DEVHIDE
Login Or Sign up

Create self signed certificate and key with TPM2

959 Views Asked by At

I want to establish a TLS (TLS v1.2) connection using the cipher suite TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256. For testing I use openssl s_client and s_server. My setup is using ubuntu 22.04 with "TPM Reference Simulator", tpm2-abrmd (v3.0.0), and tpm2-tss (v3.2.1).

  1. Prepare for TPM2 usage
$ tpm_server -rm -v
$ sudo tpm2-abrmd --allow-root --tcti=mssim
  1. Create credentials
$ sudo openssl genpkey -provider tpm2 -provider default -algorithm ec -pkeyopt group:P-256 -out testkey.priv
$ sudo openssl req -new -x509 -provider tpm2 -provider default -key testkey.priv -out cert.pem

The generated certificate looks as expected:

$ sudo openssl x509 -provider tpm2 -provider default -text -in cert.pem 
Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            57:80:75:65:66:e7:c2:ce:3b:1e:72:d5:e2:ab:ae:16:30:e3:b5:fc
        Signature Algorithm: ecdsa-with-SHA256
        Issuer: C = AU, ST = Some-State, O = Internet Widgits Pty Ltd
        Validity
            Not Before: Feb 27 08:22:45 2023 GMT
            Not After : Mar 29 08:22:45 2023 GMT
        Subject: C = AU, ST = Some-State, O = Internet Widgits Pty Ltd
        Subject Public Key Info:
            Public Key Algorithm: id-ecPublicKey
                Public-Key: (256 bit)
                pub:
                    04:06:36:f7:22:01:dc:ef:42:71:13:c1:31:8b:69:
                    9a:d3:f6:a2:97:28:47:3f:ac:8f:8e:a1:ad:71:82:
                    48:b5:b0:bd:2b:fe:3c:9d:e6:44:8a:85:6b:3b:b5:
                    03:ba:ec:0e:1f:c6:77:3b:b6:5e:33:1c:1d:b3:61:
                    83:98:12:32:f7
                ASN1 OID: prime256v1
                NIST CURVE: P-256
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                2C:91:FB:AC:E2:E2:03:95:57:87:29:B2:77:1E:9E:FF:F5:7C:3E:97
            X509v3 Authority Key Identifier: 
                2C:91:FB:AC:E2:E2:03:95:57:87:29:B2:77:1E:9E:FF:F5:7C:3E:97
            X509v3 Basic Constraints: critical
                CA:TRUE
    Signature Algorithm: ecdsa-with-SHA256
    Signature Value:
        30:44:02:20:58:1f:03:00:ed:01:08:49:28:5f:cd:2a:41:6b:
        90:ec:26:81:bc:8d:6e:87:0f:ad:1a:bc:37:29:1c:e0:d1:71:
        02:20:46:21:b8:68:cf:36:8b:1d:7b:26:e5:bf:12:fa:c4:cf:
        cc:3b:88:09:c3:51:29:fa:c9:e5:df:6e:e4:c9:39:7e
-----BEGIN CERTIFICATE-----
MIIB4jCCAYegAwIBAgIUV4B1ZWbnws47HnLV4quuFjDjtfwwDAYIKoZIzj0EAwIF
ADBFMQswCQYDVQQGEwJBVTETMBEGA1UECAwKU29tZS1TdGF0ZTEhMB8GA1UECgwY
SW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMB4XDTIzMDIyNzA4MjI0NVoXDTIzMDMy
OTA4MjI0NVowRTELMAkGA1UEBhMCQVUxEzARBgNVBAgMClNvbWUtU3RhdGUxITAf
BgNVBAoMGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDBZMBMGByqGSM49AgEGCCqG
SM49AwEHA0IABAY29yIB3O9CcRPBMYtpmtP2opcoRz+sj46hrXGCSLWwvSv+PJ3m
RIqFazu1A7rsDh/Gdzu2XjMcHbNhg5gSMvejUzBRMB0GA1UdDgQWBBQskfus4uID
lVeHKbJ3Hp7/9Xw+lzAfBgNVHSMEGDAWgBQskfus4uIDlVeHKbJ3Hp7/9Xw+lzAP
BgNVHRMBAf8EBTADAQH/MAwGCCqGSM49BAMCBQADRwAwRAIgWB8DAO0BCEkoX80q
QWuQ7CaBvI1uhw+tGrw3KRzg0XECIEYhuGjPNosdeyblvxL6xM/MO4gJw1Ep+snl
327kyTl+
-----END CERTIFICATE-----

But the private key does not:

$ sudo openssl ec -provider tpm2 -provider default -in testkey.priv -text
read EC key
Private-Key: (EC P-256, TPM 2.0)
pub:
    04:06:36:f7:22:01:dc:ef:42:71:13:c1:31:8b:69:
    9a:d3:f6:a2:97:28:47:3f:ac:8f:8e:a1:ad:71:82:
    48:b5:b0:bd:2b:fe:3c:9d:e6:44:8a:85:6b:3b:b5:
    03:ba:ec:0e:1f:c6:77:3b:b6:5e:33:1c:1d:b3:61:
    83:98:12:32:f7
ASN1 OID: prime256v1
Object Attributes:
  fixedTPM
  fixedParent
  sensitiveDataOrigin
  userWithAuth
  decrypt
  sign / encrypt
writing EC key
unable to write EC key
4007F717E37F0000:error:08080010:elliptic curve routines:i2d_ECPrivateKey:EC lib:../crypto/ec/ec_asn1.c:1035:
4007F717E37F0000:error:0488000D:PEM routines:PEM_ASN1_write_bio:ASN1 lib:../crypto/pem/pem_lib.c:341:

Notes and Questions

Note 1) Tests with openssl s_server and s_client

$ sudo openssl s_server -cert ./cert.pem -certform PEM -key testkey.priv -trace -msg -debug -provider tpm2 -provider default -no_tls1_3 -port 16368

Try to connect via s_client

$ openssl s_client -key ./client_prime256v1KeyDER.bin -keyform DER -cert ./client_prime256v1CertDER.bin -certform DER -trace -curves prime256v1 -cipher ECDHE-ECDSA-AES128-GCM-SHA256 -no_tls1_3 -connect localhost:16368

Question 1.1: The command $ openssl ciphers -s does not show the wanted cipher suite. Is this expected behaviour?

The output on server side is:

...
>>> TLS 1.2, RecordHeader [length 0005]
    15 03 03 00 02
write to 0x55ec17f34b60 [0x55ec17f4d740] (7 bytes => 7 (0x7))
0000 - 15 03 03 00 02 02 28                              ......(
>>> TLS 1.3, Alert [length 0002], fatal handshake_failure
    02 28
ERROR
40D74634AA7F0000:error:0A000065:SSL routines:final_key_share:no suitable key share:../ssl/statem/extensions.c:1395:
shutting down SSL
CONNECTION CLOSED

However, if I re-order the provider parameter (i.e. ... -provider default -provider tpm2 ... on server side, the result looks different

-----BEGIN SSL SESSION PARAMETERS-----
MF8CAQECAgMDBALAKwQABDALiROBinDm48TQ+12LLCerQfXu89ORPD30aIceTXVm
ex0/mGerikiIzhX6h7vBuiihBgIEY/ym96IEAgIcIKQGBAQBAAAArQMCAQGzAwIB
Fw==
-----END SSL SESSION PARAMETERS-----
Shared ciphers:ECDHE-ECDSA-AES128-GCM-SHA256
Signature Algorithms: ECDSA+SHA256:ECDSA+SHA384:ECDSA+SHA512:Ed25519:Ed448:RSA-PSS+SHA256:RSA-PSS+SHA384:RSA-PSS+SHA512:RSA-PSS+SHA256:RSA-PSS+SHA384:RSA-PSS+SHA512:RSA+SHA256:RSA+SHA384:RSA+SHA512:ECDSA+SHA224:RSA+SHA224:DSA+SHA224:DSA+SHA256:DSA+SHA384:DSA+SHA512
Shared Signature Algorithms: ECDSA+SHA256:ECDSA+SHA384:ECDSA+SHA512:Ed25519:Ed448:RSA-PSS+SHA256:RSA-PSS+SHA384:RSA-PSS+SHA512:RSA-PSS+SHA256:RSA-PSS+SHA384:RSA-PSS+SHA512:RSA+SHA256:RSA+SHA384:RSA+SHA512:ECDSA+SHA224:RSA+SHA224:DSA+SHA224:DSA+SHA256:DSA+SHA384:DSA+SHA512
Supported Elliptic Curve Point Formats: uncompressed:ansiX962_compressed_prime:ansiX962_compressed_char2
Supported groups: secp256r1
Shared groups: secp256r1
CIPHER is ECDHE-ECDSA-AES128-GCM-SHA256
Secure Renegotiation IS supported

Question 1.1: Does the order of provider parameter matter?

Note 2) Comparison to a key created without TPM2 key created with

$ openssl genpkey -algorithm ec -pkeyopt group:P-256 -out testkey_notpm2.priv

$ sudo openssl ec -provider tpm2 -provider default -in testkey.priv -text
read EC key
Private-Key: (256 bit)
priv:
    19:0f:f2:07:ff:eb:e5:7a:4e:ba:e7:8f:cd:37:5e:
    e9:87:7d:c6:a6:25:6f:24:a4:fc:c9:a1:06:a0:ed:
    75:34
pub:
    04:f3:3b:7a:23:38:bb:00:06:5c:a4:f2:70:eb:d7:
    15:d7:be:4b:ca:3a:3d:8f:49:a3:cd:17:99:3f:cf:
    31:df:b3:2b:7c:9c:e5:b9:ea:c7:6f:a4:9e:3b:a0:
    40:37:8f:b8:4f:7c:eb:a0:97:5a:6c:34:15:c1:33:
    25:a1:78:3d:d1
ASN1 OID: prime256v1
NIST CURVE: P-256
writing EC key
-----BEGIN EC PRIVATE KEY-----
MHcCAQEEIBkP8gf/6+V6Trrnj803XumHfcamJW8kpPzJoQag7XU0oAoGCCqGSM49
AwEHoUQDQgAE8zt6Izi7AAZcpPJw69cV175Lyjo9j0mjzReZP88x37MrfJzluerH
b6SeO6BAN4+4T3zroJdabDQVwTMloXg90Q==
-----END EC PRIVATE KEY-----

Question 2.1: What do I have to do to get a similar result using TPM2?

openssl tpm tss
Original Q&A
0

There are 0 best solutions below

Related Questions in OPENSSL

Related Questions in TPM

Related Questions in TSS

Trending Questions

Popular # Hahtags

javascript python java c# php android html jquery c++ css ios sql mysql r reactjs node.js arrays c asp.net json python-3.x ruby-on-rails .net sql-server swift django angular objective-c pandas excel

Popular Questions

Copyright © 2021 Jogjafile Inc.