Tuesday Nov 16, 2010

Solaris 11 Express Security Features - TPM Support

A while back (March 2009, to be exact), I wrote about the introduction of TPM support in OpenSolaris.  If you didn't try out OpenSolaris, you can now get the TPM support features in Solaris 11 Express.   Just to recap and update some older information from the earlier post:

  • Support for TPM 1.2 devices on x86/64 and some SPARC (sun4v) platforms.
  • Trusted Computing Group (TCG) software interfaces are supported with the inclusion of the TrouSerS package.  Solaris 11 Express includes Trousers version 0.3.4.
  • The tpmadm(1M) utility can be used to perform TPM administrative functions and view the state of some TPM registers.
  • A PKCS#11 provider for using the TPM to secure keys is also provided (and explained below).

In my  original blog entry, I omitted the details about the PKCS#11 TPM provider.  Solaris 11 Express includes a provider that plugs into the Solaris Cryptographic Framework that enables PKCS#11 consumers to use the TPM as a secure keystore.   This allows private data stored in the TPM provider to be protected by TPM-resident keys.  The benefit is that data protected with TPM keys can only ever be decrypted on that same platform using the same TPM (unless they are migrated, which is a topic for another day).   This protects the data from brute-force password attacks on the keys, and also makes them useless if they are removed from the platform that protects them. 

The TCSD service must be enabled and the TPM device must be available in order for the TPM support to work correctly. 

Check for TPM device:

ls -alF /dev/tpm
lrwxrwxrwx   1 root root 44 Oct  1  2009 /dev/tpm -> \\
           ../devices/pci@0,0/isa@1f/tpm@0,fed40000:tpm

Enable the TCSD service:

 
  
# svcadm enable tcsd 

If the TPM device is available and the tcsd service is running, individual users must initialize their own personal TPM-protected token storage area as follows:

# pktool inittoken currlabel=TPM

Next, the token PIN must be set for the SO (security officer), the default is 87654321:

$ pktool setpin token=tpm/joeuser so

Finally, the user's PIN can be set (the initial PIN is 12345678):

$ pktool setpin token=tmp/joeuser

The TPM token should now be ready for use.   pktool(1) can be used to generate keys and certificates using the TPM device by specifying the token name used when the token was initialized ("TPM" in the examples above).

       $ pktool gencert token=tpm/joeuser -i
       $ pktool list token=tpm/joeuser

Also, any existing applications that already use the Solaris Cryptographic Framework interfaces (libpkcs11) can easily be made to use the TPM token for their operations by just making them select the TPM token device for the sessions.

More details about the TPM provider are available in the man pages for pkcs11_tpm(5) included in Solaris 11 Express.


 
  

        
    

Monday Mar 30, 2009

TPM Support in Solaris

Solaris now has support for Trusted Platform Module (TPM) devices (as of build 112).  If you don't know what a TPM is or Trusted Computing is all about, I recommend visiting the Trusted Computing Group page.   The TPM device support that was just put into build 112 is only available on x86/amd64 platforms.  SPARC support is coming in a future build. 

Having TPM device support by itself is not terribly useful.  To have complete support for the Trusted Computing Group interfaces and protocols, we also had to deliver a working TSS (Trusted Software Stack) and some utilities to take advantage of the TPM device.  All of these pieces together make it possible for developers and users to use the TPM to generate keys that are either stored in the TPM and can never leave the TPM unless wrapped by a TPM-resident key, or stored on disk protected (wrapped) by a TPM resident key.   TPM devices do implement some encryption algorithms in hardware, they are not very efficient and are not recommended for bulk encryption operations, TPMs are much better suited for securing keys and data (signing, verifying, wrapping) than for purely encrypting large quantities of data.   Software crypto is generally much faster than TPM crypto.

Software For Using the TPM

The TSS was actually delivered into the SFW consolidation in build 106.   We chose to use the Trousers package for our TSS (version 0.3.1).  You can get the TSS from the SUNWtss and SUNWtss-root packages (currently available in the OpenSolaris /dev repository).  The TSS package allows developers to write applications to take advantage of the TPM using standard interfaces as defined in the TSS Specification.

We also delivered a new command - tpmadm(1).  tpmadm allows the administrator to take ownership of the TPM and perform some other basic commands for querying and managing the persistent key store (see the TCG specs for details).

usage: tpmadm command args ...
where 'command' is one of the following:
        status 
        init 
        clear [owner | lock]
        auth 
        keyinfo [uuid]
        deletekey uuid

Once the ownership is established  (using tpmadm init), the user can query the status of the TPM.  Here is an example of the status of a system with an Atmel 1.2 TPM device:

TPM Version: 1.2 (ATML Rev: 13.9, SpecLevel: 2, ErrataRev: 1)
TPM resources
        Contexts: 16/16 available
        Sessions: 2/3 available
        Auth Sessions: 2/3 available
        Loaded Keys: 18/21 available
Platform Configuration Registers (24)
        PCR 0:  E1 EE 40 D8 66 28 A9 08 B6 22 8E AF DC 3C BC 23 71 15 49 31 
        PCR 1:  5B 93 BB A0 A6 64 A7 10 52 59 4A 70 95 B2 07 75 77 03 45 0B 
        PCR 2:  5B 93 BB A0 A6 64 A7 10 52 59 4A 70 95 B2 07 75 77 03 45 0B 
        PCR 3:  5B 93 BB A0 A6 64 A7 10 52 59 4A 70 95 B2 07 75 77 03 45 0B 
        PCR 4:  AF 98 77 B8 72 82 94 7D BE 09 25 10 2E 60 F9 60 80 1E E6 7C 
        PCR 5:  E1 AA 8C DF 53 A4 23 BF DB 2F 4F 0F F2 90 A5 45 21 D8 BF 27 
        PCR 6:  5B 93 BB A0 A6 64 A7 10 52 59 4A 70 95 B2 07 75 77 03 45 0B 
        PCR 7:  5B 93 BB A0 A6 64 A7 10 52 59 4A 70 95 B2 07 75 77 03 45 0B 
        PCR 8:  00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 
        PCR 9:  00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 
        PCR 10: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 
        PCR 11: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 
        PCR 12: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 
        PCR 13: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 
        PCR 14: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 
        PCR 15: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 
        PCR 16: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 
        PCR 17: FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF 
        PCR 18: FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF 
        PCR 19: FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF 
        PCR 20: FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF 
        PCR 21: FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF 
        PCR 22: FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF 
        PCR 23: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00

Using the TPM

Before you can use the TPM,  you must first have the following packages installed (and all of this assumes that your system has a TPM device in the first place).

  • SUNWtpm
  • SUNWtss
  • SUNWtss-root
After installing the above packages (if they are not already on your system), the system usually has to be rebooted.  The reboot is necessary because the kernel has to reprocess the ACPI table in order to access the TPM and attach the device driver.  Once the reboot completes, you can verify that the TPM device is attached by running "$ modinfo | grep TPM" and looking for something like: "tpm (TPM 1.2 driver)".  If your device driver is attached, you then must start the TCS daemon by running "svcadm enable tcsd".   The TCS daemon manages all of the communication between the user applications and the TPM.  The TSS software automatically talks to the TCS daemon, not directly to the TPM.  The TCS daemon must be running in order for any TSS-based applications to be able to function properly.

Many x86 systems these days do come with TPM devices.   The Sun Ultra 40 M2 systems have Infineon 1.2 TPM devices.  Dell sells several models with TPM chips, both desktops and laptops.  I believe IBM (Lenovo) and other vendors also have TPM devices.  Future SPARC platforms will also have TPM 1.2 devices as well. 

Whats Next

The delivery of the TPM device support and the software apps and APIs is just the first step.  There are many uses for TPMs and TCG protocols that can be developed to take advantage of these features.   Attestation (verifying the integrity of the platform, software and/or hardware), secure boot, and advanced key storage are just a few of the potential applications of this technology. 

Summary

To summarize, these are the steps you need to take in order to use a TPM on your Solaris (OpenSolaris) based system:

  • Get the SUNWtpm, SUNWtss, and SUNWtss-root packages either by installing SXCE (build 112 or later) or from the OpenSolaris /dev repository with build 112 (or later) packages.
  • Install the above packages if not already on your system.  Reboot if you just installed SUNWtpm for the first time.
  • Start the TCS daemon process - svcadm enable tcsd
  • Verify the status of the TPM  - tpmadm status
    • If the TPM is not yet owned, you must take ownership and assign an owner password with the "tpmadm init" command.
  • The TPM must be running at the 1.2 spec level, older 1.1 TPMs will not function correctly with this software.

Coming soon - details on using the PKCS #11 TPM provider...



About

wyllys

Search

Archives
« April 2014
SunMonTueWedThuFriSat
  
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
   
       
Today