Re: [Ibmtpm20tss-users] [openssl-tpm2-engine] ibmtss

James Bottomley

On Mon, 2019-01-14 at 14:33 +0000, Doug Fraser wrote:
Morning Ken.

I apologize for my mixed up terminology on this topic. If I am using
the wrong terms, point it out, and if possible, reference a section
in an existing document. I have been reading like a fiend and
porting/coding as I go.

Isn't the openssl engine dynamically loading the tpm key dynamically
each time it uses it? I thought the key that we generated was just
related to the internal key for validation reasons to associate the
key with that physical initialized TPM?
Essentially, yes. The file is reduced to the binary key form which is
kept in memory for the lifetime of the engine (so it's not loading a
file each time). But when you ask for a signature (the only universal
operation), the sequence of TPM commands is


So it is loading the key from the memory area each time. This pretty
much corresponds to best practice, even internally to a single
application because you want to keep TPM resources tied up for the
smallest amount of time. In theory it is possible to keep the key and
the session loaded in TPM volatile memory, but this can lead to
resource issues if the application uses more than three keys.

If you're worried about time taken by the TPM operations, then actually
the TPM2_Load isn't the problem one (it's a simple aes128 decryption),
the heavy one is TPM2_StartAuthSession because we use a
cryptographically salted session and that means the TPM has to use the
primary storage key to derive the encrypted salt.


From an earlier email I sent to James: (direct quote)

It gets shoved into a JSON in base64 format for storage on the
The device-tree hooks convert that back to native key text format for
presentation in /proc space

From device initialization code (runs just once....)

    echo "Generating new unit key..."
    send_station "Generating new unit key..."

    # use the TPM to create the key…
    create_tpm2_key -p 81000001 --ecc prime256v1 /tmp/openssl-key.tpm

    jq ".unit.\"tpm2_key#\" = \"$(cat /tmp/openssl-key.tpm | base64
-w0)\"" /tmp/upd.json > /tmp/upd-new.json --json /tmp/upd-new.json --increment --upd
    dd "if=${FLASH}p$UPD_PRI" "of=${FLASH}p$UPD_BAK" bs=1M

So we have a key that we created on our initialized TPM stored into
raw device storage, that get instantiated in /proc device space as
its own text representation.

It seems to be keeping openssl (via the engine) completely happy at
this point.
I have tested by reinitializing the TPM hardware so the key no longer
matched the device, and the engine fails, until I go back and
generate a new key.

Douglas Fraser

Join to automatically receive all group messages.