Menu
▾
▴
Re: [Linux-ima-user] [TrouSerS-users] verifying quote using certificates
|
From: adrian g. <adr...@gm...> - 2008-10-10 06:42:03
|
hello hal, i was reading another thread about verifying the quote: http://sourceforge.net/mailarchive/message.php?msg_id=4525A0BC.9000007%40ece.cmu.edu with regards to this call: Tspi_GetAttribData(hKey, TSS_TSPATTRIB_RSAKEY_INFO, TSS_TSPATTRIB_KEYINFO_RSA_MODULUS, > &BlobLength, &BLOB); &BlobLength is an unsigned int, and &BLOB a BYTE array. Please correct me if i'm wrong, BLOB would be a BIGNUM, and BlobLength the length of BLOB. However, when i print out BlobLength, it seems too large (4131212846) for BLOB. and when i tried to verify if the exponent is 65537 by calling GetAttribData with the flag TSS_TSPATTRIB_KEYINFO_RSA_EXPONENT instead, the length of the BIGNUM is also very huge (134516825). thanks - adrian On Fri, Oct 10, 2008 at 3:08 AM, Hal Finney <hal...@gm...> wrote: > Hi Adrian - > > One thing to keep in mind on Quote. For a Quote to be truly > meaningful, the verifier needs to be confident that it is a TPM key - > that is, that the private key is protected by the TPM and will never > be readable outside the TPM. This basically means that it must be a > non-migratable key, and it must have been generated on the TPM. Note, > this is not enough by itself, there are a lot of other requirements > that might have to be met, depending on the situation. > > I am not familiar with any openssl create_tpm_key() function. If it > generates the key on the TPM, that might be suitable; but if it > generates an off-chip key and then loads that onto the TPM, it would > not be appropriate. > > For the other approach, generating a key on the TPM and then getting > an X.509 certificate for it, keep in mind that an X.509 certificate is > a rather inconvenient object for passing around keys. The only reason > people use it is because it's what everyone uses. An X.509 cert does > not just hold a key, it also has some kind of name or identity field, > and further, it has a signature by (generally) some other key which > binds the target key and target identity information. It's a very > complex object. If all you want to do is to tell the other guy your > public key, I'd probably suggest rolling your own format and just send > the modulus in some form. But if you have to be X.509 compatible then > you'll have to go through a lot of work. > > The first step (after generating the key) would be to read the key > modulus using: > > Tspi_GetAttribData(hKey, > TSS_TSPATTRIB_RSAKEY_INFO, > TSS_TSPATTRIB_KEYINFO_RSA_MODULUS, > &BlobLength, &BLOB); > > Once you have the modulus, you could insert it into an openssl RSA > structure, and set the exponent field in that struct to 65537. From > there, you will need to assemble an openssl X509 certificate > structure, and then ultimately call the openssl X509_sign() function. > > Frankly, I don't understand how people manage to use openssl. There's > no documentation for any of this stuff, that I can find! I always have > to study the openssl source code to figure out how to use it, on those > rare occasions when I am forced by circumstances to do so. Consider > even something as mundane as creating an RSA key and creating a valid > X.509 certificate to hold it. Forget about the TPM, just think about > doing that step. The functionality exists in the openssl library to > accomplish this, but I don't know of a single piece of documentation > that tells how. (There do exist various HOWTOs across the web on how > to do it from the openssl command line, but I haven't found anything > about using the library.) > > Anyway, the bottom line is that generating the TPM key is easy. > Creating X.509 certificates is hard. If you can figure out how to > create X.509 certs, without involving the TPM, maybe with help from > people on the openssl mailing lists, then it will be easy to modify > that program to create the key on the TPM, copy the modulus field into > whatever openssl structure needs it, and you're good to go. > > Hal > > > > On Wed, Oct 8, 2008 at 8:22 PM, adrian golding <adr...@gm...> > wrote: > > hello, with the Tspi_TPM_Quote01.c example and as a starting point, if i > > want to let a remote party verify the quote, and i intend to send the > > TSS_VALIDATION object as well as a certificate of my public key > (self-signed > > for now) over. How do i either: > > 1) create keys using openssl's create_tpm_key and load the key into my > > quoting application before it signs the PCR? > > or > > 2) using the Tspi_Key_CreateKey function in Tspi_TPM_Quote01.c to > generate > > the keys, and create a certificate with my public key so i could send it > to > > the remote party? > > which way would be more encouraged? > > > > thanks - adrian > |
