I'll admit to not being very familiar with the openssl-tpm-engine software, so
hopefully someone else can jump in with that expertise.
However, you're probably correct that a new key is being created, and that
certificates can be a bit of a challenge with the TPM. Here's why:
- All TPM keys (at least in the current TPMs) are restricted in their use.
They can only be used for one of signing or decryption, to prevent certain
attacks. They're further subdivided by the kind of information that they can
sign or decrypt, for some other use cases you probably don't need to worry
about right now. It sounds like what you're really trying to do here is sign
data. (It's the equivalent operation to encrypt with private key, decrypt with
public.)
- The EK is a *very* limited-use key, because it is the TPM's unique lifetime
identifier, and using it thus can create privacy concerns. The only command
which lets you use the EK is something called ActivateIdentity, which is used
for certifying identity keys; that decrypts data sent to the TPM in a very
special format. It's really not what you want to use here at all.
- Two kinds of TPM keys are suitable for signing data: Signing Keys, as the
name implies, which can sign arbitrary user-provided data, and Identity Keys,
which sign data created by the TPM itself. You probably want a signing key for
this. (They come in three flavors; hopefully your package hides the choice from
you, but if you have to pick, you want either SHA or DER depending on what
you're signing.) Signing keys are also the *only* TPM keys which can create
normal X.509 CSRs, because they're the only ones which can sign arbitrary data.
- When you're seeing the package "add a new RSA key and encrypt it with the
TPM", it's doing one of two things; I don't know which. One possibility is that
it's creating a TPM key, as described above (all user-created TPM keys are
encrypted with other TPM keys, usually the automatically-created Storage Root
Key); in this case, it will have constrained use, but will never exist
unencrypted outside of the TPM, resulting in a much tighter machine-key
binding. Of course, the TPM can be a little slow. The other possibility is
that it's creating an RSA key in software, and encrypting it with the TPM. In
this case, you can use your RSA key for either signing or decryption, and
you're working at software speeds; on the other hand, you only get the
authentication that you're on the platform when you first decrypt the key, and
it can then be removed from the platform by malware. Depending on your threat
model, this might be a major problem, or a minor one.
That was a bit of a long and complicated explanation. Let me know if any of
this doesn't make sense, and hopefully someone else will jump in with the
openssl-specific information.
Ariel
On Aug 6, 2013, at 4:27 PM, Pankaj
<[email protected]<mailto:[email protected]>>
wrote:
Hi,
I want to use TPM for SSL authentication. I have also downloaded the
openssl-tpm-engine.
I am still not sure what this package is trying to do.
Here is what I am thinking to use:
* Use the RSA EK in the TPM for authentication
* Get the Pubic EK and create a CSR to a CA (An internal manufacturing CA
for the server with TPM)
* Provide a unique Id with CSR(Product-ID and Serial Number probably)
* The CA sends the signed Certificate and associated chain
* Install the Certificate Chain in the server's hard drive
During SSL authentication, use TPM for encrypting the data to be sent to peer
with TPM Private EK. The peer can decrypt it with the Public EK which is part
of the certificate.
The tpm engine gets loaded with the openssl, but somehow the whole thing in
openssl_tpm_engine is still not clear to me. I think that this package is
adding a new RSA key and encrypting it with TPM. I also think that this will
work only with self signed certificates.
Can anyone please explain !
Regards
Pankaj Shukla
------------------------------------------------------------------------------
Get 100% visibility into Java/.NET code with AppDynamics Lite!
It's a free troubleshooting tool designed for production.
Get down to code-level detail for bottlenecks, with <2% overhead.
Download for free and get started troubleshooting in minutes.
http://pubads.g.doubleclick.net/gampad/clk?id=48897031&iu=/4140/ostg.clktrk_______________________________________________
TrouSerS-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/trousers-users
------------------------------------------------------------------------------
Get 100% visibility into Java/.NET code with AppDynamics Lite!
It's a free troubleshooting tool designed for production.
Get down to code-level detail for bottlenecks, with <2% overhead.
Download for free and get started troubleshooting in minutes.
http://pubads.g.doubleclick.net/gampad/clk?id=48897031&iu=/4140/ostg.clktrk
_______________________________________________
TrouSerS-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/trousers-users
