Project

General

Profile

Issue #3639

IPSec tunnel failed to come up using TPM

Added by Vivek Bairathi 2 months ago. Updated 2 months ago.

Status:
Feedback
Priority:
Normal
Category:
configuration
Affected version:
5.7.2
Resolution:

Description

Issue is without TPM the tunnel is coming up but with TPM tunnel bring up is failing.
Here is the cert details:
Root CA Cert:
Certificate:
Data:
Version: 3 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: C=gb, O=VF, OU=LAB, CN=VFPreProdRoot
Validity
Not Before: Aug 31 10:46:25 2012 GMT
Not After : Aug 31 10:46:25 2032 GMT
Subject: C=gb, O=VF, OU=LAB, CN=VFPreProdRoot
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (4096 bit)

SubCA:
Certificate:
Data:
Version: 3 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: C=gb, O=VF, OU=LAB, CN=VFPreProdRoot
Validity
Not Before: Oct 25 08:33:53 2018 GMT
Not After : Oct 25 08:33:53 2028 GMT
Subject: C=GB, O=VF, OU=Lab, CN=VFPreProdIssuingCA1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)

Attaching logs.

Please let me know what is the issue here.

Thanks & Regards,
Vivek

strongswan-log.txt (20.4 KB) strongswan-log.txt syslog for both TPM and non-TPM scenario Vivek Bairathi, 24.11.2020 17:41

History

#1 Updated by Tobias Brunner 2 months ago

  • Category changed from charon to configuration
  • Status changed from New to Feedback
  • Priority changed from High to Normal

This doesn't sound good:

Nov 24 12:02:42 centos7 charon: 00[PTS] signature algorithm is NULL with ERROR hash

Usually, TPM keys have a single signature/hash algorithm assigned (and no other scheme can be used). If that scheme can't be retrieved, you currently can't create any signatures with that key.

#2 Updated by Vivek Bairathi 2 months ago

Tobias Brunner wrote:

This doesn't sound good:

[...]

Usually, TPM keys have a single signature/hash algorithm assigned (and no other scheme can be used). If that scheme can't be retrieved, you currently can't create any signatures with that key.

Hi Tobias,

Thanks for the reply.

Yes you are right but if I provide hash algorithm the openssl fails to use TPM as it needs a raw RSA key and hence we are not able to generate certificates using openssl.

The problem is similar to what is reported here:
https://github.com/tpm2-software/tpm2-tss-engine/issues/171

Thanks & Regards,
Vivek

#3 Updated by Vivek Bairathi 2 months ago

Vivek Bairathi wrote:

Tobias Brunner wrote:

This doesn't sound good:

[...]

Usually, TPM keys have a single signature/hash algorithm assigned (and no other scheme can be used). If that scheme can't be retrieved, you currently can't create any signatures with that key.

Hi Tobias,

Thanks for the reply.

Yes you are right but if I provide hash algorithm the openssl fails to use TPM as it needs a raw RSA key and hence we are not able to generate certificates using openssl.

The problem is similar to what is reported here:
https://github.com/tpm2-software/tpm2-tss-engine/issues/171

Thanks & Regards,
Vivek

Pasting the issue from the link as shared above:

===============================================

We are attempting to use a key hosted inside the TPM chip with Strongswan.
First we create a primary key:
$ tpm2_createprimary -C o -g sha256 -G rsa -c prim.ctx

Next we create a persistent child key:
$ tpm2_create -C prim.ctx -g sha256 -G rsa:rsassa -u key1.pub -r key1.priv
$ tpm2_load -C prim.ctx -u key1.pub -r key1.priv -c key1.ctx
$ tpm2_evictcontrol -C o -c key1.ctx 0x81000002

Using OpenSSL for CMP and the TPM TSS engine, we request a certificate for the TPM hosted child key:
$ openssl cmp -cmd ir -engine tpm2tss -server [PKI IP] -path [CMP alias path] -cert [client auth cert file] -key [client auth key file] -newkey engine:0x81000002 -subject "[DN]" -certout [enroled cert file] -srvcert [CMP server cert]

The above command fails as expected ("inconsistent attributes"),
because the engine uses the RSA decrypt operation,
but the "decrypt" attribute is not set on the key since its scheme is "rsassa":
WARNING:esys:src/tss2-esys/api/Esys_RSA_Decrypt.c:305:Esys_RSA_Decrypt_Finish() Received TPM Error
ERROR:esys:src/tss2-esys/api/Esys_RSA_Decrypt.c:102:Esys_RSA_Decrypt() Esys Finish ErrorCode (0x00000182)
139652227592192:error:8008C06D:tpm2-tss-engine:rsa_priv_enc:Unknown TPM error occured. Please check tpm2tss logs:src/tpm2-tss-engine-rsa.c:166:
139652227592192:error:38064067:CRMF routines:CRMF_poposigningkey_init:error:crypto/crmf/crmf_lib.c:440:
139652227592192:error:3907907B:CMP routines:OSSL_CMP_certreq_new:error creating ir:crypto/cmp/cmp_msg.c:338:

Now, we create the child key as a simple RSA key : tpm2_create -G rsa ...
The key has now the "decrypt" attribute set, and the enrollment request is OK,
but next in Strongswan, we get an error "no common hash algorithm found to create signature"
because the scheme attribute of the key is empty.

So, we try to replace the RSA decrypt by a RSA signature in tpm2-tss-engine-master/tpm2-engine-rsa.c, but face a memory corruption problem:
WARNING:marshal:src/tss2-mu/tpm2b-types.c:302:Tss2_MU_TPM2B_DIGEST_Marshal() buffer_size: 4096 with offset: 77 are insufficient for object of size XXXXX

where XXXXX is random at each execution of the "openssl cmp" command.

Thanks for help

===============================================

Yes, the problem is that OpenSSL performs the padding operation (PSS or SSA) outside of the RSA-engines. Thus we only receive the raw data to be fed into the RSA operation.
The TPM however does not support "RAW-RSA" operations via the Sign() call.
Thus we need to use TPM's Decrypt() operation to perform the RAW-RSA operation, and thus we need the decrypt flag.

I know that this is counter-intuitive and a problem, but we had to deal with it and there was no other way, given the restrictions of the TPM and OpenSSL...

So please set the decrypt flag. Trying to get it to work via Sign will fail...

===============================================

Please let me know what can be done to resolve the issue here.

Thanks & Regards,
Vivek

#4 Updated by Vivek Bairathi 2 months ago

Vivek Bairathi wrote:

Vivek Bairathi wrote:

Tobias Brunner wrote:

This doesn't sound good:

[...]

Usually, TPM keys have a single signature/hash algorithm assigned (and no other scheme can be used). If that scheme can't be retrieved, you currently can't create any signatures with that key.

Hi Tobias,

Thanks for the reply.

Yes you are right but if I provide hash algorithm the openssl fails to use TPM as it needs a raw RSA key and hence we are not able to generate certificates using openssl.

The problem is similar to what is reported here:
https://github.com/tpm2-software/tpm2-tss-engine/issues/171

Thanks & Regards,
Vivek

Pasting the issue from the link as shared above:

===============================================

We are attempting to use a key hosted inside the TPM chip with Strongswan.
First we create a primary key:
$ tpm2_createprimary -C o -g sha256 -G rsa -c prim.ctx

Next we create a persistent child key:
$ tpm2_create -C prim.ctx -g sha256 -G rsa:rsassa -u key1.pub -r key1.priv
$ tpm2_load -C prim.ctx -u key1.pub -r key1.priv -c key1.ctx
$ tpm2_evictcontrol -C o -c key1.ctx 0x81000002

Using OpenSSL for CMP and the TPM TSS engine, we request a certificate for the TPM hosted child key:
$ openssl cmp -cmd ir -engine tpm2tss -server [PKI IP] -path [CMP alias path] -cert [client auth cert file] -key [client auth key file] -newkey engine:0x81000002 -subject "[DN]" -certout [enroled cert file] -srvcert [CMP server cert]

The above command fails as expected ("inconsistent attributes"),
because the engine uses the RSA decrypt operation,
but the "decrypt" attribute is not set on the key since its scheme is "rsassa":
WARNING:esys:src/tss2-esys/api/Esys_RSA_Decrypt.c:305:Esys_RSA_Decrypt_Finish() Received TPM Error
ERROR:esys:src/tss2-esys/api/Esys_RSA_Decrypt.c:102:Esys_RSA_Decrypt() Esys Finish ErrorCode (0x00000182)
139652227592192:error:8008C06D:tpm2-tss-engine:rsa_priv_enc:Unknown TPM error occured. Please check tpm2tss logs:src/tpm2-tss-engine-rsa.c:166:
139652227592192:error:38064067:CRMF routines:CRMF_poposigningkey_init:error:crypto/crmf/crmf_lib.c:440:
139652227592192:error:3907907B:CMP routines:OSSL_CMP_certreq_new:error creating ir:crypto/cmp/cmp_msg.c:338:

Now, we create the child key as a simple RSA key : tpm2_create -G rsa ...
The key has now the "decrypt" attribute set, and the enrollment request is OK,
but next in Strongswan, we get an error "no common hash algorithm found to create signature"
because the scheme attribute of the key is empty.

So, we try to replace the RSA decrypt by a RSA signature in tpm2-tss-engine-master/tpm2-engine-rsa.c, but face a memory corruption problem:
WARNING:marshal:src/tss2-mu/tpm2b-types.c:302:Tss2_MU_TPM2B_DIGEST_Marshal() buffer_size: 4096 with offset: 77 are insufficient for object of size XXXXX

where XXXXX is random at each execution of the "openssl cmp" command.

Thanks for help

===============================================

Yes, the problem is that OpenSSL performs the padding operation (PSS or SSA) outside of the RSA-engines. Thus we only receive the raw data to be fed into the RSA operation.
The TPM however does not support "RAW-RSA" operations via the Sign() call.
Thus we need to use TPM's Decrypt() operation to perform the RAW-RSA operation, and thus we need the decrypt flag.

I know that this is counter-intuitive and a problem, but we had to deal with it and there was no other way, given the restrictions of the TPM and OpenSSL...

So please set the decrypt flag. Trying to get it to work via Sign will fail...

===============================================

Please let me know what can be done to resolve the issue here.

Thanks & Regards,
Vivek

*Hi Tobias,

In one our setups, we are to bring up tunnel with TPM even though hash algorithm is not set, please see logs below:*

Nov 24 14:39:55 centos7 charon: 00[DMN] Starting IKE charon daemon (strongSwan 5.7.2, Linux 3.10.0-1127.rt56.1093.el7.x86_64, x86_
64)
Nov 24 14:39:55 centos7 charon: 00[CFG] PKCS11 module '<name>' lacks library path
Nov 24 14:39:55 centos7 charon: 00[LIB] openssl FIPS mode(2) - enabled
Nov 24 14:39:55 centos7 charon: 00[CFG] loading ca certificates from '/etc/strongswan/ipsec.d/cacerts'
Nov 24 14:39:55 centos7 charon: 00[CFG] loaded ca certificate "CN=VC CA, C=GB" from '/etc/strongswan/ipsec.d/cacerts/Vilico
mCA.cacert.pem'
Nov 24 14:39:55 centos7 charon: 00[CFG] loaded ca certificate "C=IN, ST=KA, L=BN, O=Mav, OU=System Test, CN=MavRootCaCer
t.com" from '/etc/strongswan/ipsec.d/cacerts/MavRootCaCert.pem'
Nov 24 14:39:55 centos7 charon: 00[CFG] loaded ca certificate "CN=VC CA, C=GB" from '/etc/strongswan/ipsec.d/cacerts/Operat
orCA.pem'
Nov 24 14:39:55 centos7 charon: 00[CFG] loading aa certificates from '/etc/strongswan/ipsec.d/aacerts'
Nov 24 14:39:55 centos7 charon: 00[CFG] loading ocsp signer certificates from '/etc/strongswan/ipsec.d/ocspcerts'
Nov 24 14:39:55 centos7 charon: 00[CFG] loading attribute certificates from '/etc/strongswan/ipsec.d/acerts'
Nov 24 14:39:55 centos7 charon: 00[CFG] loading crls from '/etc/strongswan/ipsec.d/crls'
Nov 24 14:39:55 centos7 charon: 00[CFG] loading secrets from '/etc/strongswan/ipsec.secrets'
Nov 24 14:39:55 centos7 charon: 00[CFG] no PKCS#11 module found having a keyid 81:01:00:04
Nov 24 14:39:55 centos7 charon: 00[PTS] TPM 2.0 via TSS2 v2 available
Nov 24 14:39:55 centos7 charon: 00[PTS] signature algorithm is NULL with ERROR hash
Nov 24 14:39:55 centos7 charon: 00[CFG] loaded private key from %smartcard:0x81010004
Nov 24 14:39:55 centos7 charon: 00[CFG] opening triplet file /etc/strongswan/ipsec.d/triplets.dat failed: No such file or director
y
Nov 24 14:39:55 centos7 charon: 00[CFG] loaded 0 RADIUS server configurations
Nov 24 14:39:55 centos7 charon: 00[CFG] HA config misses local/remote address
Nov 24 14:39:55 centos7 charon: 00[CFG] no script for ext-auth script defined, disabled
Nov 24 14:39:55 centos7 charon: 00[LIB] loaded plugins: charon pkcs11 tpm aesni aes des rc2 sha2 sha1 md4 md5 mgf1 random nonce x5
09 revocation constraints acert pubkey pkcs1 pkcs7 pkcs8 pkcs12 pgp dnskey sshkey pem openssl gcrypt fips-prf gmp curve25519 chapo
ly xcbc cmac hmac ctr ccm gcm curl attr kernel-netlink resolve socket-default farp stroke vici updown eap-identity eap-sim eap-aka
eap-aka-3gpp eap-aka-3gpp2 eap-md5 eap-gtc eap-mschapv2 eap-dynamic eap-radius eap-tls eap-ttls eap-peap xauth-generic xauth-eap
xauth-pam xauth-noauth dhcp led duplicheck unity counters
Nov 24 14:39:55 centos7 charon: 00[JOB] spawning 16 worker threads
Nov 24 14:39:56 centos7 charon: 05[CFG] received stroke: add connection 'du_ipsec'
Nov 24 14:39:56 centos7 charon: 05[CFG] loaded certificate "CN=9017049559, O=VC, C=GB" from 'client.pem'
Nov 24 14:39:56 centos7 charon: 05[CFG] id '172.17.10.2' not confirmed by certificate, defaulting to 'CN=9017049559, O=VC,
C=GB'
Nov 24 14:39:56 centos7 charon: 05[CFG] added configuration 'du_ipsec'
Nov 24 14:39:56 centos7 charon: 07[CFG] received stroke: initiate 'du_ipsec'
Nov 24 14:39:56 centos7 charon: 07[IKE] initiating IKE_SA du_ipsec1 to 172.16.100.21
Nov 24 14:39:56 centos7 charon: 07[ENC] generating IKE_SA_INIT request 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) N(FRAG_SUP) N(HASH_A
LG) N(REDIR_SUP) ]
Nov 24 14:39:56 centos7 charon: 07[NET] sending packet: from 172.17.10.2500 to 172.16.100.21500 (464 bytes)
Nov 24 14:39:56 centos7 charon: 08[NET] received packet: from 172.16.100.21500 to 172.17.10.2500 (469 bytes)
Nov 24 14:39:56 centos7 charon: 08[ENC] parsed IKE_SA_INIT response 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) CERTREQ N(FRAG_SUP) ]
Nov 24 14:39:56 centos7 charon: 08[CFG] selected proposal: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
Nov 24 14:39:56 centos7 charon: 08[IKE] received cert request for "CN=VC CA, C=GB"
Nov 24 14:39:56 centos7 charon: 08[IKE] received 1 cert requests for an unknown ca
Nov 24 14:39:56 centos7 charon: 08[IKE] sending cert request for "CN=VC CA, C=GB"
Nov 24 14:39:56 centos7 charon: 08[IKE] sending cert request for "C=IN, ST=KA, L=BN, O=Mav, OU=System Test, CN=MavRootCaCe
rt.com"
Nov 24 14:39:56 centos7 charon: 08[IKE] authentication of 'CN=9017049559, O=VC, C=GB' (myself) with RSA signature successful
Nov 24 14:39:56 centos7 charon: 08[IKE] sending end entity cert "CN=9017049559, O=VC, C=GB"
Nov 24 14:39:56 centos7 charon: 08[IKE] establishing CHILD_SA du_ipsec{1}
Nov 24 14:39:56 centos7 charon: 08[ENC] generating IKE_AUTH request 1 [ IDi CERT CERTREQ AUTH SA TSi TSr N(MOBIKE_SUP) N(ADD_4_ADD
R) N(ADD_4_ADDR) N(EAP_ONLY) N(MSG_ID_SYN_SUP) ]
Nov 24 14:39:56 centos7 charon: 08[ENC] splitting IKE message (1456 bytes) into 2 fragments
Nov 24 14:39:56 centos7 charon: 08[ENC] generating IKE_AUTH request 1 [ EF ]
Nov 24 14:39:56 centos7 charon: 08[ENC] generating IKE_AUTH request 1 [ EF ]
Nov 24 14:39:56 centos7 charon: 08[NET] sending packet: from 172.17.10.24500 to 172.16.100.214500 (1236 bytes)
Nov 24 14:39:56 centos7 charon: 08[NET] sending packet: from 172.17.10.24500 to 172.16.100.214500 (292 bytes)
Nov 24 14:39:56 centos7 charon: 10[NET] received packet: from 172.16.100.214500 to 172.17.10.24500 (1124 bytes)
Nov 24 14:39:56 centos7 charon: 10[ENC] parsed IKE_AUTH response 1 [ EF ]
Nov 24 14:39:56 centos7 charon: 10[ENC] received fragment #1 of 3, waiting for complete IKE message
Nov 24 14:39:56 centos7 charon: 11[NET] received packet: from 172.16.100.214500 to 172.17.10.24500 (1124 bytes)
Nov 24 14:39:56 centos7 charon: 11[NET] received packet: from 172.16.100.214500 to 172.17.10.24500 (1124 bytes)
Nov 24 14:39:56 centos7 charon: 11[ENC] parsed IKE_AUTH response 1 [ EF ]
Nov 24 14:39:56 centos7 charon: 11[ENC] received fragment #2 of 3, waiting for complete IKE message
Nov 24 14:39:56 centos7 charon: 12[NET] received packet: from 172.16.100.214500 to 172.17.10.24500 (116 bytes)
Nov 24 14:39:56 centos7 charon: 12[ENC] parsed IKE_AUTH response 1 [ EF ]
Nov 24 14:39:56 centos7 charon: 12[ENC] received fragment #3 of 3, reassembled fragmented IKE message (2208 bytes)
Nov 24 14:39:56 centos7 charon: 12[ENC] parsed IKE_AUTH response 1 [ IDr CERT CERT AUTH N(MSG_ID_SYN_SUP) SA TSi TSr ]
Nov 24 14:39:56 centos7 charon: 12[IKE] received end entity cert "CN=FG6H1ETB20901837, O=VC, C=GB"
Nov 24 14:39:56 centos7 charon: 12[IKE] received issuer cert "CN=VC CA, C=GB"
Nov 24 14:39:56 centos7 charon: 12[CFG] using certificate "CN=FG6H1ETB20901837, O=VC, C=GB"
Nov 24 14:39:56 centos7 charon: 12[CFG] using trusted ca certificate "CN=VC CA, C=GB"
Nov 24 14:39:56 centos7 charon: 12[CFG] checking certificate status of "CN=FG6H1ETB20901837, O=VC, C=GB"
Nov 24 14:39:56 centos7 charon: 12[CFG] certificate status is not available
Nov 24 14:39:56 centos7 charon: 12[CFG] reached self-signed root ca with a path length of 0
Nov 24 14:39:56 centos7 charon: 12[IKE] authentication of 'CN=FG6H1ETB20901837, O=VC, C=GB' with RSA signature successful
Nov 24 14:39:56 centos7 charon: 12[IKE] IKE_SA du_ipsec1 established between 172.17.10.2[CN=9017049559, O=VC, C=GB]...172.1
6.100.21[CN=FG6H1ETB20901837, O=VC, C=GB]
Nov 24 14:39:56 centos7 charon: 12[IKE] scheduling rekeying in 80674s
Nov 24 14:39:56 centos7 charon: 12[IKE] maximum IKE_SA lifetime 84274s
Nov 24 14:39:56 centos7 charon: 12[CFG] selected proposal: ESP:AES_CBC_256/HMAC_SHA2_256_128/NO_EXT_SEQ
Nov 24 14:39:56 centos7 kernel: alg: No test for fips(ansi_cprng) (fips_ansi_cprng)
Nov 24 14:39:56 centos7 charon: 12[IKE] CHILD_SA du_ipsec{1} established with SPIs c61449c7_i 75846b5d_o and TS 172.17.11.2/32 ===
10.0.1.0/24 10.0.9.0/24
Nov 24 14:39:56 centos7 vpn: + CN=FG6H1ETB20901837, O=VC, C=GB 10.0.1.0/24 172.16.100.21 -- 172.17.10.2 172.17.11.2/32
Nov 24 14:39:56 centos7 vpn: + CN=FG6H1ETB20901837, O=VC, C=GB 10.0.9.0/24 172.16.100.21 -- 172.17.10.2 172.17.11.2/32

Not sure what is the issue in the other setup. Please let me know how to resolve this issue.

Thanks & Regards,
Vivek

#5 Updated by Vivek Bairathi 2 months ago

Tobias Brunner wrote:

This doesn't sound good:

[...]

Usually, TPM keys have a single signature/hash algorithm assigned (and no other scheme can be used). If that scheme can't be retrieved, you currently can't create any signatures with that key.

Hi Tobias,

I have defined hash-alg in TPM keys as seen below:

[root@centos7 bin]# tpm2_listpersistent
persistent-handle0:0x81010001 key-alg:rsa hash-alg:sha256 object-attr:fixedtpm|fixedparent|sensitivedataorigin|userwithauth|restricted|decrypt
persistent-handle1:0x81010002 key-alg:rsa hash-alg:sha256 object-attr:fixedtpm|fixedparent|sensitivedataorigin|userwithauth|noda|decrypt|sign
persistent-handle2:0x81010003 key-alg:rsa hash-alg:sha256 object-attr:fixedtpm|fixedparent|sensitivedataorigin|userwithauth|noda|decrypt|sign
persistent-handle3:0x81010004 key-alg:rsa hash-alg:sha256 object-attr:fixedtpm|fixedparent|sensitivedataorigin|userwithauth|noda|decrypt|sign
[root@centos7 bin]#

Thanks & Regards,
Vivek

#6 Updated by Tobias Brunner 2 months ago

Yes you are right but if I provide hash algorithm the openssl fails to use TPM as it needs a raw RSA key and hence we are not able to generate certificates using openssl.

Then use the pki tool, which can use TPM keys (see TpmPlugin for examples).

Not sure what is the issue in the other setup. Please let me know how to resolve this issue.

This peer does not support the IKEv2 signature authentication extension (RFC 7427, i.e. it does not send a HASH_ALG notify), so a classic RSA signature is forced (SHA-1, no PSS), which the key apparently does not reject.

I have defined hash-alg in TPM keys as seen below:

And it is still reported as signature algorithm is NULL with ERROR hash?

#7 Updated by Vivek Bairathi 2 months ago

Tobias Brunner wrote:

Yes you are right but if I provide hash algorithm the openssl fails to use TPM as it needs a raw RSA key and hence we are not able to generate certificates using openssl.

Then use the pki tool, which can use TPM keys (see TpmPlugin for examples).

Not sure what is the issue in the other setup. Please let me know how to resolve this issue.

This peer does not support the IKEv2 signature authentication extension (RFC 7427, i.e. it does not send a HASH_ALG notify), so a classic RSA signature is forced (SHA-1, no PSS), which the key apparently does not reject.

I have defined hash-alg in TPM keys as seen below:

And it is still reported as signature algorithm is NULL with ERROR hash?

Thanks Tobias for the reply.

Now i understood the issue.
Is there anyway to disable the HASH_ALG notification for now?

Currently, I am using the TPM software versions as mentioned in the page https://wiki.strongswan.org/projects/strongswan/wiki/TpmPlugin
These versions don't provide a way to set object attributes along with signature algorithm.
The example given in this page is for cert generated statically but I am using openssl cmp plugin which reads TPM key and generate certificate dynamically.

So, I guess I have only one of the two options:
1. Disable HASH_ALG notification for now.
2. Add signature algorithm in TPM key.

Please let me know anyone of which is possible.

Thanks & Regards,
Vivek

#8 Updated by Tobias Brunner 2 months ago

Is there anyway to disable the HASH_ALG notification for now?

Sure, disable charon.signature_authentication. But do you really want to use SHA-1 for signatures?

Currently, I am using the TPM software versions as mentioned in the page https://wiki.strongswan.org/projects/strongswan/wiki/TpmPlugin
These versions don't provide a way to set object attributes along with signature algorithm.

You should be able to use newer versions if that helps.

So, I guess I have only one of the two options:
1. Disable HASH_ALG notification for now.
2. Add signature algorithm in TPM key.

There are obviously numerous more options (like patching strongSwan or OpenSSL in various ways). But yeah, those are probably the most straight forward.

#9 Updated by Vivek Bairathi 2 months ago

Tobias Brunner wrote:

Is there anyway to disable the HASH_ALG notification for now?

Sure, disable charon.signature_authentication. But do you really want to use SHA-1 for signatures?

Thanks for the reply will try disabling it and test it. Will put the result here.

Currently, I am using the TPM software versions as mentioned in the page https://wiki.strongswan.org/projects/strongswan/wiki/TpmPlugin
These versions don't provide a way to set object attributes along with signature algorithm.

You should be able to use newer versions if that helps.

So, I guess I have only one of the two options:
1. Disable HASH_ALG notification for now.
2. Add signature algorithm in TPM key.

There are obviously numerous more options (like patching strongSwan or OpenSSL in various ways). But yeah, those are probably the most straight forward.

Yes I have raised this issue with TPM developers also, checking with them whether it requires changes in openssl or upgrade of TPM libraries.

Thanks & Regards,
Vivek

#10 Updated by Vivek Bairathi 2 months ago

Tobias Brunner wrote:

Is there anyway to disable the HASH_ALG notification for now?

Sure, disable charon.signature_authentication. But do you really want to use SHA-1 for signatures?

Currently, I am using the TPM software versions as mentioned in the page https://wiki.strongswan.org/projects/strongswan/wiki/TpmPlugin
These versions don't provide a way to set object attributes along with signature algorithm.

You should be able to use newer versions if that helps.

So, I guess I have only one of the two options:
1. Disable HASH_ALG notification for now.
2. Add signature algorithm in TPM key.

There are obviously numerous more options (like patching strongSwan or OpenSSL in various ways). But yeah, those are probably the most straight forward.

Just saw that you have mentioned patching strongswan. Is there an issue at Strongswan end?

Also available in: Atom PDF