tpm2: Implement attribute for FIPS-enabled host: fips-host

Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
2026-01-07 11:09:06 +00:00 · 2024-08-31 11:36:34 -04:00 · 2024-08-31 11:36:34 -04:00 · e197df642b
commit e197df642b
parent 2d8d6a256c
4 changed files with 59 additions and 1 deletions
--- a/man/man3/TPMLIB_SetProfile.pod
+++ b/man/man3/TPMLIB_SetProfile.pod
@ -211,6 +211,59 @@ algorithms

 =back

+=item B<fips-host>: (since v0.10)
+
+=over 2
+
+=item * Prevents unpadded (raw) RSA encryption and decryption
+
+=item * Prevents signature generation with a SHA1 with RSA and ECC
+algorithms
+
+=item * Prevents signature verification with a SHA1 digest with RSA and ECC
+algorithms
+
+=back
+
+By adding this verb to the I<Attributes> a TPM 2 can be run on a FIPS-enabled
+host where the OpenSSL crypto library may restrict crypto algorithms as shown
+above (reference is RHEL 9.4+, but varies by distro). Note that usage of this
+verb does not make a TPM 2 instance compliant with FIPS-140. Also see the
+section on 'FIPS mode on the host'.
+
+=back
+
+=head1 FIPS mode on the host
+
+If FIPS mode is enabled on a host (reference is RHEL 9.4+) then the OpenSSL
+crypto library will not be able to use certain algorithms. In this case the
+following list of verbs should be omitted from a profile to avoid either
+selftest failures or having to disable FIPS mode in the OpenSSL instance.
+
+=over 2
+
+=item * camellia, camellia-min-size
+
+=item * tdes, tdes-min-size
+
+=item * rsaes
+
+=item * ecc-nist-p192
+
+=item * ecc-bn, ecc-bn-p256, ecc-bn-p638
+
+=item * ecc-sm2-p256
+
+=back
+
+A profile should contain the following verbs for minimum key sizes:
+
+=over 2
+
+=item * rsa-min-size=2048
+
+=item * ecc-min-size=224
+
 =back

 =head1 ERRORS
--- a/src/tpm2/RuntimeAttributes.c
+++ b/src/tpm2/RuntimeAttributes.c
@ -62,6 +62,10 @@ static const struct {
 	      7),
    ATTRIBUTE("no-sha1-verification", RUNTIME_ATTRIBUTE_NO_SHA1_VERIFICATION,
 	      7),
+    ATTRIBUTE("fips-host", RUNTIME_ATTRIBUTE_NO_UNPADDED_ENCRYPTION |
+			   RUNTIME_ATTRIBUTE_NO_SHA1_SIGNING |
+			   RUNTIME_ATTRIBUTE_NO_SHA1_VERIFICATION,
+	      7),
 };

 LIB_EXPORT void
--- a/src/tpm2/RuntimeAttributes_fp.h
+++ b/src/tpm2/RuntimeAttributes_fp.h
@ -42,7 +42,7 @@
 #ifndef RUNTIME_ATTRIBUTES_H
 #define RUNTIME_ATTRIBUTES_H

-#define NUM_ENTRIES_ATTRIBUTE_PROPERTIES          3
+#define NUM_ENTRIES_ATTRIBUTE_PROPERTIES          4

 #define RUNTIME_ATTRIBUTE_NO_UNPADDED_ENCRYPTION  (1 << 0)
 #define RUNTIME_ATTRIBUTE_NO_SHA1_SIGNING         (1 << 1)
--- a/src/tpm2/RuntimeProfile.c
+++ b/src/tpm2/RuntimeProfile.c
@ -95,6 +95,7 @@ static const struct RuntimeProfileDesc {
 *      - no-unpadded-encryption
 *      - no-sha1-signing
 *      - no-sha1-verification
+ *      - fips-host
 */
    const char *description;
 #define DESCRIPTION_MAX_SIZE        250