Merge pull request wolfSSL#276 from dgarske/secure_rot

Example for Secure Boot solution to store root of trust in NV

.gitignore

@@ -75,6 +75,7 @@ examples/seal/unseal
 examples/seal/seal_policy_auth
 examples/attestation/make_credential
 examples/attestation/activate_credential
+examples/boot/secure_rot
 
 # Generated Cert Files
 certs/ca-*.pem

README.md

@@ -6,11 +6,11 @@ Portable TPM 2.0 project designed for embedded use.
 ## Project Features
 
 * This implementation provides all TPM 2.0 API’s in compliance with the specification.
-* Wrappers provided to simplify Key Generation/Loading, RSA encrypt/decrypt, ECC sign/verify, ECDH, NV, Hashing/Hmac and AES.
+* Wrappers provided to simplify Key Generation/Loading, RSA encrypt/decrypt, ECC sign/verify, ECDH, NV, Hashing/HACM, AES, Sealing/Unsealing, Attestation, PCR Extend/Quote and Secure Root of Trust.
 * Testing done using the following TPM 2.0 modules: STM ST33TP* SPI/I2C, Infineon OPTIGA SLB9670/SLB9672, Microchip ATTPM20, Nations Tech Z32H330TC and Nuvoton NPCT650/NPCT750.
 * wolfTPM uses the TPM Interface Specification (TIS) to communicate either over SPI, or using a memory mapped I/O range.
 * wolfTPM can also use the Linux TPM kernel interface (/dev/tpmX) to talk with any physical TPM on SPI, I2C and even LPC bus.
-* Platform support for Raspberry Pi, STM32 with CubeMX, Atmel ASF, Xilinx, Infineon TriCore and Barebox.
+* Platform support for Raspberry Pi (Linux), MMIO, STM32 with CubeMX, Atmel ASF, Xilinx, QNX Infineon TriCore and Barebox.
 * The design allows for easy portability to different platforms:
     * Native C code designed for embedded use.
     * Single IO callback for hardware SPI interface.

certs/example-rsa-key-pub.pem

@@ -0,0 +1,9 @@
+-----BEGIN PUBLIC KEY-----
+MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnj22EdUiGQC/9vBWG4Kc
+cpxDYLxwAjPS3M2Z7IFZGWMcdzvQ022tlU8YTDdtYv2qHCQs2Qd+ar8/kYnJMr1g
+ajw12riRJ/YnD14EpJ6sc8NGQE8y9MG6v05OU/qCExRQhifP22haJLTiroj+R+dA
+8el9ltajR4i5GxquzW1xwPGBtsMyvZMIpKMEl0FQe6WeW4I1tqu97yBkrHlvNNn+
+yP99MG3+KEdb35ODkLq7E/bJdghSzbeWyUsOpRU5uAToAu0N26Rz8wv2CrhWFihn
+kC/RgrBGVVhwjOr83pOkjcENHqENIvSLhdKLP9JyQ8HVxGV/TqAYRU+9e7L5cQ16
+RQIDAQAB
+-----END PUBLIC KEY-----

certs/include.am

@@ -8,4 +8,7 @@ EXTRA_DIST += \
 	     certs/ca-ecc.cnf \
 	     certs/wolf-ca-ecc-cert.pem \
 	     certs/wolf-ca-rsa-cert.pem \
-	     certs/example-rsa-key.pem
+	     certs/example-rsa-key.pem \
+		 certs/example-rsa-key.der \
+		 certs/example-rsa-key-pub.pem \
+		 certs/example-rsa-key-pub.der

certs/wolf-ca-ecc-cert.pem

@@ -2,12 +2,12 @@ Certificate:
     Data:
         Version: 3 (0x2)
         Serial Number:
-            7e:bd:d9:c1:a5:b2:60:a4:ba:f4:86:cf:13:ac:77:84:be:ac:07:e7
+            65:67:42:4c:06:e7:e4:c3:68:01:a9:94:a9:07:e6:fe:bd:2c:d6:3d
         Signature Algorithm: ecdsa-with-SHA256
         Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL, OU = Development, CN = www.wolfssl.com, emailAddress = [email protected]
         Validity
-            Not Before: Jun 19 13:23:41 2020 GMT
-            Not After : Mar 16 13:23:41 2023 GMT
+            Not Before: Dec 16 21:17:49 2022 GMT
+            Not After : Sep 11 21:17:49 2025 GMT
         Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL, OU = Development, CN = www.wolfssl.com, emailAddress = [email protected]
         Subject Public Key Info:
             Public Key Algorithm: id-ecPublicKey
@@ -31,23 +31,23 @@ Certificate:
             X509v3 Key Usage: critical
                 Digital Signature, Certificate Sign, CRL Sign
     Signature Algorithm: ecdsa-with-SHA256
-         30:44:02:20:06:c3:0a:69:01:57:31:17:09:3f:21:95:4f:3f:
-         c5:20:e3:21:86:75:47:5e:87:f7:48:8a:1e:01:fa:d2:67:c8:
-         02:20:7d:c8:e9:2d:5b:74:28:87:71:db:a3:0e:19:84:cc:b3:
-         a6:83:35:75:f8:05:dd:fc:5e:51:2b:18:98:c4:ac:95
+         30:46:02:21:00:b0:12:16:03:26:79:d4:6b:94:d9:7e:ca:e1:
+         2d:24:64:ef:11:6e:f2:12:81:e4:ce:1d:77:7d:ca:5c:47:50:
+         62:02:21:00:80:bf:46:3c:5d:d8:e5:ab:47:ce:a2:19:bd:21:
+         de:85:6f:ab:c9:8f:01:f3:ab:1b:b9:e1:53:d6:24:77:a6:4d
 -----BEGIN CERTIFICATE-----
-MIIClDCCAjugAwIBAgIUfr3ZwaWyYKS69IbPE6x3hL6sB+cwCgYIKoZIzj0EAwIw
+MIICljCCAjugAwIBAgIUZWdCTAbn5MNoAamUqQfm/r0s1j0wCgYIKoZIzj0EAwIw
 gZcxCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdT
 ZWF0dGxlMRAwDgYDVQQKDAd3b2xmU1NMMRQwEgYDVQQLDAtEZXZlbG9wbWVudDEY
 MBYGA1UEAwwPd3d3LndvbGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdv
-bGZzc2wuY29tMB4XDTIwMDYxOTEzMjM0MVoXDTIzMDMxNjEzMjM0MVowgZcxCzAJ
+bGZzc2wuY29tMB4XDTIyMTIxNjIxMTc0OVoXDTI1MDkxMTIxMTc0OVowgZcxCzAJ
 BgNVBAYTAlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxl
 MRAwDgYDVQQKDAd3b2xmU1NMMRQwEgYDVQQLDAtEZXZlbG9wbWVudDEYMBYGA1UE
 AwwPd3d3LndvbGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu
 Y29tMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEAtPZbtYBjkXIuZAx5cBM456t
 KTiYuhDW6QkqgKkuFyq5ir8zg0bjlQvkd0C1O0NFMw9hU3w3RMHL/IDK6EPqp6Nj
 MGEwHQYDVR0OBBYEFFaOmsPwQt4YuUVVbvmTz+rD86UhMB8GA1UdIwQYMBaAFFaO
 msPwQt4YuUVVbvmTz+rD86UhMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQD
-AgGGMAoGCCqGSM49BAMCA0cAMEQCIAbDCmkBVzEXCT8hlU8/xSDjIYZ1R16H90iK
-HgH60mfIAiB9yOktW3Qoh3Hbow4ZhMyzpoM1dfgF3fxeUSsYmMSslQ==
+AgGGMAoGCCqGSM49BAMCA0kAMEYCIQCwEhYDJnnUa5TZfsrhLSRk7xFu8hKB5M4d
+d33KXEdQYgIhAIC/Rjxd2OWrR86iGb0h3oVvq8mPAfOrG7nhU9Ykd6ZN
 -----END CERTIFICATE-----

certs/wolf-ca-rsa-cert.pem

@@ -2,12 +2,12 @@ Certificate:
     Data:
         Version: 3 (0x2)
         Serial Number:
-            5e:ba:a4:f4:b1:f7:48:25:e3:5f:9b:da:a1:13:ed:d5:2b:03:67:15
+            2c:80:ce:db:47:9d:07:66:92:3d:68:d7:ca:ac:90:4f:ca:69:41:4b
         Signature Algorithm: sha256WithRSAEncryption
         Issuer: C = US, ST = Montana, L = Bozeman, O = Sawtooth, OU = Consulting, CN = www.wolfssl.com, emailAddress = [email protected]
         Validity
-            Not Before: Jun 19 13:23:41 2020 GMT
-            Not After : Mar 16 13:23:41 2023 GMT
+            Not Before: Dec 16 21:17:49 2022 GMT
+            Not After : Sep 11 21:17:49 2025 GMT
         Subject: C = US, ST = Montana, L = Bozeman, O = Sawtooth, OU = Consulting, CN = www.wolfssl.com, emailAddress = [email protected]
         Subject Public Key Info:
             Public Key Algorithm: rsaEncryption
@@ -38,7 +38,7 @@ Certificate:
             X509v3 Authority Key Identifier: 
                 keyid:27:8E:67:11:74:C3:26:1D:3F:ED:33:63:B3:A4:D8:1D:30:E5:E8:D5
                 DirName:/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.wolfssl.com/[email protected]
-                serial:5E:BA:A4:F4:B1:F7:48:25:E3:5F:9B:DA:A1:13:ED:D5:2B:03:67:15
+                serial:2C:80:CE:DB:47:9D:07:66:92:3D:68:D7:CA:AC:90:4F:CA:69:41:4B
 
             X509v3 Basic Constraints: 
                 CA:TRUE
@@ -47,27 +47,27 @@ Certificate:
             X509v3 Extended Key Usage: 
                 TLS Web Server Authentication, TLS Web Client Authentication
     Signature Algorithm: sha256WithRSAEncryption
-         b9:ed:94:3e:00:73:2d:a5:d1:04:b3:fb:dc:f0:b7:0d:3d:ad:
-         96:74:4c:92:67:ad:6d:7c:e2:99:6a:33:ca:b2:0f:04:5a:a5:
-         67:f8:e3:0b:3d:f5:d0:5b:1e:20:52:12:92:28:ea:31:a3:51:
-         9e:8b:d2:39:e4:25:ea:61:61:41:16:2d:54:50:d3:fb:d0:34:
-         00:10:f1:7b:bc:f0:08:a7:f5:27:5e:7e:40:9d:99:b0:d3:31:
-         11:c3:9d:a9:51:a0:17:cf:83:2c:55:84:e0:d5:92:a0:05:3a:
-         9f:b8:75:f8:1b:e5:f7:a4:6c:e9:aa:25:8b:19:93:46:1f:3f:
-         33:af:47:29:cf:7b:8b:59:27:eb:d7:4f:cb:33:19:fa:5f:ee:
-         d8:13:e9:0c:07:ad:3b:c0:7f:10:d7:e4:ed:e8:db:16:e1:1f:
-         a4:7f:16:3c:bd:d7:11:f2:d4:3a:a9:9b:95:e1:39:51:99:eb:
-         5b:65:46:ef:63:84:73:95:23:b8:bf:b5:f6:4d:12:71:f7:ff:
-         33:aa:4a:8c:65:73:73:89:69:df:a6:dc:a4:91:ff:ae:c7:28:
-         93:b5:1a:de:a9:8f:2b:30:85:83:8b:99:82:ca:b3:7c:11:10:
-         88:9d:8e:6c:2c:f3:05:6f:cb:80:85:16:b7:ed:e4:68:fb:b6:
-         b6:31:8a:7d
+         ae:b0:a4:35:8e:8a:1b:a6:eb:b3:a2:57:cf:3a:1f:dc:6e:bc:
+         d2:d0:a6:4a:8f:88:0a:6e:74:d5:d1:7c:d1:44:b1:d4:3b:17:
+         03:09:5a:46:ed:08:08:cf:f1:fd:20:07:67:c0:97:ec:35:f3:
+         75:ca:20:61:98:3e:f5:4d:be:e6:9d:75:1e:e4:03:ad:8c:a6:
+         1e:3d:ec:e4:1a:92:5b:f9:a3:ad:83:ca:4f:cd:aa:38:bb:6e:
+         ae:ad:fa:a7:46:f1:8b:73:ec:09:23:bc:f2:18:e5:b7:92:86:
+         3e:a4:75:60:c7:3d:0f:3f:83:00:c3:06:08:9c:d1:54:d6:ba:
+         6d:95:3d:34:a1:be:24:91:cc:20:03:11:5b:72:1c:d4:65:d0:
+         11:88:75:26:04:26:ef:66:70:e6:3b:38:87:9c:53:71:1b:09:
+         51:70:50:99:4c:31:0c:62:44:57:30:60:04:fc:12:2c:a3:24:
+         b4:f7:11:d5:0e:b5:21:0b:ed:86:11:67:4d:36:fa:57:a0:59:
+         55:21:b3:6d:e4:77:5e:ec:7e:f0:09:13:8e:99:98:b2:e1:82:
+         b6:4b:3e:0f:41:a6:0c:cd:49:99:7e:e4:8a:cb:37:ed:53:cf:
+         86:5d:a9:26:a8:e5:01:25:5a:b4:bc:25:35:f1:fa:5a:5c:ce:
+         d4:b8:9a:2c
 -----BEGIN CERTIFICATE-----
-MIIE/zCCA+egAwIBAgIUXrqk9LH3SCXjX5vaoRPt1SsDZxUwDQYJKoZIhvcNAQEL
+MIIE/zCCA+egAwIBAgIULIDO20edB2aSPWjXyqyQT8ppQUswDQYJKoZIhvcNAQEL
 BQAwgZQxCzAJBgNVBAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdC
 b3plbWFuMREwDwYDVQQKDAhTYXd0b290aDETMBEGA1UECwwKQ29uc3VsdGluZzEY
 MBYGA1UEAwwPd3d3LndvbGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdv
-bGZzc2wuY29tMB4XDTIwMDYxOTEzMjM0MVoXDTIzMDMxNjEzMjM0MVowgZQxCzAJ
+bGZzc2wuY29tMB4XDTIyMTIxNjIxMTc0OVoXDTI1MDkxMTIxMTc0OVowgZQxCzAJ
 BgNVBAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMREw
 DwYDVQQKDAhTYXd0b290aDETMBEGA1UECwwKQ29uc3VsdGluZzEYMBYGA1UEAwwP
 d3d3LndvbGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29t
@@ -82,12 +82,12 @@ BgNVHSMEgcwwgcmAFCeOZxF0wyYdP+0zY7Ok2B0w5ejVoYGapIGXMIGUMQswCQYD
 VQQGEwJVUzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjERMA8G
 A1UECgwIU2F3dG9vdGgxEzARBgNVBAsMCkNvbnN1bHRpbmcxGDAWBgNVBAMMD3d3
 dy53b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIU
-Xrqk9LH3SCXjX5vaoRPt1SsDZxUwDAYDVR0TBAUwAwEB/zAcBgNVHREEFTATggtl
+LIDO20edB2aSPWjXyqyQT8ppQUswDAYDVR0TBAUwAwEB/zAcBgNVHREEFTATggtl
 eGFtcGxlLmNvbYcEfwAAATAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIw
-DQYJKoZIhvcNAQELBQADggEBALntlD4Acy2l0QSz+9zwtw09rZZ0TJJnrW184plq
-M8qyDwRapWf44ws99dBbHiBSEpIo6jGjUZ6L0jnkJephYUEWLVRQ0/vQNAAQ8Xu8
-8Ain9SdefkCdmbDTMRHDnalRoBfPgyxVhODVkqAFOp+4dfgb5fekbOmqJYsZk0Yf
-PzOvRynPe4tZJ+vXT8szGfpf7tgT6QwHrTvAfxDX5O3o2xbhH6R/Fjy91xHy1Dqp
-m5XhOVGZ61tlRu9jhHOVI7i/tfZNEnH3/zOqSoxlc3OJad+m3KSR/67HKJO1Gt6p
-jyswhYOLmYLKs3wREIidjmws8wVvy4CFFrft5Gj7trYxin0=
+DQYJKoZIhvcNAQELBQADggEBAK6wpDWOihum67OiV886H9xuvNLQpkqPiApudNXR
+fNFEsdQ7FwMJWkbtCAjP8f0gB2fAl+w183XKIGGYPvVNvuaddR7kA62Mph497OQa
+klv5o62Dyk/Nqji7bq6t+qdG8Ytz7AkjvPIY5beShj6kdWDHPQ8/gwDDBgic0VTW
+um2VPTShviSRzCADEVtyHNRl0BGIdSYEJu9mcOY7OIecU3EbCVFwUJlMMQxiRFcw
+YAT8EiyjJLT3EdUOtSEL7YYRZ002+legWVUhs23kd17sfvAJE46ZmLLhgrZLPg9B
+pgzNSZl+5IrLN+1Tz4ZdqSao5QElWrS8JTXx+lpcztS4miw=
 -----END CERTIFICATE-----

examples/boot/README.md

@@ -0,0 +1,49 @@
+# Secure Boot Root-of-Trust (ROT)
+
+Design for storage of public key based root of trust into TPM:
+
+1) Use AES-CFB parameter encryption for all communication (salted and bound)
+2) Derive a password based on unique device parameters used as "auth" to load NV (authenticate)
+3) The NV contains a hash of the public key (hash matches .config setting)
+4) WolfBoot still has the public key internally and programs the TPM with the NV if not populated.
+5) The NV is locked and created under the platform hierarchy
+
+Exammple:
+
+```
+$ ./examples/boot/secure_rot -write=../wolfBoot/wolfboot_signing_public_key.der -lock
+TPM2: Caps 0x00000000, Did 0x0000, Vid 0x0000, Rid 0x 0
+TPM2_Startup pass
+TPM2_SelfTest pass
+NV Auth (32)
+	19 3f bf 0c bb 90 ca a1 40 96 a6 ee 8e fc 7c 3f | .?......@.....|?
+	c1 c2 7f 1d c3 e0 a2 5e c7 72 5a a1 94 76 63 53 | .......^.rZ..vcS
+Parameter Encryption: Enabled. (AES CFB)
+
+TPM2_StartAuthSession: handle 0x2000000, algorithm AES
+TPM2_StartAuthSession: sessionHandle 0x2000000
+Storing hash of public key file ../wolfBoot/wolfboot_signing_public_key.der to NV index 0x1400200 with password protection
+
+Public Key Hash (32)
+	e3 29 f9 9e 56 93 6e 24 02 34 13 81 0f 7c 73 4d | .)..V.n$.4...|sM
+	8f 9d 63 b8 8f 43 39 7b e5 46 93 dd 77 58 77 29 | ..c..C9{.F..wXw)
+TPM2_NV_ReadPublic: Sz 14, Idx 0x1400200, nameAlg 11, Attr 0x42072005, authPol 0, dataSz 32, name 34
+TPM2_NV_DefineSpace: Auth 0x4000000c, Idx 0x1400200, Attribs 0x1107763205, Size 32
+TPM2_NV_Write: Auth 0x1400200, Idx 0x1400200, Offset 0, Size 32
+Wrote 32 bytes to NV 0x1400200
+Reading NV 0x1400200 public key hash
+TPM2_NV_ReadPublic: Sz 14, Idx 0x1400200, nameAlg 11, Attr 0x62072005, authPol 0, dataSz 32, name 34
+TPM2_NV_Read: Auth 0x1400200, Idx 0x1400200, Offset 0, Size 32
+Read Public Key Hash (32)
+	e3 29 f9 9e 56 93 6e 24 02 34 13 81 0f 7c 73 4d | .)..V.n$.4...|sM
+	8f 9d 63 b8 8f 43 39 7b e5 46 93 dd 77 58 77 29 | ..c..C9{.F..wXw)
+Locking NV index 0x1400200
+NV 0x1400200 locked
+TPM2_FlushContext: Closed handle 0x2000000
+```
+
+# Secure Boot Encryption Key Storage
+
+TODO:
+* Sealing based on PCR's and key?
+* RSA encrypt/decrypt?

examples/boot/boot.h

@@ -0,0 +1,35 @@
+/* boot.h
+ *
+ * Copyright (C) 2006-2023 wolfSSL Inc.
+ *
+ * This file is part of wolfTPM.
+ *
+ * wolfTPM is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfTPM is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+#ifndef _BOOT_SECURE_EXAMPLES_H_
+#define _BOOT_SECURE_EXAMPLES_H_
+
+#ifdef __cplusplus
+    extern "C" {
+#endif
+
+int TPM2_Boot_SecureROT_Example(void* userCtx, int argc, char *argv[]);
+
+#ifdef __cplusplus
+    }  /* extern "C" */
+#endif
+
+#endif /* _BOOT_SECURE_EXAMPLES_H_ */

examples/boot/include.am

@@ -0,0 +1,15 @@
+# vim:ft=automake
+# All paths should be given relative to the root
+
+if BUILD_EXAMPLES
+noinst_PROGRAMS += examples/boot/secure_rot
+noinst_HEADERS  += examples/boot/boot.h
+examples_boot_secure_rot_SOURCES      = examples/boot/secure_rot.c
+examples_boot_secure_rot_LDADD        = src/libwolftpm.la $(LIB_STATIC_ADD)
+examples_boot_secure_rot_DEPENDENCIES = src/libwolftpm.la
+endif
+
+example_bootdir = $(exampledir)/boot
+dist_example_boot_DATA = examples/boot/secure_rot.c
+
+DISTCLEANFILES+= examples/boot/.libs/secure_rot