Skip to content

Notes from upgrade to support RSA 3072 bit keys

Jump to bottom Edit New page
Stefan Berger edited this page May 3, 2020 · 4 revisions

The TPM 2 implementation of libtpms only supported RSA 1024 and 2048 bit keys. Since libtpms 0.8.0, the TPM 2 implementation now supports RSA 3072 bit keys as well.

Due to the support for RSA 3072 bit keys, the size of the OBJECT type (Global.h) increased from previously (RSA 2048) 1896 bytes to 2600 bytes, thus an increase of 704 bytes. Since it is possible to fill up the USER NVRAM of the libtpms's TPM 2 with 65 persistent keys, the size of the NVRAM had to be increased by 65 * 704 = 45760 bytes exactly so that old (worst-case) state can still be loaded into the NVRAM after the increase of the OBJECTs size.

Other NVRAM areas (than NV_USER_DYNAMIC) are not affected:

  • NV_PERSISTENT_DATA: holds unaffected PERSISTENT_DATA data structure
  • NV_STATE_RESET_DATA: holds unaffected STATE_RESET_DATA data structure
  • NV_STATE_CLEAR_DATA: holds unaffected STATE_CLEAR_DATA data structure
  • NV_ORDERLY_DATA: holds unaffected ORDERLY_DATA data structure
  • NV_INDEX_RAM_DATA: 512 byte space; contains NV_RAM_HEADER structures consisting of { UINT32 size, TPM_HANDLE handle, TPMA_NV attributes}, each followed by an array of bytes; size = 0 indicates last entry.

libtpms upgrades during VM suspend / resume

The following sequence of operations was tested to check that a contextsave/contextload operation across VM suspend -> libtpms upgrade from 0.6.0 to 0.8.0 -> VM resume still works:

tsscreateprimary -si -hi o
tsscontextsave -ha 80000000 -of primkeyctx.bin
echo "Hello" > input
tsssign -hk 80000000 -if input -os sig.bin
tssverifysignature -hk 80000000 -is sig.bin -if input
tssflushcontext -ha 80000000
< VM suspend >
< libtpms upgrade >
< VM restore >
tsscontextload -if primkeyctx.bin
tssverifysignature -hk 80000000 -is sig.bin -if input
tsscreateprimary -si -hi o -rsa 3072   # check that libtpms does support 3072 bit keys now

This proves that an older context that only held an RSA 2048 bit key can still be used after upgrade of libtpms that now supports RSA 3072 and where the OBJECT is now bigger.

Add a custom footer
Add a custom sidebar
Clone this wiki locally