BINARIES and SOURCE CODE files of the TCGstorageAPI open source project are made available under the Apache License 2.0.
It uses the openSeaChest project, its repository is maintained at https://github.com/Seagate/openSeaChest.
TCGstorageAPI implements the TCG Storage Enterprise SSC and Opal SSC protocols for configuring SEDs. It supports a number of operations, such as taking ownership of the drive, setting authentication credentials, configuring bands (TCG Ranges), locking and unlocking of bands, etc. The API should be used in combination with Key Manager to securely store drive authentication credentials.
This API depends on the below libraries for transport of TCG payloads to and from the device.
opensea-common - Operating System common operations, not specific to storage standards. Contains functions and defines that are useful to all other libraries.
opensea-transport - Contains standard ATA/SCSI/NVMe functions based on open standards for these command sets. This layer also supports different transporting these commands through operating systems to the storage devices. Code depends on opensea-common.
opensea-operations - Contains common use cases for operations to be performed on a storage device. This layer encapsulates the nuances of each command set (ATA/SCSI) and operating systems (Linux/Windows etc.) Depends on opensea-common and opensea-transport.
Depending on your git version & client you can use either of the following commands to clone the repository.
git clone --recurse-submodules https://github.com/Seagate/TCGstorageAPI.git
or
git clone --recursive https://github.com/Seagate/TCGstorageAPI.git
Note that cloning recursively is important as it clones all the necessary submodules.
Start by updating the package index:
sudo yum update
Install python3:
sudo yum install python3
Install gcc and g++:
sudo yum -y install gcc
sudo yum -y install gcc-c++
Install boost:
sudo yum install epel-release
sudo yum install boost-python36-devel.x86_64
Install gnutls:
sudo yum -y install gnutls-devel
Install python3-extensions:
sudo yum -y install python3-devel
Install rpm build package
sudo yum install rpm-build
Change directory to tcgstorageapi and download the package dependencies:
pip3 install -r requirements.txt
Start by updating package index
sudo apt-get update
Install python3 and pip:
sudo apt install python3
sudo apt install python3-pip
Install python extensions:
sudo apt-get install -y --no-install-recommends python3-all python3-all-dev
Install gnutls:
sudo apt-get install libgnutls28-dev
Install Boost-Python:
sudo apt-get install libboost-all-dev
Install Python3 setup tools:
sudo apt-get install python3-setuptools
Change directory to tcgstorageapi and download the package dependencies:
pip3 install --no-cache-dir -r requirements.txt
Your system will require the latest Microsoft Visual C++ 2017 Redistributable to build pysed.
Required Tools:
- Visual Studio 2017 (can also use msbuild)
- Windows 10 SDK version 10.0.16299.0 and SDK version 10.0.17763.0 for Visual Studio 2017 (ARM and ARM64)
- MSVC 14.1
Download boost_1_71_0.zip(https://www.boost.org/users/history/version_1_71_0.html). Create an empty folder "Boost" in the "C:" drive and extract the zip file into the "C:\Boost" folder.
Download and install Python3.8 at "C:\Python38". Add "C:\Python38" to the Windows path.
Install pip3.
Change directory to tcgstorageapi and install python3 dependencies:
pip3 install -r requirements.txt
Start by updating the package index:
sudo pkg update -f
Install gcc and gmake:
sudo pkg install gmake
sudo pkg install gcc
Install python:
sudo pkg install python
Install python packages:
sudo pkg install <package>
package:
- py37-boost-libs-1.72.0
- py37-cryptography
- py37-passlib
- py37-openssl
- py37-pycparser
- py37-setuptools-41.4.0_1
From the terminal, change directory to tcgstorageapi.
Run the command "python3 setup.py opensea" to build the openseachest libraries. After the command completes, run "python3 setup.py bdist_rpm" to build an rpm distro.
From the terminal, link gmake to make by running "sudo ln -s /usr/bin/make /usr/bin/gmake". Change directory to tcgstorageapi.
Run the command "python3 setup.py opensea" to build the openseachest libraries. After the command completes, run "python3 setup.py build" to build the library.
Build boost
Open the Developer Command Prompt for VS2017 and change folder to "C:\Boost\boost_1_71_0" and build boost for Python3.
Build pysed (Visual Studio or msbuild)
Open the solution file in "tcgstorageapi\pysed\Make\VS.2017\pysed.sln". Set the desired build configuration. Press "F7" to build pysed, or select "Build->Build All" from the menu. "pysed" will be output into "tcgstorageapi\pysed\Make\VS.2017(platform)(build type)".
Example: tcgstorageapi\pysed\Make\VS.2017\x64\Static-Release
From the developer command prompt for VS2017, change directory to "tcgstorageapi\pysed\Make\VS.2017".
Build with the command "msbuild /p:Configuration=(build type) /p:Platform=(platform)".
Example: msbuild /p:Configuration=Static-Release /p:Platform=x64
Available Platforms: * Win32 * x64 * ARM * ARM64
Available Build Types: * Static-Release * Static-Debug
From the terminal, change directory to tcgstorageapi.
Run the command "python3.7 setup.py opensea" to build the openseachest libraries. After the command completes, run "python3.7 setup.py build" to build the pysed library.
From the tcgstorageapi directory, run "yum install -y dist/TCGstorageAPI-*.x86_64.rpm" to install the built python3 package.
Change directory to build/lib.linux-x86_64-3.6. Copy TCGstorageAPI directory to /usr/local/lib/python3/dist-packages/.
On linux systems, to allow the security commands to reach the SATA drives, set the below flag value to 1:
/sys/module/libata/parameters/allow_tpm
Change directory to tcgstorageapi and copy the folder TCGstorageAPI to C:\Python38\Lib\site-packages. Copy pysed\Make\VS.2017(platform)(build type)\pysed.pyd to C:\Python38\Lib\site-packages\TCGstorageAPI.
Alternatively, the package can be built and installed using the Dockerfile.
Change directory to build/lib.freebsd-12.1-RELEASE-amd64-3.7. Copy TCGstorageAPI directory to /usr/local/lib/python3.7/site-packages/.
To build the docker image from a Dockerfile, from the tcgstorageapi directory run the command as root "sudo docker build -f docker/(OS flavor)/(OS version)/docker-file-name -t docker-image-name ."
Example: sudo docker build -f docker/CENTOS/7/Dockerfile -t tcgstorageapi-centos .
The docker container needs to be run in the privileged mode since you are accessing the device. To run the docker container, run the following command "sudo docker run -it --privileged docker-image-name /bin/bash". A new bash shell should appear indicating the running container, you can run the sedcfg.py script from the bash.
Example: sudo docker run -it --privileged tcgstorageapi-centos /bin/bash
Look in the samples directory and run the script sample_cli.py.
WARNING: the credentials for the Admin and Users are hardcoded in the example and should be changed!
The API can support key managers.
The example currently works with 2 bands (TCG Ranges).
The example script must be run as Administrator/root.
Have a look at CONTRIBUTING for guidelines on how to contribute code to this repository.