.0 Tab and Resource Manager Specification controls the access of multiple processes to a single TPM. Additionally, it handles process ownership of sessions objects and sequences and prevents unauthorized access from other processes. Due to the TPM's limitations concerning on-board memory, only a finite amount of objects, sessions and sequences can be stored inside the TPM. To successfully execute a TPM command, all necessary resources have to be present in the TPM. It's the RM's job to load all required resources before a command is executed.

Implementations
Nowadays the TAB/RM is part of the Linux Kernel. As a result, the term TSS usually means a piece of software that exposes the TCTI interface at the low-level end and the SAPI (and optionally ESAPI and/or FAPI) at the high-level end. Since TPM Software Stack and TSS is not a protected name, there are also pieces of software that are called TSS but are not compliant.

TSS (without TAB/RM)
The most prominent compliant implementation is the Open Source TSS in C language. Published by Intel in July 2015, it is part of the open source community. Since 2018, Fraunhofer SIT, enabled by Infineon, is contributing to the project.

The Open Source TSS is part of the Debian package repositories for Sid and Buster. The  package is also available on Ubuntu since Cosmic Cuttlefish 18.10. On Red Hat Enterprise Linux, the packet is available as. OpenSuse provides the package as well. Another compliant implementation of the TCG specification is the TrustSentinel TSS by OnBoard Security. Since this is a commercial software product, it includes developer support.

The IBM TSS is an alternative implementation that does not comply with the TCG specification. Instead it strives towards providing an easier API with equivalent functionality.

Google published an interactive introduction to the TPM by utilizing the Open Source TSS as well as a TPM simulator by IBM and Google's BoringSSL. These libraries are called by JavaScript code and run by the Browser. As part of this project, JavaScript code snippets utilizing the TPM can be run while the communication with the TPM is visualized at the same time. The website provides an explanation for some key features of the TPM like Random Number Generation, Key Generation, PCRs, Attestation and Authorization.

TAB/RM
The Open Source TAB/RM published by Intel is part of the Linux Kernel since version 4.12. Alternatively, an equivalent (although not identical) user space TAB/RM can be used. That's especially interesting on devices that run an old Linux Kernel or no Linux Kernel at all. Both a user space and in-kernel TAB/RM can be used simultaneously to archieve maximal compatibility.