TPM2签名验证失败TPM2-Tools OpenSSL

发布于 2025-02-10 15:53:19 字数 1577 浏览 2 评论 0原文

给

Verification failure
809B58AB9D7F0000:error:0200008A:rsa routines:RSA_padding_check_PKCS1_type_1:invalid padding:../crypto/rsa/rsa_pk1.c:75:
809B58AB9D7F0000:error:02000072:rsa routines:rsa_ossl_public_decrypt:padding check failed:../crypto/rsa/rsa_ossl.c:599:
809B58AB9D7F0000:error:1C880004:Provider routines:rsa_verify:RSA lib:../providers/implementations/signature/rsa_sig.c:774:

我尝试验证tpm2签名的签名

，

了

tpm2_createprimary --hierarchy e --key-context primary.ctx \
  --format=pem --output=primary.pub.pem

我

tpm2_create --key-algorithm rsa --public sub.pub --private sub.priv \
  --parent-context primary.ctx --format pem --output sub.pub.pem

这种

tpm2_load --parent-context primary.ctx --public sub.pub --private sub.priv \
  --key-context sub.ctx

当

echo "1234-5678" > serial_number

流程

sha256sum serial_number | awk '{ print "000000: " $1 }' | \
  xxd -r -c 32 > serial_number.hash

时通过TPM

tpm2_sign --key-context sub.ctx --hash-algorithm sha256 --signature serial_number.sig serial_number

验证签名，

openssl dgst -sha256 -verify sub.pub.pem -keyform pem -signature serial_number.sig serial_number

这很奇怪，因为我可以使用OpenSSL中的公共密钥进行加密，并与TPM进行解密。（和Visa Versa）

我本质上是在尝试重新创建此 https：// /d7h-d1q5fe8？t = 1816

原文

This flow is giving me

Verification failure
809B58AB9D7F0000:error:0200008A:rsa routines:RSA_padding_check_PKCS1_type_1:invalid padding:../crypto/rsa/rsa_pk1.c:75:
809B58AB9D7F0000:error:02000072:rsa routines:rsa_ossl_public_decrypt:padding check failed:../crypto/rsa/rsa_ossl.c:599:
809B58AB9D7F0000:error:1C880004:Provider routines:rsa_verify:RSA lib:../providers/implementations/signature/rsa_sig.c:774:

when I try to verify the signature signed by the TPM2

Here's my steps

Create a primary key in Endorsement Hierarchy and get it’s public cert

tpm2_createprimary --hierarchy e --key-context primary.ctx \
  --format=pem --output=primary.pub.pem

Create a subkey for signing and get it’s public cert

tpm2_create --key-algorithm rsa --public sub.pub --private sub.priv \
  --parent-context primary.ctx --format pem --output sub.pub.pem

Load subkey

tpm2_load --parent-context primary.ctx --public sub.pub --private sub.priv \
  --key-context sub.ctx

Create hardware info

echo "1234-5678" > serial_number

Hash the message

sha256sum serial_number | awk '{ print "000000: " $1 }' | \
  xxd -r -c 32 > serial_number.hash

Sign with the TPM

tpm2_sign --key-context sub.ctx --hash-algorithm sha256 --signature serial_number.sig serial_number

Verify the signature

openssl dgst -sha256 -verify sub.pub.pem -keyform pem -signature serial_number.sig serial_number

It's strange, coz I can encrypt with the public key in openssl and decrypt with the TPM just fine. (and visa versa)

I'm essentially trying to re-create this https://youtu.be/D7h-D1q5fE8?t=1816

分享到QQ

分享到微博

如果你对这篇内容有疑问，欢迎到本站社区发帖提问参与讨论，获取更多帮助，或者扫码二维码加入 Web 技术交流群。

发布评论

需要登录才能够评论，你可以免费注册一个本站的账号。

你在我安 2025-02-17 15:53:19

我认为您唯一的问题是格式。

您可以创建SHA256-HASH serial_number.hash和tpm2_sign将放置内容并签名，因此您拥有sha256（sha256（content））。
您可以使用- ivest为tpm2_sign提供哈希，或者让tpm2_sign哈希hash hash您的消息。
默认情况下tpm2_sign在tss格式中创建签名，但是使用openSSL使用普通格式更容易。

这些命令应起作用（ECC而不是RSA）：

tpm2_createprimary -C e -c primary.ctx
tpm2_create -G ecc -u ecc.pub -r ecc.priv -C primary.ctx 
tpm2_load -C primary.ctx -u ecc.pub -r ecc.priv -c ecc.ctx
tpm2_evictcontrol -c ecc.ctx &> evicted
handle="$(awk '/persistent-handle:/ {print $2}' evicted)"
openssl pkey -provider tpm2 -in "handle:${handle}" -pubout -out public_key.pem
openssl ec -outform der -pubin -in public_key.pem -pubout -out public_key.der

# Create and sign message
printf msg1234 > message.dat
tpm2_sign --key-context "${handle}" --hash-algorithm sha256 --scheme ecdsa --format plain --signature sig.der message.dat

# verify with tpm
tpm2_verifysignature --key-context "${handle}" -g sha256 --scheme ecdsa -s sig.der -m message.dat
# verify with openssl 
openssl dgst -ecdsa-with-SHA256 -verify public_key.pem -keyform PEM -sha256 -signature sig.der -binary message.dat

I think your only problems are the formats.

You create a sha256-hash serial_number.hash and tpm2_sign will hash the content and sign it, so you have sha256(sha256(content)).
You can use --digest to provide a hash for tpm2_sign or just let tpm2_sign hash your message.
Per default tpm2_sign creates a signature in the tss format, but it is easier to use a plain format with openssl.

These command should work (ecc instead of rsa):

tpm2_createprimary -C e -c primary.ctx
tpm2_create -G ecc -u ecc.pub -r ecc.priv -C primary.ctx 
tpm2_load -C primary.ctx -u ecc.pub -r ecc.priv -c ecc.ctx
tpm2_evictcontrol -c ecc.ctx &> evicted
handle="$(awk '/persistent-handle:/ {print $2}' evicted)"
openssl pkey -provider tpm2 -in "handle:${handle}" -pubout -out public_key.pem
openssl ec -outform der -pubin -in public_key.pem -pubout -out public_key.der

# Create and sign message
printf msg1234 > message.dat
tpm2_sign --key-context "${handle}" --hash-algorithm sha256 --scheme ecdsa --format plain --signature sig.der message.dat

# verify with tpm
tpm2_verifysignature --key-context "${handle}" -g sha256 --scheme ecdsa -s sig.der -m message.dat
# verify with openssl 
openssl dgst -ecdsa-with-SHA256 -verify public_key.pem -keyform PEM -sha256 -signature sig.der -binary message.dat

回复收藏 0 原文

~没有更多了~