《课程实验报告.docx》由会员分享,可在线阅读,更多相关《课程实验报告.docx(21页珍藏版)》请在课桌文档上搜索。
1、等中科技火穿课程实验报告课程名称:可信计算专业班级:学号:姓名:指导教师:代炜琦报告日期:2021.6.29网络空间安全学院1 .实验目的本实验的目的是让学生将从书本中学到的可信计算相关知识应用到实践中。在IinUX中使用tmpm模拟器,通过TSS软件栈调用相关硬件来完成远程证明、密钥迁移、密钥结构、数据密封等相关功能,了解TPM的安全性,学会调用TSS的各种接口来完成应用程序。2 .实验环境 SeedUbuntu12.041.TS32位的VMWare虚拟机(下载链接:) TPMEmulator Trousers3 .实验任务本实验的任务主要是根据参考文档利用所学的的知识,填补代码中缺失的部分
2、,主要是UnSea1.file.c的编写。4 .实验过程5 .1.编译首先进行换源。备份Ubuntu源列表:sudocpetcaptetcapt.backup修改更新源:sudogeditetcapt换源的内容如下所示:debdebdebdebdebdeb-srcdeb-srcdeb-srcdeb-srcdeb-src更新源:sudoapt-getupdateQO(7Terminalmake:* No rule to make target update. Stop.6282O21 05:57 SeediJbUntu八Pe-emulators sudo apt-get updateCet:1I
3、 Get :2 I Get :3 IGet:4 I Get:5 I Get :6 I Get :7 I Get :8 I Get :9 I Get:Ie Get :11 Get :12 Get :13 Get:14 Get :15 Get :16 Get :17 Get :18 Get :19 Get :28 Get:21 Get :22http:/ I , : t 1 , I http: I , I preciseRelease.gpg 198 B precise-security Release.gpg 181 B precise-updates Release.gpg 198 B pre
4、cise-proposed Release.gpg 181 B precise-backports Release.gpg 181 B precise Release 49.6 kB precise-security Release S5.5 kB rectse-udates Release 55.4 kB precise-proposed Release 55.5 kB I precise-backports Release 55.5 kB I prectse/natn Sources 934 kB I precise/restricted Sources 5,47 B I PreCISe/
5、universe Sources 5,019 kB I PreCtSe/multiverse Sources 155 kB I prectse/natn t386 Packages 1,274 k8 I precise/restricted 1386 Packages 8,431 B I prectseuntverse 1386 Packages 4,796 kB I PreClSe/multiverse 1386 Packages 121 kB I prectse/natn Translattonlndex 3,76 B I prectsenultlverse Translattonlnde
6、x 2,676 B I precise/restricted TranslattonIndex 2,596 B I prectseutverse Translattonlndex 2,922 B然后解压并安装cmake:输入命令:tarxvzf . gzcd tpm-emuIatorsudo apt-get install libgmp-dev cmakeQGTerminal66/28/202105:57 SeRdJbUntU:-八pnemulators sudo apt-get install Itbgmp-dev C makeReading package lists. DoneBuild
7、ing dependency treeReading state tnforRatton. DoneThe following packages were dutonattcdlly installed and are no longer required: languagepackkdee language- pack kde - e-base kde-ll-egbUse ,apt-get autorefove to remove then.The following extra packages will be installed:Cnakddata ltbgRpxx4ldbl ItbxR
8、lrpc-core-c3Suggested packages:ltbnpl-doc ItbRpfr-devThe following NEW packages wtll be Installed:CRake cnake-data IIbgnp-dev IAbg内pxx4ldbl ItbxRlrpc-corec36 upgraded, S newly installed, 6 to remove and S73 not upgraded.Need to get 5,7l kB of archives.After this operation, 15.2 MB of additional disk
9、 space VdIl be used.Do you want to continue Y? yGet:1 http:/trrors.hust.edu.cubutu prectse/natn ltbgmpx4ldbl 1386 2:5.0.2 dfsg2ubuntul 8,638 BGet:2 ubuntu precise-security/natn Itbxnlrpc-core-c3 1386 1.16.33-3.IubuntuS.2 179 k8Get:3 http:/ntoubuntu precise-updtesat cnake-data all 2.8 .7-ubuntu5 754
10、kB输入命令:./Terminal06/28/262105:58seedQubutu:*tpm-emulators./build.sh./build.sh:5:unexpectedoperator TheCCORptlerIdentificationisCNU CheckforworkingCcompiler:usrbtgcc CheckforworkingCconptler:usrbtngccworks DetectingCcompilerAltnfo -DetectingCcompilerA8Iinfo-done Configuringdone Generatingdone-Butldfi
11、leshavebeenwrittento:honeseedtpn-emulatorbutld2X4% 6% 8% IM 12 14% 16% 18% 2% 22% 24 26%ButldtngC Building C Building C Building C Building C Building C Building C Building C Butldtng C Building C Butldtng C Building C BUUdtng CobjecttpRCMakeFtlestp.dlrtpn-testtng.oobjecttpR/CHakeFtles/tpm.dlr八PQMgr
12、atton.oobjecttpn/CMakeFiles/tpR.dir/tpn_authort.zation.oobjecttpRCMakeFilestpn.dtrtpn-credentobjecttpCMakeFilestpn.dtrtpn-audtt.o1.objecttpR/CHdkeFtles/tpn.dtr/tpn_delegatton.o:objecttpRCMakeFtlestn.dtrtpm-storage.oobjecttpCMdkeFtleS八pm.dtr八P1.MndIeso”objecttpR/CHdkeFtles/tpm.dtr/tpn_nanagcRent.oobj
13、ecttpCMakeFtlestpH.dlrtm-ownerobjecttpOUkeFtles八ptpnemuIatorScdbutld66/28/202166:MSeedgubuntu:*/tp-enuldtor/butl.d$sudomakeinstall(58%Butlttargettpm8%BuilttargetRtm96%Builttargettpn-crypto92%Builttargettddl94%Builttargettddl-static96%Builttargettest-tddl98%Builttargettpmd-dev(1O%BuilttargettpndInsta
14、lltheproject. Installconfiguration: -Installing:usrlocalltbltbtddl.so.l.2,e.7 Installing:/usr/local/ltb/ltbtddl.so.1.2 Installing:usrlocalltbltbtddl.so Installing:usrlocalltbltbtddl.a Installing:usrlocaltcludetddl.h Installing:usrlocalbtntpnd Removedruntimepathfohusr八OCal/bin八PMd06/28/262166:66seed0
15、ubuntu:-/tpn*enulator/butld$sudodepnod-a06/28/202106:01seedubuntu:*tpn-enulator/butld$安装tss软件栈:sudoapt-getinstalllibtspi-devtrousersGTerminal06/28/262106:01seedubuntu:/tpm-emulator/butld$sudoapt-getinstallItbtspi-devtrousersReadingpackagelists.DoneBuildingdependencytreeReadingstateinformation.DoneTh
16、efollowingpackageswereautomaticallyinstalledandarenolongerrequired:language-pack-kde-elanguage-pack-kde-e-basekde-lie-egbUseapt-getautorenovetoremovethem.ThefollowingextrapackagesWlllbeInstalled:Itbssl-devItbssl-docItbssll.ItbtsptlZlIbIgYeVThefollowingnewpackagesWlllbeinstalled:ItbSSI-devXtbssl-docI
17、IbtSPtYeVItbtsptltrousersZllbIg-devThefollowingpackageswillbeupgraded:Itbssll.O1upgraded, 6 newly installed, to remove and 572 not upgraded.Need to get 4,618 kB of archives.After this operation, 8,786 kB of additional disk space Wlll be used. Do you want to continue Yn? yGet:1 l.l-4ubuntu5.39 1,12 k
18、BGet :2 http:/ubuntu dfsg-3ubuntu4 162 kBGet:3 ubuntu .0.1-4ubuntu5.39 1,436 kBprecise-securttymatIAbSSl1.6.6 1386 precise/main Zltblg-dev 1386 1:1.2.3.4.precise-securitymatn libssl-dev 13864.2.初始化将源码在WirIdoWS下解压然后拷贝到虚拟机中,编译本次实验源码:输入命令:Cd/home/seed/trusted-computing-projectvO.3makecleanmake今GTermina
19、l62822106:63seedubuntu:/tpn-enulator/but.ld$cdhozeSeed八rusted-conputtng-projectv6.362822106:33SeediJbUntiJ“/trusted-ComPUttng-PrOjeCtVe.3$62822106:33seedubuntu:/trustedcomputing-projectv.3$makecleanmakel:Enteringdirectoryhoneseedtrusted-computing-projectv.3connon;rf*.onakel:1.eavingdirectoryhoeseedt
20、rusted-computing-projectv.3/conmonmakel:Enteringdirectoryhome/seeG八rusted-cOnPUttng-ProjeCtVe.3八nttr-f*.o././btn/create_ntg_keyTSP1.TPXjrakeOWnerSMPel*-create_mig_keyTsP1.TPM_TakeOwnershtpei*.bbg*.bb*.damakelj:1.eavingdirectoryhoneseedtrusted-conputtng-projectv.3/tnttnakel:Enteringdirectory,hoReseed
21、trusted-conputtng-projectve.3KeyHterarchyrn-f*.o././btn/create_regtster_keyIoa1.key*-create_regtster_keyload-key*.bbg.bb*.damakel:1.eavingdirectory*hoeseedtrusted-conputing-projectv.3/KeyHi.erarchymakel:Enteringdirectory/hone/seed/trusted-computing-projectv0.3/KeyMi.gration,r-f*.o././bin/platforn_ds
22、tPlatfor1.SrC*-platforn_dstplatforn-src*.bbj*.bb*.da*.pub*.blobmakel:1.eavingdirectoryhomeseedtrusted-coRputtng-projectv6.3KeyMxgraticn,akel:Enteringdirectory/hone/Seed八rusted-congttng-projectve.3/ReMoteAtte然后进行初始化操作:输入命令:sudomodprobetpmddevsudotpmd-f-dclearTerminal66/28/202106:36Seedgubuntu:trusted
23、-computing-proJectve.3$sudoRodprobetpd-devsudopasswordforseed:62822166:37seedubuntu:*/trustedcomputingprojectv.3$sudotpRdfdcleartpmd.cz39:Info:startingTPMEmulatordaemon(1.2.6.7-475)tpnd.c:93:Info:parsingoptionstpnd.c:108:Debug:debugnodeenabledtpnd.c:145:Debug:startupROde=cleartpnd.c198:Info:installi
24、ngsignalhandlerstpnd.c295:Info:staringnatlooptpHd.c:265:Info:tntttaltztgsocketvarruntpRtpnd-socket:Otpmd.c:3ee:Debug:InitializingTPMemulatortpReRulatorextern.c:ll:Info:_tpn_extern_tntt()tpn-eRulator-exter.c:104:Debug:opeetgrandomdevicedevuradomtpn-CRd-handler.c:4113:Debug:tpn-enulatorltt(1,6060)tpn_
25、data.c:120:Info:ttttaltztngTPMdatatodefaultvaluestpn_startup.c:29:Info:TPM-Itt()tpnetesting.c:243:Info:TPMeSelfTestFullOtp-testlg.cz39:Debug:tp_testeprng()tp-testig.c69:Debug:Monobtt:9909tpn_testtng.c:70:Debug:Poker:11.9tpn_tcstlng.c:71:Debug:run_l:2471,2526tpn_testtng.c:72:Debug:ru-2:124%1283/另外开启一
26、个终端,运行:sudotcsd然后进入init目录:Cd/home/seed/trusted-computing-projectvO.3/init、二在仃:./Tspi_TPM_TakeOwnershipOl-v1.2、二-a足仃:./create_mig_key-v1.2(输入Pin)OCTerminal62822106:39SeedtJbUntU:sudotcsd(sudopasswordforseed:628262106:39SeedJbUntu:5cdhoneseedtrusted-computing-projectv.3/tnit62822166:46seedubuntu:/trus
27、ted-computing-projectv6.3/tntt$./Tsp1.TPM_Take0wershtp61-v1.2TestingTspt-TPM-TakewnershtplTESTSUITE_OWNER_SECRET:(null)TESTSUITJSRKSECRET:(null)1PASS:TSPtjrPMJrakeOWnerShtPelreturned(6)TSS_SUCCESSCleaningupTspi-TPM-TakeOwnershipl62822166:40seed0ubutu:-/trusted-computingprojectv.3tttS./createJnIg_key
28、-v1.2PleaseinputMtgratablekeysmigrationsecretEnterPIN:Verifying-VerifyPIN:success62822166:41seed0ubuntu:-/trusted-computing-projectvO.3/tntt$4.3.密钥层次(KeyHierarchy)进入KeyHierarChy目录:cdhomeseedtrusted-computing-projectvO.3/KeyHierarchy完善create_register_key.C中K4的代码。完善部分的代码如下所示:create-register-key.cptlUV
29、lCOVCOIIVIUydU,RJ3UUUCA3CrU:lJ9/M,ntgratable.parentkeyisK3prtntf(CreateuserK4andregistertttodtsk.w);InttFldflSTSSeKEYeTYPEeBINDTSS.KEY_SIZE.2048TSSeKEYeVO1.ATI1.ETSSeKEYeAUTHORIZATIONTSSeKEYeMICRATAB1.E;result-Ry-cretelod-key(hCotcxttInttFlags9hKey3tfthey4fK4);if(resultf=TSSSUCCESS)prtnt.error(-crea
30、te_key,result);Tspt-Cotext-FreeMenory(hCotext,NU1.1.);Tspt-Cotext-Close(hContext);extt(result);)resultTspi-Context-RegisterKey(hCotextthKey4,TSSePSeTYPEeSYSTEM,UUIDK4rTSSPSTYPESYSTEM,UUID.K3);tf(resultI=TSS.SUCCESS)PrInjerrOr(Tsp1.COnteXJRegtSterKey”,result);Tspt-,Context-FreeMenory(hContext,nu1.1.)
31、;TsptContext-Close(hContext);extt(result);)prtntf(CreateandregisterK4successed!*);/Unloadkeys,payattentiontotheorder,childkeymustunloadfirst、二在仃:make./createregisterkey-v1.2Q户Terminalverifying-VerifyPIN:CreateandregisterK2successed!CreateUserK3andregistertttodisk.InputK3sUsagePlnEnterPIN:Verifying-V
32、erifyPIN:MMgratableK3sMigrationPinEnterpin:Verifying-VerifyPIN:CreateandregisterK3successed!CreateUserK4andregisterittodisk.InputK4,sUsagePinEnterpin:Verifying-VerifyPIN:AAmigratableK4sMigrationPtnEnterPIN:Verifying-verifyPIN:CreateandregisterK4successed!1PASS:CreateKEYreturned(6)TSS.SUCCESSCleaning
33、upCreateKEY62822107:18seedubutu:-/trustedcoRputtgprojectve.3KeyHterarchy5参考KkK2、K3的加载过程,以及TSS文档,完善load_key.c中加载K4的代码。完善部分的代码如下所示:/loadk4prttf(,1.odtgK4.n);result=TSP1.ConteXjGetKeyByUUID(hcotext,TSS_PS_TYPE_SYSTEM,UUIDJ4,fthey4);if(result!=TSS_SUCCESS)prtnt_error(T$pt_Context_1.oadKeyByUUIO,result);
34、prtnt_error_extt(naneOfFunctton,err-strtng(result);Tspt_Context_FreeHenory(hContext,NU1.1.);Tspi_Context_Close(hContext);extt(result);)运行:make./load_key-v1.2一TerminalI_UserKKStoragekey,unntgratable)II_USerK2(Signingkey.unntgratable)II_UserK3(Storagekey,Mgratable)I_UserK4(Btndkey,migratable)1.oadSRKs
35、ucessed!1.oadingKl.1.oadUserKlsucessed!1.oadingK2.InputKispinEnterPIN:1.oadUserK2sucessed!1.oadingK3.1.oadUserK3sucessed!1.oadingK4.InputK3,spinEnterPIN:1.oadUserK4sucessed!1PASS:1.oadKEYreturned(6)TSS.SUCCESSCleaningup1.oadKEY66/28/20217:22seedUbUntU:八rustedcoRputtngProjeCtVe.3/KeyHterarchyS4.4.秘钥迁
36、移Seal、Unseal和extend进入SCaIUnSCal目录:cd/home/SeeC!/trusted-COmPUting-PrOjeCtv.3/SealUnseal完成unseal_file.c文件,完成后在trusted-ConIPUting-ProjCCtv.3文件夹中Hiake0运行:./seal-V1.2(成功)SAael* & 即 g*lK “ns 7cs 192X 88fg gM4csw g W “打分” “19”“2bsye294“2b“” “ ” e446x7c7127M71417Z 92c 0tas98l2d79Mc” Mel)c*Mtyls6xAM*gcss2 3
37、t7:M”“e26a“r$”“”6 86d)nMlMr2bc“ 2 8 e的 2s4e8 ” Kfsxc2sfl6h 触bbf2 I JCSMM3e 8y8xexxfl24cb“bMMis923f Md”17r5e,cl”&”x21esM” “IX=lfMs“二不 822c6syi3sx7b“xgxe2”“fc”./unseal-v1.2(成功)./extend-v1.2(成功)./unseal-v1.2(失败)./seal_filetest,c(查看文件的内容)66/28/262107:36seedeubuntu:*/trusted-computing-projectv6.37SealUns
38、ealS./seal_filetestctest.eInputKl,sPtnEnterPIN:.unseal-file(查看文件的内容)6222107:37seedubuntu:-/trusted-conputingprojectv.3/SealUnseal$.unseal-ftletest.entest.deinputKl,sPinEnterPIN:UnsealedData:62822107:37SeedUbUntu:trusted-computing-projectvO.3/SealUnseal$./extend-v1.262822107:37seed0ubutu:/trusted-com
39、puting-projectv0.3/SealUnseal$./extend-v1.2UlPcrVaI1.en:20Success6282217:38seedubuntu:/trusted-computing-projectv0.3/SealUnseal$./unsealfile(失败)*t* G) 738AM 1 Seed OOOOOOO6O6O6000006066600606000000600660OOO6O6OO 00606000660066066000606606000O6OOO 06606060660000660000e06000 0e0e0o00e660eeee00o60oe000
40、oe0e0o0e8e000e06eee0oeo0o9oooo0eeoeeoeM6o8eeeooeooo6oeoool):-/8oe8M898e88eoo8eoee0M6oMo6e8eo8npentu 8Mo888e8M088Mee8MeeM8ae8zeo8e88duubu 8Meoe8e88M88Me888e9e8eeoe8eeee8eeMOeM 8ee88eee8e888688ee0e8e0e806e8068 8(cse 8Me880e0e8ee8oeeee0eee0eee8o0eeee6e8ult38 8ee8oeo8ee8Meee66e8ee8Meegeee8fae7: oeegMeoeeegoeee8eooe6eee6ee04eeeto21 oee8eeeeeoM6egeeoeeooeee8eo8ntat82 eeooooeooogoeeoeonen28 oooooooo6ooooeoo660ooseg4.5.秘钥迁移(KeyMigration)进入KeyM