Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Future TPM support #3877

Open
securitykernel opened this issue Jan 8, 2024 · 1 comment
Open

Future TPM support #3877

securitykernel opened this issue Jan 8, 2024 · 1 comment
Assignees
@atreiber94
Labels
enhancement Enhancement or new feature
Milestone
Botan 3.6.0

Comments

@securitykernel
Copy link
Collaborator

The ToDo list currently lists this for TPM support:

  • Better TPM support: NVRAM, PCR measurements, sealing
  • Add support for TPM 2.0 hardware

Is the first one still desired? Given that TPM 1.2 standard was first released in 2003 and superseded by TPM 2.0 in 2014, I'd suggest to deprecate TPM 1.2 support for removal in 4.0 and add basic TPM 2.0 support as a replacement (if still desired).
randombit added a commit that referenced this issue May 11, 2024
@randombit
Mark deprecated modules as such
c13d68e 
In #3910 we introduced a nice way of marking specific modules as
deprecated. However this change did not set the lifecycles of any
specific modules.

Additionally, officially deprecate the TPM support which is pretty
obsolete and these days not well tested. (GH #3877)
@randombit randombit mentioned this issue May 11, 2024
Merged
randombit added a commit that referenced this issue May 11, 2024
@randombit
Mark deprecated modules as such
0be3dd2 
In #3910 we introduced a nice way of marking specific modules as
deprecated. However this change did not set the lifecycles of any
specific modules.

Additionally, officially deprecate the TPM support which is pretty
obsolete and these days not well tested. (GH #3877)
randombit added a commit that referenced this issue May 11, 2024
@randombit
Improve notification and documentation of deprecated features
dd5283c 
In #3910 we introduced a nice way of marking specific modules as
deprecated. However this change did not set the lifecycles of any
specific modules.

Additionally, officially deprecate the TPM support which is pretty
obsolete and these days not well tested. (GH #3877)

Mark various headers and classes that are entirely deprecated as such
to provide some additional compile time warning for users.
randombit added a commit that referenced this issue May 11, 2024
@randombit
Improve notification and documentation of deprecated features
9000137 
In #3910 we introduced a nice way of marking specific modules as
deprecated. However this change did not set the lifecycles of any
specific modules.

Additionally, officially deprecate the TPM support which is pretty
obsolete and these days not well tested. (GH #3877)

Mark various headers and classes that are entirely deprecated as such
to provide some additional compile time warning for users.
@reneme
Copy link
Collaborator

reneme commented Jun 5, 2024
edited
Loading

Current Status

TPM 1.2 is deprecated as of 9000137. @atreiber94 and me will work on (limited) TPM 2.0 support.

Work Items

  • Set up a test environment for CI (based on swtpm)
  • TPM-based random number generator (Add TPM2 RNG #4117)
  • Support asymmetric crypto for pre-existing keys on the TPM
    • RSA sign/verify
    • RSA encrypt/decrypt ❔
    • ECDSA sign/verify
    • ECDH (not in scope at the moment) ❔
  • Support for X.509 Certificate Signing ❔
    See: Architecture Document, Section 31.6 (PDF-page 227)
  • Key Management ❔
    • Creation
      • Transient key creation
      • Persist keys (after transient creation)
      • Offloadable keys (via TPM-encrypted blobs)
    • Import
      • existing non-TPM-generated key material ❔
      • offloaded (TPM-encrypted) key blobs
    • Deletion of persistent keys
  • Convenient Session Management ❔
    • Password-protected
    • HMAC-Sessions
    • Policy-protection
    • Session Attributes (Encrypt/Decrypt, Audit, Resumption, ...)
    • Audit-Sessions (out of scope)
  • Auxiliaries
    • Wrapper for TPM-based Hashes
      (needed internally, for abstraction in sign/verify)
    • Configurable Optional CPU-based hashing for Sign/verify
    • Configurable CPU-based padding for RSA sign/verify/encrypt/decrypt ❔
  • Verification of Trust roots (Endorsement Certificate, Platform Certificate, Storage Root Key) -- currently not planned
  • For tss2-tpm 4.0+: Use the crypto callbacks (to avoid depending on ossl or gnutls)
  • FFI support
  • Python bindings

Knowledge Space

This will require a new (optional) dependency to tpm2-tss. This library provides several layers of API abstraction:

  • Feature API
    high-level API that manages TPM configuration and crypto profiles in *.json files and maintains a keystore directory structure on the system
  • Enhanced System API (ESYS) (spec)
    abstracts session authorization and parameter encryption, needs a "crypto library" (OpenSSL, mbedTLS, or custom callbacks)
  • System API
    basically just marshalling of TPM2 commands, no crypto library needed

The "Enhanced System API" is probably want we want. The "Feature API" seems very convenient but it maintains state on the user's hard drive and is quite obviously geared towards use in applications. We'll (optionally) implement the crypto callbacks to allow tpm2-tss to use Botan's primitives and to avoid a transitive dependency to another crypto library. Note that this requires the use of tpm2-tss 4.0 or newer (January 2023), before ESYS_SetCryptoCallbacks() is not available.

@reneme reneme added this to the Botan 3.6.0 milestone Jun 7, 2024
@reneme reneme added the enhancement Enhancement or new feature label Jun 7, 2024
@atreiber94 atreiber94 mentioned this issue Jun 12, 2024
Closed
2 tasks
@reneme reneme mentioned this issue Jul 10, 2024
Open
@reneme reneme mentioned this issue Jul 29, 2024
Open
@atreiber94 atreiber94 mentioned this issue Sep 6, 2024
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@atreiber94 atreiber94

Labels
enhancement Enhancement or new feature
Projects
None yet
Milestone
Botan 3.6.0
Development

No branches or pull requests
3 participants
@reneme @securitykernel @atreiber94