On Mon, 2021-05-24 at 08:36 +0100, David Woodhouse wrote:
> On Sat, 2021-05-22 at 11:15 -0700, James Bottomley wrote:
> >    If a permanent handle (MSO 0x40) is specified then the implementation
> >    MUST run TPM2_CreatePrimary on the handle using the TCG specified
> >    Elliptic Curve template for the NIST P-256 curve and use the primary
> >    key so generated as the parent.
> 
> Looks good in general; can we be more explicit here about the template,
> with a specific reference to where it's found?
> 
> This is where we found incompatibilities between the implementations
> because things like NODA led to a different generated key, isn't it?

Looking for this in the TPM specs so I could heckle more usefully in
'diff -up' form, I don't actually find it. I *do* find wording such as
(§23.7 of the Architecture spec) "A Primary Object may have fixedParent
SET or CLEAR".

Which doesn't really help, since in our case the derived object really
MUST have all of TPMA_OBJECT_NODA, TPMA_OBJECT_FIXEDTPM,
TPMA_OBJECT_FIXEDPARENT etc. otherwise it won't match between
implementations. When we reconciled the tpm2-tss-engine with yours, I
recall that we added NODA, and FIXEDTPM|FIXEDPARENT to them
respectively to make them match.

Is the template we use actually spelled out somewhere in the TPM specs
that I'm missing, or do we need to make it explicit in your draft?