diff options
| author | Lennart Poettering <lennart@poettering.net> | 2022-08-17 17:21:57 +0200 |
|---|---|---|
| committer | Lennart Poettering <lennart@poettering.net> | 2022-09-08 16:34:27 +0200 |
| commit | d9b5841d40996d42a05b7d6f1adf7a7517966262 (patch) | |
| tree | a62d8485238558e54f0a73332e195b5cf327b52c /src/cryptsetup | |
| parent | cdaaa62ca15d34b6def1f8217da60cf3ab99e2c9 (diff) | |
| download | systemd-d9b5841d40996d42a05b7d6f1adf7a7517966262.tar.gz | |
tpm2-util: extend TPM2 policies to optionally check PCR values against signed values
Traditionally, TPM2 PCR policies are bound against literal PCR values,
which makes them hard to work with when updating software that is
measured into PCRs: each update will change the PCR values, and thus
break TPM2 policies of existing objects.
Let's improve the situation: let's allow signed PCR policies. Secrets
and other TPM2 objects can be associated with a public key that signs a
PCR policy. Thus, if the signed policy and the public key is presented,
access to the TPM2 object can be granted. This allows a less brittle
handling of updates: for example, whenever a kernel image is updated a
new signed PCR policy can be shipped along with it, signed by a private
key owned by the kernel vendor (ideally: same private key that is used
to sign the kernel image itself). TPM2 objects can then be bound to the
associated public key, thus allowing objects that can only be unlocked
by kernels of the same vendor. This makes it very easy to update kernels
without affecting locked secrets.
This does not hook up any of the consuming code (just passes NULL/0
everywhere). This is for later commits.
Diffstat (limited to 'src/cryptsetup')
| -rw-r--r-- | src/cryptsetup/cryptsetup-tokens/luks2-tpm2.c | 9 | ||||
| -rw-r--r-- | src/cryptsetup/cryptsetup-tpm2.c | 19 |
2 files changed, 19 insertions, 9 deletions
diff --git a/src/cryptsetup/cryptsetup-tokens/luks2-tpm2.c b/src/cryptsetup/cryptsetup-tokens/luks2-tpm2.c index 9f5dd46734..3d633de3f5 100644 --- a/src/cryptsetup/cryptsetup-tokens/luks2-tpm2.c +++ b/src/cryptsetup/cryptsetup-tokens/luks2-tpm2.c @@ -47,10 +47,15 @@ int acquire_luks2_key( return tpm2_unseal( device, - pcr_mask, pcr_bank, + pcr_mask, + pcr_bank, + /* pubkey= */ NULL, /* pubkey_size= */ 0, + /* pubkey_pcr_mask= */ 0, + /* signature_json= */ NULL, + pin, primary_alg, key_data, key_data_size, - policy_hash, policy_hash_size, pin, + policy_hash, policy_hash_size, ret_decrypted_key, ret_decrypted_key_size); } diff --git a/src/cryptsetup/cryptsetup-tpm2.c b/src/cryptsetup/cryptsetup-tpm2.c index c715c8f232..c348e73b21 100644 --- a/src/cryptsetup/cryptsetup-tpm2.c +++ b/src/cryptsetup/cryptsetup-tpm2.c @@ -55,7 +55,7 @@ static int get_pin(usec_t until, AskPasswordFlags ask_password_flags, bool headl int acquire_tpm2_key( const char *volume_name, const char *device, - uint32_t pcr_mask, + uint32_t hash_pcr_mask, uint16_t pcr_bank, uint16_t primary_alg, const char *key_file, @@ -114,14 +114,17 @@ int acquire_tpm2_key( if (!(flags & TPM2_FLAGS_USE_PIN)) return tpm2_unseal( device, - pcr_mask, + hash_pcr_mask, pcr_bank, + /* pubkey= */ NULL, /* pubkey_size= */ 0, + /* pubkey_pcr_mask= */ 0, + /* signature= */ NULL, + /* pin= */ NULL, primary_alg, blob, blob_size, policy_hash, policy_hash_size, - NULL, ret_decrypted_key, ret_decrypted_key_size); @@ -135,16 +138,18 @@ int acquire_tpm2_key( if (r < 0) return r; - r = tpm2_unseal( - device, - pcr_mask, + r = tpm2_unseal(device, + hash_pcr_mask, pcr_bank, + /* pubkey= */ NULL, /* pubkey_size= */ 0, + /* pubkey_pcr_mask= */ 0, + /* signature= */ NULL, + pin_str, primary_alg, blob, blob_size, policy_hash, policy_hash_size, - pin_str, ret_decrypted_key, ret_decrypted_key_size); /* We get this error in case there is an authentication policy mismatch. This should |