Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Improve Windows support #317

Draft
wants to merge 27 commits into
base: master
Choose a base branch
from
Draft

Improve Windows support #317

wants to merge 27 commits into from

Conversation

hslatman
Copy link
Contributor

@hslatman hslatman commented May 9, 2023

This PR started with the changes from @mjg59 in #274 and the changes from @brandonweeks in master...brandonweeks:go-attestation:acme-device-attest and master...brandonweeks:go-attestation:x509ext. I added some functions on top to improve support for Windows.

It would be great if we could get these changes upstreamed. We're currently relying on a renamed fork instead.

mjg59 and others added 25 commits April 28, 2022 17:07
@mjg59
Add TPM 2 application key support for Windows
3e6fc9e 
There's currently no support for creating application keys on Windows systems. This patch transitions the Windows key type to specifically refer to attestation keys, and reuses the existing wrapped key support for application keys. This allows the creation of keys in the platform store, while still allowing said keys to be manipulated with existing TPM functionality rather than duplicating it.
@brandonweeks
x509ext: initial version of package
ade05c9
@brandonweeks
Add QualifyingData paramater to KeyConfig
164122a
@hslatman
Merge remote-tracking branch 'bweeks/x509ext' into patches
ab74553
@hslatman
Merge remote-tracking branch 'mjg59/windows_application_keys' into pa…
31a9234 
…tches
@hslatman
Merge remote-tracking branch 'bweeks/acme-device-attest' into patches
f548032
@hslatman
Fix QualifyingData on Windows
81aa7c3
@hslatman
Add signing support for keys generated on Windows
1a8e4e7 
When generating a new key using a Windows TPM, a `wrappedKey20` was
returned, which couldn't be used for signing on Windows, as it's
backed by a `windowsTPM`. The `wrappedKey20` seems to be a type
specifically aimed at usage with a `wrappedTPM20`, which in turn
seems to be used on Linux and for testing, but not when instantiating
a TPM on Windows.

This commit adds the `newWindowsKey20` function, which returns
a key backed by a `windowsTPM`. The key is a `windowsAK20`,
now also conforming to the `key` interface, so that it can be used
for signing purposes.
@hslatman
Implement blobs for Windows keys
5bc739d
@hslatman
Add loadKey on Windows
eb68d97
@hslatman
Remove superfluous return
3543ffd
@hslatman
Add Name and Prefix options to KeyConfig
3737d78
@hslatman
Disable Windows TPM check for KeyConfig properties
4dd9dc6
@hslatman
Add Name and Prefix to AK creation
b832351
@hslatman
Merge branch 'master' into herman/windows-hacking
7ad3b26
@hslatman
Fix missing ECDSA curve when signing on Windows
7d9b67d
@hslatman
Add support for deleting keys
d197d79 
On Windows, when the key is managed by the OS, keys are stored on
the filesystem. When trying to create a key with the same name, this will
fail with the following error:

`NCryptCreatePersistedKey returned 8009000F: The operation completed successfully.`

This commit adds support for deleting these keys, so that a new
key can be created with the same name.

Have only tested this on Windows so far. My assumption is that for
keys created with `go-attestation` on Linux, the keys aren't persisted
"inside the TPM", so there's nothing to do when deleting them, except
for any keys managed externally.
@hslatman
Fix tests for TPM 1.2
37fd3fa
@hslatman
Merge branch 'master' into herman/windows-hacking
a3f530a
@hslatman
Fix tests for TPM 1.2
0ad94dd
@hslatman
Add DeleteAK method
0ea71a1
@hslatman
Add Blobs method for AK
eb81e6e
@hslatman
Add missing methods for TPM 1.2
1bcb20a
@hslatman
Merge branch 'master' into herman/windows-hacking
2f91901
@hslatman
Remove key prefix and some cleanup
ef181aa
@ericchiang
Copy link
Member

Hey! Thanks so much for sending this and apologies for the delay.

This is a pretty large amount of code. Would it be possible to set up a video call with @brandonweeks and I to chat about this patch? That might be faster than going over github

[email protected]
[email protected]

@ericchiang
Copy link
Member

Meeting notes:

  • Objectives:
    • High level understanding of what’s being added
    • Trying to get a proposal moved forward for what go-attestation takes on
  • Improve Windows support #317
  • Smallstep
    • Working on TPM support
    • Using go-attestation
    • Device attestation spec
    • Needs windows support
  • ACME stuff
    • Still a “working group draft” but something we can probably start targeting
  • Questions that would help Eric:
    • What are the APIs you want to add
    • What features dependent on other ones
    • How can we help test this?
  • Brandon: things are complicated!
    • Internally, we already have windows support working
    • The person who understood this is now at Tailscale (https://github.com/twitchy-jsonp)
    • We currently use a hack to creat the AK because creating AKs directly is hard
    • Generate an application key, causes the AK to be generated automatically
    • For reasons, there’s issues with generating AK directly due to go-tpm missing delegation support
  • Herman:
    • Not familiar with those restrictions
    • Took matthew garrett’s stuff
  • Brandon:
    • Generating an AK with imprint
    • Windows uses way more the authorizations of TPMs
    • There are owners passwords and delegated authorization keys in the registry
    • Technically possible to open up the interaction with Windows directly
    • Workaround: generate the attestation key with ncrypt, causes Windows to generate the AK for you
    • Example of where this can have a limitation:
      • you can’t specify the template for Windows, even though you can for Linux
  • Herman:
    • We’re running as Admin, does that change this?
  • Brandon:
    • You can send thing commands but can’t setup the other delegated authorization credentials
  • Eric:
    • Let’s just add APIs and don’t worry about where it’s implemented on Windows or Linux
    • Can we “just” add delegated authorization to go-tpm?
  • Brandon: was told 4 years ago this was hard
    • go-tpm is getting a major upgrade
    • Maybe a good time to talk to the other go-tpm teams?
  • Eric:
    • maybe we just provide examples for go-tpm?
    • E.g. if users are already using go-tpm. Maybe we shouldn't bother wrapping it with go-attestation?
    • Could we provide examples, or small packages to go-tpm that works with that package rather that wrapping it?

@ericchiang
Copy link
Member

@brandonweeks and I are going to setup some time to chat with go-tpm.

@hslatman if there are specific things we can add to this package, feel free to break up this change and send individual API improvements. Happy to review that.

Or we can wait and see how our conversations with the go-tpm folk go

@hslatman
Copy link
Contributor Author

hslatman commented May 23, 2023
edited
Loading

@ericchiang just saw @mjg59 pushing the changes from this PR to his branch (#274), so I think that's what's going to be tested in full now.

Short summary of what's being changed / added:

  • Windows application key support from @mjg59
  • ACME device-attest-01 changes from @brandonweeks: QualifyingData in KeyConfig and related logic, mainly.
  • Fixes to make the initial Windows changes work
  • Fixes to make device-attest-01 work on Windows

Then the additions, all dependent on the Windows changes:

  • Signing using application keys on Windows
  • A new Name property in AKConfig and logic to control the name of the AK generated on Windows. Empty by default, results in the existing behavior. Makes it a bit simpler to reference existing AKs on Windows.
  • A new Name property in KeyConfig. Same as for the AK.
  • Added Blobs method to AK. Already existed for Key.
  • Added DeleteAK and DeleteKey methods.

Let me know if you would like references to the actual lines. Changes are currently spread over multiple commits; I can clean those up and get some nicer commits in if that's preferred.

@ericchiang
Copy link
Member

I'd be happy to take the windows changes. Maybe send PRs one at a time for those?

@brandonweeks do you know what our testing story for Windows changes is? I see a Windows environment in our test matrix, but do those come with TPMs?

https://github.com/google/go-attestation/blob/master/.github/workflows/test.yml

@mjg59
Copy link
Collaborator

mjg59 commented May 24, 2023

I have a couple of cleanups and one patch that fixes ECDSA signing for me built on top of Herman's work - I'll push those separately for review, but 4 patches gets us to the point where application keys can be generated and used for signing. I think it makes sense to land that functionality and then move forward on the additional work? (I just successfully got an application cert issued and stored in the Windows cert store backed by a TPM key)

@mjg59
Copy link
Collaborator

mjg59 commented May 24, 2023

Updated #274 with the minimal set of patches that lands useful new functionality. Selfishly I think this entirely deals with my use case, but I think it's a reviewable chunk of code that we can build on for the rest of this :)

@hslatman
Copy link
Contributor Author

I'll start with the current state of #274 and move my additions/changes on top of that.

@ericchiang multiple PRs makes sense; I'll try to make that work. Some changes were fairly small though, so I might combine some again.

@hslatman hslatman mentioned this pull request Jul 17, 2023
Open
@hslatman hslatman mentioned this pull request Apr 9, 2024
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@hslatman @ericchiang @mjg59 @brandonweeks