Possible TPM uses in fprintd/libfprint
by Benjamin Berg
Hi,
I was wondering if someone has ideas about integrating the TPM with
Fingerprint readers.
Recently I started looking into supporting Secure Device Connection
Protocol (SDCP, [1]) in libfprint. The general idea is to verify that
the Fingerprint reader can be trusted, but I initially also imagined
that further use-cases like unsealing data in a TPM may be possible
(e.g. to retrieve disk encryption keys).
However, looking into it more, my current conclusion is that there is
little to no advantage to use the TPM. At least not unless one also has
a trusted (userspace) program which is capable of signing TPM
authorizations. One could easily offload the required parts into a
small helper, but that may require ensuring it runs in a trusted
execution environment.
Microsoft seems to run relevant parts as trustlets that are walled off
from the rest of the system. That seems sensible to me, but it also
means requiring all the infrastructure for execution and signing and I
doubt that is feasible currently.
Right now I'll probably go the way of not using the TPM at all. But I
am really not an expert for this. So should someone see scenarios where
a TPM is actually helpful in this context, then I would like to hear
about them.
Benjamin
PS: A quick summary of how SDCP works:
* Device has a private ECC key that signs the firmware and ephemeral
keys during boot (and is inaccessible afterwards)
* A certificate proofs that this key was provisioned in factory
* Device builds a shared secret with the host (s)
* Device sends id, HMAC_SHA256(s, "identify" || nonce || id)
when the finger "id" was presented.
* The HMAC proofs knowledge of the shared secret and authorizes the
print.
[1] https://github.com/microsoft/SecureDeviceConnectionProtocol/wiki/Secure-D...
2 months, 3 weeks
Calculating name of created AK- server side
by kuba.michal.n@gmail.com
Hello!
I would like to know if it is possible to calculate name of AK generated by host on a remote server? I have read about remote attestation. To ensure the AK matches EK we have to make credential using name of the AK. To achieve this we have to either:
a) calculate name of the AK on server
b) receive name of the AK from host and believe it's a name for a proper AK
Am I missing something?
I have searched for explanation in docs posted on TCG's site, but I just can't find anything useful for nameAlg.
I would be thankful for any help or advice :D
3 months, 2 weeks
abrmd crashing - how to debug?
by Kenneth Goldman
Ubuntu focal with WSL, abrmd compiled from source
After about 5 minutes of sending commands, abrmd crashes. I originally
found it with keylime, but I can reproduce it with a simple bash loop on
pcrread.
abrmd exits, the tool output is:
** (process:21067): CRITICAL **: 17:25:10.862: failed to allocate dbus
proxy object: Could not connect: Connection refused
WARNING:tcti:src/tss2-tcti/tctildr.c:79:tcti_from_init() TCTI init for
function 0x7ff5f6dbbe10 failed with a0008
WARNING:tcti:src/tss2-tcti/tctildr.c:109:tcti_from_info() Could not
initialize TCTI named: tcti-abrmd
ERROR:tcti:src/tss2-tcti/tctildr-dl.c:154:tcti_from_file() Could not
initialize TCTI file: tabrmd
ERROR:tcti:src/tss2-tcti/tctildr.c:416:Tss2_TctiLdr_Initialize_Ex() Failed
to instantiate TCTI
ERROR: Could not load tcti, got: "tabrmd:bus_name=com.intel.tss2.Tabrmd"
How would I debug?
I would expect that nothing that a single application does should crash
abrmd.
--
Ken Goldman kgoldman(a)us.ibm.com
914-945-2415 (862-2415)
5 months, 2 weeks
Re-provision TPM
by Anthony Arrascue
Hello,
I am learning about the TSS and TPM techonologies.
I have provisioned the TPM with the default settings, which means I am now using the ECC profile (P_ECCP256SHA256).
However, encryption was a requirement I needed to fulfill. I just didn't know that ECC encryption is currently not supported and now I realize RSA would be a better fit for me.
So here is my question:
* I see there is another profile in /usr/local/etc/tpm2-tss/fapi-profiles, namely P_RSA2048SHA256.json. Is there a way I can encrypt using the RSA profile instead of the ECC one? I tried to re-run tss2_provision, after setting it in fapi-config.json, but it seems this is not the way to proceed. I get the message that the TPM has been already provisioned. What is the correct way of "changing" profile? Is it even possible or do I need to reset the TPM?
Thank you for your help.
Anthony Arrascue
7 months, 2 weeks
Re: Re-provision TPM
by Steven Clark
On Linux one of the absolute worst-case options to nuke a TPM and start
over is to use the sysfs PPI interface to the TPM:
Issue a clear request like:
echo 5 > /sys/class/tpm/tpm0/ppi/request
and reboot. You then confirm that you really do want the BIOS to wipe the
TPM and it's done. If something has set auths and you don't know what it
is, this a pretty decent last resort if you've got the support.
1 year, 3 months
Fapi_Decrypt using auth value
by Anthony Arrascue
Hello,
I am learning about encryption / decryption using Fapi.
For that purpose, I create a key using tss2_createkey and use tss2_encrypt / tss2_decrypt (and their Fapi equivalents).
tss2_ createkey has the argument -a, --authValue to set up a decryption password.
With tss2_encrypt I generate the cipher text.
The problem is with the decryption process. When I decrypt with tss2_decrypt I got asked for that authValue. If it is given correctly it decrypts the cipher text. However, Fapi_Decrypt will fail throwing an authorization error.
I was wondering how to programmatically enter the authValue? Fapi_Decrypt has no arguments to pass it. Maybe through the FAPI_CONTEXT?
Using TPM2-TSS v. 2.4.x
TPM2-TOOLS v. 4.X
Thank you for any possible help.
Best,
Anthony Arrascue
--------------------------------------
neuroloop GmbH
Breisacher Str. 86, 79110 Freiburg, Germany
aarrascue(a)neuroloop.de<mailto:aarrascue@neuroloop.de>
neuroloop.de
1 year, 3 months
tpm2-tss fapi tests failing with new openssl
by Petr Gotthard
Hello,
I have troubles debugging the FAPI tests. I am seeing error messages "Could not open file or uri for loading certificate", but I have no idea where these are coming from. For example, in "tpm2-tss/test/integration/fapi-data-crypt-rsa.log" I see
Could not open file or uri for loading certificate from /home/petr/projects/tpm2-tss/test/integration/fapi-data-crypt-rsa.fint_ekcert.crt
C05DA65E427F0000:error:80000002:system library:file_open:No such file or directory::0:calling stat(/home/petr/projects/tpm2-tss/test/integration/fapi-data-crypt-rsa.fint_ekcert.crt)
Unable to load certificate
Could not open file or uri for loading certificate from /home/petr/projects/tpm2-tss/test/integration/fapi-data-crypt-rsa.fint_ekecccert.crt
C08D22FEE77F0000:error:80000002:system library:file_open:No such file or directory::0:calling stat(/home/petr/projects/tpm2-tss/test/integration/fapi-data-crypt-rsa.fint_ekecccert.crt)
Unable to load certificate
cat: /home/petr/projects/tpm2-tss/test/integration/fapi-data-crypt-rsa.fint_ekcert.crt: No such file or directory
WARNING:test:test/helper/tpm_writeekcert.c:92:main() Cert input size is 0
WARNING:test:test/helper/tpm_writeekcert.c:95:main() Define NV cert with nv index: 1c00002
cat: /home/petr/projects/tpm2-tss/test/integration/fapi-data-crypt-rsa.fint_ekecccert.crt: No such file or directory
WARNING:test:test/helper/tpm_writeekcert.c:92:main() Cert input size is 0
WARNING:test:test/helper/tpm_writeekcert.c:95:main() Define NV cert with nv index: 1c0000a
Execute the test script
The "tpm2-tss/test/integration/fapi-data-crypt-rsa.fint_ca.log" indicates(?) these files should(?) have been created:
Creating ekcert for /home/petr/projects/tpm2-tss/test/integration/fapi-data-crypt-rsa.fint_ekpub.pem => /home/petr/projects/tpm2-tss/test/integration/fapi-data-crypt-rsa.fint_ekcert.crt
Creating ekcert for /home/petr/projects/tpm2-tss/test/integration/fapi-data-crypt-rsa.fint_ekeccpub.pem => /home/petr/projects/tpm2-tss/test/integration/fapi-data-crypt-rsa.fint_ekecccert.crt
But the certificates are not there. The PEM keys yes, the CRT files no.
I tried to find which openssl(?) command does this certificate creation, but it is somewhere well hidden.
This is not a bug in the tpm2-tss. I am using the new OpenSSL 3.0 and my heavily modified tpm2-tss code. The bug is in one of these two-- I have just serious troubles finding it.
Could you please give me some hint where should I look? Where is the command generating these certificates, please?
Kind Regards,
Petr
1 year, 3 months
Sample applications
by @rubynerd
Hi all,
I'm looking to build an application which creates a key on a TPM & uses the
TPM to decrypt some application initialisation secrets delivered to the
application via a control-plane, which verifies the key the TPM will use is
on a TPM.
I'm struggling to find any sample applications/explanations/cookbooks for
tmp2-tools to prototype out how this would work — in fact, I can't find an
explainer of how to convert a key from "tss" format to PEM format. Is there
something I've missed, or is there a sample TPM application or something
kicking about I can refer to? I'm aware there are specification PDF's, but
these are unapproachable to someone with attention-span disabilities.
Thanks,
Luke
1 year, 3 months
Essay Writing Help
by kasperkos04@gmail.com
I recently read a book of 50 Shades of Raw and asked us that we should write a report on the book. Since I will be doing it for the first time and do not know how to do it. I turned for help to a professional writing platform that leaves their work here https://cheap-essay-writing.com/book-report.html
1 year, 3 months
Example with multifactor authentication available?
by Felix Rubio Dalmau
Hi everybody!
I am still learning about tpm and tpm2-tools. Following the advice from William Roberts, I set the authentication policy up as AND(pcr, password) by doing the following:
# create a policy that requires the pcr and the password
tpm2_startauthsession -S session.dat
tpm2_policypcr -S session.dat -l "sha1:0,1,2,3" -L policy.dat
tpm2_policypassword -S session.dat -L policy.dat
tpm2_flushcontext session.dat
# and the sealing goes with
echo mysecret | tpm2_create -C primary.ctx -u key.pub -r key.priv -i- -p password -L policy.dat
William suggested I should set up a signed policy so that when UEFI gets updated I can regenerate the policy and not find myself lock out off the system, which I understand, but the problem is: to prevent from further unlock attemps, after unsealing the secret protected by that policy, I will extend one of the pcr registers... so, if I generate the pcr policy with the live system, I will be using pcr values that have been altered.
Now, I have thought in either forcing the EFI updates to happen during the system boot (I download the update, recreate a initramfs including it, and during the following boot, in the unlocking script, the UEFI gets updated and the policy gets created before unlocking), or in having a multi factor authentication that allows me to get in with either the previous policy or with another policy composed by the previous password and a rescue password. In this case, AND(password1, OR(password2, pcr)), I have written the following statements:
# session for auth based on pcr
tpm2_startauthsession -S session.dat
tpm2_policypcr -S session.dat -l "sha256:0,1" -L policy.pcr
tpm2_flushcontext session.dat
rm session.dat
# session for auth based on rescue password
tpm2_startauthsession -S session.dat
tpm2_policypassword -S session.dat -L policy.rescue
tpm2_flushcontext session.dat
rm session.dat
# compound both policies using OR and require always the password
tpm2_startauthsession -S session.dat
tpm2_policyor -S session.dat -L policy.dat sha256:policy.pcr,policy.rescue
tpm2_policypassword -S session.dat -L policy.dat
tpm2_flushcontext session.dat
rm session.dat
I think this is ok, but then.. I do not see how to initialize the password policies. Is there any example similar to what I want to achieve?
Thank you!
Felix
1 year, 3 months
