Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

TPM Attestation Certificates duplicate, missing, etc #159

Closed
AdamUCF opened this issue May 7, 2020 · 3 comments
Closed

TPM Attestation Certificates duplicate, missing, etc #159

AdamUCF opened this issue May 7, 2020 · 3 comments

Comments

@AdamUCF
Copy link
Contributor

AdamUCF commented May 7, 2020
edited
Loading

I've been digging more into the TPM attestation validation and noticed some issues. Where did the roots come from? The first two certs for Infineon (manufacturer ID 49465800) are the same cert. Even though that cert's subject is "IFX TPM EK Root CA" it is not a root and is instead issued by "VeriSign Trusted Platform Module Root CA". My device's Infineon attestation cert chains up to "Microsoft TPM Root Certificate Authority 2014" which is not presently in the code. I'm not sure if other TPM manufacturers have similar issues but I suspect so as the TPM attestation cert world is a bit of a mess.

I'm happy to submit a pull request to update at least the infineon certs but want to make sure I'm not missing something before I do.
@aseigler
Copy link
Collaborator

aseigler commented May 7, 2020

They came from here: https://docs.microsoft.com/en-us/windows-server/security/guarded-fabric-shielded-vm/guarded-fabric-install-trusted-tpm-root-certificates

I don't have all of the TPM roots, or all of the roots for anything else, it's all best effort. Also, we never really intended to require attestation. If someone wanted to only allow devices in a certain chain, they could pretty easily do that, but I don't want to require that for all users of the library.

@AdamUCF
Copy link
Contributor Author

AdamUCF commented May 7, 2020

Yeah makes sense. I'm keen on requiring it for my use case so it's something I've been working through but not suggesting it should be a requirement.

It looks like the Microsoft root is valid for numerous vendors. My Surface Pro X with a Qualcomm TPM and HP laptop with an Infineon TPM both chain up to it. Perhaps this should be added as a sort of shared root for all vendors? I'm guessing this cert is used for all the Microsoft-certified Windows devices with Secure Boot so this one cert will probably provide coverage for all TPM attestations since Windows 10 is the only thing that supports it.

@aseigler
Copy link
Collaborator

aseigler commented May 7, 2020

I would welcome strict attestation as an optional flag in the configuration that is off by default.

Yeah, I have noticed the same thing about TPM, but haven't dug too deep into what is going on. I am pretty sure I had some samples that chained up to TPM roots from that package but I am not 100% certain.

This was referenced May 20, 2020
Closed
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@aseigler @AdamUCF