TPM/J Java-based API for the Trusted Platform Module (TPM)

Current version: 0.3.0 (alpha)
Release date: 3 April 2007


TPM/J is an object-oriented API using Java for low-level access to the TPM. It was developed as part of the research project on Trusted Computing at MIT.

TPM/J is intentionally not compliant with the TCG's TSS specifications. Its main intent is to provide a flexible object-oriented API that is more immediately usable by researchers and programmers for doing experiments and software R&D, in cases where TCG-compliance is not critical.

TPM/J treats TPM low-level commands (i.e., the commands directly given to the TPM chip itself), and the response data structures of these commands, as first-class Java objects. This allows programmers to easily access the fields of the command and response data structures in an object-oriented way, instead of having to explicitly read bytes from command-specific offsets in large byte arrays. Also, because it defines each command and response data structure as a separate Java class, it allows for a more modular, rather than monolithic implementation of APIs for each TPM command.

TPM/J also provides higher-level Java classes that represent higher-level concepts and constructs such as authorization sessions and transport sessions. In the case of authorization sessions, for example, these classes allow a session's state to be kept within a separate session object, instead of putting the burden on the programmer to explicitly create and manage local or global variables for keeping track of such state in his or her own code. In the case of transport sessions, the object-oriented form of the TPM commands allows things such as the encryption and logging of wrapped commands, etc., to be done in a more systematic and modular way (although full support for encrypted wrapped commands is not yet available in the current alpha version.)

Finally, access to the TPM itself is abstracted into a TPM driver object. By providing different platform-specific driver objects for different platforms, we are able to support multiple platforms (e.g., Linux, Windows, Mac OS X, and Vista) without requiring the programmer to change any code. To our knowledge, TPM/J is one of the first cross-platform APIs for using the TPM, that works under Windows, Linux, Mac OS X, and Vista without requiring the application programmer to write or compile separate versions.


Quick Start Guide

To test TPM/J on your system, see the Quick Start Guide.

User's Guide

To use TPM/J on your system, see the User's Guide.

Developer's Guide

For more information on writing your own programs using TPM/J, or modifying or contributing to TPM/J, see the Developer's Guide.


Original author: Luis Sarmenta (lfgs at mit dot edu)
Last edited by: Luis Sarmenta (lfgs at mit dot edu) on April 3, 2007