TPM-Keys in virtual SmartCards about go-attestation HOT 8 CLOSED

cc @brandonweeks

We learned recently that you can't write a Go PKCS #11 module if your applications call fork() golang/go#15538. You likely need a daemon and a client written in C/C++/Rust

If you're on Linux, I'd suggest looking at Chaps:

https://www.chromium.org/developers/design-documents/chaps-technical-design

from go-attestation.

Thanks for your response, ericchiang!

Our approach is now to use the key material outside of go attestation once it was created. For this we need the TPM handle that is associated with the created application key. All structures and functions that I came across in the code were not exported from the package.

Is there any chance to access this lowlevel TPM data from the application key created with tpm.NewKey(ak, keyConfig)?

from go-attestation.

cc @pszal

Would a method on Key that returned the handle suffice?

from go-attestation.

Our approach is now to use the key material outside of go attestation once it was created.

You can use k.Blobs() (https://github.com/google/go-attestation/blob/master/attest/application_key.go#L126) to get the material and reload it. If you want to avoid reloading then indeed you need a handle accessor -- I'd be ok with having such a method.

from go-attestation.

Hi @pszal and @ericchiang ,
thanks for your replies. Here is some more context about what we are trying to do:

So far, we have created a key with the TPM2 Tools like:
tpm2_createprimary -c primary.ctx
tpm2_evictcontrol -c primary.ctx 0x81000001
tpm2tss-genkey -P 0x81000001 tss2key-rsa2048.pem
pid="$(tpm2_ptool init --primary-handle=0x81000001 --path=~/teststore | grep id | cut -d' ' -f 2-2)"
tpm2_ptool addtoken --pid=$pid --sopin=mysopin --userpin=myuserpin --label=mytoken --path=~/teststore
tpm2_ptool link --path ~/teststore --label=mytoken --userpin=myuserpin --key-label="link-key" tss2key-rsa2048.pem

In this way, we were able to use a TPM generated key withing an emulated smartcard (https://github.com/tpm2-software/tpm2-pkcs11). Now, we want to use a key generated by https://pkg.go.dev/github.com/google/go-attestation/attest#TPM.NewKey, since we want to carry out the attestation process with go-attestation.

Therefore, we need to be able to extract the key material (probably from the Blobs()) in the format as used by tpm2tss-genkey and the handle of the keys parent.

Do you think this would be possible?
Thanks in advance!

from go-attestation.

Therefore, we need to be able to extract the key material (probably from the Blobs()) in the format as used by tpm2tss-genkey and the handle of the keys parent.

For the format differences you can look at google/go-tpm#233. Keys are created with SRK as the parent:

from go-attestation.

Hi @pszal ,

thank you for your response. We tried to experiment with the format of the exported key blob but weren't successful so far. Here's what we tried to do:

Create a key using
appkey, err := tpm.NewKey(ak, keyConfig)

Extract the private Key blob using
_, pkBlob, _ := appkey.Blobs()

Parse the key blob as U16Bytes

var pkTest tpmutil.U16Bytes
pkTest = tpmutil.U16Bytes(pkBlob)

Write the priv key to a file

f, err := os.Create("pk_tpmmarshal")
defer f.Close()
pkTest.TPMMarshal(f)

I am running this code on a Raspberry Pi Model 3. I also tried changing the U16Bytes type to U32Bytes, but still were not able to use the key.

What I eventually try to do (as the next step) is to parse the key using openssl.

To my understanding, if formatted correctly, the key that can be parsed should look something like

MIIB8gYGZ4EFCgEDoAMBAQECBEAAAAEEggEYARYAAQALAAYEcgAAABAAEAgAAAEA
AQEAvqwwmP1BpyQdJdZlV4j24eIz+qc9aJzLHvEk+tOpi8Zp5Vof+Ou0r64IIimG
p66HzYjWJz8HNg8H46R32aDoS7y8zm9ac8bPVPXWq/qRE0a3cU8q3kTcSRPc+hNu
2fg3CJk60Y/2vypjt9JP6hhXswHcGeVS4c1dWiwErV+FWXx71dYnhV/EYdhMshY0
GnFe8k1rnI40fM3NkUrTtA32t6WHXhsi1Budm1YXRAHw75g4+Gi/6DyZnbAiDKN0
OLvQnr5D6e5WSrhZCawEa5fpdvvHT1S0PzwxbfRwN81flRKJBx3gtPhjcgoNgy7n
vVyipS/E55EDiLcVhntmiSrhmwSBwAC+ACAnDe3k/xKYRiXE31jMs/XSkwzYvd9S
GOhbmj8J7BvoPAAQSYeAIbjx94tPPAj9qdijSxiV/1QKtly/GluMLnFjb7UKnrVW
QytqgL+EYlZSD8MeoJvu7QBbWnwKthUJczim77Uwu/BJOH3h+cSMX7ll7VIuQuMo
SWdfH4RuyjZ/gmCa2ebU3L5s0xJCng4QouEbthxuLuiM08u3ij3R9t1ctJZr8+gB
lFSJsyICiQF3E/g9YVNFvF+0XJYHdQ==

and can be parsed using
echo "<KEY FROM ABOVE>" | openssl asn1parse

Currently, the result of TPMMarshal looks like (manually base64 encoded):

AL4AIIQCAH7yhh/TBuoc1QTKUYvgPLuyS1sHk0eMjE/dk4+ZABCJEYYHSNXBAgl1maqFbYAK/xMI
JW5TP1tE/f2/zTh9DQPRwRuCeE9Ht97xRa9u8xScjDK8fo1lvdamqulKU+nHZnCKYKaPg93CwJaF
7z3QiSX8F52F/9ODPMXj3TeOeu9DSs6m7oEBvq/8hUL4V5S/MiNN1tkoCz+W30gUnrGM5EB9jYBe
5I+iJlPhx/C08gwT1tIoUueBIDqE

I would really appreciate your help. I tried various combinations of formatting but ran out of ideas. However, I have the feeling that it is not impossible what we are trying to do.

Thank you and greetings
Kuenni

from go-attestation.

Just a follow up:
We were able to solve that topic. We had assumed (wrongly) that the output should already be the PEM representation of that key and did not realize that it really only contained the key bytes.

For documentation purposes:
We were able to write the key to a file using pkTest.TPMMarshal(f) (see above). This was done for both, the private and the public key.

Afterwards we could continue and create the PEM file using
tpm2tss-genkey -u pubktpmmarshal -r privktpmmarshal -P 0x81000001 go-key.pem
or link a token using
tpm2_ptool link --path=. --label=goToken --userpin=1234 --key-label="Go-Key-Link" --id=2 pubktpmmarshal privktpmmarshal

EDIT: I guess this can be closed then.

from go-attestation.