On Thu Sep 12, 2024 at 6:27 PM EEST, Lukas Wunner wrote: > On Thu, Sep 12, 2024 at 05:19:15PM +0300, Jarkko Sakkinen wrote: > > I try to understand these in detail because I rebase later on my TPM2 > > ECDSA patches (series last updated in April) on top of this. I'll hold > > with that for the sake of less possible conflicts with this larger > > series. > > > > Many of the questions rised during the Spring about akcipher so now is > > my chance to fill the dots by asking them here. > > I assume you're referring to: > https://lore.kernel.org/all/20240528210823.28798-1-jarkko@xxxxxxxxxx/ Returning to this as I started to update the series. Sorry if for possible duplicates with my earelier response. > Help me understand this: > Once you import a private key to a TPM, can you get it out again? No. > Can you generate private keys on the TPM which cannot be retrieved? Yes. > > It would be good if the cover letter or one of the commits in your > series explained this. Some of the commit messages are overly terse > and consist of just two or three bullet points. Yes. I'm picking right now the use case where key is uploaded to the TPM because: 1. The creation part is more complex as data flow starts from user space so it pretty much tests the edges also for a generated private key. 2. I can drop the code related to public key and add only signing operation, not signature verification. My test script will along the lines of [1]. The new version of the series is not yet fully working so also the test is due to change. The idea is to get flow working where a normal public key can verify a signature made by the TPM chip. One area what I know probably might not be correct, is what I put in the 'describe' callbacks: static void tpm2_key_ecc_describe(const struct key *asymmetric_key, struct seq_file *m) { struct tpm2_key *key = asymmetric_key->payload.data[asym_crypto]; if (!key) { pr_err("key missing"); return; } seq_puts(m, "TPM2/ECDSA"); } So any ideas what to put here are welcome (obviously). [1] #!/usr/bin/env bash set -e PRIMARY=0x81000001 function egress { keyctl clear @u tpm2_evictcontrol -C o -c $PRIMARY 2> /dev/null tpm2_getcap handles-transient tpm2_getcap handles-persistent } trap egress EXIT openssl ecparam -name prime256v1 -genkey -noout -out ecc.pem openssl pkcs8 -topk8 -inform PEM -outform DER -nocrypt -in ecc.pem -out ecc_pkcs8.der tpm2_createprimary --hierarchy o -G ecc -c owner.txt tpm2_evictcontrol -c owner.txt $PRIMARY # EC parameters to TPM2 blob: tpm2_import -C $PRIMARY -G ecc -i ecc.pem -u tpm2.pub -r tpm2.priv # TPM2 blob to ASN.1: tpm2_encodeobject -C $PRIMARY -u tpm2.pub -r tpm2.priv -o tpm2.pem openssl asn1parse -inform pem -in tpm2.pem -noout -out tpm2.der # Populate asymmetric keys: tpm2_ecc_key=$(keyctl padd asymmetric "tpm_ecc" @u < tpm2.der) kernel_ecc_key=$(keyctl padd asymmetric "kernel_ecc" @u < ecc_pkcs8.der) echo "SECRET" > doc.txt echo TPM2 ECC SIGN keyctl pkey_sign "$tpm2_ecc_key" 0 doc.txt hash=sha256 > doc.txt.sig echo TPM2 VERIFY keyctl pkey_verify "$kernel_ecc_key" 0 doc.txt doc.txt.sig hash=sha256 BR, Jarkko
