[xyzzyz]

If you look at IBM's TPM 2.0 implementation[1], you can see that they don't use any well tested libraries for crypto primitives, but rather uses what looks like home-cooked crypto implementation.

Microsoft, on the other hand, seems to support OpenSSL and wolfSSL in their simulator[2].

[1] - http://ibmswtpm.sourceforge.net/ibmswtpm2.html [2] - https://github.com/microsoft/ms-tpm-20-ref

[wolf550e]

You're not supposed to use the IBM TPM emulator for anything except developing software that talks to a real TPM without using a real TPM.

[xyzzyz]

Sure, but what exactly do you think real TPM manufacturers are putting inside them? They must run some crypto code, do you think they won’t just reuse IBMs emulator? Or that they will come up with something more secure?

[wolf550e]

I hope that's what happens, yes.

[matthewaveryusa]

IBM's implementation is really scary. I read through the codebase and my WTF meter went through the roof. It looks like the codebase of some evil genius that invented a world of coding practices of his own.

[xyzzyz]

You’ll find it interesting then that this codebase is mostly consisting of reference implementation. These WTF practices are straight from TPM 2.0 standard. See https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev...

[devnullbyte]

The researchers used the intel tpm2-tss stack.

[wolf550e]

tpm2-tss is not an implementation of a TPM, it's a client of the TPM protocol that talks to a server. The server in this protocol can be a real TPM reached by a linux device file or a TPM arbitrator (in kernel on in userspace) or a TPM emulator (the IBM one linked above), etc.

tpm2-tools are CLI utilities that use the tpm2-tss library.