On Thu, 2020-02-27 at 18:19 +0200, Jarkko Sakkinen wrote: > On Wed, Feb 26, 2020 at 04:58:11PM -0800, James Bottomley wrote: > > On Tue, 2020-02-25 at 18:48 +0200, Jarkko Sakkinen wrote: > > > On Thu, Jan 30, 2020 at 11:18:09AM +0100, James Bottomley wrote: > > > > In TPM 1.2 an authorization was a 20 byte number. The spec > > > > actually recommended you to hash variable length passwords and > > > > use > > > > the sha1 hash as the authorization. Because the spec doesn't > > > > require this hashing, the current authorization for trusted > > > > keys is > > > > a 40 digit hex number. For TPM 2.0 the spec allows the passing > > > > in > > > > of variable length passwords and passphrases directly, so we > > > > should > > > > allow that in trusted keys for ease of use. Update the > > > > 'blobauth' > > > > parameter to take this into account, so we can now use plain > > > > text > > > > passwords for the keys. > > > > > > > > so before > > > > > > > > keyctl add trusted kmk "new 32 > > > > blobauth=f572d396fae9206628714fb2ce00f72e94f2258f" > > > > > > > > after we will accept both the old hex sha1 form as well as a > > > > new > > > > directly supplied password: > > > > > > > > keyctl add trusted kmk "new 32 blobauth=hello > > > > keyhandle=81000001" > > > > > > > > Since a sha1 hex code must be exactly 40 bytes long and a > > > > direct > > > > password must be 20 or less, we use the length as the > > > > discriminator > > > > for which form is input. > > > > > > > > Note this is both and enhancement and a potential bug fix. The > > > > TPM > > > > 2.0 spec requires us to strip leading zeros, meaning empyty > > > > authorization is a zero length HMAC whereas we're currently > > > > passing > > > > in > > > > 20 bytes of zeros. A lot of TPMs simply accept this as OK, but > > > > the > > > > Microsoft TPM emulator rejects it with TPM_RC_BAD_AUTH, so this > > > > patch > > > > makes the Microsoft TPM emulator work with trusted keys. > > > > > > > > Signed-off-by: James Bottomley <James.Bottomley@HansenPartnersh > > > > ip.c > > > > om> > > > > > > Should have a fixes tag. > > > > I made all the other changes, but I'm not sure what to identify in > > the > > fixes tag. The problem is the code I updated was simply carried > > over > > unaltered from TPM 1.2 > > > > You could certainly argue that commit > > > > commit 0fe5480303a1657b328a0a389f8d99249d9961f5 > > Author: Jarkko Sakkinen <jarkko.sakkinen@xxxxxxxxxxxxxxx> > > Date: Fri Jun 26 22:28:26 2015 +0300 > > > > keys, trusted: seal/unseal with TPM 2.0 chips > > > > Should have updated the blobauth handling ... is that the one you'd > > like fixes: to identify? > > What I'm thinking is to have fixes tag w/o cc to stable. I'm not > sure at this point whether we want to backport this but it still > makes sense to tag it. Ok, I'll add that commit as the fixes; it certainly makes no sense to backport this change before the above commit. James
