Menu
▾
▴
Re: [Linux-ima-user] [TrouSerS-users] verifying quote using certificates
|
From: adrian g. <adr...@gm...> - 2008-10-10 12:19:11
|
please disregard my last mail. wasn't thinking properly when typing in the recipient. -adrian On Fri, Oct 10, 2008 at 7:44 PM, adrian golding <adr...@gm...>wrote: > hello hal, i was reading another thread about verifying the quote: > > http://sourceforge.net/mailarchive/message.php?msg_id=4525A0BC.9000007%40ece.cmu.edu > > with regards to this call: > Tspi_GetAttribData(hKey, > TSS_TSPATTRIB_RSAKEY_INFO, > TSS_TSPATTRIB_KEYINFO_RSA_MODULUS, > >> &BlobLength, &BLOB); > > > &BlobLength is an unsigned int, and &BLOB a BYTE array. Please correct me > if i'm wrong, BLOB would be a BIGNUM, and BlobLength the length of BLOB. > However, when i print out BlobLength, it seems too large (4131212846) for > BLOB. and when i tried to verify if the exponent is 65537 by calling > GetAttribData with the flag TSS_TSPATTRIB_KEYINFO_RSA_EXPONENT instead, the > length of the BIGNUM is also very huge (134516825). > > thanks - adrian > > On Fri, Oct 10, 2008 at 2:41 PM, adrian golding <adr...@gm...>wrote: > >> hello hal, i was reading another thread about verifying the quote: >> >> http://sourceforge.net/mailarchive/message.php?msg_id=4525A0BC.9000007%40ece.cmu.edu >> >> with regards to this call: >> Tspi_GetAttribData(hKey, >> TSS_TSPATTRIB_RSAKEY_INFO, >> TSS_TSPATTRIB_KEYINFO_RSA_MODULUS, >> >>> &BlobLength, &BLOB); >> >> >> &BlobLength is an unsigned int, and &BLOB a BYTE array. Please correct me >> if i'm wrong, BLOB would be a BIGNUM, and BlobLength the length of BLOB. >> However, when i print out BlobLength, it seems too large (4131212846) for >> BLOB. and when i tried to verify if the exponent is 65537 by calling >> GetAttribData with the flag TSS_TSPATTRIB_KEYINFO_RSA_EXPONENT instead, the >> length of the BIGNUM is also very huge (134516825). >> >> thanks - adrian >> >> >> On Fri, Oct 10, 2008 at 3:08 AM, Hal Finney <hal...@gm...> wrote: >> >>> Hi Adrian - >>> >>> One thing to keep in mind on Quote. For a Quote to be truly >>> meaningful, the verifier needs to be confident that it is a TPM key - >>> that is, that the private key is protected by the TPM and will never >>> be readable outside the TPM. This basically means that it must be a >>> non-migratable key, and it must have been generated on the TPM. Note, >>> this is not enough by itself, there are a lot of other requirements >>> that might have to be met, depending on the situation. >>> >>> I am not familiar with any openssl create_tpm_key() function. If it >>> generates the key on the TPM, that might be suitable; but if it >>> generates an off-chip key and then loads that onto the TPM, it would >>> not be appropriate. >>> >>> For the other approach, generating a key on the TPM and then getting >>> an X.509 certificate for it, keep in mind that an X.509 certificate is >>> a rather inconvenient object for passing around keys. The only reason >>> people use it is because it's what everyone uses. An X.509 cert does >>> not just hold a key, it also has some kind of name or identity field, >>> and further, it has a signature by (generally) some other key which >>> binds the target key and target identity information. It's a very >>> complex object. If all you want to do is to tell the other guy your >>> public key, I'd probably suggest rolling your own format and just send >>> the modulus in some form. But if you have to be X.509 compatible then >>> you'll have to go through a lot of work. >>> >>> The first step (after generating the key) would be to read the key >>> modulus using: >>> >>> Tspi_GetAttribData(hKey, >>> TSS_TSPATTRIB_RSAKEY_INFO, >>> TSS_TSPATTRIB_KEYINFO_RSA_MODULUS, >>> &BlobLength, &BLOB); >>> >>> Once you have the modulus, you could insert it into an openssl RSA >>> structure, and set the exponent field in that struct to 65537. From >>> there, you will need to assemble an openssl X509 certificate >>> structure, and then ultimately call the openssl X509_sign() function. >>> >>> Frankly, I don't understand how people manage to use openssl. There's >>> no documentation for any of this stuff, that I can find! I always have >>> to study the openssl source code to figure out how to use it, on those >>> rare occasions when I am forced by circumstances to do so. Consider >>> even something as mundane as creating an RSA key and creating a valid >>> X.509 certificate to hold it. Forget about the TPM, just think about >>> doing that step. The functionality exists in the openssl library to >>> accomplish this, but I don't know of a single piece of documentation >>> that tells how. (There do exist various HOWTOs across the web on how >>> to do it from the openssl command line, but I haven't found anything >>> about using the library.) >>> >>> Anyway, the bottom line is that generating the TPM key is easy. >>> Creating X.509 certificates is hard. If you can figure out how to >>> create X.509 certs, without involving the TPM, maybe with help from >>> people on the openssl mailing lists, then it will be easy to modify >>> that program to create the key on the TPM, copy the modulus field into >>> whatever openssl structure needs it, and you're good to go. >>> >>> Hal >>> >>> >>> >>> On Wed, Oct 8, 2008 at 8:22 PM, adrian golding <adr...@gm...> >>> wrote: >>> > hello, with the Tspi_TPM_Quote01.c example and as a starting point, if >>> i >>> > want to let a remote party verify the quote, and i intend to send the >>> > TSS_VALIDATION object as well as a certificate of my public key >>> (self-signed >>> > for now) over. How do i either: >>> > 1) create keys using openssl's create_tpm_key and load the key into my >>> > quoting application before it signs the PCR? >>> > or >>> > 2) using the Tspi_Key_CreateKey function in Tspi_TPM_Quote01.c to >>> generate >>> > the keys, and create a certificate with my public key so i could send >>> it to >>> > the remote party? >>> > which way would be more encouraged? >>> > >>> > thanks - adrian >>> >> >> > |
