* Does IMA support SHA-256 PCR banks? @ 2019-12-10 22:37 Lakshmi Ramasubramanian 2019-12-11 8:45 ` Roberto Sassu 0 siblings, 1 reply; 5+ messages in thread From: Lakshmi Ramasubramanian @ 2019-12-10 22:37 UTC (permalink / raw) To: James Bottomley, jarkko.sakkinen, Mimi Zohar, linux-integrity Hi, I noticed that even when SHA-256 is selected as the digest algorithm for IMA measurement, the PCR hash is still SHA-1. A net search found the text given below in the following wiki: https://wiki.strongswan.org/projects/strongswan/wiki/IMA ********************************************************************** Since SHA-1 has been "shattered" we recommend to use SHA-256 for the file measurement hashes. IMA implementation does not support SHA-256 PCR banks yet, so the SHA-256 file hashes are extended into SHA-1 PCR registers. ********************************************************************** Is the above still true? In ima_init_digests() the digest algorithm for PCR extend is set from the digest algorithm set in the PCR banks. Is there a way to configure IMA to use SHA-256 PCR banks? int __init ima_init_digests(void) { ... for (i = 0; i < ima_tpm_chip->nr_allocated_banks; i++) digests[i].alg_id = ima_tpm_chip->allocated_banks[i].alg_id; ... } thanks, -lakshmi ^ permalink raw reply [flat|nested] 5+ messages in thread
* RE: Does IMA support SHA-256 PCR banks? 2019-12-10 22:37 Does IMA support SHA-256 PCR banks? Lakshmi Ramasubramanian @ 2019-12-11 8:45 ` Roberto Sassu 2019-12-11 17:35 ` Lakshmi Ramasubramanian 2019-12-25 16:46 ` Ken Goldman 0 siblings, 2 replies; 5+ messages in thread From: Roberto Sassu @ 2019-12-11 8:45 UTC (permalink / raw) To: Lakshmi Ramasubramanian, James Bottomley, jarkko.sakkinen, Mimi Zohar, linux-integrity, Wiseman, Monty (GE Global Research, US), david.safford, Silviu Vlasceanu > -----Original Message----- > From: linux-integrity-owner@vger.kernel.org [mailto:linux-integrity- > owner@vger.kernel.org] On Behalf Of Lakshmi Ramasubramanian > Sent: Tuesday, December 10, 2019 11:37 PM > To: James Bottomley <James.Bottomley@HansenPartnership.com>; > jarkko.sakkinen@linux.intel.com; Mimi Zohar <zohar@linux.ibm.com>; > linux-integrity@vger.kernel.org > Subject: Does IMA support SHA-256 PCR banks? > > Hi, > > I noticed that even when SHA-256 is selected as the digest algorithm for > IMA measurement, the PCR hash is still SHA-1. > > A net search found the text given below in the following wiki: > https://wiki.strongswan.org/projects/strongswan/wiki/IMA > > ********************************************************** > ************ > Since SHA-1 has been "shattered" we recommend to use SHA-256 for the > file measurement hashes. > > IMA implementation does not support SHA-256 PCR banks yet, so the > SHA-256 file hashes are extended into SHA-1 PCR registers. > ********************************************************** > ************ > > Is the above still true? > > In ima_init_digests() the digest algorithm for PCR extend is set from > the digest algorithm set in the PCR banks. > > Is there a way to configure IMA to use SHA-256 PCR banks? > > int __init ima_init_digests(void) > { > ... > for (i = 0; i < ima_tpm_chip->nr_allocated_banks; i++) > digests[i].alg_id = ima_tpm_chip->allocated_banks[i].alg_id; > ... Hi Lakshmi currently the SHA256 PCR bank is extended with a padded SHA1. Some time ago, I posted some patches to support the TGC Crypto Agile format: https://lkml.org/lkml/2017/5/16/369 However, this is a bit complicate because the current format does not follow the TCG standard. A work to support the new IMA Canonical Event Log format has been presented at LSS: https://static.sched.com/hosted_files/lssna18/03/lss_2018_slides_V4.pdf Given that the patches are very invasive, to me seems a good idea to split this work in two parts: first, extend PCRs with the correct digest and second change the measurement list format. For the first part, the patch will be very simple, as IMA will just query the TPM to get the list of hash algorithms and will calculate all the digests in ima_calc_field_array_hash(). Also, the first part would be sufficient for remote attestation, as the data used to calculate the digests is passed to the verifier. The verifier can calculate by himself the digest of non-SHA1 PCR banks, even if they are not included in the measurement list. Roberto ^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: Does IMA support SHA-256 PCR banks? 2019-12-11 8:45 ` Roberto Sassu @ 2019-12-11 17:35 ` Lakshmi Ramasubramanian 2019-12-25 16:46 ` Ken Goldman 1 sibling, 0 replies; 5+ messages in thread From: Lakshmi Ramasubramanian @ 2019-12-11 17:35 UTC (permalink / raw) To: Roberto Sassu, linux-integrity, Mimi Zohar On 12/11/19 12:45 AM, Roberto Sassu wrote: > > Hi Lakshmi > > currently the SHA256 PCR bank is extended with a padded SHA1. > > Some time ago, I posted some patches to support the TGC Crypto Agile format: > > https://lkml.org/lkml/2017/5/16/369 > > However, this is a bit complicate because the current format does not follow > the TCG standard. A work to support the new IMA Canonical Event Log format > has been presented at LSS: > > https://static.sched.com/hosted_files/lssna18/03/lss_2018_slides_V4.pdf > > Given that the patches are very invasive, to me seems a good idea to split this > work in two parts: first, extend PCRs with the correct digest and second > change the measurement list format. > > For the first part, the patch will be very simple, as IMA will just query the TPM > to get the list of hash algorithms and will calculate all the digests in > ima_calc_field_array_hash(). > > Also, the first part would be sufficient for remote attestation, as the data used > to calculate the digests is passed to the verifier. The verifier can calculate by > himself the digest of non-SHA1 PCR banks, even if they are not included in the > measurement list. > > Roberto > Thanks Roberto for the info and the link to the related patches posted earlier. I'll take a look at the patches. thanks, -lakshmi ^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: Does IMA support SHA-256 PCR banks? 2019-12-11 8:45 ` Roberto Sassu 2019-12-11 17:35 ` Lakshmi Ramasubramanian @ 2019-12-25 16:46 ` Ken Goldman 2020-01-07 8:58 ` Roberto Sassu 1 sibling, 1 reply; 5+ messages in thread From: Ken Goldman @ 2019-12-25 16:46 UTC (permalink / raw) To: Roberto Sassu, linux-integrity On 12/11/2019 3:45 AM, Roberto Sassu wrote: > > For the first part, the patch will be very simple, as IMA will just query the TPM > to get the list of hash algorithms and will calculate all the digests in > ima_calc_field_array_hash(). This query is probably for the allocated PCR banks. I.e., a TPM may implement more hash algorithms than it allocates PCR banks. For example, my hardware TPM reports 3 implemented hash algorithms, but it only allocates 2 PCR banks. $ getcapability -cap 5 3 PCR selections hash TPM_ALG_SHA1 TPMS_PCR_SELECTION length 3 ff ff ff hash TPM_ALG_SHA256 TPMS_PCR_SELECTION length 3 ff ff ff hash TPM_ALG_SHA384 TPMS_PCR_SELECTION length 3 00 00 00 ^ permalink raw reply [flat|nested] 5+ messages in thread
* RE: Does IMA support SHA-256 PCR banks? 2019-12-25 16:46 ` Ken Goldman @ 2020-01-07 8:58 ` Roberto Sassu 0 siblings, 0 replies; 5+ messages in thread From: Roberto Sassu @ 2020-01-07 8:58 UTC (permalink / raw) To: Ken Goldman, linux-integrity, Silviu Vlasceanu > -----Original Message----- > From: Ken Goldman [mailto:kgold@linux.ibm.com] > Sent: Wednesday, December 25, 2019 5:47 PM > To: Roberto Sassu <roberto.sassu@huawei.com>; linux- > integrity@vger.kernel.org > Subject: Re: Does IMA support SHA-256 PCR banks? > > On 12/11/2019 3:45 AM, Roberto Sassu wrote: > > > > For the first part, the patch will be very simple, as IMA will just query the > TPM > > to get the list of hash algorithms and will calculate all the digests in > > ima_calc_field_array_hash(). > > This query is probably for the allocated PCR banks. I.e., a TPM may > implement more hash algorithms than it allocates PCR banks. Yes, correct. The TPM driver determines the allocated banks at initialization time and stores them in the tpm_chip structure which is retrieved by IMA. Roberto ^ permalink raw reply [flat|nested] 5+ messages in thread
end of thread, other threads:[~2020-01-07 8:58 UTC | newest] Thread overview: 5+ messages (download: mbox.gz / follow: Atom feed) -- links below jump to the message on this page -- 2019-12-10 22:37 Does IMA support SHA-256 PCR banks? Lakshmi Ramasubramanian 2019-12-11 8:45 ` Roberto Sassu 2019-12-11 17:35 ` Lakshmi Ramasubramanian 2019-12-25 16:46 ` Ken Goldman 2020-01-07 8:58 ` Roberto Sassu
This is an external index of several public inboxes, see mirroring instructions on how to clone and mirror all data and code used by this external index.