tpm2-tss icon indicating copy to clipboard operation
tpm2-tss copied to clipboard

Published 20 hours ago verified publisher icon tpm2-software

TPM Fails when running evictcontrol on externally loaded key.

Open dadiestfish2077 opened this issue 1 year ago • 0 comments

My TPM is thrown into an unusable state whenever I try to persist an externally-generated key. Using tpm2_import, it seems that evictcontrol will work momentarily, but when I attempt to remove the key from the TPM using evictcontrol the TPM becomes a brick. The TPM becomes unusable when I attempt to persist an externally-generated private key loaded via loadexternal. I am confident I am not doing anything wrong.

I do not think it is the intended behavior of the chip to disallow the persistence of externally-generated private keys within the TPM.

I have no idea how to fix it, and any help would be greatly appreciated.

First, I run theses commands to take an externally-generated private and load it into TPM permanently. At the end of these commands, everything works well:

openssl genrsa -out private.pem
openssl rsa -in private.pem -pubout -out pubkey.crt
tpm2_changeauth -c o newpass
tpm2_createprimary -G rsa2048 -C o -c parent.ct -P newpass
tpm2_pcrread -o pcr.bin sha256:10
tpm2_createpolicy --policy-pcr -l sha256:10 -f pcr.bin -L pcr.policy
tpm2_import -C parent.ct -G rsa -i private.pem -u key.pub  -r key.priv -L pcr.policy 
tpm2_load -C parent.ct -u key.pub -r key.priv -c key.ctx
tpm2_evictcontrol -C o -c key.ctx -P newpass 
tpm2_sign -c key.ctx -g sha256 -o sign.rsa -f plain data.bin -p pcr:sha256:10
openssl dgst -verify pubkey.crt -keyform pem -sha256 -signature sign.rsa data.bin

Now, if I want to roll this private key over and replace it I should run evictcontrol. However, once I attempt to remove the private key, the TPM is thrown into an unusable state:

tpm2_evictcontrol -C o -c 0x81000000 -P newpass

ERROR:tcti:src/tss2-tcti/tcti-device.c:198:tcti_device_receive() Failed to get response size fd 3, got errno 14: Bad address ERROR:esys:src/tss2-esys/api/Esys_EvictControl.c:334:Esys_EvictControl_Finish() Received a non-TPM Error ERROR:esys:src/tss2-esys/api/Esys_EvictControl.c:114:Esys_EvictControl() Esys Finish ErrorCode (0x000a000a) ERROR: Esys_EvictControl(0xA000A) - tcti:IO failure ERROR:esys:src/tss2-esys/esys_tr.c:356:Esys_TR_Close() Error: Esys handle does not exist (70018). ERROR: Esys_TR_Close(0x70018) - esapi:The ESYS_TR resource object is bad ERROR:esys:src/tss2-esys/esys_iutil.c:1145:iesys_check_sequence_async() Esys called in bad sequence. ERROR:esys:src/tss2-esys/api/Esys_FlushContext.c:66:Esys_FlushContext() Error in async function ErrorCode (0x00070007) ERROR: Esys_FlushContext(0x70007) - esapi:Function called in the wrong order ERROR: Unable to run tpm2_evictcontrol

After this, nothing else works and the TPM is bricked.

Second, I run the following commands to persist an external private key loaded via loadexternal, and once I run evictcontrol, the TPM is likewise bricked:

    tpm2_loadexternal -G rsa -r key.pem -c key.ctx
     tpm2_evictcontrol -C o -c key.ctx -P newpass

WARNING:esys:src/tss2-esys/api/Esys_EvictControl.c:330:Esys_EvictControl_Finish() Received TPM Error ERROR:esys:src/tss2-esys/api/Esys_EvictControl.c:114:Esys_EvictControl() Esys Finish ErrorCode (0x00000282) ERROR: Esys_EvictControl(0x282) - tpm:handle(2):inconsistent attributes ERROR:esys:src/tss2-esys/esys_tr.c:356:Esys_TR_Close() Error: Esys handle does not exist (70018). ERROR: Esys_TR_Close(0x70018) - esapi:The ESYS_TR resource object is bad ERROR: Unable to run tpm2_evictcontrol

Can't even run tpm2_clear: root@Test:/home/test# tpm2_clear

ERROR:tcti:src/tss2-tcti/tcti-device.c:198:tcti_device_receive() Failed to get response size fd 3, got errno 14: Bad address ERROR:esys:src/tss2-esys/api/Esys_Clear.c:295:Esys_Clear_Finish() Received a non-TPM Error ERROR:esys:src/tss2-esys/api/Esys_Clear.c:97:Esys_Clear() Esys Finish ErrorCode (0x000a000a) ERROR: Esys_Clear(0xA000A) - tcti:IO failure ERROR:esys:src/tss2-esys/esys_iutil.c:1145:iesys_check_sequence_async() Esys called in bad sequence. ERROR:esys:src/tss2-esys/api/Esys_FlushContext.c:66:Esys_FlushContext() Error in async function ErrorCode (0x00070007) ERROR: Esys_FlushContext(0x70007) - esapi:Function called in the wrong order ERROR: Unable to run tpm2_clear

As mentioned, this does not seem like appropriate behavior. I would expect to be able to persist external keys in the TPM.

dadiestfish2077 avatar Jan 04 '24 03:01 dadiestfish2077