[prev in list] [next in list] [prev in thread] [next in thread] 

List:       linux-keyrings
Subject:    Re: [PATCH v10 5/8] security: keys: trusted: Make sealed key properly interoperable
From:       Jarkko Sakkinen <jarkko.sakkinen () linux ! intel ! com>
Date:       2020-06-17 23:46:41
Message-ID: 20200617234641.GL62794 () linux ! intel ! com
[Download RAW message or body]

On Tue, Jun 16, 2020 at 09:02:26AM -0700, James Bottomley wrote:
> The current implementation appends a migratable flag to the end of a
> key, meaning the format isn't exactly interoperable because the using
> party needs to know to strip this extra byte.  However, all other
> consumers of TPM sealed blobs expect the unseal to return exactly the
> key.  Since TPM2 keys have a key property flag that corresponds to
> migratable, use that flag instead and make the actual key the only
> sealed quantity.  This is secure because the key properties are bound
> to a hash in the private part, so if they're altered the key won't
> load.
> 
> Backwards compatibility is implemented by detecting whether we're
> loading a new format key or not and correctly setting migratable from
> the last byte of old format keys.
> 
> Signed-off-by: James Bottomley <James.Bottomley@HansenPartnership.com>

Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>

/Jarkko
[prev in list] [next in list] [prev in thread] [next in thread]