| 4 Feb 2023 |
 ElvishJerricco | This ended up being incredibly helpful for my SRK questions and generally does a good job explaining all aspects of the TPM at a high level: https://google.github.io/tpm-js/ | 03:19:46 |
| 20 Feb 2023 |
|  mixis set a profile picture. | 18:09:00 |
| 27 Feb 2023 |
| ElvishJerricco | In reply to @elvishjerricco:matrix.org
https://github.com/systemd/systemd/pull/26185
This sounds like you won't be able to just systemd-cryptenroll with a TPM anymore without taking ownership of the TPM, is that right?
I figured this out finally. Basically the problem is that if the TPM has any authorization set on the key hierarchy, systemd simply can't use it. Because the easy way to use the TPM (the way systemd does it) is to always have the TPM recreate the same "primary key" (meaning the key at the root of the hierarchy, derived from the seed burned into the hardware). This key is what systemd asks the TPM to use to seal and unseal stuff (note that it remains internal to the TPM). But you're not allowed to create keys if the hierarchy requires authorization that you can't provide. So systemd just doesn't work if that authorization exists.
But anyone who takes ownership should almost certainly create an SRK (storage root key) and store it in the TPM. This is a primary key in the hierarchy that systemd wants to use. Since it's stored in the TPM, systemd can just ask the TPM to use it without having to create it.
So unauthorized users are able to use the keys stored on the TPM how they like, but they can't change the key hierarchy within the TPM or ask it for new keys. The PR changes systemd to work this way instead when the SRK exists in the TPM.
So it should have absolutely no effect except that now more people can use systemd's TPM support
| 20:58:08 |
| ElvishJerricco | (but only for systemd-cryptenroll; no support for systemd-creds yet) | 21:00:11 |
| ElvishJerricco | * (but only for systemd-cryptenroll/cryptsetup; no support for systemd-creds yet) | 21:00:30 |
| ElvishJerricco | The short version: The TPM just creates keys in memory by default, without storing them, and requiring authorization. Whenever someone sets the authorization, they should tell the TPM to create a special key called the SRK and store it so that others can use the TPM via the SRK without authorization. Systemd now supports this method. | 21:03:45 |
| ElvishJerricco | * The short version: The TPM just creates keys in internal memory by default, without storing them, and requiring authorization. Whenever someone sets the authorization, they should tell the TPM to create a special key called the SRK and store it so that others can use the TPM via the SRK without authorization. Systemd now supports this method. | 21:04:25 |
| ElvishJerricco | * The short version: The TPM just creates internally reproducible keys in internal memory by default, without storing them, and requiring authorization. Whenever someone sets the authorization, they should tell the TPM to create a special key called the SRK and store it so that others can use the TPM via the SRK without authorization. Systemd now supports this method. | 21:04:51 |
 baloo | but if noone took ownership there wouldn't be a need to require authorization in the first place? | 21:12:58 |
| baloo | or am I missing something | 21:13:08 |
| ElvishJerricco | baloo: That's correct. And that's why it works currently; systemd expects no one to have taken ownership | 21:15:12 |
| baloo | alright, makes sense | 21:15:34 |
| ElvishJerricco | Minor clarification, when creating a key, you choose if it needs authorization to create child keys. It would seem the SRK is expected to be created without any authorization requirement for creating children. I think. | 21:20:40 |
| ElvishJerricco | but of course root keys always need the authorization of the hierarchy | 21:21:06 |
| ElvishJerricco | * but of course creating root keys always needs the authorization of the hierarchy | 21:21:22 |
| baloo | upside of SRK, the key gets stored in the TPM, and you need to wait a couple seconds to do a key derivation from the root secret. | 21:21:33 |
| ElvishJerricco | You mean you don't need to wait? The key is stored so it needn't be derived | 21:23:16 |
| baloo | yeah, sorry | 21:23:29 |
| ElvishJerricco | yea that's one upside. The other is that people who don't have owner auth can still use the TPM for some stuff | 21:24:12 |
| baloo | when creating a subkey, you feed in a template and tpm uses that as input parameter to do key derivation. Which takes 800ms for an RSA 2048bits or so. | 21:24:20 |
| ElvishJerricco | right | 21:24:33 |
| ElvishJerricco | like disk encryption; with the SRK, you don't need owner auth to do disk encryption | 21:25:15 |
| baloo | which isn't necessarily a good thing | 21:25:30 |
| ElvishJerricco | I guess if you don't want that then you can just not create the SRK :P | 21:25:57 |
| ElvishJerricco | or create it so it requires auth to use | 21:26:04 |
| baloo | yeah, you can attach a policy or an auth to an SRK | 21:27:37 |
|  aktaboot joined the room. | 23:40:30 |
| 1 Mar 2023 |
|  Fabián Heredia changed their display name from fabianhjr to Fabián Heredia. | 06:05:13 |
 Julian Stecklina (Old) | https://kb.cert.org/vuls/id/782720 | 09:17:06 |
| Julian Stecklina (Old) | That's pretty bad | 09:17:17 |
