1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
|
From eb28ad92a2722fd30f8114840cf2b1ade26b80ee Mon Sep 17 00:00:00 2001
From: Limeng <Meng.Li@windriver.com>
Date: Fri, 23 Jun 2017 11:39:04 +0800
Subject: [PATCH] tpm:openssl-tpm-engine:parse an encrypted tpm SRK password
from env
Before, we support reading SRK password from env TPM_SRK_PW,
but it is a plain password and not secure.
So, we improve it and support to get an encrypted (AES algorithm)
SRK password from env, and then parse it. The default decrypting
AES password and salt is set in bb file.
When we initialize TPM, and set a SRK pw, and then we need to
encrypt it with the same AES password and salt by AES algorithm.
At last, we set a env as below:
export TPM_SRK_ENC_PW=xxxxxxxx
"xxxxxxxx" is the encrypted SRK password for libtpm.so.
Signed-off-by: Meng Li <Meng.Li@windriver.com>
---
e_tpm.c | 157 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++-
e_tpm.h | 4 ++
e_tpm_err.c | 4 ++
3 files changed, 164 insertions(+), 1 deletion(-)
Index: git/src/e_tpm.c
===================================================================
--- git.orig/src/e_tpm.c
+++ git/src/e_tpm.c
@@ -259,6 +259,118 @@ void ENGINE_load_tpm(void)
ERR_clear_error();
}
+static int tpm_decode_base64(unsigned char *indata,
+ int in_len,
+ unsigned char *outdata,
+ int *out_len)
+{
+ int total_len, len, ret;
+ EVP_ENCODE_CTX dctx;
+
+ EVP_DecodeInit(&dctx);
+
+ total_len = 0;
+ ret = EVP_DecodeUpdate(&dctx, outdata, &len, indata, in_len);
+ if (ret < 0) {
+ TSSerr(TPM_F_TPM_DECODE_BASE64, TPM_R_DECODE_BASE64_FAILED);
+ return 1;
+ }
+
+ total_len += len;
+ ret = EVP_DecodeFinal(&dctx, outdata, &len);
+ if (ret < 0) {
+ TSSerr(TPM_F_TPM_DECODE_BASE64, TPM_R_DECODE_BASE64_FAILED);
+ return 1;
+ }
+ total_len += len;
+
+ *out_len = total_len;
+
+ return 0;
+}
+
+static int tpm_decrypt_srk_pw(unsigned char *indata, int in_len,
+ unsigned char *outdata,
+ int *out_len)
+{
+ int dec_data_len, dec_data_lenfinal;
+ unsigned char dec_data[256];
+ unsigned char *aes_pw;
+ unsigned char aes_salt[PKCS5_SALT_LEN];
+ unsigned char key[EVP_MAX_KEY_LENGTH], iv[EVP_MAX_IV_LENGTH];
+ const EVP_CIPHER *cipher = NULL;
+ const EVP_MD *dgst = NULL;
+ EVP_CIPHER_CTX *ctx = NULL;
+
+ if (sizeof(SRK_DEC_SALT) - 1 > PKCS5_SALT_LEN) {
+ TSSerr(TPM_F_TPM_DECRYPT_SRK_PW, TPM_R_DECRYPT_SRK_PW_FAILED);
+ return 1;
+ }
+
+ aes_pw = malloc(sizeof(SRK_DEC_PW) - 1);
+ if (aes_pw == NULL) {
+ TSSerr(TPM_F_TPM_DECRYPT_SRK_PW, TPM_R_DECRYPT_SRK_PW_FAILED);
+ return 1;
+ }
+
+ memset(aes_salt, 0x00, sizeof(aes_salt));
+ memcpy(aes_pw, SRK_DEC_PW, sizeof(SRK_DEC_PW) - 1);
+ memcpy(aes_salt, SRK_DEC_SALT, sizeof(SRK_DEC_SALT) - 1);
+
+ cipher = EVP_get_cipherbyname("aes-128-cbc");
+ if (cipher == NULL) {
+ TSSerr(TPM_F_TPM_DECRYPT_SRK_PW, TPM_R_DECRYPT_SRK_PW_FAILED);
+ free(aes_pw);
+ return 1;
+ }
+ dgst = EVP_sha256();
+
+ EVP_BytesToKey(cipher, dgst, aes_salt, (unsigned char *)aes_pw, sizeof(SRK_DEC_PW) - 1, 1, key, iv);
+
+ ctx = EVP_CIPHER_CTX_new();
+ /* Don't set key or IV right away; we want to check lengths */
+ if (!EVP_CipherInit_ex(ctx, cipher, NULL, NULL, NULL, 0)) {
+ TSSerr(TPM_F_TPM_DECRYPT_SRK_PW, TPM_R_DECRYPT_SRK_PW_FAILED);
+ free(aes_pw);
+ return 1;
+ }
+
+ OPENSSL_assert(EVP_CIPHER_CTX_key_length(ctx) == 16);
+ OPENSSL_assert(EVP_CIPHER_CTX_iv_length(ctx) == 16);
+
+ if (!EVP_CipherInit_ex(ctx, NULL, NULL, key, iv, 0)) {
+ TSSerr(TPM_F_TPM_DECRYPT_SRK_PW, TPM_R_DECRYPT_SRK_PW_FAILED);
+ free(aes_pw);
+ return 1;
+ }
+
+ if (!EVP_CipherUpdate(ctx, dec_data, &dec_data_len, indata, in_len)) {
+ /* Error */
+ TSSerr(TPM_F_TPM_DECRYPT_SRK_PW, TPM_R_DECRYPT_SRK_PW_FAILED);
+ free(aes_pw);
+ EVP_CIPHER_CTX_free(ctx);
+ return 1;
+ }
+
+ if (!EVP_CipherFinal_ex(ctx, dec_data + dec_data_len, &dec_data_lenfinal)) {
+ /* Error */
+ TSSerr(TPM_F_TPM_DECRYPT_SRK_PW, TPM_R_DECRYPT_SRK_PW_FAILED);
+ free(aes_pw);
+ EVP_CIPHER_CTX_free(ctx);
+ return 1;
+ }
+
+ dec_data_len = dec_data_len + dec_data_lenfinal;
+
+ memcpy(outdata, dec_data, dec_data_len);
+ *out_len = dec_data_len;
+
+ free(aes_pw);
+ EVP_CIPHER_CTX_free(ctx);
+
+ return 0;
+}
+
int tpm_load_srk(UI_METHOD *ui, void *cb_data)
{
TSS_RESULT result;
@@ -319,8 +431,50 @@ int tpm_load_srk(UI_METHOD *ui, void *cb
return 0;
}
- srkPasswd = getenv("TPM_SRK_PW");
+ srkPasswd = getenv("TPM_SRK_ENC_PW");
if (NULL != srkPasswd) {
+ int in_len = strlen(srkPasswd);
+ int out_len;
+ unsigned char *out_buf;
+
+ if (!in_len || in_len % 4) {
+ Tspi_Context_CloseObject(hContext, hSRK);
+ free(auth);
+ TSSerr(TPM_F_TPM_LOAD_SRK, TPM_R_REQUEST_FAILED);
+ return 0;
+ }
+
+ out_len = in_len * 3 / 4;
+ out_buf = malloc(out_len);
+ if (NULL == out_buf) {
+ Tspi_Context_CloseObject(hContext, hSRK);
+ free(auth);
+ TSSerr(TPM_F_TPM_LOAD_SRK, TPM_R_REQUEST_FAILED);
+ return 0;
+ }
+
+ if (tpm_decode_base64(srkPasswd, strlen(srkPasswd),
+ out_buf, &out_len)) {
+ Tspi_Context_CloseObject(hContext, hSRK);
+ free(auth);
+ free(out_buf);
+ TSSerr(TPM_F_TPM_LOAD_SRK, TPM_R_REQUEST_FAILED);
+ return 0;
+ }
+
+ if (tpm_decrypt_srk_pw(out_buf, out_len,
+ auth, &authlen)) {
+ Tspi_Context_CloseObject(hContext, hSRK);
+ free(auth);
+ free(out_buf);
+ TSSerr(TPM_F_TPM_LOAD_SRK, TPM_R_REQUEST_FAILED);
+ return 0;
+ }
+ secretMode = TSS_SECRET_MODE_PLAIN;
+ free(out_buf);
+ }
+#ifdef TPM_SRK_PLAIN_PW
+ else if (NULL != (srkPasswd = getenv("TPM_SRK_PW")) {
if (0 == strcmp(srkPasswd, "#WELLKNOWN#")) {
memset(auth, 0, TPM_WELL_KNOWN_KEY_LEN);
secretMode = TSS_SECRET_MODE_SHA1;
@@ -333,6 +487,7 @@ int tpm_load_srk(UI_METHOD *ui, void *cb
authlen = strlen(auth);
}
}
+#endif
else {
if (!tpm_engine_get_auth(ui, (char *)auth, 128,
"SRK authorization: ", cb_data)) {
Index: git/src/e_tpm.h
===================================================================
--- git.orig/src/e_tpm.h
+++ git/src/e_tpm.h
@@ -66,6 +66,8 @@ void ERR_TSS_error(int function, int rea
#define TPM_F_TPM_FILL_RSA_OBJECT 116
#define TPM_F_TPM_ENGINE_GET_AUTH 117
#define TPM_F_TPM_CREATE_SRK_POLICY 118
+#define TPM_F_TPM_DECODE_BASE64 119
+#define TPM_F_TPM_DECRYPT_SRK_PW 120
/* Reason codes. */
#define TPM_R_ALREADY_LOADED 100
@@ -96,6 +98,8 @@ void ERR_TSS_error(int function, int rea
#define TPM_R_ID_INVALID 125
#define TPM_R_UI_METHOD_FAILED 126
#define TPM_R_UNKNOWN_SECRET_MODE 127
+#define TPM_R_DECODE_BASE64_FAILED 128
+#define TPM_R_DECRYPT_SRK_PW_FAILED 129
/* structure pointed to by the RSA object's app_data pointer */
struct rsa_app_data
Index: git/src/e_tpm_err.c
===================================================================
--- git.orig/src/e_tpm_err.c
+++ git/src/e_tpm_err.c
@@ -234,6 +234,8 @@ static ERR_STRING_DATA TPM_str_functs[]
{ERR_PACK(0, TPM_F_TPM_BIND_FN, 0), "TPM_BIND_FN"},
{ERR_PACK(0, TPM_F_TPM_FILL_RSA_OBJECT, 0), "TPM_FILL_RSA_OBJECT"},
{ERR_PACK(0, TPM_F_TPM_ENGINE_GET_AUTH, 0), "TPM_ENGINE_GET_AUTH"},
+ {ERR_PACK(0, TPM_F_TPM_DECODE_BASE64, 0), "TPM_DECODE_BASE64"},
+ {ERR_PACK(0, TPM_F_TPM_DECRYPT_SRK_PW, 0), "TPM_DECRYPT_SRK_PW"},
{0, NULL}
};
@@ -264,6 +266,8 @@ static ERR_STRING_DATA TPM_str_reasons[]
{TPM_R_FILE_READ_FAILED, "failed reading the key file"},
{TPM_R_ID_INVALID, "engine id doesn't match"},
{TPM_R_UI_METHOD_FAILED, "ui function failed"},
+ {TPM_R_DECODE_BASE64_FAILED, "decode base64 failed"},
+ {TPM_R_DECRYPT_SRK_PW_FAILED, "decrypt srk password failed"},
{0, NULL}
};
|
