大家好,欢迎来到IT知识分享网。
前文对Quote的检查只是证明了证据是合法的,校验方需要有一个预期的状态来对度量值进行对比,所以事先必须要设置好一个白名单。如果硬件型号和软件版本相同,基本上也可以得到相同的度量结果,这些结果可以预先存放在校验方的数据库中。
如果厂商能为自己的各类固件代码提供软件摘要并提供给校验方,那么校验方也可以在本地基于这些数据(固件、操作系统版本、软件版本等)构造出整个信用链的计算过程,从而得到最终状态作为比对参考。
如果厂商提供了IAK及证书,那么只要校验方存有IAK的证书便能检查证明数据是否来自一个真实的TPM。
因为证明方使用IAK对证据进行签名,而校验方可以使用IAK证书内的公钥进行校验。
有的厂商并没有录入IAK,远程证明过程就需要增加一次交互,此时的流程大致如下:
- 校验方向证明方请求远程证明
- 证明方通过TPM生成AK,将AK和EK公钥发送给校验方
- 校验方使用EK公钥加密一段隐私数据(随便什么都可以),发给证明方
- 证明方使用TPM解密这段数据,如果成功,收集证据(即Quote),然后发给校验方
- 校验方检查AK签名和证明证据,得出可信结论。
需要注意的是,证明方与验证方通信的服务(或称为代理程序,在opencit中称为trustagent),必须要加入主机的本地可信链,这样才可确保其行为是符合预期的,否则证明方的流程实现就有可能被篡改。加入可信链后,任何篡改将导致度量值变化,无法通过验证。
因为签名只能在TPM操作,而提取PCR数据并签名是一个原子操作。
实际上,隐私数据的内容并不是关键,它只是利用了不对称加密的特性,使证明方必须通过TPM解密的方法来证明自己对TPM的所有权。
但是在流程上可以利用这一点,向证明方发送一些证据,并在随后的校验中使用,比如加密nonce,或者加密一个证书。
makecredential与activatecredential
tpm2-tools有两个工具可以验证隐私数据的传递:makecredential使用某个TPM公钥加密一段数据,activatecredential使用TPM内对应的私钥进行解密,它们分别实现了规范定义的TPM2_MakeCredential和TPM2_ActivateCredential命令。
在远程证明场景下,这里的密钥即AK。
证明方创建AK并输出AK的公钥,同时也读取TPM内的EK公钥并输出:
$ handle_ek=0x $ tpm2_createek -c $handle_ek -G rsa -u ekpub.pem -f pem $ tpm2_readpublic -c $handle_ek -o ek.pub name: 000bbcb036b11c7828e7a4bcf9b67a45b33fcb9d5af4adac3f70e3 cc9198 qualified name: 000b5f06c80b381f35e5172c8eb4e759b43f11c16e092 1ebfd759b36eeb0a name-alg: value: sha256 raw: 0xb attributes: value: fixedtpm|fixedparent|sensitivedataorigin|adminwithpolicy| restricted|decrypt raw: 0x300b2 type: value: rsa raw: 0x1 exponent: 0x0 bits: 2048 scheme: value: null raw: 0x10 scheme-halg: value: (null) raw: 0x0 sym-alg: value: aes raw: 0x6 sym-mode: value: cfb raw: 0x43 sym-keybits: 128 rsa: d64fda2c00008b97b04ca2d079bb4c4fa7ae71f95b40727e431ee99a97c60dd 7815ac351e67260bbb22c1239c1f63d0129b22a04bd31c4f85054db80e050b51e608 c1b98f1ee98c7faa6e9efb6cc67f0f96d62e814f5c707c80e7410 a50814d0b7b6dbd2db29c4dd95a604f8a020079dbdf05d4171b 5e5040e5bb2f379ce9bf2738fcc5b8cfb3d06b43c 7ecd47fb77592d015edefd26116e1d7ff0dfc3b51a4f1c3b74b53a90213 24e7673dcfc5dd00e8d22bfecdcaf7bc5e3dc8eb19dc86599cb9aa890ce4 a8aa8fd8f6a4cc49c53ab7fb65132dce3 authorization policy: 4b3f81a90cc8d46a5d724fd52d76e06520b 64f2a1da1baa $ tpm2_readpublic -c ak.ctx -o ak.pub name: 000be96ded8585c0b60feffa13228f18fb07e9ba9dd52d7195f0fc89 qualified name: 000bbad02ab43cc5ff1c1ac0a51aff90ac4dcea5cdc35f9f0530 b14f50dc4 name-alg: value: sha256 raw: 0xb attributes: value: fixedtpm|fixedparent|sensitivedataorigin|userwithauth| restricted|sign raw: 0x50072 type: value: rsa raw: 0x1 exponent: 0x0 bits: 2048 scheme: value: rsassa raw: 0x14 scheme-halg: value: sha256 raw: 0xb sym-alg: value: null raw: 0x10 sym-mode: value: (null) raw: 0x0 sym-keybits: 0 rsa: cbd4736f7e0784b13ae30f5ab87382b8482e4272fc2b49fb84 5b37afc4506e4c559f8266d38a5974d944bd578f8c5db9eaf4d95beb6 e94fa365d396daed3e18248f8bd4d887d3 3600cb4b4e4f11fd1b5ca11d0735cc9405f22d0a960e34ab8ea1249de7862c 6e8937a2ad9fafcb3ebcd79200b040ed3f47580a810d99be8cf7 93f7b2a59d95bb88beee3b79be6befbd0e16a52554e5f07a880c18c518 d9331a18512b4bb9bc54bbac143f3fb3c1eba0e528f1aa823fa5698ebe60fa1a9e85 19447bbf69496b55f0c99a032f3e8a72ff $
证明方将EK和AK公钥发给校验方,检验方通过makecredential加密隐私数据,得到一段加密的数据:
# echo > secret.data # ls ak.name ek.pub secret.data # echo $loaded_key_name 000be96ded8585c0b60feffa13228f18fb07e9ba9dd52d7195f0fc # tpm2_makecredential -T none -e ek.pub -s secret.data -n $loaded_key_name -o mkcred.out
验证方将加密数据actcred.out发送给证明方,证明方使用TPM解密数据。具体地说,EK公钥保护的是一个种子,经TPM解密后,与AK的Key名一起计算出一个对称密钥(KDF),再用该对称密钥解密隐私数据。
证明方若能成功完成这一步,即可证明它对TPM的所有权(Proof of ownership)。
$ TPM2_RH_ENDORSEMENT=0xB $ tpm2_startauthsession --policy-session -S session.ctx $ tpm2_policysecret -S session.ctx -c $TPM2_RH_ENDORSEMENT 4b3f81a90cc8d46a5d724fd52d76e06520b64f2a1da1baa $ tpm2_activatecredential -c ak.ctx -C $handle_ek -i mkcred.out -o actcred.out -P "session:session.ctx" certinfodata:a $ tpm2_flushcontext session.ctx $ cat actcred.out $
这里的session是指会话,使用同一会话的命令会处于相同的执行环境和状态,TPM会提供一些安全性保证,有些类似数据库的事务。
PCA
如果TPM出厂没有IAK,或者不希望使用IAK进行验证,那么在设备投入使用时需要通过EK生成AK,并且需要一个Privacy CA的角色。Privacy CA也称为Attestation CA,通常负责签发AK证书和校验。
签发AK证书更像是设备投入使用前执行的一种注册性工作,但是放在远程证明流程中也没有技术上的限制,只不过每次证明时需要先生成一个AK密钥,多一些交互。
加入PCA后的流程如下:
- 验证方生成AK密钥,并向PCA提供EK证书和AK公钥信息
- PCA签发一个AK证书并生成一个对称密钥,用makecredential的方式加密AK证书,然后发给验证方
- 验证方解密证书,可以保存在NVRAM用作后续远程证明流程的身份证明
- 验证方将Quote数据连同AK证书发送给校验方,因为AK证书由PCA签发,因此校验方也可以在本地保存PCA的根证书或者向PCA验证证书。
依实现场景,PCA与外部CA可以交互,也可以不交互,但PCA需要事先保存好TPM厂商的根证书。
从NVRAM读取EK证书
TPM设备理应提供EK证书,取决于厂商情况,如果出厂没有EK,那就需要可信的流程来完成设备注册和EK签发,否则就没有了可信的根源。
在没有硬件情况下,可以使用软件模拟,swtpm模拟了这个功能。swtpm启动时可以指定创建证书,EK证书存放在0x01c00002:
$ tpm2_nvread 0x1c00002 > ek.cert $ openssl x509 -inform der -in ek.cert -text Certificate: Data: Version: 3 (0x2) Serial Number: 13 (0xd) Signature Algorithm: sha256WithRSAEncryption Issuer: CN = swtpm-localca Validity Not Before: Mar 10 05:48:13 2020 GMT Not After : Mar 8 05:48:13 2030 GMT Subject: CN = fedora31:fdbb98a4-44c4-4ee3-a390-b2465e3e866a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d6:4f:da:2c:00:00:8b:97:b0:4c:a2:d0:79:bb: 4c:4f:a7:ae:71:f9:5b:40:72:7e:43:1e:e9:9a:97: c6:0d:d7:81:5a:c3:51:e6:72:60:bb:b2:2c:12:39: c1:f6:3d:01:29:b2:2a:04:bd:31:c4:f8:50:54:db: 80:e0:50:b5:1e:60:8c:1b:98:f1:ee:98:c7:fa:58: 95:74:80:a6:e9:e8:69:23:53:fb:6c:c6:7f:0f:96: d6:2e:81:4f:5c:70:7c:80:e7:41:0a:50:81:4d:0b: 7b:6d:92:60:96:68:23:bd:2d:b2:9c:4d:d9:5a:60: 4f:8a:02:00:79:db:d1:72:19:56:f0:5d:41:71:b5: e5:04:0e:5b:b2:f3:79:c1:17:17:8e:9b:10:10:68: 42:f2:73:8f:29:69:23:4c:c5:b8:c3:77:09:4f:b3: d0:6b:43:c7:ec:d4:7f:b7:75:92:d0:15:ed:ef:d2: 61:16:e1:d7:ff:05:16:08:92:30:df:c3:b5:1a:4f: 1c:3b:74:b5:3a:90:21:32:4e:76:73:dc:56:28:11: 78:fc:5d:d0:0e:8d:22:bf:ec:dc:af:7b:c5:e3:dc: 8e:b1:9d:c8:65:99:cb:9a:a8:90:ce:4a:8a:a8:fd: 8f:6a:4c:c4:9c:53:a5:50:04:95:3b:7f:b6:51:32: dc:e3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Extended Key Usage: 2.23.133.8.1 X509v3 Subject Alternative Name: critical DirName:/2.23.133.2.1=id:00001014/2.23.133.2.2=swtpm/2.23.133.2.3=id: X509v3 Basic Constraints: critical CA:FALSE X509v3 Subject Directory Attributes: 0.0...g....1.0...2.0....... X509v3 Authority Key Identifier: keyid:0C:D1:0A:71:79:4B:C4:75:EF:02:EB:0A:3D:89:06:96:D8:DE:3F:CC X509v3 Key Usage: critical Key Encipherment Signature Algorithm: sha256WithRSAEncryption 0b:8a:7c:57:ba:f2:ed:80:9a:64:9b:62:8a:d7:58:f7:b1:67: 47:6c:da:fa:4d:d0:40:ff:6d:90:50:23:2b:ba:25:41:30:8c: 67:c2:4a:fe:16:99:c7:95:f2:0b:5d:92:ce:70:58:56:8a:e4: e9:03:ce:a5:60:1d:00:aa:17:74:6f:32:8e:d8:cd:e1:58:c9: df:c4:85:04:25:08:c3:36:33:35:96:96:e3:9a:77:67:63:5a: e0:f2:63:2e:ef:cf:65:5c:ae:84:7f:1d:e8:ca:7f:0d:dc:74: 42:51:98:a1:8b:b7:c9:0d:7d:09:30:3e:a8:75:7b:a8:08:3e: 5a:fe:6b:fb:ac:b1:82:96:d6:ff:c4:1c:48:ef:49:90:99:a5: 9d:b5:ca:6f:ae:04:83:d4:48:46:c3:73:98:50:fc:a4:42:a9: 34:9a:c9:de:ce:d0:81:ad:bf:13:52:87:9b:6a:07:e8:c5:7d: d6:f9:90:3c:72:16:3b:25:dd:cc:c5:f2:9e:c1:3c:e9:e4:b1: ea:8b:2d:9e:8c:94:39:7e:9d:1e:3c:b4:b1:30:c1:69:fd:10: fb:06:41:7d:35:b0:77:b4:b8:ea:e1:1d:01:e1:96:94:5a:1d: 27:47:42:d3:da:7d:b4:68:8a:8f:36:85:92:77:30:1c:86:6c: 63:c2:11:ac:cd:5e:e5:e9:cd:4b:24:b9:d0:11:c4:46:5b:da: 5a:2e:97:f2:6f:57:bd:19:8d:4b:7d:48:bb:9c:5a:61:0e:b2: 84:40:da:b9:ac:c3:e3:cb:28:93:49:db:38:7f:07:62:92:47: 59:9e:96:0d:5a:40:6a:d3:a6:f6:25:d7:45:fd:bc:4b:c9:a3: 52:08:36:26:f8:58:c7:18:f1:34:ec:f6:78:0b:e3:9e:6b:d0: 86:4c:ba:85:e2:28:c7:e3:ce:ff:1e:42:20:79:83:22:ba:4a: 16:82:63:f4:8b:bb:9b:92:9a:b4:a0:c0:62:11:29:72:e1:68: 87:6d:19:47:0e:79 -----BEGIN CERTIFICATE----- MIIEGTCCAoGgAwIBAgIBDTANBgkqhkiG9w0BAQsFADAYMRYwFAYDVDEw1zd3Rw bS1sb2NhbGNhMB4XDTIwMDMxMDA1NDgxM1oXDTMwMDMwODA1NDgxM1owODE2MDQG A1UEAxMtZmVkb3JhMzE6ZmRiYjk4YTQtNDRjNC00ZWUzLWEzOTAtYjI0NjVlM2U4 NjZhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1k/aLAAAi5ewTKLQ ebtMT6eucflbQHJ+Qx7pmpfGDdeBWsNR5nJgu7IsEjnB9j0BKbIqBL0xxPhQVNuA 4FC1HmCMG5jx7pjH+liVdICm6ehpI1P7bMZ/D5bWLoFPXHB8gOdBClCBTQt7bZJg lmgjvS2ynE3ZWmBPigIAedvRchlW8F1BcbXlBA5bsvN5wRcXjpsQEGhC8nOPKWkj TMW4w3cJT7PQa0PH7NR/t3WS0BXt79JhFuHX/wUWCJIw38O1Gk8cO3S1OpAhMk52 c9xWKBF4/F3QDo0iv+zcr3vF49yOsZ3IZZnLmqiQzkqKqP2PakzEnFOlUASVO3+2 UTLc4wIDAQABo4HNMIHKMBAGA1UdJJMAcGBWeBBQgBMFIGA1UdEQEB/wRIMEak RDBCMRYwFAYFZ4EFAgEMC2lkOjAwMDAxMDE0MRAwDgYFZ4EFAgIMBXN3dHBtMRYw FAYFZ4EFAgMMC2lkOjIwMTcwNjE5MAwGA1UdEwEB/wQCMAAwIgYDVR0JBBswGTAX BgVngQUCEDEOMAwMAzIuMAIBAAICAJYwHwYDVR0jBBgwFoAUDNEKcXlLxHXvAusK PYkGltjeP8wwDwYDVR0PAQH/BAUDAwcgADANBgkqhkiG9w0BAQsFAAOCAYEAC4p8 V7ry7YCaZJtiitdY97FnR2za+k3P9tkFAjK7olQTCMZ8JK/haZx5XyC12SznBY Vork6QPOpWAdAKoXdG8yjtjN4VjJ38SFBCUIwzYzNZaW45p3Z2Na4PJjLu/PZVyu hH8d6Mp/Ddx0QlGYoYu3yQ19CTA+qHV7qAg+Wv5r+6yxgpbW/8QcSO9JkJmlnbXK b64Eg9RIRsNzmFD8pEKpNJrJ3s7Qga2/E1KHm2oH6MV91vmQPHIWOyXdzMXynsE8 6eSx6ostnoyUOX6dHjy0sTDBaf0Q+wZBfTWwd7S46uEdAeGWlFodJ0dC09p9tGiK jzaFkncwHIZsY8IRrM1e5enNSyS50BHERlvaWi6X8m9XvRmNS31Iu5xaYQ6yhEDa uazD48sok0nbOH8HYpJHWZ6WDVpAatOm9iXXRf28S8mjUgg2JvhYxxjxNOz2eAvj nmvQhky6heIox+PO/x5CIHmDIrpKFoJj9Iu7m5KatKDAYhEpcuFoh20ZRw55 -----END CERTIFICATE----- [kaifeng@localhost-live ~]$
从厂商网站下载TPM根证书
英飞凌(Infineon)是TPM的制造商之一,它的证书可以从网站下载,例如根证书:
https://www.infineon.com/dgdl/Infineon-TPM_RSA_Root_CA-C-v01_00-EN.cer?fileId=5546d46253f96a5641d20
从下面的输出可以看出,其实就是一个厂商自签名的证书。在远程证明过程中,证明方将EK证书提供给校验方,校验方从EK证书取得签名厂商,再使用对应厂商的证书进行证书验证。
$ openssl x509 -inform der -in Infineon-TPM_RSA_Root_CA-C-v01_00-EN.cer -text Certificate: Data: Version: 3 (0x2) Serial Number: 3 (0x3) Signature Algorithm: sha256WithRSAEncryption Issuer: C = DE, O = Infineon Technologies AG, OU = OPTIGA(TM) Devices, CN = Infineon OPTIGA(TM) RSA Root CA Validity Not Before: Jul 26 00:00:00 2013 GMT Not After : Jul 25 23:59:59 2043 GMT Subject: C = DE, O = Infineon Technologies AG, OU = OPTIGA(TM) Devices, CN = Infineon OPTIGA(TM) RSA Root CA Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (4096 bit) Modulus: 00:bb:13:e8:1c:d0:1e:53:ed:ac:33:bb:1e:ba:cc: c3:19:31:3b:42:90:fa:86:bf:a6:b7:35:5c:7b:dc: 80:a0:d8:34:b0:9e:2a:45:c0:18:94:97:db:28:12: 87:67:db:94:95:54:de:e9:aa:6b:ca:03:68:0c:4d: 1e:50:7b:1b:98:4b:d3:cf:7a:b7:d1:66:b0:58:d3: 4c:72:17:1f:38:57:e9:88:44:f8:38:62:a5:0c:2e: d6:41:70:0c:2b:47:71:8e:e9:c7:df:1e:9d:b4:48: 11:f9:21:3a:6e:a8:a7:22:c1:bd:2f:e6:e7:8b:76: d6:47:61:13:ea:d7:e8:e0:cb:9f:08:15:8f:ef:00: 2c:85:fd:c7:16:67:15:12:25:13:52:7b:8a:ee:c0: 18:08:ec:d3:16:89:cc:62:89:64:26:cf:57:c4:dd: ed:26:50:64:35:b6:ee:0c:e8:ca:59:3f:14:d9:c5: 6c:cd:d2:63:33:f6:7a:23:d6:82:13:65:49:ea:fd: da:cd:e7:82:c7:cd:7e:39:97:ed:9b:d7:87:f9:16: 4b:ed:71:7c:49:ec:e0:a4:23:b9:66:58:8b:7c:b3: 97:c4:e0:78:62:c4:48:2c:47:64:57:e6:1c:e5:f1: 78:87:89:2e:ee:0f:7a:50:84:16:12:04:de:48:05: b5:56:44:47:b1:d4:85:1a:b7:97:80:39:bf:40:5e: 39:d9:ee:2b:f1:24:a8:98:fc:19:0e:9a:b3:60:37: c9:36:ee:f3:92:e0:ff:35:8b:1d:46:9d:7b:23:c8: 72:7a:98:eb:56:44:2f:54:1d:fb:c9:72:f3:37:53: db:6e:53:ed:dd:45:f8:9b:d3:73:46:c5:23:e7:2a: d7:8b:e1:23:f5:6d:d1:df:88:68:d5:dc:b2:31:cc: 51:ce:7d:d8:cc:d9:cb:c5:27:a8:d7:83:98:70:5c: 21:52:76:c4:26:e5:ed:81:7d:3d:dd:58:30:52:7d: 1e:21:dc:fa:e9:92:5e:9d:70:0c:9b:de:73:6d:30: ad:c7:47:9c:a5:e9:00:6e:27:26:f0:f1:a7:c7:4f: 72:91:6f:0b:ce:1c:e0:91:d1:95:49:4e:cc:dc:94: 43:dc:33:73:50:77:01:65:86:a2:d2:82:12:1f:95: a2:92:3e:ff:72:1d:32:9e:83:60:01:e6:af:49:48: 6d:a7:c1:24:eb:8c:32:91:69:bd:b6:e7:ec:c9:d3: 2c:a5:1f:93:70:c4:80:4b:69:51:c3:c8:01:2e:f3: 56:9f:fb:09:e6:f7:da:2a:82:f2:6e:0c:a4:90:1b: 22:df:ea:c0:9e:bb:2f:35:c1:06:0e:e3:ac:8d:6b: ec:49:c1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DC:BB:56:AB:F1:18:FC:A6:9A:75:11:10:65:84:12:9E:D5:41:92:B9 X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 Basic Constraints: critical CA:TRUE Signature Algorithm: sha256WithRSAEncryption 61:d3:05:4c:77:11:32:17:60:9b:1a:02:06:f6:a7:2c:8d:52: 5b:55:2f:66:ca:cc:63:15:4a:c9:d3:0a:b5:d4:53:c8:4a:ac: 34:21:de:33:48:32:b4:b4:77:a7:54:fd:f1:9a:18:9b:de:87: 19:a6:25:f8:da:37:f2:05:58:0e:0c:05:d6:44:9e:90:1e:d9: f2:44:3f:cb:db:2d:af:d0:1d:57:ec:01:5b:a8:b4:b0:fa:41: 60:2a:79:a0:b6:b7:1a:71:91:ea:ef:7a:85:76:24:0c:23:d6: 3a:e9:ad:3e:32:ae:44:bc:4b:16:6e:29:2d:39:ad:87:65:1b: 7d:06:8c:e2:93:ab:cd:5a:99:0b:46:7f:63:65:36:23:34:94: 10:7f:48:a4:ed:d1:4b:f9:4c:ad:23:21:66:f3:d9:6a:19:80: 6b:ad:ee:61:74:99:dd:6b:1d:16:ae:59:17:28:1d:07:71:59: 24:13:09:3b:60:a1:0c:de:06:3e:08:4b:a3:77:43:14:01:29: 5f:4b:2f:d5:16:9b:e0:8c:21:3e:d8:9e:9f:1b:48:9f:28:5b: 85:1d:a5:2b:98:59:ed:59:c1:28:d9:cb:30:e2:4b:3a:6e:73: 88:13:4b:a6:87:7c:c9:84:7e:85:70:0b:c1:cd:d3:7f:c7:0f: a0:75:2f:0a:36:0e:f1:1a:a8:0c:64:c9:af:48:61:6a:c3:aa: 43:2b:10:4a:c9:3b:a7:2a:c7:fb:df:21:c7:d8:ff:c2:58:99: 42:46:4e:6b:d5:95:a3:83:25:3c:18:c2:8b:ff:da:b8:eb:95: ae:60:47:ec:6b:4c:ce:dd:ab:c6:d9:8a:64:90:4c:ef:21:e9: c7:4b:ea:ef:b7:73:c9:86:ae:20:90:90:d6:48:64:46:9c:fc: 67:67:f8:ac:32:75:a3:99:21:c9:df:45:da:77:49:a9:71:b1: 2a:7a:71:6c:09:18:4e:30:a5:82:81:d8:29:4c:d9:01:77:c8: d4:28:4c:63:70:32:5a:6c:c6:75:3b:da:28:43:8b:f4:71:c9: a4:53:cf:d3:91:a6:e6:cd:ab:c5:ae:ab:b8:d0:52:ce:54:d3: 4a:f2:ac:c0:99:a2:0d:5c:c4:bc:f2:7d:9c:30:09:88:7a:3b: 60:a6:6e:f3:28:c9:d1:cd:cb:90:94:df:28:31:68:b5:af:26: 98:19:54:73:75:d3:79:e9:54:c4:77:98:b3:5a:dd:01:3e:e4: c1:65:06:53:f7:32:6c:ac:b6:ef:22:54:02:89:6a:cd:fd:54: ee:72:e6:36:9d:e1:d4:4b:93:0b:4c:ea:c2:5a:f2:20:69:75: 18:d9:ac:1a:79:b0:90:48 -----BEGIN CERTIFICATE----- MIIFqzCCA5OgAwIBAgIBAzANBgkqhkiG9w0BAQsFADB3MQswCQYDVGEwJERTEh MB8GA1UECgwYSW5maW5lb24gVGVjaG5vbG9naWVzIEFHMRswGQYDVLDBJPUFRJ R0EoVE0pIERldmljZXMxKDAmBgNVBAMMH0luZmluZW9uIE9QVElHQShUTSkgUlNB IFJvb3QgQ0EwHhcNMTMwNzI2MDAwMDAwWhcNNDMwNzI1MjM1OTU5WjB3MQswCQYD VGEwJERTEhMB8GA1UECgwYSW5maW5lb24gVGVjaG5vbG9naWVzIEFHMRswGQYD VLDBJPUFRJR0EoVE0pIERldmljZXMxKDAmBgNVBAMMH0luZmluZW9uIE9QVElH QShUTSkgUlNBIFJvb3QgQ0EwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoIC AQC7E+gc0B5T7awzux66zMMZMTtCkPqGv6a3NVx73ICg2DSwnipFwBiUl9soEodn 25SVVN7pqmvKA2gMTR5QexuYS9PPerfRZrBY00xyFx84V+mIRPg4YqUMLtZBcAwr R3GO6cffHp20SBH5ITpuqKciwb0v5ueLdtZHYRPq1+jgy58IFY/vACyF/ccWZxUS JRNSe4ruwBgI7NMWicxiiWQmz1fE3e0mUGQ1tu4M6MpZPxTZxWzN0mMz9noj1oIT ZUnq/drN54LHzX45l+2b14f5FkvtcXxJ7OCkI7lmWIt8s5fE4HhixEgsR2RX5hzl 8XiHiS7uD3pQhBYSBN5IBbVWREex1IUat5eAOb9AXjnZ7ivxJKiY/BkOmrNgN8k2 7vOS4P81ix1GnXsjyHJ6mOtWRC9UHfvJcvM3U9tuU+3dRfib03NGxSPnKteL4SP1 bdHfiGjV3LIxzFHOfdjM2cvFJ6jXg5hwXCFSdsQm5e2BfT3dWDBSfR4h3Prpkl6d cAyb3nNtMK3HR5yl6QBuJybw8afHT3KRbwvOHOCR0ZVJTszclEPcM3NQdwFlhqLS ghIflaKSPv9yHTKeg2AB5q9JSG2nwSTrjDKRab225+zJ0yylH5NwxIBLaVHDyAEu 81af+wnm99oqgvJuDKSQGyLf6sCeuy81wQYO46yNa+xJwQIDAQABo0IwQDAdBgNV HQ4EFgQU3LtWq/EY/KaadREQZYQSntVBkrkwDgYDVR0PAQH/BAQDAgAGMA8GA1Ud EwEB/wQFMAMBAf8wDQYJKoZIhvcNAQELBQADggIBAGHTBUx3ETIXYJsaAgb2pyyN UltVL2bKzGMVSsnTCrXUU8hKrDQh3jNIMrS0d6dU/fGaGJvehxmmJfjaN/IFWA4M BdZEnpAe2fJEP8vbLa/QHVfsAVuotLD6QWAqeaC2txpxkerveoV2JAwj1jrprT4y rkS8SxZuKS05rYdlG30GjOKTq81amQtGf2NlNiM0lBB/SKTt0Uv5TK0jIWbz2WoZ gGut7mF0md1rHRauWRcoHQdxWSQTCTtgoQzeBj4IS6N3QxQBKV9LL9UWm+CMIT7Y np8bSJ8oW4UdpSuYWe1ZwSjZyzDiSzpuc4gTS6aHfMmEfoVwC8HN03/HD6B1Lwo2 DvEaqAxkya9IYWrDqkMrEErJO6cqx/vfIcfY/8JYmUJGTmvVlaODJTwYwov/2rjr la5gR+xrTM7dq8bZimSQTO8h6cdL6u+3c8mGriCQkNZIZEac/Gdn+KwydaOZIcnf Rdp3SalxsSp6cWwJGE4wpYKB2ClM2QF3yNQoTGNwMlpsxnU72ihDi/RxyaRTz9OR pubNq8Wuq7jQUs5U00ryrMCZog1cxLzyfZwwCYh6O2CmbvMoydHNy5CU3ygxaLWv JpgZVHN103npVMR3mLNa3QE+5MFlBlP3Mmystu8iVAKJas39VO5y5jad4dRLkwtM 6sJa8iBpdRjZrBp5sJBI -----END CERTIFICATE----- $
注意:有的厂商会使用多级证书,此时就需要获取证书链上的所有证书,或只能验证证书链的一部分。
厂商证书校验
真正的证书校验需要有真实的硬件,但这个过程是一样的,下面通过构造一个厂商自签名证书来说明校验方怎么校验EK证书。
先生成密钥:
$ openssl genrsa -aes128 -out vendor.key 2048 Generating RSA private key, 2048 bit long modulus (2 primes) .........+++++ .................................................................... .................................................................... .................+++++ e is 65537 (0x010001) Enter pass phrase for vendor.key: Verifying - Enter pass phrase for vendor.key: $
生成自签名证书:
$ openssl req -new -key vendor.key -out vendor.csr
TPM出厂也录入了EK密钥,这个密钥也理应由厂商生成并且写入TPM芯片,所以再生成一个密钥用于EK:
$ openssl genrsa -aes128 -out ek.key 2048 Generating RSA private key, 2048 bit long modulus (2 primes) ........................+++++ ..............+++++ e is 65537 (0x010001) Enter pass phrase for ek.key: Verifying - Enter pass phrase for ek.key: $
为EK生成CSR,这里厂商可以填些有用的信息:
$ openssl req -new -sha256 -key ek.key -out ek.csr
为EK生成证书:
$ openssl x509 -req -in ek.csr -CA vendor.crt -CAkey vendor.key -CAcreateserial -out ek.crt -days 365 -sha256 Signature ok subject=C = CN, ST = ***, L = ***, O = ***, OU = ***, CN = TPM001 Getting CA Private Key Enter pass phrase for vendor.key: $
校验方验证证书
校验方拿到EK证书后,可以查看证书的信息,找到签发方,也就是Issuer,从证书信息知道这个证书是由X厂商签发的。
校验方从本地数据库中找到X厂商的根证书对EK证书进行校验:
$ openssl verify -CAfile vendor.crt ek.crt ek.crt: OK $
AK证书的验证与EK一样,区别仅在于AK证书可能由PCA签发,此时就需要PCA的证书。
免责声明:本站所有文章内容,图片,视频等均是来源于用户投稿和互联网及文摘转载整编而成,不代表本站观点,不承担相关法律责任。其著作权各归其原作者或其出版社所有。如发现本站有涉嫌抄袭侵权/违法违规的内容,侵犯到您的权益,请在线联系站长,一经查实,本站将立刻删除。 本文来自网络,若有侵权,请联系删除,如若转载,请注明出处:https://yundeesoft.com/69235.html