[prev in list] [next in list] [prev in thread] [next in thread]
List: trousers-users
Subject: [TrouSerS-users] verifying quote using certificates
From: "adrian golding" <adriangolding () gmail ! com>
Date: 2008-10-12 2:16:23
Message-ID: d3dcda8c0810111916w1106774du1e0fd4b685f73f42 () mail ! gmail ! com
[Download RAW message or body]
[Attachment #2 (multipart/alternative)]
hello hal, i was reading another thread about verifying the quote:
http://sourceforge.net/mailarchive/message.php?msg_id=4525A0BC.9000007%40ece.cmu.edu
with regards to this call:
Tspi_GetAttribData(hKey,
TSS_TSPATTRIB_RSAKEY_INFO,
TSS_TSPATTRIB_KEYINFO_RSA_MODULUS,
> &BlobLength, &BLOB);
&BlobLength is an unsigned int, and &BLOB a BYTE array. Please correct me
if i'm wrong, BLOB would be a BIGNUM, and BlobLength the length of BLOB.
However, when i print out BlobLength, it seems too large (4131212846) for
BLOB. and when i tried to verify if the exponent is 65537 by calling
GetAttribData with the flag TSS_TSPATTRIB_KEYINFO_RSA_EXPONENT instead, the
length of the BIGNUM is also very huge (134516825).
thanks - adrian
On Fri, Oct 10, 2008 at 3:08 AM, Hal Finney <hal.finney@gmail.com> wrote:
> Hi Adrian -
>
> One thing to keep in mind on Quote. For a Quote to be truly
> meaningful, the verifier needs to be confident that it is a TPM key -
> that is, that the private key is protected by the TPM and will never
> be readable outside the TPM. This basically means that it must be a
> non-migratable key, and it must have been generated on the TPM. Note,
> this is not enough by itself, there are a lot of other requirements
> that might have to be met, depending on the situation.
>
> I am not familiar with any openssl create_tpm_key() function. If it
> generates the key on the TPM, that might be suitable; but if it
> generates an off-chip key and then loads that onto the TPM, it would
> not be appropriate.
>
> For the other approach, generating a key on the TPM and then getting
> an X.509 certificate for it, keep in mind that an X.509 certificate is
> a rather inconvenient object for passing around keys. The only reason
> people use it is because it's what everyone uses. An X.509 cert does
> not just hold a key, it also has some kind of name or identity field,
> and further, it has a signature by (generally) some other key which
> binds the target key and target identity information. It's a very
> complex object. If all you want to do is to tell the other guy your
> public key, I'd probably suggest rolling your own format and just send
> the modulus in some form. But if you have to be X.509 compatible then
> you'll have to go through a lot of work.
>
> The first step (after generating the key) would be to read the key
> modulus using:
>
> Tspi_GetAttribData(hKey,
> TSS_TSPATTRIB_RSAKEY_INFO,
> TSS_TSPATTRIB_KEYINFO_RSA_MODULUS,
> &BlobLength, &BLOB);
>
> Once you have the modulus, you could insert it into an openssl RSA
> structure, and set the exponent field in that struct to 65537. From
> there, you will need to assemble an openssl X509 certificate
> structure, and then ultimately call the openssl X509_sign() function.
>
> Frankly, I don't understand how people manage to use openssl. There's
> no documentation for any of this stuff, that I can find! I always have
> to study the openssl source code to figure out how to use it, on those
> rare occasions when I am forced by circumstances to do so. Consider
> even something as mundane as creating an RSA key and creating a valid
> X.509 certificate to hold it. Forget about the TPM, just think about
> doing that step. The functionality exists in the openssl library to
> accomplish this, but I don't know of a single piece of documentation
> that tells how. (There do exist various HOWTOs across the web on how
> to do it from the openssl command line, but I haven't found anything
> about using the library.)
>
> Anyway, the bottom line is that generating the TPM key is easy.
> Creating X.509 certificates is hard. If you can figure out how to
> create X.509 certs, without involving the TPM, maybe with help from
> people on the openssl mailing lists, then it will be easy to modify
> that program to create the key on the TPM, copy the modulus field into
> whatever openssl structure needs it, and you're good to go.
>
> Hal
>
>
>
> On Wed, Oct 8, 2008 at 8:22 PM, adrian golding <adriangolding@gmail.com>
> wrote:
> > hello, with the Tspi_TPM_Quote01.c example and as a starting point, if i
> > want to let a remote party verify the quote, and i intend to send the
> > TSS_VALIDATION object as well as a certificate of my public key
> (self-signed
> > for now) over. How do i either:
> > 1) create keys using openssl's create_tpm_key and load the key into my
> > quoting application before it signs the PCR?
> > or
> > 2) using the Tspi_Key_CreateKey function in Tspi_TPM_Quote01.c to
> generate
> > the keys, and create a certificate with my public key so i could send it
> to
> > the remote party?
> > which way would be more encouraged?
> >
> > thanks - adrian
>
[Attachment #5 (text/html)]
<div dir="ltr"><div class="gmail_quote"><div dir="ltr">hello hal, i was reading \
another thread about verifying the quote:<br><a \
href="http://sourceforge.net/mailarchive/message.php?msg_id=4525A0BC.9000007%40ece.cmu.edu" \
target="_blank">http://sourceforge.net/mailarchive/message.php?msg_id=4525A0BC.9000007%40ece.cmu.edu</a><br>
<br>with regards to this call:<div class="Ih2E3d"><br>Tspi_GetAttribData(hKey,<br>
\
TSS_TSPATTRIB_RSAKEY_INFO,<br> \
\
TSS_TSPATTRIB_KEYINFO_RSA_MODULUS,<br><blockquote class="gmail_quote" \
style="border-left:1px solid rgb(204, 204, 204);margin:0pt 0pt 0pt \
0.8ex;padding-left:1ex"> \
&BlobLength, \
&BLOB);</blockquote></div><div><br>&BlobLength is an unsigned int, and \
&BLOB a BYTE array. Please correct me if i'm wrong, BLOB would be a \
BIGNUM, and BlobLength the length of BLOB. However, when i print out \
BlobLength, it seems too large (4131212846) for BLOB. and when i tried to \
verify if the exponent is 65537 by calling GetAttribData with the flag \
TSS_TSPATTRIB_KEYINFO_RSA_EXPONENT instead, the length of the BIGNUM is also very \
huge (134516825).<br>
<br>thanks - adrian<br> </div><div><div></div><div class="Wj3C7c"><br><div \
class="gmail_quote">On Fri, Oct 10, 2008 at 3:08 AM, Hal Finney <span \
dir="ltr"><<a href="mailto:hal.finney@gmail.com" \
target="_blank">hal.finney@gmail.com</a>></span> wrote:<br> <blockquote \
class="gmail_quote" style="border-left:1px solid rgb(204, 204, 204);margin:0pt 0pt \
0pt 0.8ex;padding-left:1ex"> Hi Adrian -<br>
<br>
One thing to keep in mind on Quote. For a Quote to be truly<br>
meaningful, the verifier needs to be confident that it is a TPM key -<br>
that is, that the private key is protected by the TPM and will never<br>
be readable outside the TPM. This basically means that it must be a<br>
non-migratable key, and it must have been generated on the TPM. Note,<br>
this is not enough by itself, there are a lot of other requirements<br>
that might have to be met, depending on the situation.<br>
<br>
I am not familiar with any openssl create_tpm_key() function. If it<br>
generates the key on the TPM, that might be suitable; but if it<br>
generates an off-chip key and then loads that onto the TPM, it would<br>
not be appropriate.<br>
<br>
For the other approach, generating a key on the TPM and then getting<br>
an X.509 certificate for it, keep in mind that an X.509 certificate is<br>
a rather inconvenient object for passing around keys. The only reason<br>
people use it is because it's what everyone uses. An X.509 cert does<br>
not just hold a key, it also has some kind of name or identity field,<br>
and further, it has a signature by (generally) some other key which<br>
binds the target key and target identity information. It's a very<br>
complex object. If all you want to do is to tell the other guy your<br>
public key, I'd probably suggest rolling your own format and just send<br>
the modulus in some form. But if you have to be X.509 compatible then<br>
you'll have to go through a lot of work.<br>
<br>
The first step (after generating the key) would be to read the key<br>
modulus using:<br>
<br>
Tspi_GetAttribData(hKey,<br>
\
TSS_TSPATTRIB_RSAKEY_INFO,<br> \
TSS_TSPATTRIB_KEYINFO_RSA_MODULUS,<br> \
\
&BlobLength, &BLOB);<br> <br>
Once you have the modulus, you could insert it into an openssl RSA<br>
structure, and set the exponent field in that struct to 65537. From<br>
there, you will need to assemble an openssl X509 certificate<br>
structure, and then ultimately call the openssl X509_sign() function.<br>
<br>
Frankly, I don't understand how people manage to use openssl. There's<br>
no documentation for any of this stuff, that I can find! I always have<br>
to study the openssl source code to figure out how to use it, on those<br>
rare occasions when I am forced by circumstances to do so. Consider<br>
even something as mundane as creating an RSA key and creating a valid<br>
X.509 certificate to hold it. Forget about the TPM, just think about<br>
doing that step. The functionality exists in the openssl library to<br>
accomplish this, but I don't know of a single piece of documentation<br>
that tells how. (There do exist various HOWTOs across the web on how<br>
to do it from the openssl command line, but I haven't found anything<br>
about using the library.)<br>
<br>
Anyway, the bottom line is that generating the TPM key is easy.<br>
Creating X.509 certificates is hard. If you can figure out how to<br>
create X.509 certs, without involving the TPM, maybe with help from<br>
people on the openssl mailing lists, then it will be easy to modify<br>
that program to create the key on the TPM, copy the modulus field into<br>
whatever openssl structure needs it, and you're good to go.<br>
<font color="#888888"><br>
Hal<br>
</font><div><div></div><div><br>
<br>
<br>
On Wed, Oct 8, 2008 at 8:22 PM, adrian golding <<a \
href="mailto:adriangolding@gmail.com" target="_blank">adriangolding@gmail.com</a>> \
wrote:<br> > hello, with the Tspi_TPM_Quote01.c example and as a starting point, \
if i<br> > want to let a remote party verify the quote, and i intend to send \
the<br> > TSS_VALIDATION object as well as a certificate of my public key \
(self-signed<br> > for now) over. How do i either:<br>
> 1) create keys using openssl's create_tpm_key and load the key into my<br>
> quoting application before it signs the PCR?<br>
> or<br>
> 2) using the Tspi_Key_CreateKey function in Tspi_TPM_Quote01.c to \
generate<br> > the keys, and create a certificate with my public key so i could \
send it to<br> > the remote party?<br>
> which way would be more encouraged?<br>
><br>
> thanks - adrian<br>
</div></div></blockquote></div><br></div></div></div>
</div><br></div>
-------------------------------------------------------------------------
This SF.Net email is sponsored by the Moblin Your Move Developer's challenge
Build the coolest Linux based applications with Moblin SDK & win great prizes
Grand prize is a trip for two to an Open Source event anywhere in the world
http://moblin-contest.org/redirect.php?banner_id=100&url=/
_______________________________________________
TrouSerS-users mailing list
TrouSerS-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/trousers-users
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic