On Thu, 2022-12-29 at 02:10 +0530, Sughosh Ganu wrote: [...] > Thanks for your reply. For reloading the sealed key, I am trying to > start a policy session through the tpm2_startauthsession command, > followed by the tpm2_policypcr command to get the same policy digest. > However, I am not sure how to get the session handle. As per my > understanding, the policyhandle is a uint32_t object. However, none > of the above two commands give back the session handle. I tried the > tpm2_getcap command with the handles-saved-session, which shows a > handle once I have run the tpm2_startauthsession command. However, > providing this value to the keyctl command as policyhandle does not > work. Can you please point out what I am doing wrong? I'm afraid I gave up on the Intel toolkit long ago because of the constantly changing command options. I can show you how to do it with the IBM toolkit, though: https://build.opensuse.org/package/show/security/ibmtss The main thing you have to do is connect to the TPM not through the resource manager so the policy session survives multiple commands export TPM_DEVICE=/dev/tpm0 Then you can seal to say PCR7 which simply records the secure boot state: root@testdeb:~# cat /sys/class/tpm/tpm0/pcr-sha256/7 65CAF8DD1E0EA7A6347B635D2B379C93B9A1351EDC2AFC3ECDA700E534EB3068 So you can now construct the policy exactly and ask policymaker what its hash is: root@testdeb:~# tsspolicymakerpcr -pr -bm 000080 -if /sys/class/tpm/tpm0/pcr-sha256/7 > tmp.policy root@testdeb:~# tsspolicymaker -if ~/tmp.policy -ns policy digest: 4cc48043aedaae487452bb407e8fc21d25c3a412ffc9473cf2552ddc659e97c1 So now you know the policy hash, you can create a key root@testdeb:~# keyctl add trusted kmk "new 32 keyhandle=0x81000001 hash=sha256 policydigest=4cc48043aedaae487452bb407e8fc21d25c3a412ffc9473cf2552ddc659e97c1" @u 214245338 keyctl pipe %trusted:kmk > key.tpm keyctl unlink %trusted:kmk 1 links removed Now you can reload it if you construct the correct policy root@testdeb:~# tssstartauthsession -se p Handle 03000000 root@testdeb:~# tsspolicypcr -ha 03000000 -bm 000080 Now you can check this policy register matches the hash you have above: root@testdeb:~# tsspolicygetdigest -ha 03000000 policyDigest length 32 4c c4 80 43 ae da ae 48 74 52 bb 40 7e 8f c2 1d 25 c3 a4 12 ff c9 47 3c f2 55 2d dc 65 9e 97 c1 And you can now use this policy handle as the reload policy for the key: root@testdeb:~# keyctl add trusted kmk "load `cat ~/key.tpm` policyhandle=0x03000000" @u 872397032 James
