I would like to know if it is possible to calculate name of AK generated by host on a remote server? I have read about remote attestation. To ensure the AK matches EK we have to make credential using name of the AK. To achieve this we have to either:
a) calculate name of the AK on server
b) receive name of the AK from host and believe it's a name for a proper AK
Am I missing something?
I have searched for explanation in docs posted on TCG's site, but I just can't find anything useful for nameAlg.
I would be thankful for any help or advice :D
Ubuntu focal with WSL, abrmd compiled from source
After about 5 minutes of sending commands, abrmd crashes. I originally
found it with keylime, but I can reproduce it with a simple bash loop on
abrmd exits, the tool output is:
** (process:21067): CRITICAL **: 17:25:10.862: failed to allocate dbus
proxy object: Could not connect: Connection refused
WARNING:tcti:src/tss2-tcti/tctildr.c:79:tcti_from_init() TCTI init for
function 0x7ff5f6dbbe10 failed with a0008
WARNING:tcti:src/tss2-tcti/tctildr.c:109:tcti_from_info() Could not
initialize TCTI named: tcti-abrmd
ERROR:tcti:src/tss2-tcti/tctildr-dl.c:154:tcti_from_file() Could not
initialize TCTI file: tabrmd
to instantiate TCTI
ERROR: Could not load tcti, got: "tabrmd:bus_name=com.intel.tss2.Tabrmd"
How would I debug?
I would expect that nothing that a single application does should crash
Ken Goldman kgoldman(a)us.ibm.com
I am learning about the TSS and TPM techonologies.
I have provisioned the TPM with the default settings, which means I am now using the ECC profile (P_ECCP256SHA256).
However, encryption was a requirement I needed to fulfill. I just didn't know that ECC encryption is currently not supported and now I realize RSA would be a better fit for me.
So here is my question:
* I see there is another profile in /usr/local/etc/tpm2-tss/fapi-profiles, namely P_RSA2048SHA256.json. Is there a way I can encrypt using the RSA profile instead of the ECC one? I tried to re-run tss2_provision, after setting it in fapi-config.json, but it seems this is not the way to proceed. I get the message that the TPM has been already provisioned. What is the correct way of "changing" profile? Is it even possible or do I need to reset the TPM?
Thank you for your help.
I'm implementing the sealing of a LUKS key against secure boot PCRs and am trying to enable firmware updates using Esys_PolicyOR(). I can't find any example code. I am currently doing an Esys_PolicyPCR(), followed by Esys_PolicyGetDigest() and then I seal against that digest. How would I add the PolicyOR step? Would I do an Esys_PolicyPCR() & Esys_PolicyGetDigest() for each set of PCR values, followed by a Esys_PolicyOR() and then another Esys_PolicyGetDigest() to get the final digest to seal against? What would the unseal process look like?
We're now using TPM2 CLI commands like tpm2_createprimary, tpm2_load,
tpm2_nvundefine and etc. to manipulate a tpm. My question is if we want to
switch to the SAPI library, can we do the same things? For example, write
a function using SAPI calls to implement the CLI tpm2_createprimary
command. Is there any sample code or resource I can look at?
A case brief is an academic assignment that aims to summarize the particular case, provide background information about it, identify the legal arguments that have been made, as well as analyze the decision taken by the court. Sounds too difficult? Write an appeal by saying write my persuasive case brief https://super-essays-service.com/write-my-case-brief
Hello! I love mathematics very much, it is easy and simple for me to understand and solve problems. But now I'm writing a quality essay
I'm stuck in math. I'm so ashamed! In general, I need to draw a grid of inverted cubes in orthoprojection to make my work more diverse and interesting. I can't calculate the rotation of a cube so that it is perfectly isometric. Can anyone help? I will send a photo to the post office. Is it better to just order an essay at http://quality-essay.com and not come up with a problem?
I still wonder how many transient objects (virtual handles) can I create with the tpm2-abrmd?
There is TPM_PT_HR_TRANSIENT_MIN, which is said to be a minimum. An explanation from Tadeusz: This tells you what is the minimum number of persistent objects a TPM needs to support to be able to support all TPM command implemented by the given TPM chip.
But then there are statements in the RM specification that:
For the TPM this is a minimum, but for the RM it’s both a minimum and a maximum for the maximum number of loaded objects. (Section 3.15.3)
The RM SHALL NOT allow the creation of more concurrent objects than TPM_PT_HR_TRANSIENT_MIN. (Section 3.15.12)
Does this mean that for one connection the tpm2-abrmd will allow only (max) TPM_PT_HR_TRANSIENT_MIN transient objects?
Because the section 3.4 then says
A TAB/RM MAY enforce a maximum number of session and/or object and sequence handles per connection and MAY guarantee a minimum number of such handles per connection.
>> Example 1: OpenSSL often duplicates hash sequences: To hash sequences A,B,C1 and then A,B,C2 they first hash A,B, then duplicate/fork the hash sequence and then complete the hash first for C1 and then for C2. This is a great performance optimization, but when too many dup (forks) are made, the TPM runs out of objects.
> Why are we doing hashing with the TPM? If we're in an OpenSSL provider cant we just use software provided hashing routines? I see hashing is configurable, but I would imagine off be default is what you want. Do we use validation tickets or anything like that or just the resulting digest? If all we use are the digests, I would make TPM not hash and make that option a nop.
Signing by a restricted signing key requires validation tickets, so the hash must be done by the TPM. The OpenSSL has a combined operation "EVP_DigestSign", which enables the tpm2 provider to hash, obtain the validation ticket and then immediately sign the hash using this ticket. This is beautiful, but it needs the TPM hashing.
>> Example 2: The CMP key update needs 4 objects to operate (old client key, new client key, server key and hash sequence), but the kernel RM (tpm_space.context_tbl) allows only 3 objects. (If I am right.)
> It does seem that way, but TPM commands only ever need 3 objects alive at once, so that's likely why that was chosen.
Yeah, I thought this is so.
> Does CMP key really need all 4 of those things in the TPM at once, because currently today that's not actually happening as abrmd is just swapping them in and out.
Currently, the tpm2 provider does not do any internal resource management. If someone loads a public / private key, the provider creates a TPM object for this. This key may be used for some later TPM operation or even not used at all, for example when a pubkey is being validated against a privkey. Unfortunately, the provider cannot know in advance if and how the key being loaded will be used.
(The user is free not to use the TPM provider for loading a pubkey, but if it does a TPM object is created.)
Typical OpenSSL based implementations are not optimized to reduce the number of concurrently loaded keys. The code often pre-loads all keys and then uses the keys in various operations. Even though a single operation never needs more than 3 objects, the code may prepare more than 3 objects because it is going to invoke more than one operation later.
> Also, doesn't CMP use public objects (x509 certs) for some of it?
Yes, it does. X.509 certs also include pubkeys and CMP sometimes wants to extract a pubkey from a certificate to match it against a privkey it has. This also consumes two objects (one for the pubkey and one for the privkey) although no TPM operation can be invoked. (But it might be and we don't know, as said above.)
> Are public key operations implemented in software? In tpm2-pkcs11 we implement them in software and hash in software and I have yet to have someone hit a limit but perhaps they are all using abrmd but I thought some were using in-kernel RM.
Yes. Some public key operations are implemented. Applications can use only one RSA/ECC key management-- if a TPM based RSA (or ECC) key management is loaded in OpenSSL, it will be used for both sign and validate operations-- a typical OpenSSL application cannot say "do privkey in the TPM and pubkey in the default provider"; it can choose only one for both (or create two contexts, but nobody does that). This is OK because TPM can do public key operations too, but it needs more resources if the app pre-loads everything as said above.
I can see 3 possible solutions how to solve the resource problem:
1) Optimize the code for resource consumption. But then the OpenSSL applications must be TPM aware, which is what I wanted to avoid.
2) Implement some more intelligent resource (less greedy) usage in the tpm2 provider itself. But this feels like re-implementing the RM elsewhere.
3) Rely on the RM (abrmd?) to swap the objects as needed and create the illusion of a much larger object space.
Can the abrmd swap resources from a single user? I thought the purpose is to swap resources from multiple connections (users), but in this case there is just one greedy user.
The https://github.com/tpm2-software/tpm2-abrmd README.md says: The current implementations are mostly equivalent with a few differences. But if abrmd can swap resources much better than the in-kernel RM, then I wouldn't call them "mostly equivalent".
we solved this particular issue, but I expect more resource-related troubles are yet to come.
Example 1: OpenSSL often duplicates hash sequences: To hash sequences A,B,C1 and then A,B,C2 they first hash A,B, then duplicate/fork the hash sequence and then complete the hash first for C1 and then for C2. This is a great performance optimization, but when too many dup (forks) are made, the TPM runs out of objects.
Example 2: The CMP key update needs 4 objects to operate (old client key, new client key, server key and hash sequence), but the kernel RM (tpm_space.context_tbl) allows only 3 objects. (If I am right.)
In general, the OpenSSL code often pre-loads or caches objects, which will be used later, which causes troubles with the space-constrained TPM. I was not sure whether the tpm2-openssl provider should act as another level of a resource manager and swap the objects to simulate more space than available on the TPM hardware, or whether this is something the resource manager could/should do.
It's definitely a nice problem to think about and most likely something which will need to be addressed in the tpm2-openssl 2.0
> Od: "Roberts, William C" <william.c.roberts(a)intel.com>
> Komu: "Chris Newman" <chris(a)mode51.software>, "tpm2(a)lists.01.org" <tpm2(a)lists.01.org>, "Petr Gotthard" <petr.gotthard(a)centrum.cz>
> Datum: 08.10.2021 17:46
> Předmět: [tpm2] Re: CMP error: cannot duplicate context:2306 tpm:warn(2.0): out of memory for object contexts
tpm:warn(2.0): out of memory for object contextsAre you running against a resource manager? You should probably either use /dev/tpmrm0 or tpm2-abrmd.You can set the TCTI via the TPM2OPENSSL_TCTI which AFAICT takes strings like tpm2-tools, so something like:"device:/dev/tpmrm0" or "abrmd".
This also might be a bug, the provider is pretty new. Petr any other ideas I am missing?
From: Chris Newman <chris(a)mode51.software>
Sent: Sunday, October 3, 2021 6:40 PM
To: tpm2(a)lists.01.org <tpm2(a)lists.01.org>
Subject: [tpm2] CMP error: cannot duplicate context:2306 tpm:warn(2.0): out of memory for object contexts Hi,
I create an EK and AK using tpm2_createek, tpm2_createak and tpm2_evictcontrol to persist the AK in 0x81010002. The I use the following command with DigiCert's CMPv2 server:
openssl cmp -config /opt/sdk/openssl/current/ssl/openssl.cnf -provider tpm2 -provider default -propquery ?provider=tpm2,tpm2.digest!=yes -cmd ir -server https://demo.one.digicert.com/iot/api/v1/cmp/IOT_1234 <https://demo.one.digicert.com/iot/api/v1/cmp/IOT_1234> -ref 1234 -secret pass:1234 -recipient "/CN=mode51.software" -key handle:0x81010002 -subject "/CN=TestTest" -cacertsout ./capubs.pem -certout ./cl_cert.pem -tls_used -verbosity 8
I get the following error:
WARNING:esys:src/tss2-esys/api/Esys_ContextLoad.c:279:Esys_ContextLoad_Finish() Received TPM Error
ERROR:esys:src/tss2-esys/api/Esys_ContextLoad.c:93:Esys_ContextLoad() Esys Finish ErrorCode (0x00000902)
CMP DEBUG: disconnected from CMP server
CMP error: cannot duplicate context:2306 tpm:warn(2.0): out of memory for object contexts
CMP error: not able to copy ctx
CMP error: internal error
CMP error: error sending
CMP error: shutdown while in init
CMP error: transfer error:request sent: IR, expected response: IP
I've tried tpm2_flushcontext -t.
I recompiled tpm2-openssl with the following option and that appears to have worked around the issue:
Is this what "?provider=tpm2,tpm2.digest!=yes" should effectively do?