1 (edited by Grizzy Kret 2021-05-03 03:13:00)

Topic: Identity attestation

Hello,
I am discovering the TPM and I am trying to implement some basic uses.
In my context, the PC hosting the TPM is a "client" discussing with a "server".
The server must be sure that the client actually the good one.
My actual way to perform this is by using an obfuscated crypto lib :
- at the very beginning of the client life, the client generates (& buries) a RSA key pair, and sends its public part to the server.
- during the client life time, when it's identity is to be proven:
    - the server sends some random data to the client
    - the client signs it using its buried private RSA key, and sends the signature to the server
    - the server verifies the signature using the public RSA key it received earlier
    ---> nothing really original...

My question is : how to do the same thing using your TPM lib ?

I read some documentation here : https://trustedcomputinggroup.org/resou … ification/
and I must admit I don't understand all the subtleties...
I download and compile your lib + examples, but I don't figure out how to proceed for my need.

Maybe it's not a good approach to reproduce what I do with my old school obfuscated crypto lib...
Then what is the proper way, for the client, to prove its own identity ?
Maybe using PCR, but I don't see how to use them...

Thanks in advance
Hadrien

Share

Re: Identity attestation

Hi Hadrien,

Have you seen our recent PR adding attestation support?
https://github.com/wolfSSL/wolfTPM/pull/161

We are also working on another example that uses TLS v1.3 between peers that should be posted in a few weeks.

If you are not familiar with it the tpm.dev website has some great discussions on this topic.

Thanks,
David Garske, wolfSSL

Share

Re: Identity attestation

Thank you David,
I will have a look on your pull...
But before that, I have another blocking point that I'll describe in another post.
(I'm afraid I have many more questions about the lib...)
Hadrien

Share

Re: Identity attestation

If by any chance, this is relevant, here is what I found while playing with PCR:

If I pass 25 as pcrIndex to wolfTPM2_ReadPCR (which should not be done),
at https://github.com/wolfSSL/wolfTPM/blob … ap.c#L2484 :
pcrReadOut.pcrValues.digests[0].size is not initialized and the following XMEMCPY leads to crash...

Share

5 (edited by dimitom 2021-05-12 07:52:23)

Re: Identity attestation

Hi Hadrien,

Thank you for pointing this out.

I was unable to reproduce your crash. When I use pcrIndex above 23, I get TPM_RC_VALUE response from the TPM chip at this line https://github.com/wolfSSL/wolfTPM/blob … ap.c#L2477 and clean exit from the wolfTPM2 wrapper.

At the same time, you are correct that an unitialized digestLen could lead to a XMEMCPY crash. Therefore, I made this change to wolfTPM - https://github.com/wolfSSL/wolfTPM/pull/165

Does this help?

Thanks,
Dimi

Dimi Tomov,
wolfSSL Engineer and Founder of TPM.dev

Share

Re: Identity attestation

Hi Hadrien,

As you are discovering the Windows support for TPM is by default quite restricted. Windows is our most recently added platform and we are aiming to improve the documentation and examples around it.

Can you explain more about your goals for authentication? Are you interested in the state of the machine or just that it is the machine with the specific TPM present?

The specification is the best source, but sometimes other sources can be good to understand the purpose at a higher level. Here are a few links I found helpful

You may also be interested in looking at our TLS examples if you haven't yet.

If you are interested in unblocking TPM commands in Windows, proceed with caution. And read https://docs.microsoft.com/en-us/window … /using-tbs

Thanks for the feedback. We are always aiming to improve our documentation.

Share

Re: Identity attestation

dimitom, about the crash with a pcrIndex >  23, I found that in the function TPM2_SetupPCRSel, an index-out-of-bound may occur in line  https://github.com/wolfSSL/wolfTPM/blob … m2.c#L5357
Since pcr->pcrSelections[0].pcrSelect array has only 3 bytes, it will overwrite somewhere in pcr->pcrSelections[1].
After that, pcr->pcrSelections[0].pcrSelect if filled with zeros and since pcr->count == 1, no error is detected.

Then, back to wolfTPM2_ReadPCR, the call to TPM2_PCR_Read raises no error (on my PC) but pcrReadOut.pcrValues.count == 0. So pcrReadOut.pcrValues.digests[0].size should not be used.

Thanks for your attention,
Hadrien

Share

Re: Identity attestation

Hi Hadrien,

Thank you for following-up.

TPM2_SetupPCRSel indeed has an issue and I submitted a one-line change to fix it.

https://github.com/wolfSSL/wolfTPM/pull/167

Now, if someone tries to use pcrIndex outside the allowed range, TPM2_SetupPCRSel will leave pcr->count to zero(0).

The TPM will respond with "TPM2_PCR_Reset failed 0x184: TPM_RC_VALUE: Value is out of range or is not correct for the context". Similar to asking the TPM to use an invalid pcrIndex.

Let us know if you have more questions or feedback. We are happy to help.

Dimi Tomov,
wolfSSL Engineer and Founder of TPM.dev

Share