• Registered: 2020-11-01
  • Posts: 3

Topic: Signing using RSA attestation (restricted signing) key

Hello,

In the examples (CSR, TLS) I discovered that the RSA key created for signing is both signing and decryption key, which per the TCG specification must not be restricted. When I tried using a restricted signing key instead (made using wolfTPM2_GetKeyTemplate_RSA_AIK), I got the "TPM2_RSA_Decrypt failed" error. I suspect this is because wolfSSL signs using the Decrypt operation. OpenSSL does the same. This means that (due to this hack) a restricted RSA signing key will not work for signing operations using wolfTPM/SSL (nor OpenSSL). Am I right?

The situation feels quite sad because the TCG TPM Provisioning Guidelines introduce various attestation and identity keys AIK/IDevID/LDevID, which are required to be restricted signing keys.


Kind Regards,
Petr

Share

  • Registered: 2015-10-07
  • Posts: 430

Re: Signing using RSA attestation (restricted signing) key

Hi Petr,

Thanks for the report and I suspect you are correct about this issue. I will investigate and provide some feedback shortly.

Thanks,
David Garske, wolfSSL

Share

  • Registered: 2020-11-04
  • Posts: 16

Re: Signing using RSA attestation (restricted signing) key

Hi Petr,

There are two aspects to your question.

First, a TPM2.0 Attestation Key (or TPM1.2 Attestation Identity Key) has restricted usage only for signing TPM generated data.

Second, any TPM key that is a restricted key (TPMA_OBJECT_restricted) and for signing (TPMA_OBJECT_sing) can not be used for decryption.

Therefore, if we use a TPM key for signing, when using TPM2_RSA_Decrypt that would indeed fail.

If I understand you correctly, you would want to use one TPM key for both Identification and decryption(CSR/TLS). Is my understanding correct and could you please share more details about your concrete need, scenario?

Thanks,
Dimitar Tomov, wolfSSL

Dimi Tomov,
wolfSSL Engineer and Founder of TPM.dev

Share

4 Reply by dimitom (edited by dimitom 2020-11-04 15:01:08)

  • Registered: 2020-11-04
  • Posts: 16

Re: Signing using RSA attestation (restricted signing) key

Hi again Petr,

Today there was a TPM.dev weekly call and got the following idea: You could have Attestation Key under the Owner Hierarchy. That key does not have to be restricted for signing only. It can be for decrypt and signing. Then, you could/should be able to use it for TPM2_RSA_Decrypt as well.

The above would be useful, if you are not obligated to respect the TCG provisioning guides. Because indeed Attestation Keys are expected to be restricted for signing, however TPM2_Quote would work with (almost) any key for signing, including key with signing and decryption capabilities.

Hope this information helps and please share more information about your scenario.

Best,
Dimitar Tomov, wolfSSL

Dimi Tomov,
wolfSSL Engineer and Founder of TPM.dev

Share

5 Reply by gotthardp (edited by gotthardp 2020-11-06 10:37:52)

  • Registered: 2020-11-01
  • Posts: 3

Re: Signing using RSA attestation (restricted signing) key

Hi Dimitar,

Short answer: With the key in the TPM, I want to use WolfSSL to generate a CSR (signed by that key) and then use the generated key+certificate in strongSwan.

Long answer: I'd love to have a single secure device identity key (IEEE 802.1AR's DevID), a single PKI tool that is able to create a CSR, get the certificate enrolled via EST and then use the key+certificate to prove device's identity in both SSL and IPsec/strongSwan communication.

Facts:

  • TCG guidance for DevID's recommends using a restricted signing key and discourages (with reference to NIST SP800-57) the use of combined (signing and decryption) keys.

  • Restricted signing key can(!) be used for signing external data, but only when the TPM hash function is used, which generates a ticket to be fed to the sign operation.

  • The ticket-based sign operation is incompatible with OpenSSL (and also WolfSSL?), so these don't use it and sign using the Decrypt operation, which requires a combined (signing and decryption) key.

  • TCG TPM specification says the combined (signing and decryption) keys shall not be restricted and shall use the NULL signature scheme.

  • strongSwan reads the key scheme and hash algorithm from the key information, i.e. expects the signature scheme and hash to be non-NULL.

Boom. My conclusion is that I cannot use Open/WolfSSL to generate keys for strongSwan and I cannot use the strongSwan generated keys with Open/WolfSSL. These are incompatible when TPM based.

Based on the NIST and TCG guidance available I tend to think that the way strongSwan behaves is correct and the reason for this incompatibility is caused by the descrypt-based signing. Unless I am wrong in my reasoning, the idea of a secure device identity will not work without the ability to sign data using a restricted signing key, which is a quite sad situation.


Kind Regards,
Petr

Share

  • Registered: 2020-11-04
  • Posts: 16

Re: Signing using RSA attestation (restricted signing) key

Hi Petr,

Thank you for the detailed information.

I will have to check about the NULL signature scheme for combined keys. This could be a recommendation by the TCG rather than a restriction. In the mean time, could you please tell us for context on what systems (devices) this will be used?

Best Regards,
Dimi

Dimi Tomov,
wolfSSL Engineer and Founder of TPM.dev

Share

  • Registered: 2020-11-01
  • Posts: 3

Re: Signing using RSA attestation (restricted signing) key

Hi Dimi,

Thank you. It is meant for cellular routers, embedded Linux based IoT devices.

The statement concerning NULL signature scheme I am referring to is in the Part 2 of the TCG specification, section 12.2.3.5 (TON_RSA_PARMS), Table 186 as a NOTE for the scheme parameter. It says "shall be", moreover the TPM TSS tools and the TPM itself I have is refusing to have non-NULL scheme on a combined key.

Kind Regards,
Petr

Share

  • Registered: 2020-11-04
  • Posts: 16

Re: Signing using RSA attestation (restricted signing) key

Hi Petr,

I did some more research on the topic and would be best if we could get on a call to discuss the details.

In nutshell:
- Combined key, with both decrypt and signing set, indeed can not be restricted
- However, Attestation keys are recommended to be restricted, but the TPM does accept non-restricted, fixed TPM, fixed Parent key for attestation purposes

Please let me know if it is okay to contact you over email and set up a call.

Thanks,
Dimi

Dimi Tomov,
wolfSSL Engineer and Founder of TPM.dev

Share

  • Registered: 2021-02-11
  • Posts: 1

Re: Signing using RSA attestation (restricted signing) key

I am grateful for this information you have shared with us. I think I know better now. I wish you all the best things in life..

Share