search

nokia / TPMCourse

BSD 3-Clause Clear License
154 stars 34 forks source link

Misleading command invocation nvram.md/sealing #22

Open SharkOverBite opened 3 months ago

SharkOverBite commented 3 months ago

The "Sealing" section of nvram.md demonstrates the following command sequence:

$ tpm2_pcrread -o srtm.pcrvalues sha256:0,1,2,3
$ tpm2_createpolicy --policy-pcr -l sha256:0,1,2,3 -f srtm.pcrvalues -L srtm.policy
$ tpm2_nvdefine 0x1500019 -C o -s 32 -L srtm.policy -a "policyread|policywrite"
$ tpm2_nvwrite 0x1500019 -C 0x1500019 -P pcr:sha256:0,1,2,3=srtm.pcrvalues -i testfile
$ tpm2_nvread 0x1500019 -C 0x1500019 -P pcr:sha256:0,1,2,3=srtm.pcrvalues

You don't have to provide a file for tpm2_createpolicy, it will implicitly use the current values of the specified PCRs. But you show a more general case, and that's fine.

However, the inclusion of "=srtm.pcrvalues" in arguments for the last two tpm2_nvwrite and tpm2_nvread commands is totally bogus, and arguably should raise an error from the tpm2-tools parser. Obviously, when invoking those commands with a PCR policy, the contents of that are irrelevant. The source of the PCR values is (and must be) only the current state of the specified PCRs, on the device.

iolivergithub commented 3 months ago

Thanks,

the course and those commands are pretty old now. At least when I wrote it originally the above was the case.

I no longer work for Nokia, so I'm wondering what to do with that course --- I've been teaching it at universities (or actually using that material as part of the TPM part of my courses)....there's a book due out "real soon now"

t.

Ian

On Mon, 1 Jul 2024 at 03:11, SharkOverBite @.***> wrote:

The "Sealing" section of nvram.md demonstrates the following command sequence:

$ tpm2_pcrread -o srtm.pcrvalues sha256:0,1,2,3 $ tpm2_createpolicy --policy-pcr -l sha256:0,1,2,3 -f srtm.pcrvalues -L srtm.policy $ tpm2_nvdefine 0x1500019 -C o -s 32 -L srtm.policy -a "policyread|policywrite" $ tpm2_nvwrite 0x1500019 -C 0x1500019 -P pcr:sha256:0,1,2,3=srtm.pcrvalues -i testfile $ tpm2_nvread 0x1500019 -C 0x1500019 -P pcr:sha256:0,1,2,3=srtm.pcrvalues

You don't have to provide a file for tpm2_createpolicy, it will implicitly use the current values of the specified PCRs. But you show a more general case, and that's fine.

However, the inclusion of "=srtm.pcrvalues" in the last two command, to tpm2_nvwrite and tpm2_nvread is totally bogus, and arguably should raise an error from the tpm2-tools parser. Obviously, when invoking those commands with a PCR policy, this file is completely irrelevant. The source of the PCR values is (and must be) only the current state of the linked PCRs on the device.

— Reply to this email directly, view it on GitHub https://github.com/nokia/TPMCourse/issues/22, or unsubscribe https://github.com/notifications/unsubscribe-auth/AHKY2MKEAHZ6UJB7U53LUM3ZKCNEDAVCNFSM6AAAAABKEQZHDSVHI2DSMVQWIX3LMV43ASLTON2WKOZSGM4DENJRG4YDCNY . You are receiving this because you are subscribed to this thread.Message ID: @.***>

SharkOverBite commented 3 months ago

I understand. There's still, after all these years, a great lack of good, well-written (I can't bold that enough), procedural documentation about TPM. This one is better than most, though quite focused on attestation use-cases (which I care less about).

I have verified that the commands work without specifying the file (as logically, they must - what are the semantics of attaching the file??). Since I've opened an issue on tpm2-tools, we'll have to see what they have to say about it.

Good luck with the book (when and if). If it's well-written, I'd love to read it.

iolivergithub commented 3 months ago

Thanks,

yes, I certainly share your comment on a lack of procedural documentation. I worked extensively with attestation, hence the emphasis there ( even wrote the "best" attestation server ever ! )

I'll probably fork the course and rewrite it over the next few weeks - will go alongside the courses I teach and the upcoming "real soon now" book

t.

Ian

On Mon, 1 Jul 2024 at 18:11, SharkOverBite @.***> wrote:

I understand. There's still, after all these years, a great lack of good, well-written (I can't bold that enough), procedural documentation about TPM. This one is better than most, though quite focused on attestation use-cases (which I care less about).

I have verified that the commands work without specifying the file (as logically, they must, what are the semantics of attaching the file??). Since I've opened an issue on tpm2-tools, we'll have to see what they have to say about it.

Good luck with the book (when and if). If it's well-written, I'd love to read it.

— Reply to this email directly, view it on GitHub https://github.com/nokia/TPMCourse/issues/22#issuecomment-2200423690, or unsubscribe https://github.com/notifications/unsubscribe-auth/AHKY2MIQYKJ7L5V3DFMEGADZKFWR3AVCNFSM6AAAAABKEQZHDSVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMZDEMBQGQZDGNRZGA . You are receiving this because you commented.Message ID: @.***>

SharkOverBite commented 3 months ago

Looking forward to the fruits of your many labors. :+1:

SharkOverBite commented 3 months ago

tpm2-software/tpm2-tools say I'm wrong, that it's not an error but an optimization which supposedly saves another step by the device IIUC. I don't understand their response to be honest.