Merge ffd93ef183 into 7dfe310f06

WIP: tpm2: Add RuntimeAttribute fips-140-3 to restrict TPM 2 (StateFormatLevel 8)
Add RuntimeAttribute 'fips-140-3' that restricts a TPM 2 following requirements of the FIPS-140-3 standard: - Prevents raw RSA encryption and decryption - Prevents SHA1 signature generation + verification - Prevents derivation of ECC keys from derivation parent and for creation of ephemeral keys - Performs a pairwise consistency test on RSA keys and ECC signing keys - Enables continous DRBG test Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
2025-08-26 13:14:36 +00:00 · 2025-07-07 21:49:53 -04:00 · 2024-10-15 15:11:32 -04:00
4 changed files with 44 additions and 2 deletions
--- a/man/man3/TPMLIB_SetProfile.pod
+++ b/man/man3/TPMLIB_SetProfile.pod
@ -199,6 +199,10 @@ This I<StateFormatLevel> enabled the following profile attributes:

 This I<StateFormatLevel> enabled 4096-bit RSA.

+=item 8: (since v0.10)
+
+This I<StateFormatLevel> enabled the I<fips-140-3> attribute.
+
 =back

 A user may specify the I<StateFormatLevel> when using the I<custom> profile.
@ -311,6 +315,33 @@ keys

 =back

+=item B<fips-140-3>
+
+This verb enables the following:
+
+=over 2
+
+=item * Prohibits raw RSA encryption and decryption
+
+=item * Forbids SHA1 signature generation
+
+=item * Forbids RSA < 2048 signature generation
+
+=item * Forbids RSA < 2048 key generation
+
+=item * Prevents derivation of ECC keys from derivation parent and for creation
+of ephemeral keys
+
+=item * Performs a pairwise consistency test on RSA keys and ECC signing keys
+
+=item * Enables continous DRBG test
+
+=back
+
+Note that usage of the I<fips-140-3> verb does not translate into a claim that
+the TPM 2 instance is FIPS-140-3 compliant but merely restricts the usage of
+crypto algorithms by the TPM 2 following the above list.
+
 =back

 =head1 FIPS mode on the host
@ -346,6 +377,10 @@ A profile should contain the following verbs for minimum key sizes:

 =back

+=over 4
+
+=back
+
 =head1 ERRORS

 =over 4
--- a/src/tpm2/RuntimeAttributes.c
+++ b/src/tpm2/RuntimeAttributes.c
@ -80,6 +80,13 @@ static const struct {
              7),
    ATTRIBUTE("no-ecc-key-derivation", RUNTIME_ATTRIBUTE_NO_ECC_KEY_DERIVATION,
 	      7),
+    ATTRIBUTE("fips-140-3", RUNTIME_ATTRIBUTE_NO_UNPADDED_ENCRYPTION |
+			    RUNTIME_ATTRIBUTE_NO_SHA1_SIGNING |
+			    RUNTIME_ATTRIBUTE_NO_SHA1_VERIFICATION |
+			    RUNTIME_ATTRIBUTE_DRBG_CONTINOUS_TEST |
+			    RUNTIME_ATTRIBUTE_PAIRWISE_CONSISTENCY_TEST |
+			    RUNTIME_ATTRIBUTE_NO_ECC_KEY_DERIVATION,
+              8),
 };

 LIB_EXPORT void
--- a/src/tpm2/RuntimeAttributes_fp.h
+++ b/src/tpm2/RuntimeAttributes_fp.h
@ -42,7 +42,7 @@
 #ifndef RUNTIME_ATTRIBUTES_H
 #define RUNTIME_ATTRIBUTES_H

-#define NUM_ENTRIES_ATTRIBUTE_PROPERTIES          10
+#define NUM_ENTRIES_ATTRIBUTE_PROPERTIES          11

 #define RUNTIME_ATTRIBUTE_NO_UNPADDED_ENCRYPTION  (1 << 0)
 #define RUNTIME_ATTRIBUTE_NO_SHA1_SIGNING         (1 << 1)
--- a/tests/tpm2_setprofile.c
+++ b/tests/tpm2_setprofile.c
@ -80,7 +80,7 @@ static const struct {
        .exp_profile =
          "{\"ActiveProfile\":{"
            "\"Name\":\"default-v1\","
-            "\"StateFormatLevel\":7,"
+            "\"StateFormatLevel\":8,"
            "\"Commands\":\"0x11f-0x122,0x124-0x12e,0x130-0x140,0x142-0x159,"
                           "0x15b-0x15e,0x160-0x165,0x167-0x174,0x176-0x178,"
                           "0x17a-0x193,0x197,0x199-0x19c\","