Trusted Platform Module 2.0 » History » Version 28

« Previous - Version 28/87 (diff) - Next » - Current version
Andreas Steffen, 18.02.2017 21:18

Trusted Platform Module 2.0¶

Table of contents
Trusted Platform Module 2.0

Connect to a TPM 2.0 device¶

In order to connect to a TPM 2.0 hardware or firmware device, the TSS2 software stack developed by Intel is needed. Because the official Ubuntu tpm2-tss package is rather outdated (e.g. since version 0.98 the TCTI interface to the TPM 2.0 resource manager has changed several times), strongSwan is currently based on a recent version directly drawn from the TPM2-TSS git repository https://github.com/01org/TPM2.0-TSS. Avoid any TCTI interface incompatibilities by fetching the latest tpm2-tools version from https://github.com/01org/tpm2.0-tools as well.

Build and install both the tpm2-tss stack and the tpm2.0-tools, start the tpm2-resourcemgr as a service in the background and try to connect to the TPM 2.0 by listing e.g. the contents of the SHA-1 bank of PCR registers

tpm2_listpcrs -g 0x0004

Bank/Algorithm: TPM_ALG_SHA1(0x0004)
PCR_00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
PCR_01: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
PCR_02: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
PCR_03: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
PCR_04: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
PCR_05: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
PCR_06: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
PCR_07: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
PCR_08: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
PCR_09: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
PCR_10: a9 45 e7 0f 42 a2 79 f0 78 ca d4 64 60 39 39 da 9d 6a d1 a5
PCR_11: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
PCR_12: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
PCR_13: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
PCR_14: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
PCR_15: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
PCR_16: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
PCR_17: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
PCR_18: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
PCR_19: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
PCR_20: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
PCR_21: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
PCR_22: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
PCR_23: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00

A manual showing all tpm2-tools functions with their arguments can be found here.

TPM 2.0 Algorithm IDs¶

Hash Algorithms¶

0x0004	SHA-1
0x000B	SHA-2_256
0x000C	SHA-2_384
0x000D	SHA-2_512

Currently available TPM 2.0 devices like the Infineon Optiga SLB 9670 VQ2.0 hardware TPM or Intel's PTT firmware TPM integrated into the Management Engine starting with the 4th generation (Haswell) of the Core processor family, support the SHA-1 and SHA-2_256 algorithms.

Public Key Types¶

0x0001	RSA
0x0023	ECC

Currently RSA keys have a modulus size of 2048 bits and ECC keys are based on the 256 bit NIST curve.

Signature Schemes¶

0x0014	RSASSA
0x0016	RSAPSS
0x0018	ECDSA

Derive a Persistent RSA Endorsement Key¶

The following tpm2-tools command derives a 2048 bit RSA Endorsement Key (EK) in a deterministic way from the secret Endorsement Primary Seed unique to each TPM device and makes the key persistent in the non-volatile memory of the TPM under the object handle 0x81010001

tpm2_getpubek -H 0x81010001 -g 0x0001 -f ek_rsa.pub

The EK public key stored in the ek_rsa.pub file is encoded in a TPM 2.0 proprietary format but the key can be exported from the TPM in the regular PKCS#1 format using the pki tool

pki --pub --keyid 81010001 --outform pem > ek_rsa_pub.pem

The fingerprint of the RSA EK public key can be displayed with the command

pki --print --type pub --in ek_rsa_pub.pem
  pubkey:    RSA 2048 bits
  keyid:     d1:f1:49:84:36:44:e6:8c:d2:a6:69:ee:fd:b5:7d:56:2f:39:ff:58
  subjkey:   c1:1b:8e:f1:c7:f8:8a:1e:9a:dd:7e:82:2f:7a:a3:f5:c0:e2:4d:7d

Generate a Persistent RSA Attestation Key¶

A 2048 bit RSA Attestation Key (AK) bound to the EK with handle 0x81010001 can be created and made persistent under the handle 0x81010002 with the following tpm2-tools command

tpm2_getpubak -E 0x81010001 -g 0x0001 -D 0x000B -s 0x0014 -k 0x81010002 -f ak_rsa2.pub -n ak_rsa2.name

The AK public key can be exported in PKCS#1 format from the TPM using the pki tool

pki --pub --keyid 81010002 --outform pem > ak_rsa_pub.pem

The fingerprint of the RSA AK public key can be displayed with the command

pki --print --type pub --in ak_rsa_pub.pem
  pubkey:    RSA 2048 bits
  keyid:     71:21:f5:d4:7e:59:4a:88:16:ca:57:85:98:3d:36:a7:b1:d5:75:fa
  subjkey:   f4:9e:85:7d:de:4e:67:f5:fb:87:03:98:67:3f:20:7c:f3:3f:2b:66

Derive a Persistent ECC Endorsement Key¶

The following tpm2-tools command derives a 256 bit ECC Endorsement Key (EK) in a deterministic way from the secret Endorsement Primary Seed unique to each TPM device and makes the key persistent in the non-volatile memory of the TPM under the object handle 0x81010003:

tpm2_getpubek -H 0x81010003 -g 0x0023 -f ek_ecc.pub

The EK public key can be exported in PKCS#1 format from the TPM using the pki tool:

pki --pub --keyid 81010003 > ek_ecc_pub.der

The fingerprint of the ECC EK public key can be displayed with the command

pki --print --type pub --in ek_ecc_pub.der
  pubkey:    ECDSA 256 bits
  keyid:     7f:39:ca:e6:83:9b:a9:06:97:40:27:6a:e1:bf:8f:f5:9f:d3:a5:31
  subjkey:   8b:43:4d:5e:5e:7b:ff:c2:54:4d:ef:88:cb:0c:7c:47:75:28:4d:09

Generate a Persistent ECC Attestation Key¶

A 256 bit ECC Attestation Key (AK) bound to the EK with handle 0x81010003 can be created and made persistent under the handle 0x81010004 with the following tpm2-tools command

tpm2_getpubak -E 0x81010003 -g 0x0023 -D 0x000B -s 0x0018 -k 0x81010004 -f ak_ecc4.pub -n ak_ecc4.name

The AK public key can be exported in PKCS#1 format from the TPM using the pki tool

pki --pub --keyid 81010004 > ak_ecc_pub.der

The fingerprint of the RSA AK public key can be displayed with the command

pki --print --type pub --in ak_ecc_pub.der
  pubkey:    ECDSA 256 bits
  keyid:     71:49:7c:42:41:e7:c6:81:bc:31:73:f0:0f:7e:4a:e1:2d:53:00:38
  subjkey:   c7:0e:63:f8:7f:6f:f6:55:00:e5:05:7f:5a:3e:6b:6c:e7:d2:d5:13

Generate Another ECC Attestation Key¶

Multiple AK keys bound to a common EK key can be generated

tpm2_getpubak -E 0x81010003 -g 0x0023 -D 0x000B -s 0x0018 -k 0x81010005 -f ak_ecc5.pub -n ak_ecc5.name

The AK public key can be exported in PKCS#1 format from the TPM using the pki tool

pki --pub --keyid 81010005 > ak_ecc5_pub.der

The fingerprint of the second ECC AK public key can be displayed with the command

pki --print --type pub --in ak_ecc5_pub.der
  pubkey:    ECDSA 256 bits
  keyid:     c4:b4:9c:95:27:9e:ce:81:2f:98:42:c8:1b:f0:54:ff:d4:d1:24:34
  subjkey:   cf:44:f4:f7:9d:97:09:ad:b1:09:3a:8e:6f:23:eb:9f:2c:35:94:c9

Remove a Persistent Key Object¶

Since the non-volatile memory of the TPM is limited any persistent key object can be removed to free storage space.
The following tpm2-tools command removes the ECC AK key with persistent handle 0x81010005

tpm2_evictcontrol -A o -H 0x81010005 -S 0x81010005

List Persistent Objects¶

The following tpm2-tools command lists all persistent objects stored by the TPM in non-volatile memory

tpm2_listpersistent

6 persistent objects defined.

0. Persistent handle: 0x81000001
{
        Type: 0x23
        Hash algorithm(nameAlg): 0xb
        Attributes: 0x30072
}
1. Persistent handle: 0x81000002
{
        Type: 0x23
        Hash algorithm(nameAlg): 0xb
        Attributes: 0x60072
}
2. Persistent handle: 0x81010001
{
        Type: 0x1
        Hash algorithm(nameAlg): 0xb
        Attributes: 0x300b2
}
3. Persistent handle: 0x81010002
{
        Type: 0x1
        Hash algorithm(nameAlg): 0xb
        Attributes: 0x50072
}
4. Persistent handle: 0x81010003
{
        Type: 0x23
        Hash algorithm(nameAlg): 0xb
        Attributes: 0x300b2
}
5. Persistent handle: 0x81010004
{
        Type: 0x23
        Hash algorithm(nameAlg): 0xb
        Attributes: 0x50072
}

Access TPM Private Keys via VICI Interface¶

Configuration of TPM private key access as tokens in the secrets section of swanctl.conf

secrets {
    token_ak_rsa {
       handle = 81010002
    }
    token_ak_ecc {
       handle = 81010004
    }
}

Files (0)

Project

General

Profile

strongSwan

Documentation¶

Resources¶

Wiki