Comments (4)
+1
i ran into this as well.
I needed the AK to Sign
something and would need the ticket provided by Hash
to do that
it looks like even Hash
takes the first handle bytes alone prematurely:
https://github.com/google/go-tpm/blob/master/tpm2/tpm2.go#L1385
when it should be able to get the full struct:
https://github.com/tpm2-software/tpm2-tools/blob/master/lib/tpm2.c#L966
- with
tpm2_tools
:
tpm2_createek -c ek.ctx -G rsa -u ek.pub
tpm2_createak -C ek.ctx -c ak.ctx -n ak.name -u ak.pub
echo "meet me at.." > message.txt
tpm2_hash -C e -g sha256 -o hash.bin -t ticket.bin message.txt
w/o ticket
tpm2_sign -c ak.ctx -g sha256 -o sig.rssa message.txt
ERROR: Eys_Sign(0x3E0) - tpm:parameter(3):invalid ticket
ERROR: Unable to run tpm2_sign
w/ ticket
tpm2_sign -c ak.ctx -g sha256 -o sig.rssa -t ticket.bin message.txt
tpm2_verifysignature -c ak.ctx -g sha256 -s sig.rssa -m message.txt
TPMT_TK_HASHCHECK – This ticket is used to indicate that a digest of external data is safe to sign
using a restricted signing key. A restricted signing key may only sign a digest that was produced by the
TPM. If the digest was produced from externally provided data, there needs to be an indication that the
data did not start with the same first octets as are used for data that is generated within the TPM. This
prevents “forgeries” of attestation data. This ticket is used to provide the evidence that the data used in
the digest was checked by the TPM and is safe to sign. Assuming that the external data is "safe", this
type of ticket is produced by TPM2_Hash() or TPM2_SequenceComplete() and used by TPM2_Sign().
from go-tpm.
It should be straightforward to allow you to sign while providing a hash ticket, as ATM tpm2.Sign just passes nothing for that parameter.
Would that change be enough, or would you also need changes to tpm2.Hash
as well?
from go-tpm.
i think tpm2.Hash
needs to return the rest of the part of data struct it gets from the tpm as the ticket
...that ticket needs to get stuffed into the Sign()
function
take a look at the tpm2_tools
command sequence: tpm2_hash
outputs a ticket which must be provided to tpm2_sign
(i.,e if you ask the ak to sign arbitrary stuff, its not going to do so unless it knows the tpm hashed it...and its not going to hash any arbitrary bit of data on behalf of an AK (i.,e magic number prefix)...thats my read atleast).
from go-tpm.
I started PR #178, went to create the new issue and found it already existed. 😊
Rather than commit a breaking change to tpm2.Hash
(to add a new return parameter for the ticket) as well as to tpm2.Sign
(to accept a new validation parameter, again for the ticket), I added new overloads of these functions: HashVerified and SignVerifiedHash.
It should be noted (so I did, in the function documentation) that the maximum amount of data you can hash with the one-shot TPM2_Hash
command is implementation-dependent, depending on MAX_DIGEST_BUFFER
which is only guaranteed by the spec to be up to 1,024 bytes. Some TPMs may support larger buffers, leading to code which works on some TPMs (like the simulator) but not others (like a real discrete TPM with limited RAM). For more than 1024 bytes of data, the sequence commands should be used, but these aren't yet implemented by go-tpm.
I filed issue #179 to track possibly extending the API for this.
from go-tpm.
Related Issues (20)
- Add helper for tpmDirect ObjectAttributes
- tpmDirect Design Feedback HOT 2
- delete the struct aliases & consider merging all of structures and commands into one 'tpm2' package HOT 4
- reduce repetitive, nested structs by proving a defaults package HOT 1
- support passing []byte as TPM2B HOT 2
- Add a Compare function
- Load TSS2 Private Key generated with tpm2tss-genkey HOT 2
- Inconsistency between written and read values when accessing PCR HOT 3
- reduce unnecessary overhead of Tbsi_Get_TCG_Log HOT 1
- Missing ExtraData in Quote
- Use `crypto/ecdh` for tpmdirect HOT 5
- Darwin ? HOT 1
- EvictControl missing from new tpm2 HOT 10
- Consider an UnmarshalReader API for types
- HMAC Session not working HOT 2
- Support As(TPMRC) for format-1 errors.
- Support serialization of persistent handles HOT 1
- Support for RSAEncrypt and RSADecrypt commands HOT 1
- TPM Simulator reporting unrecognised command over socket
- Implement TPM2_HMAC_Start
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from go-tpm.