[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[PATCH v5 16/20] tpm2: Support authorized policy
|
From: |
Gary Lin |
|
Subject: |
[PATCH v5 16/20] tpm2: Support authorized policy |
|
Date: |
Thu, 17 Aug 2023 11:10:06 +0800 |
This commit handles the TPM2_PolicyAuthorize command from the key file
in TPM 2.0 Key File format.
TPM2_PolicyAuthorize is the essential command to support authorized
policy which allows the users to sign TPM policies with their own keys.
Per TPM 2.0 Key File(*1), CommandPolicy for TPM2_PolicyAuthorize
comprises 'TPM2B_PUBLIC pubkey', 'TPM2B_DIGEST policy_ref', and
'TPMT_SIGNATURE signature'. To verify the signature, the current policy
digest is hashed with the hash algorithm written in 'signature', and then
'signature' is verified with the hashed policy digest and 'pubkey'. Once
TPM accepts 'signature', TPM2_PolicyAuthorize is invoked to authorize the
signed policy.
To create the key file with authorized policy, here are the pcr-oracle(*2)
commands:
# Generate the RSA key and create the authorized policy file
$ pcr-oracle \
--rsa-generate-key \
--private-key policy-key.pem \
--auth authorized.policy \
create-authorized-policy 0,2,4,7,9
# Seal the secret with the authorized policy
$ pcr-oracle \
--key-format tpm2.0 \
--auth authorized.policy \
--input disk-secret.txt \
--output sealed.key \
seal-secret
# Sign the predicted PCR policy
$ pcr-oracle \
--key-format tpm2.0 \
--private-key policy-key.pem \
--from eventlog \
--stop-event "grub-file=grub.cfg" \
--after \
--input sealed.key \
--output sealed.tpm \
sign 0,2,4,7.9
Then specify the key file and the key protector to grub.cfg in the EFI
system partition:
tpm2_key_protector_init --tpm2key=(hd0,gpt1)/boot/grub2/sealed.tpm
cryptomount -u <PART_UUID> -P tpm2
For any change in the boot components, just run the 'sign' command again
to update the signature in sealed.tpm, and TPM can unseal the key file
with the updated PCR policy.
(*1) https://www.hansenpartnership.com/draft-bottomley-tpm2-keys.html
(*2) https://github.com/okirch/pcr-oracle
Signed-off-by: Gary Lin <glin@suse.com>
---
grub-core/tpm2/module.c | 98 +++++++++++++++++++++++++++++++++++++++++
1 file changed, 98 insertions(+)
diff --git a/grub-core/tpm2/module.c b/grub-core/tpm2/module.c
index 5274296b7..e5235c2ac 100644
--- a/grub-core/tpm2/module.c
+++ b/grub-core/tpm2/module.c
@@ -454,6 +454,101 @@ grub_tpm2_protector_policypcr (TPMI_SH_AUTH_SESSION
session,
return GRUB_ERR_NONE;
}
+static grub_err_t
+grub_tpm2_protector_policyauthorize (TPMI_SH_AUTH_SESSION session,
+ struct grub_tpm2_buffer *cmd_buf)
+{
+ TPM2B_PUBLIC pubkey;
+ TPM2B_DIGEST policy_ref;
+ TPMT_SIGNATURE signature;
+ TPM2B_DIGEST pcr_policy;
+ TPM2B_DIGEST pcr_policy_hash;
+ TPMI_ALG_HASH sig_hash;
+ TPMT_TK_VERIFIED verification_ticket;
+ TPM_HANDLE pubkey_handle = 0;
+ TPM2B_NAME pubname;
+ TPM_RC rc;
+ grub_err_t err;
+
+ grub_tpm2_mu_TPM2B_PUBLIC_Unmarshal (cmd_buf, &pubkey);
+ grub_tpm2_mu_TPM2B_DIGEST_Unmarshal (cmd_buf, &policy_ref);
+ grub_tpm2_mu_TPMT_SIGNATURE_Unmarshal (cmd_buf, &signature);
+ if (cmd_buf->error != 0)
+ {
+ err = GRUB_ERR_BAD_ARGUMENT;
+ return grub_error (err, N_("Failed to unmarshal the buffer for "
+ "TPM2_PolicyAuthorize"));
+ }
+
+ /* Retrieve Policy Digest */
+ rc = TPM2_PolicyGetDigest (session, NULL, &pcr_policy, NULL);
+ if (rc != TPM_RC_SUCCESS)
+ {
+ err = GRUB_ERR_BAD_DEVICE;
+ grub_error (err, N_("Failed to get policy digest (TPM error: 0x%x)."),
+ rc);
+ return err;
+ }
+
+ /* Calculate the digest of the polcy for VerifySignature */
+ sig_hash = TPMT_SIGNATURE_get_hash_alg (&signature);
+ if (sig_hash == TPM_ALG_NULL)
+ {
+ err = GRUB_ERR_BAD_ARGUMENT;
+ grub_error (err, N_("Failed to get the hash algorithm of the
signature"));
+ return err;
+ }
+ rc = TPM2_Hash (NULL, (TPM2B_MAX_BUFFER *)&pcr_policy, sig_hash,
+ TPM_RH_NULL, &pcr_policy_hash, NULL, NULL);
+ if (rc != TPM_RC_SUCCESS)
+ {
+ err = GRUB_ERR_BAD_DEVICE;
+ grub_error (err, N_("Failed to create PCR policy hash (TPM2_Hash failed "
+ "with TSS/TPM error %u)"), rc);
+ return err;
+ }
+
+ /* Load the public key */
+ rc = TPM2_LoadExternal (NULL, NULL, &pubkey, TPM_RH_OWNER,
+ &pubkey_handle, &pubname, NULL);
+ if (rc != TPM_RC_SUCCESS)
+ {
+ err = GRUB_ERR_BAD_DEVICE;
+ grub_error (err, N_("Failed to load public key (TPM2_LoadExternal failed
"
+ "with TSS/TPM error %u)"), rc);
+ return err;
+ }
+
+ /* Verify the signature against the public key and the policy digest */
+ rc = TPM2_VerifySignature (pubkey_handle, NULL, &pcr_policy_hash, &signature,
+ &verification_ticket, NULL);
+ if (rc != TPM_RC_SUCCESS)
+ {
+ err = GRUB_ERR_BAD_DEVICE;
+ grub_error (err, N_("Failed to verify signature (TPM2_VerifySignature "
+ "failed with TSS/TPM error %u)"), rc);
+ goto error;
+ }
+
+ /* Authorize the signed policy with the public key and the verification
ticket */
+ rc = TPM2_PolicyAuthorize (session, NULL, &pcr_policy, &policy_ref, &pubname,
+ &verification_ticket, NULL);
+ if (rc != TPM_RC_SUCCESS)
+ {
+ err = GRUB_ERR_BAD_DEVICE;
+ grub_error (err, N_("Failed to authorize PCR policy
(TPM2_PolicyAuthorize "
+ "failed with TSS/TPM error: 0x%u).\n"), rc);
+ goto error;
+ }
+
+ err = GRUB_ERR_NONE;
+
+error:
+ TPM2_FlushContext (pubkey_handle);
+
+ return err;
+}
+
static grub_err_t
grub_tpm2_protector_enforce_policy (tpm2key_policy_t policy,
TPMI_SH_AUTH_SESSION session)
{
@@ -473,6 +568,9 @@ grub_tpm2_protector_enforce_policy (tpm2key_policy_t
policy, TPMI_SH_AUTH_SESSIO
case TPM_CC_PolicyPCR:
err = grub_tpm2_protector_policypcr (session, &buf);
break;
+ case TPM_CC_PolicyAuthorize:
+ err = grub_tpm2_protector_policyauthorize (session, &buf);
+ break;
default:
return grub_error (GRUB_ERR_BAD_ARGUMENT,
N_("Unknown TPM Command: 0x%x"), policy->cmd_code);
--
2.35.3
- [PATCH v5 08/20] protectors: Add key protectors framework, (continued)
- [PATCH v5 08/20] protectors: Add key protectors framework, Gary Lin, 2023/08/16
- [PATCH v5 09/20] tpm2: Add TPM Software Stack (TSS), Gary Lin, 2023/08/16
- [PATCH v5 10/20] protectors: Add TPM2 Key Protector, Gary Lin, 2023/08/16
- [PATCH v5 11/20] cryptodisk: Support key protectors, Gary Lin, 2023/08/16
- [PATCH v5 13/20] tpm2: Add TPM2 types, structures, and command constants, Gary Lin, 2023/08/16
- [PATCH v5 14/20] tpm2: Add more marshal/unmarshal functions, Gary Lin, 2023/08/16
- [PATCH v5 12/20] util/grub-protect: Add new tool, Gary Lin, 2023/08/16
- [PATCH v5 06/20] test_asn1: test module for libtasn1, Gary Lin, 2023/08/16
- [PATCH v5 15/20] tpm2: Implement more TPM2 commands, Gary Lin, 2023/08/16
- [PATCH v5 07/20] libtasn1: Add the documentation, Gary Lin, 2023/08/16
- [PATCH v5 16/20] tpm2: Support authorized policy,
Gary Lin <=
- [PATCH v5 20/20] diskfilter: look up cryptodisk devices first, Gary Lin, 2023/08/16
- [PATCH v5 17/20] protectors: Implement NV index, Gary Lin, 2023/08/16
- [PATCH v5 18/20] cryptodisk: Fallback to passphrase, Gary Lin, 2023/08/16
- [PATCH v5 19/20] cryptodisk: wipe out the cached keys from protectors, Gary Lin, 2023/08/16
- Re: [PATCH v5 00/20] Automatic Disk Unlock with TPM2, Daniel Kiper, 2023/08/17