Menu
▾
▴
Re: [Linux-ima-user] [TrouSerS-users] verifying quote using certificates
|
From: adrian g. <adr...@gm...> - 2008-10-10 12:06:22
|
hello hal, i was reading another thread about verifying the quote: http://sourceforge.net/mailarchive/message.php?msg_id=4525A0BC.9000007%40ece.cmu.edu with regards to this call: Tspi_GetAttribData(hKey, TSS_TSPATTRIB_RSAKEY_INFO, TSS_TSPATTRIB_KEYINFO_RSA_MODULUS, > &BlobLength, &BLOB); &BlobLength is an unsigned int, and &BLOB a BYTE array. Please correct me if i'm wrong, BLOB would be a BIGNUM, and BlobLength the length of BLOB. However, when i print out BlobLength, it seems too large (4131212846) for BLOB. and when i tried to verify if the exponent is 65537 by calling GetAttribData with the flag TSS_TSPATTRIB_KEYINFO_RSA_EXPONENT instead, the length of the BIGNUM is also very huge (134516825). thanks - adrian On Fri, Oct 10, 2008 at 2:41 PM, adrian golding <adr...@gm...>wrote: > hello hal, i was reading another thread about verifying the quote: > > http://sourceforge.net/mailarchive/message.php?msg_id=4525A0BC.9000007%40ece.cmu.edu > > with regards to this call: > Tspi_GetAttribData(hKey, > TSS_TSPATTRIB_RSAKEY_INFO, > TSS_TSPATTRIB_KEYINFO_RSA_MODULUS, > >> &BlobLength, &BLOB); > > > &BlobLength is an unsigned int, and &BLOB a BYTE array. Please correct me > if i'm wrong, BLOB would be a BIGNUM, and BlobLength the length of BLOB. > However, when i print out BlobLength, it seems too large (4131212846) for > BLOB. and when i tried to verify if the exponent is 65537 by calling > GetAttribData with the flag TSS_TSPATTRIB_KEYINFO_RSA_EXPONENT instead, the > length of the BIGNUM is also very huge (134516825). > > thanks - adrian > > > On Fri, Oct 10, 2008 at 3:08 AM, Hal Finney <hal...@gm...> wrote: > >> Hi Adrian - >> >> One thing to keep in mind on Quote. For a Quote to be truly >> meaningful, the verifier needs to be confident that it is a TPM key - >> that is, that the private key is protected by the TPM and will never >> be readable outside the TPM. This basically means that it must be a >> non-migratable key, and it must have been generated on the TPM. Note, >> this is not enough by itself, there are a lot of other requirements >> that might have to be met, depending on the situation. >> >> I am not familiar with any openssl create_tpm_key() function. If it >> generates the key on the TPM, that might be suitable; but if it >> generates an off-chip key and then loads that onto the TPM, it would >> not be appropriate. >> >> For the other approach, generating a key on the TPM and then getting >> an X.509 certificate for it, keep in mind that an X.509 certificate is >> a rather inconvenient object for passing around keys. The only reason >> people use it is because it's what everyone uses. An X.509 cert does >> not just hold a key, it also has some kind of name or identity field, >> and further, it has a signature by (generally) some other key which >> binds the target key and target identity information. It's a very >> complex object. If all you want to do is to tell the other guy your >> public key, I'd probably suggest rolling your own format and just send >> the modulus in some form. But if you have to be X.509 compatible then >> you'll have to go through a lot of work. >> >> The first step (after generating the key) would be to read the key >> modulus using: >> >> Tspi_GetAttribData(hKey, >> TSS_TSPATTRIB_RSAKEY_INFO, >> TSS_TSPATTRIB_KEYINFO_RSA_MODULUS, >> &BlobLength, &BLOB); >> >> Once you have the modulus, you could insert it into an openssl RSA >> structure, and set the exponent field in that struct to 65537. From >> there, you will need to assemble an openssl X509 certificate >> structure, and then ultimately call the openssl X509_sign() function. >> >> Frankly, I don't understand how people manage to use openssl. There's >> no documentation for any of this stuff, that I can find! I always have >> to study the openssl source code to figure out how to use it, on those >> rare occasions when I am forced by circumstances to do so. Consider >> even something as mundane as creating an RSA key and creating a valid >> X.509 certificate to hold it. Forget about the TPM, just think about >> doing that step. The functionality exists in the openssl library to >> accomplish this, but I don't know of a single piece of documentation >> that tells how. (There do exist various HOWTOs across the web on how >> to do it from the openssl command line, but I haven't found anything >> about using the library.) >> >> Anyway, the bottom line is that generating the TPM key is easy. >> Creating X.509 certificates is hard. If you can figure out how to >> create X.509 certs, without involving the TPM, maybe with help from >> people on the openssl mailing lists, then it will be easy to modify >> that program to create the key on the TPM, copy the modulus field into >> whatever openssl structure needs it, and you're good to go. >> >> Hal >> >> >> >> On Wed, Oct 8, 2008 at 8:22 PM, adrian golding <adr...@gm...> >> wrote: >> > hello, with the Tspi_TPM_Quote01.c example and as a starting point, if i >> > want to let a remote party verify the quote, and i intend to send the >> > TSS_VALIDATION object as well as a certificate of my public key >> (self-signed >> > for now) over. How do i either: >> > 1) create keys using openssl's create_tpm_key and load the key into my >> > quoting application before it signs the PCR? >> > or >> > 2) using the Tspi_Key_CreateKey function in Tspi_TPM_Quote01.c to >> generate >> > the keys, and create a certificate with my public key so i could send it >> to >> > the remote party? >> > which way would be more encouraged? >> > >> > thanks - adrian >> > > |
