Skip to content

persist AK, NK and mTLS certificate to disk #391

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
lkatalin merged 5 commits into from
Jun 13, 2022
Merged

persist AK, NK and mTLS certificate to disk #391

lkatalin merged 5 commits into from
Jun 13, 2022

Conversation

@THS-on
Copy link
Member

@THS-on THS-on commented Jun 7, 2022
edited
Loading

A new file in /var/lib/keylime is created called "agent_data.json which
holds all those keys and certificates. This allows the agent to be
restarted mid attestation without failing due to wrong keys.

Fixes: #382

@THS-on THS-on force-pushed the dump-to-disk branch 2 times, most recently from 5e37699 to b262fa5 Compare June 7, 2022 17:15
THS-on added 2 commits June 7, 2022 21:00
@THS-on
persist AK, NK and mTLS certificate to disk
2f65e2d 
A new file in /var/lib/keylime is created called "agent_data.json which
holds all those keys and certificates. This allows the agent to be
restarted mid attestation without failing due to wrong keys.

Signed-off-by: Thore Sommer <mail@thson.de>
@THS-on
config: remove unused options
e525a50 
The agent does not require to take ownership of the TPM and the NK key is
saved always in "agent_data.json".

Signed-off-by: Thore Sommer <mail@thson.de>
@lkatalin
Copy link
Contributor

lkatalin commented Jun 9, 2022

Thanks for the PR! I'm trying to understand the security implications of this. I went back to read your comment on #293 about loading the AK from disk, I assume that's applicable here as well?

The TPM store operation encrypts the private data with a (symmetric?) key before dumping it to disk, so that only the TPM can actually do something useful with that data. The load operation then decrypts the private data again inside the TPM.

I assume that encryption operation was happening with the ctx.context_save() function before (could be wrong here) and I don't see that being called anymore in this change. Is that happening somewhere else? Do we not need it?

@THS-on
Copy link
Member Author

THS-on commented Jun 9, 2022

I went back to read your #293 (comment) on #293 about loading the AK from disk, I assume that's applicable here as well?

Yes the Private struct returned by create_ak(..) is symmetricly encrypted from the TPM.

I assume that encryption operation was happening with the #391 (comment) function before (could be wrong here) and I don't see that being called anymore in this change. Is that happening somewhere else? Do we not need it?

The old implementation first dumped and then serialized the context with the AK, the new one directly serializes the Private struct (TPM2_PRIVATE) which has the advantage that the AK can be loaded after a TPM reset (this is not possible with context objects).
The encryption happens on AK key creation.

What has changed is that we also dump the NK to disk, which is fine because it is used for transport security and the payload mechanism, not the actual attestation. The worst case that happens if someone gets this key (by having read access to /var/lib/keylime) is that they can decrypt payloads which the agent anyway does and stores under the secure tmp mount with the same permissions.

@lkatalin
Copy link
Contributor

lkatalin commented Jun 9, 2022

@THS-on Thanks for the explanation.

@lkatalin lkatalin merged commit 27d19d9 into keylime:master Jun 13, 2022
@THS-on THS-on mentioned this pull request Jun 14, 2022
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@lkatalin lkatalin lkatalin approved these changes

@ashcrow ashcrow Awaiting requested review from ashcrow

@lukehinds lukehinds Awaiting requested review from lukehinds

Assignees

@ashcrow ashcrow

@lukehinds lukehinds

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Persist all required keys and certificates to disk

4 participants

@THS-on @lkatalin @ashcrow @lukehinds