* [tpm2] Re: tpm2_createprimary question about unique field
@ 2020-02-13 8:57 Niklas Andersson
0 siblings, 0 replies; 2+ messages in thread
From: Niklas Andersson @ 2020-02-13 8:57 UTC (permalink / raw)
To: tpm2
[-- Attachment #1: Type: text/plain, Size: 1858 bytes --]
Adding one byte should not be needed in the latest version I believe.
Reason the byte was skipped earlier is because it just contains the byte
size of the following struct. When you output the struct to a file the file
size is obvious, and thus renders this byte obsolete.
Hope this helps.
- Niklas
On Thu, Feb 13, 2020, 02:12 Rowan Moul <lists(a)rowan.moul.ca> wrote:
> What is the purpose of appending 0x00 0x01 to the beginning of the
> unique data
> <https://github.com/tpm2-software/tpm2-tools/blob/master/man/tpm2_createprimary.1.md#create-a-primary-object-that-follows-the-guidance-of-tcg-provisioning-guide>?
> I'm sure it's just something obvious that I'm not seeing, but I can't seem
> to figure it out despite looking over the code and reading through TCG
> documents.
>
> All I can determine is that I get a "buffer_size: 4096 with offset: 46 are
> insufficient for object of size 51919" error if I don't have it. The object
> size reported varies depending on data that I pass in. The amount of data
> is always 32 random bytes in my tests, but randomly generated. The object
> size seems far too large, which leads me to believe that something is
> reading past the end of the file, although I didn't see any obvious issues
> in the code that reads the files.
>
> It seems like more explanation is needed on the man page about the
> required format of this file, as the description given doesn't lead to the
> successful creation of a primary key unless you understand that you are
> supposed to add that to the front of the file rather than it just being an
> example.
>
> Thanks,
> Rowan
> _______________________________________________
> tpm2 mailing list -- tpm2(a)lists.01.org
> To unsubscribe send an email to tpm2-leave(a)lists.01.org
> %(web_page_url)slistinfo%(cgiext)s/%(_internal_name)s
[-- Attachment #2: attachment.htm --]
[-- Type: text/html, Size: 3229 bytes --]
^ permalink raw reply [flat|nested] 2+ messages in thread
* [tpm2] Re: tpm2_createprimary question about unique field
@ 2020-02-15 17:57 Rowan Moul
0 siblings, 0 replies; 2+ messages in thread
From: Rowan Moul @ 2020-02-15 17:57 UTC (permalink / raw)
To: tpm2
[-- Attachment #1: Type: text/plain, Size: 3097 bytes --]
Ahh I think I get it!
The unique portion of a TPMT_PUBLIC is a TPMU_PUBLIC_ID, which is a TPM2B_PUBLIC_KEY_RSA when you are creating an RSA primary key.
That last one is a buffer structure: “The “TPM2B_” prefix is used for a structure that has a size field followed by a data buffer with the indicated number of octets. The size field is 16 bits.”
I don’t think it was reading past the end of the file, but past the end of the unique data in memory at a later point in the process. I am using the latest release (4.1.1), but these two bytes are still required to define the size of the data you are passing in. They don’t have to be 0x00 0x01 (which represents a size of 256 bytes when interpreted in little-endian byte order), but should match the size of the data that you are passing. So for my test case of 32 bytes it should actually be 0x20 0x00
Knowing this it seems like the man page is accurate, but perhaps further explanation is needed if this is meant to be tool used by a less informed user.
Alternatively the tool could be changed to set this two byte size internally based on the file size that it reads in.
Rowan
>> On Feb 13, 2020, at 01:57, Niklas Andersson <niklas.andersson(a)fredenheim.se> wrote:
>
> Adding one byte should not be needed in the latest version I believe. Reason the byte was skipped earlier is because it just contains the byte size of the following struct. When you output the struct to a file the file size is obvious, and thus renders this byte obsolete.
>
> Hope this helps.
>
> - Niklas
>
>> On Thu, Feb 13, 2020, 02:12 Rowan Moul <lists(a)rowan.moul.ca> wrote:
>> What is the purpose of appending 0x00 0x01 to the beginning of the unique data?(https://github.com/tpm2-software/tpm2-tools/blob/master/man/tpm2_createprimary.1.md#create-a-primary-object-that-follows-the-guidance-of-tcg-provisioning-guide)
>> I'm sure it's just something obvious that I'm not seeing, but I can't seem to figure it out despite looking over the code and reading through TCG documents.
>> All I can determine is that I get a "buffer_size: 4096 with offset: 46 are insufficient for object of size 51919" error if I don't have it. The object size reported varies depending on data that I pass in. The amount of data is always 32 random bytes in my tests, but randomly generated. The object size seems far too large, which leads me to believe that something is reading past the end of the file, although I didn't see any obvious issues in the code that reads the files.
>>
>> It seems like more explanation is needed on the man page about the required format of this file, as the description given doesn't lead to the successful creation of a primary key unless you understand that you are supposed to add that to the front of the file rather than it just being an example.
>>
>> Thanks,
>>
>> Rowan
>> _______________________________________________
>> tpm2 mailing list -- tpm2(a)lists.01.org
>> To unsubscribe send an email to tpm2-leave(a)lists.01.org
>> %(web_page_url)slistinfo%(cgiext)s/%(_internal_name)s
[-- Attachment #2: attachment.htm --]
[-- Type: text/html, Size: 5303 bytes --]
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2020-02-15 17:57 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2020-02-13 8:57 [tpm2] Re: tpm2_createprimary question about unique field Niklas Andersson
2020-02-15 17:57 Rowan Moul
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.