Problems using the tpm2_encodeobject command

[wudiqiang2024]

tpm2-tool 5.7
tpm2-openssl 1.2.0
tpm2-tss 4.1.2

1. Generate the primary key and persist it

tpm2_createprimary -C o -G ecc -c primary.ctx
tpm2_evictcontrol -c primary.ctx 0x81000001
rm primary.ctx

2. Generate keys and persist it

tpm2_create -C 0x81000001 -G ecc -u key.pub -r key.priv
tpm2_load -C 0x81000001 -u key.pub -r key.priv -c key.ctx
tpm2_evictcontrol  -c key.ctx 0x81000000
rm key.ctx

3. Use tpm2_encodeobject to generate a pem file

tpm2_encodeobject -C 0x81000001 -u key.pub -r key.priv -o tpm.pem
rm key.priv
rm key.pub

In step 3 I deleted key.priv and key.pub because I persisted the key in step 2.

My question is, if I delete the tpm.pem file, how do I regenerate the tpm.pem? Because tpm2_encodeobject can only be generated through these two files, the key handle cannot be used.

Or is there any other way to generate tpm.pem file?

[wudiqiang2024]

@williamcroberts Could you help me answer this question?

[billatarm]

You can use tpm2_readpublic -f pem -c <handle>.

I might not have that command correct, but you can do it with read public. You can also use it to generate key.pub, which is the default if one doesn't specify -f.

[wudiqiang2024]

@billatarm
Thank you for your answer. I am a newbie in TPM. Could you tell me the specific command? And how to obtain the key.priv file? Because my problem is to regenerate the tpm.pem file in the third step through these two files.

[billatarm]

@billatarm Thank you for your answer. I am a newbie in TPM. Can you tell me the specific command? And how to obtain the key.priv file? Because my problem is to regenerate the tpm.pem file in the third step through these two files.

Oh your trying to create the combined pem format not just the public key format. You can't recreate it without the private blob.

[wudiqiang2024]

@billatarm
So I should save the files and shouldn't delete them and if deleted I can only regenerate the key?

[billatarm]

If you're making the key persistent, you don't need the private key in a pem or .priv file. If you ever want to load the key again, you need the private portion. Remember the private portion of the key is tpm protected, so having it on disk is fine.

[wudiqiang2024]

@billatarm
Thank you for your answer. I think these two files may need to be stored in NV.

@williamcroberts
I want to get your answer because I saw here your command to get these two files.
tpm2-software/tpm2-pkcs11#766 (comment)

[billatarm]

@wudiqiang2024, what are you trying to do, what's your end goal? That comment has to do with reconstructing objects to work around an openssl/pkcs11 provider bug. Typically, you don't use any NV space without clear requirements as to why, as NV space is very limited. The SRK primary key is the only key that gets persisted and the rest are loaded dynamically as needed.

[wudiqiang2024]

@billatarm

I use the python component paho-mqtt to connect and communicate with the iot hub. The code to establish the mTLS connection is as follows:

from paho.mqtt import client as mqtt_client

client_id = "device-test"
service_root_certificate="/service/service-root.crt"
device_certificate="/tpm/device.crt"
device_key="/tpm/tpm.pem"
client = mqtt_client.Client(client_id,clean_session=False)
client.tls_set(ca_certs=service_root_certificate,certfile=device_certificate, keyfile=device_key, cert_reqs=ssl.CERT_REQUIRED, tls_version=ssl.PROTOCOL_TLSv1_2)
    

The tpm.pem file is generated through the tpm2-tools command:
The reason I deleted these files is because I feel that the primary key and key have been persisted and these files may not be needed anymore (primary.ctx , key.ctx , key.priv , key.pub)

tpm2_createprimary -C o -G ecc -c primary.ctx
tpm2_evictcontrol -c primary.ctx 0x81000001
rm primary.ctx

tpm2_create -C 0x81000001 -G ecc -u key.pub -r key.priv
tpm2_load -C 0x81000001 -u key.pub -r key.priv -c key.ctx
tpm2_evictcontrol  -c key.ctx 0x81000000
rm key.ctx

tpm2_encodeobject -C 0x81000001 -u key.pub -r key.priv -o tpm.pem
rm key.priv
rm key.pub

openssl configured tpm2-openssl

openssl list -providers

Providers:
  default
    name: OpenSSL Default Provider
    version: 3.0.11
    status: active
  tpm2
    name: TPM 2.0 Provider
    version: 1.2.0
    status: active

These configurations allow me to use the python language to securely use certificates and key to establish mTLS connections.

But I'm thinking, if the tpm.pem file is deleted, how to restore it?

[billatarm]

You don't need to make the second key, the child key, persistent, you should be able to drop these commands:

tpm2_load -C 0x81000001 -u key.pub -r key.priv -c key.ctx
tpm2_evictcontrol  -c key.ctx 0x81000000

It looks like the python code just interacts with openssl and thus the openssl provider AFAICT.

But I'm thinking, if the tpm.pem file is deleted, how to restore it?

You can back that pem file up wherever, it's TPM protected. Theirs also more complicates schemes where you could furlough a key from a key server to the device.

[wudiqiang2024]

@billatarm I understand, thank you very much for your patient answer. Please allow me to ask a few more questions. What is the purpose of persistent? Why SRK primary key should be persistent?

[williamcroberts]

What is the purpose of persistent?

By default, when you create an object (like a key), in the TPM using tpm2_createprimary or tpm2_create, the object is transient, which means it's stored in RAM on the TPM and on reboot it will go away. For primary objects, you can just call tpm2_createprimary again with the same inputs and you'll get the same key. For objects created with tpm2_create, you can just use the pub and priv files to re-load the key using tpm2_load. The rule on NV usage, which is consumed when you persist an object, is don't unless you have to. NV space is limited and as more and more usages of it crop up, the more limited it becomes.

Why SRK primary key should be persistent?

When you call tpm2_createprimary, it creates a primary key in the owner hierarchy (unless you specify a different -C (capital C not lowercase c) option. This requires owner authorization for the TPM, in your example it's empty, but if you set the owner authorization, only an entity with that password could create the primary key. Since the primary key is transient and goes away on each reboot, you want to be able to use the TPM as a regular user without the owner password. So what one does is persist a primary key with no authorization to work as a working space for users keys. This is discussed in https://trustedcomputinggroup.org/wp-content/uploads/TCG-TPM-v2.0-Provisioning-Guidance-Published-v1r1.pdf and the SRK gets persisted to this special address: 0x81000001

A side effect is speed, since this key needs to be re-created if not persisted on every boot, if it's an RSA key, that's really slow. By persisting it, we avoid this slow case.

[wudiqiang2024]

@williamcroberts
@billatarm

Thanks, last question
williamcroberts == billatarm ?

[billatarm]

@williamcroberts @billatarm

Thanks, last question williamcroberts == billatarm ?

Yes I have multiple githubs, and didn't realize I was set to billatarm opposed to my other one. Phone vs laptop lol