[Question]: Question on the hash algorithm of evm and pcr_extend?

[Question]: Question on the hash algorithm of evm and pcr_extend?

[Likun (Hw)]

[-- Attachment #1.1: Type: text/plain, Size: 708 bytes --]

Hi,

*         Is there any plan to support other evm_hmac algorithms (like we done on  ima file data hash algorithm), the sha2 or other recent algorithms are more hardened than sha1 after all.



*         We have supported arbitrary hash algorithms for ima file data measurement  since commit e7a2ad7eb6f48ad80c70a22dd8167fb34b409466, but the ima template hash algorithm is still sha1 due to
the tpm1.2 pcr limitation.
But as we all know ,the tpm2 has supported sha2/sm3 and other algorithms , is there any approach to use TPM2.0 better ? For example , could we use sha2 as default digest algorithm, and when we meet tpm1.2, we truncate the digest from 32 to 20 bytes ?
Best Regards,
Li Kun



[-- Attachment #1.2: Type: text/html, Size: 6008 bytes --]

[-- Attachment #2: Type: text/plain, Size: 202 bytes --]

------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, SlashDot.org! http://sdm.link/slashdot

[-- Attachment #3: Type: text/plain, Size: 192 bytes --]

_______________________________________________
tpmdd-devel mailing list
tpmdd-devel-5NWGOfrQmneRv+LV9MX5uipxlwaOVQ5f@public.gmane.org
https://lists.sourceforge.net/lists/listinfo/tpmdd-devel

Re: [Linux-ima-devel] [Question]: Question on the hash algorithm of evm and pcr_extend?

[Mimi Zohar]

On Thu, 2017-02-23 at 09:36 +0000, Likun (Hw) wrote:
> Hi,
> 
> *         Is there any plan to support other evm_hmac algorithms (like
> we done on  ima file data hash algorithm), the sha2 or other recent
> algorithms are more hardened than sha1 after all.

The EVM hmac values are system local, so adding support for other hash
algorithms  shouldn't be a problem.  Similarly adding signature support
larger hash algorithms should be fine.

Patches are welcome to add this support.

> *         We have supported arbitrary hash algorithms for ima file
> data measurement  since commit
> e7a2ad7eb6f48ad80c70a22dd8167fb34b409466, but the ima template hash
> algorithm is still sha1 due to the tpm1.2 pcr limitation.
> But as we all know ,the tpm2 has supported sha2/sm3 and other
> algorithms , is there any approach to use TPM2.0 better ? For
> example , could we use sha2 as default digest algorithm, and when we
> meet tpm1.2, we truncate the digest from 32 to 20 bytes ?

The two patches that Nayna Jain just upstreamed determine the active PCR
banks and extend those banks with zero padded SHA1 hash into the
multiple TPM banks.

a06c59d417fb tpm: enhance TPM 2.0 PCR extend to support multiple banks
104e5f664d3a tpm: implement TPM 2.0 capability to get active PCR banks

These patches were a stop gap measure until support is added for a "hash
agile" IMA measurement format.  It would be straight forward to replace
the TPM hash algorithm size used in the IMA measurement list with
something that is configurable(eg. Kconfig option), but that puts the
burden on the attestation servers to determine the hash size being used.

A better solution would be to add support for including multiple hashes
in the IMA measurement list.  Whether we will ever support multiple
hashes in the measurement list is irrelevant, but it provides the needed
flexibility.

Mimi


------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, SlashDot.org! http://sdm.link/slashdot