Received: by 2002:ac0:a5a6:0:0:0:0:0 with SMTP id m35-v6csp58580imm; Wed, 5 Sep 2018 14:58:45 -0700 (PDT) X-Google-Smtp-Source: ANB0VdauqOa5rqK3m7xD2L9rbREb8uxT2k+OlGlpCKDLnFnszsTWDYH9fasJ02/Bcq0Y4kqwWgDD X-Received: by 2002:a62:25c5:: with SMTP id l188-v6mr42143377pfl.179.1536184725707; Wed, 05 Sep 2018 14:58:45 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1536184725; cv=none; d=google.com; s=arc-20160816; b=Hh6r+0pUrW/gnQ7aqABZNsXeLhZPOt7yHeqxycRthYt+P7+nGy8Hk2RdMy6gx6AyuT 1H2b/b3cAO0xFW/oM++UJnzI26NWDZ4AhcLQT1j6SBUI3AzXgnpNQEMegbyvQMcOmqi7 CJOPYJQlK46vO1e9N2WR2NKJgUkxajed5nFmnlQIYueYBunY/iVaWoZ2Vi1nD9n2qjld TQVWHAF4ApWGnqQoUnzNcy5I0V5gW8kVdgEYbaqbZ8N//vjkx/KLgW80GjrG5x7+qYLl idwu6E18yQO66TpBgx5d6yIL5ACOsM+IRvO/6cknvfBs1lklVB/Jg9gc88Nz3QuqmyPv ebWg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :user-agent:references:in-reply-to:message-id:date:cc:to:from :subject:organization; bh=xehYrsrJmnRTu9onElKIbI4k1uYOWgAl6umQ4kLPZt0=; b=FY1fgCaULnk4WdyLKcv3no94c9/yAH06rGfG4WJOCrHiHtrLmAGWrY+YakO8OM+0tV Jw9wzMK3Vd907XOE9NjUWh5CUKrqAzjqh4jMXgo6VDLGYzwdVu/vUS6u1ZBcSDNGmI6M RjWPMccY2U+9sPDAerSxYHkE7pQBRyLeP2UwcW2SxXjNHUhil56Ooq8BwMm8oy8Q5HEi SekmvOF+rsZHRudC+q1TuBZeK1oI9Kpj93HflD/ZgiJtZ5tySiRtXH4p9JcOuLdRHXlx TE95WPFNmjq6rf0rLasvFcDQd+vxowliohTZzKcmq0sONfc7vUNdMTq9n9WuQq0/ELwz 4oqA== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=redhat.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id h126-v6si3548159pfe.72.2018.09.05.14.58.29; Wed, 05 Sep 2018 14:58:45 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=redhat.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1728263AbeIFC2s (ORCPT + 99 others); Wed, 5 Sep 2018 22:28:48 -0400 Received: from mx3-rdu2.redhat.com ([66.187.233.73]:35796 "EHLO mx1.redhat.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S1727703AbeIFC2q (ORCPT ); Wed, 5 Sep 2018 22:28:46 -0400 Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.rdu2.redhat.com [10.11.54.3]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 6D04087927; Wed, 5 Sep 2018 21:56:37 +0000 (UTC) Received: from warthog.procyon.org.uk (ovpn-123-84.rdu2.redhat.com [10.10.123.84]) by smtp.corp.redhat.com (Postfix) with ESMTP id 89DC21012331; Wed, 5 Sep 2018 21:56:36 +0000 (UTC) Organization: Red Hat UK Ltd. Registered Address: Red Hat UK Ltd, Amberley Place, 107-111 Peascod Street, Windsor, Berkshire, SI4 1TE, United Kingdom. Registered in England and Wales under Company Registration No. 3798903 Subject: [PATCH 21/22] KEYS: asym_tpm: Implement tpm_sign From: David Howells To: jmorris@namei.org Cc: denkenz@gmail.com, keyrings@vger.kernel.org, linux-security-module@vger.kernel.org, linux-kernel@vger.kernel.org Date: Wed, 05 Sep 2018 22:56:36 +0100 Message-ID: <153618459605.7946.15326639117395031882.stgit@warthog.procyon.org.uk> In-Reply-To: <153618445730.7946.10001472635835806478.stgit@warthog.procyon.org.uk> References: <153618445730.7946.10001472635835806478.stgit@warthog.procyon.org.uk> User-Agent: StGit/unknown-version MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: 7bit X-Scanned-By: MIMEDefang 2.78 on 10.11.54.3 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.11.55.1]); Wed, 05 Sep 2018 21:56:37 +0000 (UTC) X-Greylist: inspected by milter-greylist-4.5.16 (mx1.redhat.com [10.11.55.1]); Wed, 05 Sep 2018 21:56:37 +0000 (UTC) for IP:'10.11.54.3' DOMAIN:'int-mx03.intmail.prod.int.rdu2.redhat.com' HELO:'smtp.corp.redhat.com' FROM:'dhowells@redhat.com' RCPT:'' Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org From: Denis Kenzior Signed-off-by: Denis Kenzior Signed-off-by: David Howells --- crypto/asymmetric_keys/asym_tpm.c | 87 +++++++++++++++++++++++++++++++++++++ 1 file changed, 87 insertions(+) diff --git a/crypto/asymmetric_keys/asym_tpm.c b/crypto/asymmetric_keys/asym_tpm.c index a38ba375675e..a5a5f913a74f 100644 --- a/crypto/asymmetric_keys/asym_tpm.c +++ b/crypto/asymmetric_keys/asym_tpm.c @@ -20,9 +20,11 @@ #define TPM_ORD_FLUSHSPECIFIC 186 #define TPM_ORD_LOADKEY2 65 #define TPM_ORD_UNBIND 30 +#define TPM_ORD_SIGN 60 #define TPM_LOADKEY2_SIZE 59 #define TPM_FLUSHSPECIFIC_SIZE 18 #define TPM_UNBIND_SIZE 63 +#define TPM_SIGN_SIZE 63 #define TPM_RT_KEY 0x00000001 @@ -189,6 +191,91 @@ static int tpm_unbind(struct tpm_buf *tb, return datalen; } +/* + * Sign a blob provided by userspace (that has had the hash function applied) + * using a specific key handle. The handle is assumed to have been previously + * loaded by e.g. LoadKey2. + * + * Note that the key signature scheme of the used key should be set to + * TPM_SS_RSASSAPKCS1v15_DER. This allows the hashed input to be of any size + * up to key_length_in_bytes - 11 and not be limited to size 20 like the + * TPM_SS_RSASSAPKCS1v15_SHA1 signature scheme. + */ +static int tpm_sign(struct tpm_buf *tb, + uint32_t keyhandle, unsigned char *keyauth, + const unsigned char *blob, uint32_t bloblen, + void *out, uint32_t outlen) +{ + unsigned char nonceodd[TPM_NONCE_SIZE]; + unsigned char enonce[TPM_NONCE_SIZE]; + unsigned char authdata[SHA1_DIGEST_SIZE]; + uint32_t authhandle = 0; + unsigned char cont = 0; + uint32_t ordinal; + uint32_t datalen; + int ret; + + ordinal = htonl(TPM_ORD_SIGN); + datalen = htonl(bloblen); + + /* session for loading the key */ + ret = oiap(tb, &authhandle, enonce); + if (ret < 0) { + pr_info("oiap failed (%d)\n", ret); + return ret; + } + + /* generate odd nonce */ + ret = tpm_get_random(NULL, nonceodd, TPM_NONCE_SIZE); + if (ret < 0) { + pr_info("tpm_get_random failed (%d)\n", ret); + return ret; + } + + /* calculate authorization HMAC value */ + ret = TSS_authhmac(authdata, keyauth, SHA1_DIGEST_SIZE, enonce, + nonceodd, cont, sizeof(uint32_t), &ordinal, + sizeof(uint32_t), &datalen, + bloblen, blob, 0, 0); + if (ret < 0) + return ret; + + /* build the request buffer */ + INIT_BUF(tb); + store16(tb, TPM_TAG_RQU_AUTH1_COMMAND); + store32(tb, TPM_SIGN_SIZE + bloblen); + store32(tb, TPM_ORD_SIGN); + store32(tb, keyhandle); + store32(tb, bloblen); + storebytes(tb, blob, bloblen); + store32(tb, authhandle); + storebytes(tb, nonceodd, TPM_NONCE_SIZE); + store8(tb, cont); + storebytes(tb, authdata, SHA1_DIGEST_SIZE); + + ret = trusted_tpm_send(tb->data, MAX_BUF_SIZE); + if (ret < 0) { + pr_info("authhmac failed (%d)\n", ret); + return ret; + } + + datalen = LOAD32(tb->data, TPM_DATA_OFFSET); + + ret = TSS_checkhmac1(tb->data, ordinal, nonceodd, + keyauth, SHA1_DIGEST_SIZE, + sizeof(uint32_t), TPM_DATA_OFFSET, + datalen, TPM_DATA_OFFSET + sizeof(uint32_t), + 0, 0); + if (ret < 0) { + pr_info("TSS_checkhmac1 failed (%d)\n", ret); + return ret; + } + + memcpy(out, tb->data + TPM_DATA_OFFSET + sizeof(uint32_t), + min(datalen, outlen)); + + return datalen; +} /* * Maximum buffer size for the BER/DER encoded public key. The public key * is of the form SEQUENCE { INTEGER n, INTEGER e } where n is a maximum 2048