trusted-platform-module-2
v1.0.0
Published
Node JS library for working with the TPM2.
Downloads
4
Readme
TPM2-Node
Node JS library for working with the TPM (Trusted Platform Module) 2.0
The TPM classs is a JS API of the tpm2-tools found here tpm2-tools.readthedocs.io
npm i trusted-platform-module-2
const TPM2 = require('trusted-platform-module-2');
const tpm2 = new TPM2;
// Random bytes
console.log(tpm2.getRandom(8));
// Encrypt/decrypt file.
tpm2.encrypt('path/to/.env', {
parentContext: 'key.ctx',
output: 'secrets.enc'
});
tpm2.decrypt('secrets.enc', {
parentContext: 'key.ctx',
output: 'decrypted-secrets.txt'
});
Example
Below is a full example on how to use the TPM library to: create a primary hierarchy, create a child object, load the public/private portions of the key into the TPM, then encrypt a file with that key.
tpm2.createPrimary({
keyContext: 'primary.ctx'
});
tpm2.create({
parentContext: 'primary.ctx',
keyAlgorithm: 'aes128',
public: 'key.pub',
private: 'key.priv',
});
tpm2.load({
parentContext: 'primary.ctx',
keyContext: 'key.ctx',
public: 'key.pub',
private: 'key.priv',
});
tpm2.encrypt('path/to/.env', {
parentContext: 'key.ctx',
output: 'secrets.enc'
});
Raspberry Pi Set-up
I tested this library using the GeekPi TPM2 module which has a Infineon Optiga SLB 9670.
sudo echo 'dtparam=spi=on' >> /boot/config.txt
sudo echo 'dtoverlay=tpm-slb9670' >> /boot/config.txt
apt-get install tpm2-tools
# or build from source. Recommended but more complex. https://github.com/tpm2-software
git clone [email protected]:anthonybudd/TPM2.git
cd TPM2
npm i
npm run test