The IAIK jTpmTools are a set of command line tools for basic interaction with the Trusted Platform Modules (TPM) and the Trusted Software Stack (TSS). This includes tools for taking and clearing ownership, reading and extending PCRs, creating keys or binding data. For key storage the persistent storage of the TSS is used.

Moreover, a tool to generate Attestation Identity Keys (AIKs) and corresponding AIK certificates is included. An AIK is a special purpose signature key. The private part of the AIK is protected by the TPM while the public part is embedded in the AIK certificate which is issued by a PrivacyCA. With the AIK certificate, the PrivacyCA states that the AIK is associated with a valid TPM. An AIK can be used for e.g. platform attestation (TPM_Quote) or key certification. If your platform is equipped with an Infineon 1.1b or 1.2 TPM the IAIK jTpmTools include a tool that allows to read the Endorsement certificate from the internal memory of the chip. In case of a 1.1b TPM, vendor specific mechanisms are used while for 1.2 TPMs the EK certificate is read from the NV storage of the TPM.

Development of the IAIK jTpm Tools was supported by the European Commission as part of the OpenTC project (Ref. Nr. 027635) and is supported by the Austrian FIT-IT Trust in IT Systems programme in project acTvSM.

The IAIK jTpmTools Wrapper are developed and maintained at the Institute for Applied Information Processing and Communication (Institut für Angewandte Informationsverarbeitung und Kommunikation, IAIK, http://www.iaik.at/) at Graz University of Technology (http://www.tugraz.at/).