tpm2_makecredential: fix wrong tcg ek templates

shmset · JuergenReppSIT · commit c539cb2cc537 · 2025-11-17T10:21:01.000+01:00
The current implementation assumes low-range RSA and ECC keys. Therefore if another key type is used, the default values are used and either the tpm2_makecredential call or the tpm2_activatecredential call fails. This commit reduces the required template values to a minimum and supports additional key types. Fixes: #3526 Signed-off-by: Silas Meier <silas.meier@gapfruit.com>
diff --git a/test/integration/tests/activecredential_ecc_384.sh b/test/integration/tests/activecredential_ecc_384.sh
@@ -0,0 +1,67 @@
+# SPDX-License-Identifier: BSD-3-Clause
+
+source helpers.sh
+
+cleanup() {
+    rm -f secret.data ek.pub ak.pub ak.name mkcred.out actcred.out ak.out \
+    ak.ctx session.ctx policyA.sha384 policyC.sha384
+
+    # Evict persistent handles, we want them to always succeed and never trip
+    # the onerror trap.
+    tpm2 evictcontrol -Q -C o -c 0x81010009 2>/dev/null || true
+
+    if [ "$1" != "no-shut-down" ]; then
+        shut_down
+    fi
+}
+trap cleanup EXIT
+
+start_up
+
+cleanup "no-shut-down"
+
+echo 12345678 > secret.data
+
+# Policies for high range EKs
+policy_a_hex="8bbf2266537c171cb56e403c4dc1d4b64f432611dc386e6f532050c3278c930e143e8bb1133824ccb431053871c6db53"
+echo -n "$policy_a_hex" | xxd -r -p > policyA.sha384
+policy_c_hex="d6032ce61f2fb3c240eb3cf6a33237ef2b6a16f4293c22b455e261cffd217ad5b4947c2d73e63005eed2dc2b3593d165"
+echo -n "$policy_c_hex" | xxd -r -p > policyC.sha384
+
+tpm2 createek -Q -c 0x81010009 -G ecc384 -u ek.pub
+
+tpm2 createak -C 0x81010009 -c ak.ctx -G rsa -g sha384 -s rsassa -u ak.pub \
+-n ak.name -p akpass> ak.out
+
+file_size=`ls -l ak.name | awk {'print $5'}`
+loaded_key_name=`cat ak.name | xxd -p -c $file_size` # Use -c in xxd so there is no line wrapping
+
+tpm2 readpublic -c 0x81010009 -o ek.pem -f pem -Q
+
+tpm2 makecredential -Q -u ek.pem -s secret.data -n $loaded_key_name \
+-o mkcred.out -G ecc --tcti=none
+
+# Test the secret data matches after credential activation process
+tpm2 startauthsession --policy-session -S session.ctx -g sha384
+tpm2 policysecret -S session.ctx -c e
+tpm2 policyor -S session.ctx sha384:policyA.sha384,policyC.sha384
+tpm2 activatecredential -Q -c ak.ctx -C 0x81010009 -i mkcred.out \
+-o actcred.out -p akpass -P"session:session.ctx"
+tpm2 flushcontext session.ctx
+
+diff actcred.out secret.data
+
+# Capture the yaml output and verify that its the same as the name output
+loaded_key_name_yaml=`python << pyscript
+from __future__ import print_function
+
+import yaml
+
+with open('ak.out', 'r') as f:
+    doc = yaml.safe_load(f)
+    print(doc['loaded-key']['name'])
+pyscript`
+
+test "$loaded_key_name_yaml" == "$loaded_key_name"
+
+exit 0
diff --git a/tools/tpm2_makecredential.c b/tools/tpm2_makecredential.c
@@ -268,50 +268,52 @@ static bool tpm2_tool_onstart(tpm2_options **opts) {
 }
 
 static void set_default_TCG_EK_template(TPMI_ALG_PUBLIC alg) {
+    /* Values for RSA-2048 and ECC-256 keys. */
+    TPMI_AES_KEY_BITS bits = 128;
+    TPMI_ALG_HASH name_alg = TPM2_ALG_SHA256;
+
+    ctx.public.publicArea.objectAttributes = 0;
 
     switch (alg) {
         case TPM2_ALG_RSA:
+            if (ctx.public.publicArea.parameters.rsaDetail.keyBits > 2048) {
+                /* Values for RSA-3072 and RSA-4096 keys. */
+                bits = 256;
+                name_alg = TPM2_ALG_SHA384;
+                ctx.public.publicArea.objectAttributes = TPMA_OBJECT_USERWITHAUTH;
+            }
             ctx.public.publicArea.parameters.rsaDetail.symmetric.algorithm =
                     TPM2_ALG_AES;
-            ctx.public.publicArea.parameters.rsaDetail.symmetric.keyBits.aes = 128;
+            ctx.public.publicArea.parameters.rsaDetail.symmetric.keyBits.aes = bits;
             ctx.public.publicArea.parameters.rsaDetail.symmetric.mode.aes =
                     TPM2_ALG_CFB;
-            ctx.public.publicArea.parameters.rsaDetail.scheme.scheme = TPM2_ALG_NULL;
-            ctx.public.publicArea.parameters.rsaDetail.keyBits = 2048;
-            ctx.public.publicArea.parameters.rsaDetail.exponent = 0;
-            ctx.public.publicArea.unique.rsa.size = 256;
             break;
         case TPM2_ALG_ECC:
+            if (ctx.public.publicArea.unique.ecc.x.size > 32) {
+                /* Values for ECC-384 keys. */
+                bits = 256;
+                name_alg = TPM2_ALG_SHA384;
+                ctx.public.publicArea.objectAttributes = TPMA_OBJECT_USERWITHAUTH;
+            }
+            if (ctx.public.publicArea.unique.ecc.x.size > 48) {
+                /* Values for ECC-512 keys. */
+                name_alg = TPM2_ALG_SHA512;
+            }
+
             ctx.public.publicArea.parameters.eccDetail.symmetric.algorithm =
                     TPM2_ALG_AES;
-            ctx.public.publicArea.parameters.eccDetail.symmetric.keyBits.aes = 128;
+            ctx.public.publicArea.parameters.eccDetail.symmetric.keyBits.aes = bits;
             ctx.public.publicArea.parameters.eccDetail.symmetric.mode.sym =
                     TPM2_ALG_CFB;
-            ctx.public.publicArea.parameters.eccDetail.scheme.scheme = TPM2_ALG_NULL;
-            ctx.public.publicArea.parameters.eccDetail.curveID = TPM2_ECC_NIST_P256;
-            ctx.public.publicArea.parameters.eccDetail.kdf.scheme = TPM2_ALG_NULL;
-            ctx.public.publicArea.unique.ecc.x.size = 32;
-            ctx.public.publicArea.unique.ecc.y.size = 32;
             break;
     }
 
-    ctx.public.publicArea.objectAttributes =
+    ctx.public.publicArea.objectAttributes |=
           TPMA_OBJECT_RESTRICTED  | TPMA_OBJECT_ADMINWITHPOLICY
         | TPMA_OBJECT_DECRYPT     | TPMA_OBJECT_FIXEDTPM
         | TPMA_OBJECT_FIXEDPARENT | TPMA_OBJECT_SENSITIVEDATAORIGIN;
 
-    static const TPM2B_DIGEST auth_policy = {
-        .size = 32,
-        .buffer = {
-            0x83, 0x71, 0x97, 0x67, 0x44, 0x84, 0xB3, 0xF8, 0x1A, 0x90, 0xCC,
-            0x8D, 0x46, 0xA5, 0xD7, 0x24, 0xFD, 0x52, 0xD7, 0x6E, 0x06, 0x52,
-            0x0B, 0x64, 0xF2, 0xA1, 0xDA, 0x1B, 0x33, 0x14, 0x69, 0xAA
-        }
-    };
-    TPM2B_DIGEST *authp = &ctx.public.publicArea.authPolicy;
-    *authp = auth_policy;
-
-    ctx.public.publicArea.nameAlg = TPM2_ALG_SHA256;
+    ctx.public.publicArea.nameAlg = name_alg;
 }
 
 static tool_rc process_input(tpm2_option_flags flags) {
