* [tpm2] Re: tpm2_certify signature verification
@ 2020-03-10 17:12 Imran Desai
0 siblings, 0 replies; 4+ messages in thread
From: Imran Desai @ 2020-03-10 17:12 UTC (permalink / raw)
To: tpm2
[-- Attachment #1: Type: text/plain, Size: 320 bytes --]
Try this:
tpm2_createprimary -C o -c primary.ctx -Q
tpm2_create -G rsa -u rsa.pub -r rsa.priv -C primary.ctx -Q
tpm2_load -C primary.ctx -u rsa.pub -r rsa.priv -c rsa.ctx
tpm2_certify -c primary.ctx -C rsa.ctx -g sha256 -o attest.out -s sig.out
tpm2_verifysignature -c rsa.ctx -g sha256 -m attest.out -s sig.out
^ permalink raw reply [flat|nested] 4+ messages in thread
* [tpm2] Re: tpm2_certify signature verification
@ 2020-03-11 15:15 Roberts, William C
0 siblings, 0 replies; 4+ messages in thread
From: Roberts, William C @ 2020-03-11 15:15 UTC (permalink / raw)
To: tpm2
[-- Attachment #1: Type: text/plain, Size: 4382 bytes --]
> -----Original Message-----
> From: Andrew Featherstone [mailto:andrew.featherstone(a)gmail.com]
> Sent: Tuesday, March 10, 2020 5:29 PM
> To: Roberts, William C <william.c.roberts(a)intel.com>
> Cc: tpm2(a)lists.01.org; Desai, Imran <imran.desai(a)intel.com>
> Subject: Re: [tpm2] tpm2_certify signature verification
>
> I think I've made some progress here. I think the signature is over a digest of the
> entire attestation structure. Here's an example of certifying a primary key under
> the endorsement hierarchy. I think this could do with a little polish, but I think it's
> a useful example. The eventual aim is to use this as part of the SKAE Extension in
> X.509 certificates.
>
>
> tpm2_createprimary -Q -C e -g sha256 -G rsa -c primary.ctx tpm2_create -Q -g
> sha256 -G rsa -u certify.pub -r certify.priv -C primary.ctx # Generate a PEM file
> suitable for use with OpenSSL containing the public key used to certify the
> primary key.
> tpm2_readpublic -Q -c certify.ctx -f pem -o certify.pem tpm2_certify -Q -c
> primary.ctx -C certify.ctx -g sha256 -o attest.out -s sig.out # We're only interested
> in the raw SHA-256 signature, not the TPMT_SIGNATURE's
> TPMI_ALG_SIG_SCHEME, so extract the raw signature from the last 256 bytes.
> tail -c 256 sig.out > sig.out.raw
tpm2_certify has -f or --format option where you can get the output without the algorithm
and thus avoiding the use of tail and peering into TSS structures blindly.
> # Verify the signature across a SHA-256 digest of the TPM2B_ATTEST structure
> using OpenSSL.
> $ openssl dgst -verify certify.pem -keyform pem -sha256 -signature sig.out.raw
> attest.out Verified OK
>
> On Tue, 10 Mar 2020 at 16:56, Roberts, William C <william.c.roberts(a)intel.com
> <mailto:william.c.roberts(a)intel.com> > wrote:
>
>
> Imran could you weigh in on this?
>
> Thanks,
> Bill
>
> > -----Original Message-----
> > From: andrew.featherstone(a)gmail.com
> <mailto:andrew.featherstone(a)gmail.com>
> > [mailto:andrew.featherstone(a)gmail.com
> <mailto:andrew.featherstone(a)gmail.com> ]
> > Sent: Saturday, March 7, 2020 7:12 AM
> > To: tpm2(a)lists.01.org <mailto:tpm2(a)lists.01.org>
> > Subject: [tpm2] tpm2_certify signature verification
> >
> > Hi there,
> >
> > I'm trying to use the output of tpm2_certify to construt the Subject Key
> > Attestation Evidence Extension (SKAE Extension)[1] for a X.509
> Certificate
> > Request. I've followed the example at https://github.com/tpm2-
> software/tpm2-
> > tools/blob/master/man/tpm2_certify.1.md
> <http://tpm2_certify.1.md> , but I'm struggling to work out how
> > to use the tpm2-tools to check the signature over the attestation
> structure.
> > Looking at https://github.com/tpm2-software/tpm2-
> > tools/blob/master/man/tpm2_verifysignature.1.md
> <http://tpm2_verifysignature.1.md> I expected to perform
> > something like the following (unfortunately I'm not able to retrieve the
> complete
> > command history right now):
> >
> > tpm2_create -G rsa -u rsa.pub -r rsa.priv -C primary.ctx tpm2_load -C
> primary.ctx
> > -u rsa.pub -r rsa.priv -c rsa.ctx tpm2_certify -c rsa.ctx -C certify.ctx -g
> sha256 -o
> > attest.out -s sig.out tpm2_verifysignature -c rsa.ctx -g sha256 -m
> attest.out -s
> > sig.out
> > WARNING:esys:../tpm2-tss-2.3.2/src/tss2-
> > esys/api/Esys_VerifySignature.c:302:Esys_VerifySignature_Finish()
> Received
> > TPM Error
> > ERROR:esys:../tpm2-tss-2.3.2/src/tss2-
> > esys/api/Esys_VerifySignature.c:103:Esys_VerifySignature() Esys Finish
> ErrorCode
> > (0x000002db)
> > ERROR: Esys_VerifySignature(0x2DB) - tpm:parameter(2):the signature
> is not
> > valid
> > ERROR: Verify signature failed!
> > ERROR: Unable to run tpm2_verifysignature
> >
> > Is anyone able to post a complete example to show how the output of
> > tpm2_certify is verified, based on the attestation key used?
> >
> > [1] https://trustedcomputinggroup.org/wp-
> > content/uploads/IWG_SKAE_Extension_1-00.pdf
> > _______________________________________________
> > tpm2 mailing list -- tpm2(a)lists.01.org <mailto:tpm2(a)lists.01.org>
> > To unsubscribe send an email to tpm2-leave(a)lists.01.org <mailto:tpm2-
> leave(a)lists.01.org>
> > %(web_page_url)slistinfo%(cgiext)s/%(_internal_name)s
>
^ permalink raw reply [flat|nested] 4+ messages in thread
* [tpm2] Re: tpm2_certify signature verification
@ 2020-03-10 22:29 Andrew Featherstone
0 siblings, 0 replies; 4+ messages in thread
From: Andrew Featherstone @ 2020-03-10 22:29 UTC (permalink / raw)
To: tpm2
[-- Attachment #1: Type: text/plain, Size: 3473 bytes --]
I think I've made some progress here. I think the signature is over a
digest of the entire attestation structure. Here's an example of certifying
a primary key under the endorsement hierarchy. I think this could do with a
little polish, but I think it's a useful example. The eventual aim is to
use this as part of the SKAE Extension in X.509 certificates.
tpm2_createprimary -Q -C e -g sha256 -G rsa -c primary.ctx
tpm2_create -Q -g sha256 -G rsa -u certify.pub -r certify.priv -C primary.ctx
# Generate a PEM file suitable for use with OpenSSL containing the
public key used to certify the primary key.
tpm2_readpublic -Q -c certify.ctx -f pem -o certify.pemtpm2_certify -Q
-c primary.ctx -C certify.ctx -g sha256 -o attest.out -s sig.out#
We're only interested in the raw SHA-256 signature, not the
TPMT_SIGNATURE's TPMI_ALG_SIG_SCHEME, so extract the raw signature
from the last 256 bytes.tail -c 256 sig.out > sig.out.raw# Verify the
signature across a SHA-256 digest of the TPM2B_ATTEST structure using
OpenSSL.$ openssl dgst -verify certify.pem -keyform pem -sha256
-signature sig.out.raw attest.outVerified OK
On Tue, 10 Mar 2020 at 16:56, Roberts, William C <
william.c.roberts(a)intel.com> wrote:
> Imran could you weigh in on this?
>
> Thanks,
> Bill
>
> > -----Original Message-----
> > From: andrew.featherstone(a)gmail.com
> > [mailto:andrew.featherstone(a)gmail.com]
> > Sent: Saturday, March 7, 2020 7:12 AM
> > To: tpm2(a)lists.01.org
> > Subject: [tpm2] tpm2_certify signature verification
> >
> > Hi there,
> >
> > I'm trying to use the output of tpm2_certify to construt the Subject Key
> > Attestation Evidence Extension (SKAE Extension)[1] for a X.509
> Certificate
> > Request. I've followed the example at
> https://github.com/tpm2-software/tpm2-
> > tools/blob/master/man/tpm2_certify.1.md , but I'm struggling to work
> out how
> > to use the tpm2-tools to check the signature over the attestation
> structure.
> > Looking at https://github.com/tpm2-software/tpm2-
> > tools/blob/master/man/tpm2_verifysignature.1.md I expected to perform
> > something like the following (unfortunately I'm not able to retrieve the
> complete
> > command history right now):
> >
> > tpm2_create -G rsa -u rsa.pub -r rsa.priv -C primary.ctx tpm2_load -C
> primary.ctx
> > -u rsa.pub -r rsa.priv -c rsa.ctx tpm2_certify -c rsa.ctx -C certify.ctx
> -g sha256 -o
> > attest.out -s sig.out tpm2_verifysignature -c rsa.ctx -g sha256 -m
> attest.out -s
> > sig.out
> > WARNING:esys:../tpm2-tss-2.3.2/src/tss2-
> > esys/api/Esys_VerifySignature.c:302:Esys_VerifySignature_Finish()
> Received
> > TPM Error
> > ERROR:esys:../tpm2-tss-2.3.2/src/tss2-
> > esys/api/Esys_VerifySignature.c:103:Esys_VerifySignature() Esys Finish
> ErrorCode
> > (0x000002db)
> > ERROR: Esys_VerifySignature(0x2DB) - tpm:parameter(2):the signature is
> not
> > valid
> > ERROR: Verify signature failed!
> > ERROR: Unable to run tpm2_verifysignature
> >
> > Is anyone able to post a complete example to show how the output of
> > tpm2_certify is verified, based on the attestation key used?
> >
> > [1] https://trustedcomputinggroup.org/wp-
> > content/uploads/IWG_SKAE_Extension_1-00.pdf
> > _______________________________________________
> > tpm2 mailing list -- tpm2(a)lists.01.org
> > To unsubscribe send an email to tpm2-leave(a)lists.01.org
> > %(web_page_url)slistinfo%(cgiext)s/%(_internal_name)s
>
[-- Attachment #2: attachment.htm --]
[-- Type: text/html, Size: 5447 bytes --]
^ permalink raw reply [flat|nested] 4+ messages in thread
* [tpm2] Re: tpm2_certify signature verification
@ 2020-03-10 16:56 Roberts, William C
0 siblings, 0 replies; 4+ messages in thread
From: Roberts, William C @ 2020-03-10 16:56 UTC (permalink / raw)
To: tpm2
[-- Attachment #1: Type: text/plain, Size: 2112 bytes --]
Imran could you weigh in on this?
Thanks,
Bill
> -----Original Message-----
> From: andrew.featherstone(a)gmail.com
> [mailto:andrew.featherstone(a)gmail.com]
> Sent: Saturday, March 7, 2020 7:12 AM
> To: tpm2(a)lists.01.org
> Subject: [tpm2] tpm2_certify signature verification
>
> Hi there,
>
> I'm trying to use the output of tpm2_certify to construt the Subject Key
> Attestation Evidence Extension (SKAE Extension)[1] for a X.509 Certificate
> Request. I've followed the example at https://github.com/tpm2-software/tpm2-
> tools/blob/master/man/tpm2_certify.1.md , but I'm struggling to work out how
> to use the tpm2-tools to check the signature over the attestation structure.
> Looking at https://github.com/tpm2-software/tpm2-
> tools/blob/master/man/tpm2_verifysignature.1.md I expected to perform
> something like the following (unfortunately I'm not able to retrieve the complete
> command history right now):
>
> tpm2_create -G rsa -u rsa.pub -r rsa.priv -C primary.ctx tpm2_load -C primary.ctx
> -u rsa.pub -r rsa.priv -c rsa.ctx tpm2_certify -c rsa.ctx -C certify.ctx -g sha256 -o
> attest.out -s sig.out tpm2_verifysignature -c rsa.ctx -g sha256 -m attest.out -s
> sig.out
> WARNING:esys:../tpm2-tss-2.3.2/src/tss2-
> esys/api/Esys_VerifySignature.c:302:Esys_VerifySignature_Finish() Received
> TPM Error
> ERROR:esys:../tpm2-tss-2.3.2/src/tss2-
> esys/api/Esys_VerifySignature.c:103:Esys_VerifySignature() Esys Finish ErrorCode
> (0x000002db)
> ERROR: Esys_VerifySignature(0x2DB) - tpm:parameter(2):the signature is not
> valid
> ERROR: Verify signature failed!
> ERROR: Unable to run tpm2_verifysignature
>
> Is anyone able to post a complete example to show how the output of
> tpm2_certify is verified, based on the attestation key used?
>
> [1] https://trustedcomputinggroup.org/wp-
> content/uploads/IWG_SKAE_Extension_1-00.pdf
> _______________________________________________
> tpm2 mailing list -- tpm2(a)lists.01.org
> To unsubscribe send an email to tpm2-leave(a)lists.01.org
> %(web_page_url)slistinfo%(cgiext)s/%(_internal_name)s
^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2020-03-11 15:15 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2020-03-10 17:12 [tpm2] Re: tpm2_certify signature verification Imran Desai
-- strict thread matches above, loose matches on Subject: below --
2020-03-11 15:15 Roberts, William C
2020-03-10 22:29 Andrew Featherstone
2020-03-10 16:56 Roberts, William C
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.