This is used to generate keys which can never be extracted from the TPM into which they're inserted. As long as no-one knows (and it's impossible to guess) the migration authority of the key, there is no way to extract it from a TPM.
Signed-off-by: James Bottomley <[email protected]> --- create_tpm_key.c | 34 ++++++++++++++++++++++++---------- 1 file changed, 24 insertions(+), 10 deletions(-) diff --git a/create_tpm_key.c b/create_tpm_key.c index 9cef1fe..94dff48 100644 --- a/create_tpm_key.c +++ b/create_tpm_key.c @@ -42,6 +42,7 @@ #include <openssl/pem.h> #include <openssl/evp.h> #include <openssl/err.h> +#include <openssl/rand.h> #include <trousers/tss.h> #include <trousers/trousers.h> @@ -58,6 +59,7 @@ static struct option long_options[] = { {"popup", 0, 0, 'p'}, {"wrap", 1, 0, 'w'}, {"help", 0, 0, 'h'}, + {"random-migration", 0, 0, 'm'}, {0, 0, 0, 0} }; @@ -74,6 +76,7 @@ usage(char *argv0) "\t\t-p|--popup use TSS GUI popup dialogs to get the password " "for the\n\t\t\t\t key [NO] (implies --auth)\n" "\t\t-w|--wrap [file] wrap an existing openssl PEM key\n" + "\t\t-m|--random-migration set a random migration auth\n" "\t\t-h|--help print this help message\n" "\nReport bugs to %s\n", argv0, argv0, PACKAGE_BUGREPORT); @@ -150,7 +153,7 @@ int main(int argc, char **argv) unsigned char *blob_asn1 = NULL; int asn1_len; char *filename, c, *openssl_key = NULL; - int option_index, auth = 0, popup = 0, wrap = 0; + int option_index, auth = 0, popup = 0, wrap = 0, rndm = 0; UINT32 enc_scheme = TSS_ES_RSAESPKCSV15; UINT32 sig_scheme = TSS_SS_RSASSAPKCS1V15_DER; UINT32 key_size = 2048; @@ -158,7 +161,7 @@ int main(int argc, char **argv) while (1) { option_index = 0; - c = getopt_long(argc, argv, "pe:q:s:ahw:", + c = getopt_long(argc, argv, "pe:q:s:ahw:m", long_options, &option_index); if (c == -1) break; @@ -198,6 +201,10 @@ int main(int argc, char **argv) wrap = 1; openssl_key = optarg; break; + case 'm': + initFlags |= TSS_KEY_MIGRATABLE; + rndm = 1; + break; default: usage(argv[0]); break; @@ -421,8 +428,9 @@ int main(int argc, char **argv) Tspi_Context_Close(hContext); exit(result); } - if (auth) { + if (auth || rndm) { char *authdata = calloc(1, 128); + int authlen; if (!authdata) { fprintf(stderr, "malloc failed.\n"); @@ -430,17 +438,23 @@ int main(int argc, char **argv) exit(result); } - if (EVP_read_pw_string(authdata, 128, - "Enter Key Migration Password: ", 1)) { - printf("Passwords do not match.\n"); - free(authdata); - Tspi_Context_Close(hContext); - exit(result); + if (rndm) { + authlen = 20; + RAND_bytes(authdata, authlen); + } else { + + if (EVP_read_pw_string(authdata, 128, + "Enter Key Migration Password: ", 1)) { + printf("Passwords do not match.\n"); + free(authdata); + Tspi_Context_Close(hContext); + exit(result); + } } if ((result = Tspi_Policy_SetSecret(keyMigrationPolicy, TSS_SECRET_MODE_PLAIN, - strlen(authdata), + authlen, (BYTE *)authdata))) { print_error("Tspi_Policy_SetSecret", result); Tspi_Context_Close(hContext); -- 2.6.6 ------------------------------------------------------------------------------ Developer Access Program for Intel Xeon Phi Processors Access to Intel Xeon Phi processor-based developer platforms. With one year of Intel Parallel Studio XE. Training and support from Colfax. Order your platform today. http://sdm.link/xeonphi _______________________________________________ TrouSerS-tech mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/trousers-tech
