Botan 3.7.1
Crypto and TLS for C&
tpm2_key.cpp
Go to the documentation of this file.
1/*
2* TPM 2.0 Key Wrappers' Base Class
3* (C) 2024 Jack Lloyd
4* (C) 2024 René Meusel, Amos Treiber - Rohde & Schwarz Cybersecurity GmbH, financed by LANCOM Systems GmbH
5*
6* Botan is released under the Simplified BSD License (see license.txt)
7*/
8
9#include <botan/tpm2_key.h>
10
11#if defined(BOTAN_HAS_TPM2_RSA_ADAPTER)
12 #include <botan/tpm2_rsa.h>
13#endif
14#if defined(BOTAN_HAS_TPM2_ECC_ADAPTER)
15 #include <botan/tpm2_ecc.h>
16#endif
17
18#include <botan/internal/fmt.h>
19#include <botan/internal/stl_util.h>
20#include <botan/internal/tpm2_algo_mappings.h>
21#include <botan/internal/tpm2_hash.h>
22#include <botan/internal/tpm2_util.h>
23
24#include <tss2/tss2_esys.h>
25#include <tss2/tss2_mu.h>
26
27namespace Botan::TPM2 {
28
29#if defined(BOTAN_HAS_RSA)
30Botan::RSA_PublicKey rsa_pubkey_from_tss2_public(const TPM2B_PUBLIC* public_area) {
31 // TODO: this RSA_PublicKey currently takes const-refs, so we cannot benefit
32 // from moving them in place. This should be fixed in the future.
33 return std::apply([](const BigInt& n, const BigInt& e) { return Botan::RSA_PublicKey(n, e); },
35}
36#endif
37
38#if defined(BOTAN_HAS_ECC_GROUP)
39std::pair<EC_Group, EC_AffinePoint> ecc_pubkey_from_tss2_public(const TPM2B_PUBLIC* public_blob) {
40 BOTAN_ASSERT_NONNULL(public_blob);
41 BOTAN_ARG_CHECK(public_blob->publicArea.type == TPM2_ALG_ECC, "Public blob is not an ECC key");
42
43 const auto curve_id = public_blob->publicArea.parameters.eccDetail.curveID;
44 const auto curve_name = curve_id_tss2_to_botan(curve_id);
45 if(!curve_name) {
46 throw Invalid_Argument(Botan::fmt("Unsupported ECC curve: {}", curve_id));
47 }
48
49 auto curve = Botan::EC_Group::from_name(curve_name.value());
50 // Create an EC_AffinePoint from the x and y coordinates as SEC1 uncompressed point.
51 // According to the TPM2.0 specification Part 1 C.8, each coordinate is already padded to the curve's size.
52 auto point = EC_AffinePoint::deserialize(curve,
53 concat(std::vector<uint8_t>({0x04}),
54 as_span(public_blob->publicArea.unique.ecc.x),
55 as_span(public_blob->publicArea.unique.ecc.y)));
56 if(!point) {
57 throw Invalid_Argument("Invalid ECC Point");
58 }
59 return {std::move(curve), std::move(point.value())};
60}
61#endif
62
63namespace {
64
65Object load_persistent_object(const std::shared_ptr<Context>& ctx,
66 TPM2_HANDLE persistent_object_handle,
67 std::span<const uint8_t> auth_value,
68 const SessionBundle& sessions) {
70 TPM2_PERSISTENT_FIRST <= persistent_object_handle && persistent_object_handle <= TPM2_PERSISTENT_LAST,
71 "persistent_object_handle out of range");
73 const bool is_persistent = value_exists(ctx->persistent_handles(), persistent_object_handle);
74 BOTAN_STATE_CHECK(is_persistent);
75
76 Object object(ctx);
77
78 check_rc("Esys_TR_FromTPMPublic",
79 Esys_TR_FromTPMPublic(
80 *ctx, persistent_object_handle, sessions[0], sessions[1], sessions[2], out_transient_handle(object)));
81
82 if(!auth_value.empty()) {
83 const auto user_auth = copy_into<TPM2B_AUTH>(auth_value);
84 check_rc("Esys_TR_SetAuth", Esys_TR_SetAuth(*ctx, object.transient_handle(), &user_auth));
85 }
86
87 check_rc("Esys_TR_GetTpmHandle",
88 Esys_TR_GetTpmHandle(*ctx, object.transient_handle(), out_persistent_handle(object)));
89
90 const auto key_type = object._public_info(sessions).pub->publicArea.type;
91 BOTAN_ARG_CHECK(key_type == TPM2_ALG_RSA || key_type == TPM2_ALG_ECC,
92 "persistent object is neither RSA nor ECC public key");
93
94 return object;
95}
96
97std::vector<uint8_t> marshal_public_blob(const TPM2B_PUBLIC* public_data) {
98 size_t bytes_required = 0;
99 std::vector<uint8_t> marshalled_blob(sizeof(TPM2B_PUBLIC));
100 check_rc("Tss2_MU_TPM2B_PUBLIC_Marshal",
101 Tss2_MU_TPM2B_PUBLIC_Marshal(public_data, marshalled_blob.data(), marshalled_blob.size(), &bytes_required));
102 marshalled_blob.resize(bytes_required);
103 marshalled_blob.shrink_to_fit();
104 return marshalled_blob;
105}
106
107TPM2B_PUBLIC unmarshal_public_blob(std::span<const uint8_t> marshalled_blob) {
108 TPM2B_PUBLIC public_data{};
109 size_t offset = 0;
110 check_rc("Tss2_MU_TPM2B_PUBLIC_Unmarshal",
111 Tss2_MU_TPM2B_PUBLIC_Unmarshal(marshalled_blob.data(), marshalled_blob.size(), &offset, &public_data));
112 BOTAN_ASSERT_NOMSG(offset == marshalled_blob.size());
113 return public_data;
114}
115
116TPM2B_TEMPLATE marshal_template(const TPMT_PUBLIC& key_template) {
117 TPM2B_TEMPLATE result = {};
118 size_t offset = 0;
119 check_rc("Tss2_MU_TPMT_PUBLIC_Marshal",
120 Tss2_MU_TPMT_PUBLIC_Marshal(&key_template, result.buffer, sizeof(TPMT_PUBLIC), &offset));
121 BOTAN_ASSERT_NOMSG(offset <= sizeof(result.buffer));
122 result.size = static_cast<uint16_t>(offset);
123 return result;
124}
125
126} // namespace
127
128std::unique_ptr<PublicKey> PublicKey::load_persistent(const std::shared_ptr<Context>& ctx,
129 TPM2_HANDLE persistent_object_handle,
130 const SessionBundle& sessions) {
131 return create(load_persistent_object(ctx, persistent_object_handle, {}, sessions), sessions);
132}
133
134std::unique_ptr<PublicKey> PublicKey::load_transient(const std::shared_ptr<Context>& ctx,
135 std::span<const uint8_t> public_blob,
136 const SessionBundle& sessions) {
137 const auto public_data = unmarshal_public_blob(public_blob);
138
140
141 Object handle(ctx);
142 check_rc("Esys_LoadExternal",
143 Esys_LoadExternal(*ctx,
144 sessions[0],
145 sessions[1],
146 sessions[2],
147 nullptr /* no private data to be loaded */,
148 &public_data,
149 TPM2_RH_NULL,
150 out_transient_handle(handle)));
151 return create(std::move(handle), sessions);
152}
153
154std::vector<uint8_t> PublicKey::raw_public_key_bits() const {
155 return marshal_public_blob(m_handle._public_info(m_sessions).pub.get());
156}
157
158std::unique_ptr<PublicKey> PublicKey::create(Object handles, const SessionBundle& sessions) {
159 [[maybe_unused]] const auto* pubinfo = handles._public_info(sessions).pub.get();
160#if defined(BOTAN_HAS_TPM2_RSA_ADAPTER)
161 if(pubinfo->publicArea.type == TPM2_ALG_RSA) {
162 return std::unique_ptr<PublicKey>(new RSA_PublicKey(std::move(handles), sessions, pubinfo));
163 }
164#endif
165#if defined(BOTAN_HAS_TPM2_ECC_ADAPTER)
166 if(pubinfo->publicArea.type == TPM2_ALG_ECC) {
167 return std::unique_ptr<PublicKey>(new EC_PublicKey(std::move(handles), sessions, pubinfo));
168 }
169#endif
170
171 throw Not_Implemented(Botan::fmt("Loaded a {} public key of an unsupported type",
172 handles.has_persistent_handle() ? "persistent" : "transient"));
173}
174
175// - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
176
177std::unique_ptr<PrivateKey> PrivateKey::load_persistent(const std::shared_ptr<Context>& ctx,
178 TPM2_HANDLE persistent_object_handle,
179 std::span<const uint8_t> auth_value,
180 const SessionBundle& sessions) {
181 return create(load_persistent_object(ctx, persistent_object_handle, auth_value, sessions),
182 sessions,
183 nullptr /* pull public info from handle */,
184 {} /* persistent keys don't have an encrypted private blob */);
185}
186
187std::unique_ptr<PrivateKey> PrivateKey::load_transient(const std::shared_ptr<Context>& ctx,
188 std::span<const uint8_t> auth_value,
189 const TPM2::PrivateKey& parent,
190 std::span<const uint8_t> public_blob,
191 std::span<const uint8_t> private_blob,
192 const SessionBundle& sessions) {
194 Object handle(ctx);
195
196 const auto public_data = unmarshal_public_blob(public_blob);
197 const auto private_data = copy_into<TPM2B_PRIVATE>(private_blob);
198
199 check_rc("Esys_Load",
200 Esys_Load(*ctx,
201 parent.handles().transient_handle(),
202 sessions[0],
203 sessions[1],
204 sessions[2],
205 &private_data,
206 &public_data,
207 out_transient_handle(handle)));
208
209 if(!auth_value.empty()) {
210 const auto user_auth = copy_into<TPM2B_AUTH>(auth_value);
211 check_rc("Esys_TR_SetAuth", Esys_TR_SetAuth(*ctx, handle.transient_handle(), &user_auth));
212 }
213
214 return create(std::move(handle), sessions, nullptr /* pull public info from handle */, private_blob);
215}
216
217std::unique_ptr<PrivateKey> PrivateKey::create_transient_from_template(const std::shared_ptr<Context>& ctx,
218 const SessionBundle& sessions,
219 ESYS_TR parent,
220 const TPMT_PUBLIC& key_template,
221 const TPM2B_SENSITIVE_CREATE& sensitive_data) {
223
224 switch(key_template.type) {
225 case TPM2_ALG_RSA:
226#if not defined(BOTAN_HAS_TPM2_RSA_ADAPTER)
227 throw Not_Implemented("TPM2-based RSA keys are not supported in this build");
228#endif
229 break;
230 case TPM2_ALG_ECC:
231#if not defined(BOTAN_HAS_TPM2_ECC_ADAPTER)
232 throw Not_Implemented("TPM2-based ECC keys are not supported in this build");
233#endif
234 break;
235 default:
236 throw Invalid_Argument("Unsupported key type");
237 }
238
239 const auto marshalled_template = marshal_template(key_template);
240
241 Object handle(ctx);
242 unique_esys_ptr<TPM2B_PRIVATE> private_bytes;
244
245 // Esys_CreateLoaded can create different object types depending on the type
246 // of the parent passed in. Namely, this will create a Primary object if the
247 // parent is referencing a Primary Seed; an Ordinary Object if the parent is
248 // referencing a Storage Parent; and a Derived Object if the parent is
249 // referencing a Derivation Parent.
250 //
251 // See the Architecture Document, Section 27.1.
252 check_rc("Esys_CreateLoaded",
253 Esys_CreateLoaded(*ctx,
254 parent,
255 sessions[0],
256 sessions[1],
257 sessions[2],
258 &sensitive_data,
259 &marshalled_template,
260 out_transient_handle(handle),
261 out_ptr(private_bytes),
262 out_ptr(public_info)));
263 BOTAN_ASSERT_NONNULL(private_bytes);
264 BOTAN_ASSERT_NOMSG(public_info->publicArea.type == key_template.type);
266
267 return create(std::move(handle), sessions, public_info.get(), as_span(*private_bytes));
268}
269
272 BOTAN_ASSERT_NOMSG(!m_private_blob.empty());
273 return Botan::lock(m_private_blob);
274}
275
276std::vector<uint8_t> PrivateKey::raw_public_key_bits() const {
277 return marshal_public_blob(m_handle._public_info(m_sessions).pub.get());
278}
279
281 // Architectural Document, Section 4.54
282 // any object with the decrypt and restricted attributes SET and the sign
283 // attribute CLEAR
284 const auto attrs = m_handle.attributes(m_sessions);
285 return attrs.decrypt && attrs.restricted && !attrs.sign_encrypt;
286}
287
288std::unique_ptr<PrivateKey> PrivateKey::create(Object handles,
289 [[maybe_unused]] const SessionBundle& sessions,
290 [[maybe_unused]] const TPM2B_PUBLIC* public_info,
291 [[maybe_unused]] std::span<const uint8_t> private_blob) {
292 if(!public_info) {
293 public_info = handles._public_info(sessions).pub.get();
294 }
295
296#if defined(BOTAN_HAS_TPM2_RSA_ADAPTER)
297 if(public_info->publicArea.type == TPM2_ALG_RSA) {
298 return std::unique_ptr<RSA_PrivateKey>(
299 new RSA_PrivateKey(std::move(handles), sessions, public_info, private_blob));
300 }
301#endif
302
303#if defined(BOTAN_HAS_TPM2_ECC_ADAPTER)
304 if(public_info->publicArea.type == TPM2_ALG_ECC) {
305 return std::unique_ptr<EC_PrivateKey>(new EC_PrivateKey(std::move(handles), sessions, public_info, private_blob));
306 }
307#endif
308
309 throw Not_Implemented(Botan::fmt("Loaded a {} private key of an unsupported type",
310 handles.has_persistent_handle() ? "persistent" : "transient"));
311}
312
313} // namespace Botan::TPM2
#define BOTAN_ASSERT_NOMSG(expr)
Definition assert.h:59
#define BOTAN_STATE_CHECK(expr)
Definition assert.h:41
#define BOTAN_ASSERT_NONNULL(ptr)
Definition assert.h:86
#define BOTAN_ARG_CHECK(expr, msg)
Definition assert.h:29
static std::optional< EC_AffinePoint > deserialize(const EC_Group &group, std::span< const uint8_t > bytes)
static EC_Group from_name(std::string_view name)
Definition ec_group.cpp:354
bool has_transient_handle() const
bool has_persistent_handle() const
PublicInfo & _public_info(const SessionBundle &sessions, std::optional< TPMI_ALG_PUBLIC > expected_type={}) const
ObjectAttributes attributes(const SessionBundle &sessions) const
ESYS_TR transient_handle() const noexcept
static std::unique_ptr< PrivateKey > create_transient_from_template(const std::shared_ptr< Context > &ctx, const SessionBundle &sessions, ESYS_TR parent, const TPMT_PUBLIC &key_template, const TPM2B_SENSITIVE_CREATE &sensitive_data)
Definition tpm2_key.cpp:217
std::vector< uint8_t > raw_public_key_bits() const override
Definition tpm2_key.cpp:276
static std::unique_ptr< PrivateKey > create(Object handles, const SessionBundle &sessions, const TPM2B_PUBLIC *public_info, std::span< const uint8_t > private_blob)
Definition tpm2_key.cpp:288
static std::unique_ptr< PrivateKey > load_persistent(const std::shared_ptr< Context > &ctx, TPM2_HANDLE persistent_object_handle, std::span< const uint8_t > auth_value, const SessionBundle &sessions)
Definition tpm2_key.cpp:177
static std::unique_ptr< PrivateKey > load_transient(const std::shared_ptr< Context > &ctx, std::span< const uint8_t > auth_value, const TPM2::PrivateKey &parent, std::span< const uint8_t > public_blob, std::span< const uint8_t > private_blob, const SessionBundle &sessions)
Definition tpm2_key.cpp:187
const SessionBundle & sessions() const
Definition tpm2_key.h:224
secure_vector< uint8_t > raw_private_key_bits() const override
Definition tpm2_key.cpp:270
static std::unique_ptr< PublicKey > create(Object handles, const SessionBundle &sessions)
Definition tpm2_key.cpp:158
std::vector< uint8_t > raw_public_key_bits() const override
Definition tpm2_key.cpp:154
static std::unique_ptr< PublicKey > load_persistent(const std::shared_ptr< Context > &ctx, TPM2_HANDLE persistent_object_handle, const SessionBundle &sessions={})
Definition tpm2_key.cpp:128
const Object & handles() const
Definition tpm2_key.h:99
const SessionBundle & sessions() const
Definition tpm2_key.h:101
static std::unique_ptr< PublicKey > load_transient(const std::shared_ptr< Context > &ctx, std::span< const uint8_t > public_blob, const SessionBundle &sessions)
Definition tpm2_key.cpp:134
constexpr void check_rc(std::string_view location, TSS2_RC rc)
Definition tpm2_util.h:54
constexpr auto out_persistent_handle(Object &object)
Definition tpm2_util.h:223
std::pair< BigInt, BigInt > rsa_pubkey_components_from_tss2_public(const TPM2B_PUBLIC *public_area)
Definition tpm2_rsa.cpp:29
std::unique_ptr< T, esys_liberator > unique_esys_ptr
A unique pointer type for ESYS handles that automatically frees the handle.
Definition tpm2_util.h:162
std::optional< std::string > curve_id_tss2_to_botan(TPMI_ECC_CURVE mode_id)
constexpr auto out_transient_handle(Object &object)
Definition tpm2_util.h:217
constexpr void copy_into(T &dest, std::span< const uint8_t > data)
Definition tpm2_util.h:117
constexpr auto as_span(tpm2_buffer auto &data)
Construct a std::span as a view into a TPM2 buffer.
Definition tpm2_util.h:102
constexpr auto out_ptr(T &outptr) noexcept
Definition stl_util.h:420
std::string fmt(std::string_view format, const T &... args)
Definition fmt.h:53
secure_vector< T > lock(const std::vector< T > &in)
Definition secmem.h:70
constexpr auto concat(Rs &&... ranges)
Definition stl_util.h:263
bool value_exists(const std::vector< T > &vec, const OT &val)
Definition stl_util.h:60
std::vector< T, secure_allocator< T > > secure_vector
Definition secmem.h:61
bool decrypt
The private portion of the key might be used for data decryption.
Definition tpm2_object.h:64
unique_esys_ptr< TPM2B_PUBLIC > pub
Definition tpm2_util.h:165
uint32_t ESYS_TR
Forward declaration of TSS2 type for convenience.
uint32_t TPM2_HANDLE
Forward declaration of TSS2 type for convenience.