[v3,8/9] security: keys: trusted fix tpm2 authorizations

Message ID	20191218063142.23033-9-James.Bottomley@HansenPartnership.com (mailing list archive)
State	New
Headers	show Return-Path: <SRS0=WWGm=2I=vger.kernel.org=keyrings-owner@kernel.org> From: James Bottomley <James.Bottomley@HansenPartnership.com> To: linux-integrity@vger.kernel.org Cc: Mimi Zohar <zohar@linux.ibm.com>, Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>, David Woodhouse <dwmw2@infradead.org>, keyrings@vger.kernel.org Subject: [PATCH v3 8/9] security: keys: trusted fix tpm2 authorizations Date: Wed, 18 Dec 2019 15:31:41 +0900 Message-Id: <20191218063142.23033-9-James.Bottomley@HansenPartnership.com> In-Reply-To: <20191218063142.23033-1-James.Bottomley@HansenPartnership.com> References: <20191218063142.23033-1-James.Bottomley@HansenPartnership.com> Sender: keyrings-owner@vger.kernel.org Precedence: bulk
Series	TPM 2.0 trusted keys with attached policy \| expand [v3,0/9] TPM 2.0 trusted keys with attached policy [v3,1/9] lib: add asn.1 encoder [v3,2/9] oid_registry: Add TCG defined OIDS for TPM keys [v3,3/9] security: keys: trusted: use ASN.1 tpm2 key format for the blobs [v3,4/9] security: keys: trusted: Make sealed key properly interoperable [v3,5/9] security: keys: trusted: add PCR policy to TPM2 keys [v3,6/9] security: keys: trusted: add ability to specify arbitrary policy [v3,7/9] security: keys: trusted: implement counter/timer policy [v3,8/9] security: keys: trusted fix tpm2 authorizations [v3,9/9] security: keys: trusted: add password based authorizations to policy keys

Message ID

20191218063142.23033-9-James.Bottomley@HansenPartnership.com (mailing list archive)

State

New

Headers

From: James Bottomley <James.Bottomley@HansenPartnership.com>
To: linux-integrity@vger.kernel.org
Cc: Mimi Zohar <zohar@linux.ibm.com>,
        Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>,
        David Woodhouse <dwmw2@infradead.org>, keyrings@vger.kernel.org
Subject: [PATCH v3 8/9] security: keys: trusted fix tpm2 authorizations
Date: Wed, 18 Dec 2019 15:31:41 +0900
Message-Id: <20191218063142.23033-9-James.Bottomley@HansenPartnership.com>
In-Reply-To: <20191218063142.23033-1-James.Bottomley@HansenPartnership.com>
References: <20191218063142.23033-1-James.Bottomley@HansenPartnership.com>
Sender: keyrings-owner@vger.kernel.org
Precedence: bulk

Series

TPM 2.0 trusted keys with attached policy | expand

Commit Message

James Bottomley Dec. 18, 2019, 6:31 a.m. UTC

In TPM 1.2 an authorization was a 20 byte number.  The spec actually
recommended you to hash variable length passwords and use the sha1
hash as the authorization.  Because the spec doesn't require this
hashing, the current authorization for trusted keys is a 40 digit hex
number.  For TPM 2.0 the spec allows the passing in of variable length
passwords and passphrases directly, so we should allow that in trusted
keys for ease of use.  Update the 'blobauth' parameter to take this
into account, so we can now use plain text passwords for the keys.

so before

keyctl add trusted kmk "new 32 blobauth=f572d396fae9206628714fb2ce00f72e94f2258f"

after:

keyctl add trusted kmk "new 32 blobauth=hello keyhandle=81000001"

Signed-off-by: James Bottomley <James.Bottomley@HansenPartnership.com>
---
 include/keys/trusted-type.h               |  1 +
 security/keys/trusted-keys/trusted_tpm1.c | 24 +++++++++++++++++++-----
 2 files changed, 20 insertions(+), 5 deletions(-)

diff --git a/include/keys/trusted-type.h b/include/keys/trusted-type.h
index fc9c13802c06..c117bf598230 100644
--- a/include/keys/trusted-type.h
+++ b/include/keys/trusted-type.h
@@ -34,6 +34,7 @@  struct trusted_key_options {
 	uint16_t keytype;
 	uint32_t keyhandle;
 	unsigned char keyauth[TPM_DIGEST_SIZE];
+	uint32_t blobauth_len;
 	unsigned char blobauth[TPM_DIGEST_SIZE];
 	uint32_t pcrinfo_len;
 	unsigned char pcrinfo[MAX_PCRINFO_SIZE];
diff --git a/security/keys/trusted-keys/trusted_tpm1.c b/security/keys/trusted-keys/trusted_tpm1.c
index 668cbdc675b8..af269f4774de 100644
--- a/security/keys/trusted-keys/trusted_tpm1.c
+++ b/security/keys/trusted-keys/trusted_tpm1.c
@@ -785,12 +785,26 @@  static int getoptions(char *c, struct trusted_key_payload *pay,
 				return -EINVAL;
 			break;
 		case Opt_blobauth:
-			if (strlen(args[0].from) != 2 * SHA1_DIGEST_SIZE)
-				return -EINVAL;
-			res = hex2bin(opt->blobauth, args[0].from,
-				      SHA1_DIGEST_SIZE);
-			if (res < 0)
+			/*
+			 * TPM 1.2 authorizations are sha1 hashes
+			 * passed in as hex strings.  TPM 2.0
+			 * authorizations are simple passwords
+			 * (although it can take a hash as well)
+			 */
+			opt->blobauth_len = strlen(args[0].from);
+			if (opt->blobauth_len == 2 * TPM_DIGEST_SIZE) {
+				res = hex2bin(opt->blobauth, args[0].from,
+					      TPM_DIGEST_SIZE);
+				if (res < 0)
+					return -EINVAL;
+				opt->blobauth_len = TPM_DIGEST_SIZE;
+			} else if (tpm2 &&
+				   opt->blobauth_len <= sizeof(opt->blobauth)) {
+				memcpy(opt->blobauth, args[0].from,
+				       opt->blobauth_len);
+			} else {
 				return -EINVAL;
+			}
 			break;
 		case Opt_migratable:
 			if (*args[0].from == '0')

[v3,8/9] security: keys: trusted fix tpm2 authorizations

Commit Message

Patch