grub-devel
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH v18 19/25] tpm2_key_protector: Support authorized policy


From: Gary Lin
Subject: Re: [PATCH v18 19/25] tpm2_key_protector: Support authorized policy
Date: Mon, 2 Sep 2024 15:15:20 +0800

On Fri, Aug 30, 2024 at 05:55:53PM +0200, Daniel Kiper wrote:
> On Fri, Jun 28, 2024 at 04:19:02PM +0800, Gary Lin via Grub-devel wrote:
> > This commit handles the TPM2_PolicyAuthorize command from the key file
> > in TPM 2.0 Key File format.
> >
> > TPM2_PolicyAuthorize is the essential command to support authorized
> > policy which allows the users to sign TPM policies with their own keys.
> > Per TPM 2.0 Key File(*1), CommandPolicy for TPM2_PolicyAuthorize
> > comprises 'TPM2B_PUBLIC pubkey', 'TPM2B_DIGEST policy_ref', and
> > 'TPMT_SIGNATURE signature'. To verify the signature, the current policy
> > digest is hashed with the hash algorithm written in 'signature', and then
> > 'signature' is verified with the hashed policy digest and 'pubkey'. Once
> > TPM accepts 'signature', TPM2_PolicyAuthorize is invoked to authorize the
> > signed policy.
> >
> > To create the key file with authorized policy, here are the pcr-oracle(*2)
> > commands:
> >
> >   # Generate the RSA key and create the authorized policy file
> >   $ pcr-oracle \
> >     --rsa-generate-key \
> >     --private-key policy-key.pem \
> >     --auth authorized.policy \
> >     create-authorized-policy 0,2,4,7,9
> >
> >   # Seal the secret with the authorized policy
> >   $ pcr-oracle \
> >     --key-format tpm2.0 \
> >     --auth authorized.policy \
> >     --input disk-secret.txt \
> >     --output sealed.key \
> >     seal-secret
> >
> >   # Sign the predicted PCR policy
> >   $ pcr-oracle \
> >     --key-format tpm2.0 \
> >     --private-key policy-key.pem \
> >     --from eventlog \
> >     --stop-event "grub-file=grub.cfg" \
> >     --after \
> >     --input sealed.key \
> >     --output sealed.tpm \
> >     sign 0,2,4,7,9
> >
> > Then specify the key file and the key protector to grub.cfg in the EFI
> > system partition:
> >
> > tpm2_key_protector_init -a RSA --tpm2key=(hd0,gpt1)/boot/grub2/sealed.tpm
> > cryptomount -u <PART_UUID> -P tpm2
> >
> > For any change in the boot components, just run the 'sign' command again
> > to update the signature in sealed.tpm, and TPM can unseal the key file
> > with the updated PCR policy.
> 
> Again, this should land in the GRUB docs as well...
> 
Sure, the document will be in the next version.

> > (*1) https://www.hansenpartnership.com/draft-bottomley-tpm2-keys.html
> > (*2) https://github.com/okirch/pcr-oracle
> >
> > Signed-off-by: Gary Lin <glin@suse.com>
> > Reviewed-by: Stefan Berger <stefanb@linux.ibm.com>
> > ---
> >  .../commands/tpm2_key_protector/module.c      | 72 +++++++++++++++++++
> >  1 file changed, 72 insertions(+)
> >
> > diff --git a/grub-core/commands/tpm2_key_protector/module.c 
> > b/grub-core/commands/tpm2_key_protector/module.c
> > index 79440474b..a98109c43 100644
> > --- a/grub-core/commands/tpm2_key_protector/module.c
> > +++ b/grub-core/commands/tpm2_key_protector/module.c
> > @@ -618,6 +618,75 @@ grub_tpm2_protector_policypcr (TPMI_SH_AUTH_SESSION 
> > session,
> >    return GRUB_ERR_NONE;
> >  }
> >
> > +static grub_err_t
> > +grub_tpm2_protector_policyauthorize (TPMI_SH_AUTH_SESSION session,
> > +                                struct grub_tpm2_buffer *cmd_buf)
> > +{
> > +  TPM2B_PUBLIC pubkey;
> > +  TPM2B_DIGEST policy_ref;
> > +  TPMT_SIGNATURE signature;
> > +  TPM2B_DIGEST pcr_policy;
> > +  TPM2B_DIGEST pcr_policy_hash;
> > +  TPMI_ALG_HASH sig_hash;
> > +  TPMT_TK_VERIFIED verification_ticket;
> > +  TPM_HANDLE pubkey_handle = 0;
> > +  TPM2B_NAME pubname;
> > +  TPM_RC rc;
> > +  grub_err_t err;
> > +
> > +  grub_Tss2_MU_TPM2B_PUBLIC_Unmarshal (cmd_buf, &pubkey);
> > +  grub_Tss2_MU_TPM2B_DIGEST_Unmarshal (cmd_buf, &policy_ref);
> > +  grub_Tss2_MU_TPMT_SIGNATURE_Unmarshal (cmd_buf, &signature);
> > +  if (cmd_buf->error != 0)
> > +    return grub_error (GRUB_ERR_BAD_ARGUMENT, N_("Failed to unmarshal the 
> > buffer for TPM2_PolicyAuthorize"));
> > +
> > +  /* Retrieve Policy Digest */
> > +  rc = TPM2_PolicyGetDigest (session, NULL, &pcr_policy, NULL);
> > +  if (rc != TPM_RC_SUCCESS)
> > +    return grub_error (GRUB_ERR_BAD_DEVICE, N_("Failed to get policy 
> > digest (TPM2_PolicyGetDigest: 0x%x)."), rc);
> > +
> > +  /* Calculate the digest of the polcy for VerifySignature */
> > +  sig_hash = TPMT_SIGNATURE_get_hash_alg (&signature);
> > +  if (sig_hash == TPM_ALG_NULL)
> > +    return grub_error (GRUB_ERR_BAD_ARGUMENT, N_("Failed to get the hash 
> > algorithm of the signature"));
> > +
> > +  rc = TPM2_Hash (NULL, (TPM2B_MAX_BUFFER *)&pcr_policy, sig_hash,
> 
> A nit, wrong cast coding style...
> 
Will fix it in the next version.

Gary Lin



reply via email to

[Prev in Thread] Current Thread [Next in Thread]