Added support for storing sealed blobs into NV. Refactor the TPM sign…

…ature verify to use existing load public key function and generic verify hash TPM function. Added support for RSA sign with ASN.1 encoding (Example: `SIGN=RSA2048ENC`).
wolfSSL · Sep 8, 2023 · dcab8d5 · dcab8d5
1 parent 17569c7
commit dcab8d5
Show file tree

Hide file tree

Showing 8 changed files with 406 additions and 251 deletions.
diff --git a/.github/workflows/test-tpm.yml b/.github/workflows/test-tpm.yml
@@ -34,7 +34,7 @@ jobs:
     with:
       arch: host
       config-file: ./config/examples/sim-tpm.config
-      make-args: SIGN=RSA2048 HASH=SHA256
+      make-args: SIGN=RSA2048ENC HASH=SHA256
 
 
   sim_tpm_measured_ecc256:
@@ -107,5 +107,5 @@ jobs:
     with:
       arch: host
       config-file: ./config/examples/sim-tpm-seal.config
-      make-args: SIGN=RSA2048 HASH=SHA256 POLICY_FILE=policy.bin
+      make-args: SIGN=RSA2048ENC HASH=SHA256 POLICY_FILE=policy.bin
       authstr: TestAuth
diff --git a/config/examples/sim-tpm.config b/config/examples/sim-tpm.config
@@ -1,5 +1,6 @@
 ARCH=sim
 TARGET=sim
+# note TPM requires ASN.1 encoding for RSA, so use RSA2048ENC, RSA3072ENC, RSA4096ENC
 SIGN?=ECC256
 HASH?=SHA256
 SPI_FLASH=0

diff --git a/docs/TPM.md b/docs/TPM.md
@@ -49,29 +49,52 @@ The default NV base can be overridden with `WOLFBOOT_TPM_SEAL_NV_BASE`.
 ### Testing seal/unseal with simulator
 
 ```sh
-cp config/examples/sim-tpm-seal.config .config
-make keytools
-make tpmtools
-echo aaa > aaa.bin
-./tools/tpm/pcr_extend 0 aaa.bin
-./tools/tpm/policy_create -pcr=0
+% cp config/examples/sim-tpm-seal.config .config
+% make keytools
+% make tpmtools
+% echo aaa > aaa.bin
+% ./tools/tpm/pcr_extend 0 aaa.bin
+% ./tools/tpm/policy_create -pcr=0
 # if ROT enabled
-./tools/tpm/rot -write
-make clean && make POLICY_FILE=policy.bin
-./wolfboot.elf get_version
-Simulator assigned ./internal_flash.dd to base 0x103797000
+% ./tools/tpm/rot -write
+% make clean && make POLICY_FILE=policy.bin
+
+% ./wolfboot.elf get_version
+Simulator assigned ./internal_flash.dd to base 0x103378000
+Mfg IBM  (0), Vendor SW   TPM, Fw 8217.4131 (0x163636), FIPS 140-2 1, CC-EAL4 0
+Unlocking disk...
+Boot partition: 0x1033f8000
+Image size 54400
+Error 395 reading blob from NV index 1400300 (error TPM_RC_HANDLE)
+Error 395 unsealing secret! (TPM_RC_HANDLE)
+Sealed secret does not exist!
+Creating new secret (32 bytes)
+430dee45553c4a8b75fbc6bcd0890765c48cab760b24b1aa6b633dc0538e0159
+Wrote 210 bytes to NV index 0x1400300
+Read 210 bytes from NV index 0x1400300
+Secret Check 32 bytes
+430dee45553c4a8b75fbc6bcd0890765c48cab760b24b1aa6b633dc0538e0159
+Secret 32 bytes
+430dee45553c4a8b75fbc6bcd0890765c48cab760b24b1aa6b633dc0538e0159
+Boot partition: 0x1033f8000
+Image size 54400
+TPM Root of Trust valid (id 0)
+Simulator assigned ./internal_flash.dd to base 0x103543000
+1
+
+% ./wolfboot.elf get_version
+Simulator assigned ./internal_flash.dd to base 0x10c01c000
 Mfg IBM  (0), Vendor SW   TPM, Fw 8217.4131 (0x163636), FIPS 140-2 1, CC-EAL4 0
 Unlocking disk...
-Boot partition: 0x103817000
+Boot partition: 0x10c09c000
 Image size 54400
-Sealing 32 bytes
-11c6ac0ec972ae567c541750c6ecccd426f131dad3eeca5e6540d901d9f0c336
-Unsealed 32 bytes
-11c6ac0ec972ae567c541750c6ecccd426f131dad3eeca5e6540d901d9f0c336
-Boot partition: 0x103817000
+Read 210 bytes from NV index 0x1400300
+Secret 32 bytes
+430dee45553c4a8b75fbc6bcd0890765c48cab760b24b1aa6b633dc0538e0159
+Boot partition: 0x10c09c000
 Image size 54400
 TPM Root of Trust valid (id 0)
-Simulator assigned ./internal_flash.dd to base 0x103962000
+Simulator assigned ./internal_flash.dd to base 0x10c1e7000
 1
 ```
 

diff --git a/include/tpm.h b/include/tpm.h
@@ -51,19 +51,38 @@ extern WOLFTPM2_KEY     wolftpm_srk;
 int  wolfBoot_tpm2_init(void);
 void wolfBoot_tpm2_deinit(void);
 
+#if defined(WOLFBOOT_TPM_VERIFY) || defined(WOLFBOOT_TPM_SEAL)
+int wolfBoot_load_pubkey(struct wolfBoot_image* img, WOLFTPM2_KEY* pubKey,
+    TPM_ALG_ID* pAlg);
+#endif
+
 #ifdef WOLFBOOT_TPM_KEYSTORE
 int wolfBoot_check_rot(int key_slot, uint8_t* pubkey_hint);
 #endif
 
 #ifdef WOLFBOOT_TPM_SEAL
 int wolfBoot_get_random(uint8_t* buf, int sz);
 int wolfBoot_get_pcr_active(uint8_t pcrAlg, uint32_t* pcrMask, uint8_t pcrMax);
-int wolfBoot_build_policy(uint8_t pcrAlg, uint32_t pcrMask, uint8_t* policy, uint32_t* policySz, uint8_t* policyRef, uint32_t policyRefSz);
-int wolfBoot_get_policy(struct wolfBoot_image* img, uint8_t** policy, uint16_t* policySz);
-int wolfBoot_seal(struct wolfBoot_image* img, int index, const uint8_t* secret, int secret_sz);
-int wolfBoot_seal_blob(struct wolfBoot_image* img, WOLFTPM2_KEYBLOB* seal_blob, const uint8_t* secret, int secret_sz);
-int wolfBoot_unseal(struct wolfBoot_image* img, int index, uint8_t* secret, int* secret_sz);
-int wolfBoot_unseal_blob(struct wolfBoot_image* img, WOLFTPM2_KEYBLOB* seal_blob, uint8_t* secret, int* secret_sz);
+int wolfBoot_build_policy(uint8_t pcrAlg, uint32_t pcrMask,
+    uint8_t* policy, uint32_t* policySz,
+    uint8_t* policyRef, uint32_t policyRefSz);
+int wolfBoot_get_policy(struct wolfBoot_image* img,
+    uint8_t** policy, uint16_t* policySz);
+
+int wolfBoot_seal(struct wolfBoot_image* img, int index,
+    const uint8_t* secret, int secret_sz);
+int wolfBoot_seal_blob(struct wolfBoot_image* img, WOLFTPM2_KEYBLOB* seal_blob,
+    const uint8_t* secret, int secret_sz);
+int wolfBoot_unseal(struct wolfBoot_image* img, int index,
+    uint8_t* secret, int* secret_sz);
+int wolfBoot_unseal_blob(struct wolfBoot_image* img, WOLFTPM2_KEYBLOB* seal_blob,
+    uint8_t* secret, int* secret_sz);
+
+int wolfBoot_read_blob(uint32_t nvIndex, WOLFTPM2_KEYBLOB* blob,
+    const uint8_t* auth, uint32_t authSz);
+int wolfBoot_store_blob(TPMI_RH_NV_AUTH authHandle, uint32_t nvIndex,
+    word32 nvAttributes, WOLFTPM2_KEYBLOB* blob,
+    const uint8_t* auth, uint32_t authSz);
 #endif
 
 #ifdef WOLFBOOT_MEASURED_BOOT

diff --git a/options.mk b/options.mk
@@ -197,9 +197,14 @@ ifeq ($(SIGN),ED448)
   endif
 endif
 
-ifeq ($(SIGN),RSA2048)
+ifneq ($(findstring RSA2048,$(SIGN)),)
   KEYGEN_OPTIONS+=--rsa2048
-  SIGN_OPTIONS+=--rsa2048
+  ifeq ($(SIGN),RSA2048ENC)
+    SIGN_OPTIONS+=--rsa2048enc
+    SIGN:=RSA2048 # helps keystore.c check
+  else
+    SIGN_OPTIONS+=--rsa2048
+  endif
   WOLFCRYPT_OBJS+= \
     $(RSA_EXTRA_OBJS) \
     $(MATH_OBJS) \
@@ -232,9 +237,14 @@ ifeq ($(SIGN),RSA2048)
   endif
 endif
 
-ifeq ($(SIGN),RSA3072)
+ifneq ($(findstring RSA3072,$(SIGN)),)
   KEYGEN_OPTIONS+=--rsa3072
-  SIGN_OPTIONS+=--rsa3072
+  ifeq ($(SIGN),RSA3072ENC)
+    SIGN_OPTIONS+=--rsa3072enc
+    SIGN:=RSA3072 # helps keystore.c check
+  else
+    SIGN_OPTIONS+=--rsa3072
+  endif
   WOLFCRYPT_OBJS+= \
     $(RSA_EXTRA_OBJS) \
     $(MATH_OBJS) \
@@ -270,9 +280,15 @@ ifeq ($(SIGN),RSA3072)
   endif
 endif
 
-ifeq ($(SIGN),RSA4096)
+ifneq ($(findstring RSA4096,$(SIGN)),)
+  SIGN:=RSA4096
   KEYGEN_OPTIONS+=--rsa4096
-  SIGN_OPTIONS+=--rsa4096
+  ifeq ($(SIGN),RSA4096ENC)
+    SIGN_OPTIONS+=--rsa4096enc
+    SIGN:=RSA4096 # helps keystore.c check
+  else
+    SIGN_OPTIONS+=--rsa4096
+  endif
   WOLFCRYPT_OBJS+= \
     $(RSA_EXTRA_OBJS) \
     $(MATH_OBJS) \