Gathering TPM EK certificate chain sizes

[krystian-hebel]

We've hit a problem of not properly working Fobnail firmware when preparing for demo accompanying new release, which was put on hold because of that. The problem comes down to not enough memory left for our tasks, and it presents itself when Attester sends EK certificate chain, or in the following step if this one doesn't corrupt memory enough to break immediately. For reasons we're still investigating, code tries to allocate much more memory than the size of data sent, sometimes by an order of magnitude more than what we expected.

There are few possible solutions that we're considering. To have higher confidence in the outcome, we would like to gather as much info about certificate chain sizes we have to be prepared for as possible. In order to help with obtaining that data, a script was prepared. Easiest way of starting it is to execute:

sudo bash <(wget -o /dev/null -O - https://raw.githubusercontent.com/fobnail/fobnail-attester/main/tools/test_tpm_ek_chain.sh)

If you want to see what is being executed with root privileges you may download is manually or as part of repository. Alternatively adding user to group tss may also work, depending on system configuration.

This is an example output, taken from PC Engines apu1, apu3 and apu4 platforms, each with SLB 9665TT2.0 TPM:

root@debian:~# ./test_tpm_ek_chain.sh 
Certificate 0 size: 1177 bytes
Certificate 1 size: 1463 bytes
Certificate 2 size: 1455 bytes
Certificate is self-signed, assuming it is root

Chain length: 3
Total chain size: 4095 bytes
Size of the biggest certificate: 1463 bytes

Verifying whole chain:
stdin: OK

The script assumes that tpm2-tools (accessing the TPM), openssl (parsing, converting and verification of certificates) and wget (downloading CA certificates) are installed. As you can see, there is no personal data that could be used to identify your platform.

I would like to ask anyone interested in helping this project to execute this script on your machines (only if they have TPM2.0, of course), and share your results in the comments. Platform and TPM model is nice to have for statistics and to check if sizes vary inside one family of TPMs, but if you feel that it can compromise your security, reports without that data are still welcome. If you decide to include that info but don't know what model of TPM is used, semi-useful vendor info can be obtained with:

sudo tpm2_getcap properties-fixed 2>/dev/null | grep TPM2_PT_MANUFACTURER -A14

[macpijan]

NovaCustom NV4X ADL and NovaCustom NV4X TGL (the same exact output):

Certificate 0 size: 1171 bytes
Certificate 1 size: 1449 bytes
Certificate 2 size: 1455 bytes
Certificate is self-signed, assuming it is root

Chain length: 3
Total chain size: 4075 bytes
Size of the biggest certificate: 1455 bytes

Verifying whole chain:
stdin: OK

[macpijan]

RPi with Infineon Optiga 9670

[macpijan]

Ryzen 5 2600, fTPM

Certificate 0 size: 727 bytes
wget: missing URL
Usage: wget [OPTION]... [URL]...

Try `wget --help' for more options.
Can't download CA certificate from ''

[arturkow2000]

RPi, also Infineon Optiga 9670, bit smaller chain

BTW, model is also stored as 2 vendor strings, available via tpm2_getcap properties-fixed

Later on, I will check on my own TPM (AMD fTPM, Ryzen 4650), need to boot into Linux (or compile tpm2 tools for Windows)

[krystian-hebel]

Ryzen 5 2600, fTPM

Certificate 0 size: 727 bytes
wget: missing URL
Usage: wget [OPTION]... [URL]...

Try `wget --help' for more options.
Can't download CA certificate from ''

@macpijan this looks suspicious, is it possible that you've run previous version of tpm_manufacture.sh on this platform? This can be checked with tpm2_nvread -C o 0x01C00002 | openssl x509 -inform der -text -noout, if it was created by the mentioned script the certificate would have Fobnail specified as an organization.

[macpijan]

this looks suspicious, is it possible that you've run previous version of tpm_manufacture.sh on this platform?

Quite likely.

[arturkow2000]

Mine TPM lacks EK certificate.

[0xDen]

# ./test_tpm_ek_chain.sh
Certificate 0 size: 1184 bytes
Certificate 1 size: 1463 bytes
Certificate 2 size: 1455 bytes
Certificate is self-signed, assuming it is root

Chain length: 3
Total chain size: 4102 bytes
Size of the biggest certificate: 1463 bytes

Verifying whole chain:
stdin: OK

[Pokisiekk]

NovaCustom NS5x/7x TGL i ADL, Protectli VP4630/50/70 :

Certificate 0 size: 1171 bytes
Certificate 1 size: 1449 bytes
Certificate 2 size: 1455 bytes
Certificate is self-signed, assuming it is root

Chain length: 3
Total chain size: 4075 bytes
Size of the biggest certificate: 1455 bytes

Verifying whole chain:
stdin: OK

MSI PRO Z690-A (DDR4 i DDR5) :

Certificate 0 size: 898 bytes
wget: missing URL
Usage: wget [OPTION]... [URL]...

Try `wget --help' for more options.
Can't download CA certificate from ''

:~$ tpm2_nvread -C o 0x01C00002 | openssl x509 -inform der -text -noout
WARN: Reading full size of the NV index