.net core TLS server certificate with private key in TPM #109243
Comments
dotnet-policy-service
bot
added
the
untriaged
|
Tagging subscribers to this area: @dotnet/area-system-security, @bartonjs, @vcsjones |
|
Since you're using an engine (and not a provider) you should be able to do it with .NET 8+ using (SafeEvpPKeyHandle keyHandle = SafeEvpPKeyHandle.OpenPrivateKeyFromEngine("tpm2tss", "0x8100002"))
using (RSA rsa = new RSAOpenSsl(keyHandle))
using (X509Certificate2 certOnly = new X509Certificate2(path))
{
return certOnly.CopyWithPrivateKey(rsa);
}If instead you need an OSSL_PROVIDER (instead of an ENGINE) then you need .NET 9+, where it would look like using (SafeEvpPKeyHandle keyHandle = SafeEvpPKeyHandle.OpenKeyFromProvider("tpm2tss", "0x8100002"))
using (RSA rsa = new RSAOpenSsl(keyHandle))
using (X509Certificate2 certOnly = X509CertificateLoader.LoadCertificateFromFile(path))
{
return certOnly.CopyWithPrivateKey(rsa);
} |
bartonjs
added
the
question
|
so im using .net 8 and openssl version 1.1.1 and have this error when using the engine option as listed above
and with openssl we have the enginer availalbe Is there any other config needed to use this code |
|
Nothing special extra should be required. The argument passed to
Is there more than one copy of OpenSSL on your system? (Specifically, libssl.so and libcrypto.so). .NET is capable of using 1.1.1, but if we find 3.0 we prefer it. So if you have a libssl.so.3/libcrypto.so.3 then .NET is almost certainly choosing that version. You can ask what version we got by querying SafeEvpPKeyHandle.OpenSslVersion and printing that in hex... or use a debugger to see what specific copy of libcrypto.so got loaded. If you have more than one, it's possible that the version we're binding to has a different ENGINE resolver path than the one you're interacting with using the commandline tool. -- The next thing I can think of is that the ENGINE might be loading successfully, but the ENGINE is incorrectly reporting "no such engine" instead of "no such key" if the key name needs to be formatted in a manner other than what I speculated. That would probably require using a native debugger and seeing that our call to ENGINE_by_id succeeded, but our call to ENGINE_load_private_key failed. We just report whatever error OpenSSL and/or the ENGINE reported, I can't tell you if it's, y'know, accurate. |
|
My understanding is that engines are deprecated, but not removed, from OpenSSL 3 (which wants providers, but that support isn't available in .NET 8 and will come in .NET 9). However, the TPM2TSS engine installs in engines-1.1 rather than engines-3. Any idea how to get SafeEvpPKeyHandle.OpenPrivateKeyFromEngine("tpm2tss", "0x8100002") to be looking/loading the older engine using OpenSSL 3? |
|
I don't know if ENGINEs built against OSSL 1.1 will successfully load in OSSL 3. OSSL 3 changed a lot of the ABI, and while the ENGINE registration and callbacks might be stable, if they call into any other OSSL functions they might have issues. So, I've never tried to get OSSL3 to load from the engines-1.1 path, and don't know how to do it. If you have both OSSL3 and OSSL1.1 and want .NET to load the older one, you can set an environment variable: |
|
That
That's using the |
|
An update on the same system: looks like the openssl utility does work with the handle from the command line. But, as shown above, that same handle can't be read by the .NET program. sudo sh |
|
Your commandline information suggests you got password/PIN challenged, which the .NET API can't handle. Perhaps tpm2tss wanted to report "password required" and that got lost in "loading the key didn't work"? |
|
There's no password on the handle. In that script above, only "Enter" was pressed. At least the routine that created the private key at that handle did not explicitly apply a password to it. |
|
This is the script that was run to create the key/handle that is the target we want: |
|
@bartonjs is there an option to pass the empty password in the SafeEvpPKeyHandle.OpenPrivateKeyFromEngine ? I dont see that based on the documentation but based on how the openssl response is where it expects an empty password, do we need to pass that in from .net as well ? |
No, as you noted it doesn't take any options beyond the ENGINE name and the key name. To identify that this is a null-vs-empty problem, you'll probably have to write a test directly against OpenSSL. It would look something like the following (which notably never cleans up anything it allocated)... which I wrote in this text box, so likely doesn't compile, but it's a start. int main(int argc, const char** argc)
{
OPENSSL_init_ssl(
OPENSSL_INIT_ADD_ALL_CIPHERS |
OPENSSL_INIT_ADD_ALL_DIGESTS |
OPENSSL_INIT_LOAD_CONFIG |
OPENSSL_INIT_NO_ATEXIT |
OPENSSL_INIT_LOAD_CRYPTO_STRINGS |
OPENSSL_INIT_LOAD_SSL_STRINGS,
NULL);
ENGINE* engine = ENGINE_by_id("tpm2tss");
EVP_PKEY* pkey = NULL;
if (!engine)
{
printf("Engine did not load\n");
ERR_print_errors_fp(stdout);
return 1;
}
if (!ENGINE_init(engine))
{
printf("ENGINE_init failed.\n");
ERR_print_errors_fp(stdout);
return 1;
}
pkey = ENGINE_load_private_key(engine, "0x81000003", NULL, NULL);
if (pkey)
{
printf("Key loaded the easy way, hurrah!\n");
return 0;
}
printf("Key did not load the easy way.\n");
ERR_print_errors_fp(stdout);
printf("\n\n\n");
UI_METHOD* uimeth = UI_null();
pkey = ENGINE_load_private_key(engine, "0x81000003", uimeth, NULL);
if (pkey)
{
printf("Key loaded with UI_null\n");
return 0;
}
printf("Key did not load with UI_null.\n");
ERR_print_errors_fp(stdout);
printf("\n\n\n");
uimeth = UI_openssl();
pkey = ENGINE_load_private_key(engine, "0x81000003", uimeth, NULL);
if (pkey)
{
printf("Key loaded with UI_openssl\n");
return 0;
}
printf("Key did not load with UI_openssl.\n");
ERR_print_errors_fp(stdout);
printf("\n\n\n");
// Exercise to the reader: If you make it this far, you can try
// creating a custom UI_METHOD based on
// https://github.com/openssl/openssl/blob/b372b1f76450acdfed1e2301a39810146e28b02c/apps/apps.c#L183-L275
printf("Key never loaded :(\n");
return 1;
} |
|
Let me see if I can reproduce this and figure out what is going on. |
|
Okay, I got as far as @GuyWithDogs (great handle btw) |
|
The problem is that we are passing in the The The reason it works fro the OpenSSL command line is because it uses Slightly annoyingly, it's not strictly safe to pass |
|
@vcsjones I'm fine with making a UI_METHOD that "just doesn't do anything" if you think that's the best path forward. Or maybe we can convince tpm2tss to not call that an invalid state? 😄 |
vcsjones
removed
the
question
|
Thanks @vcsjones for analyzing this further. we are happy to try this if you have a fix from a build or someway for us to try as we got stuck on this problem for a while. Its very promising that you got to the root cause! |
|
@appcodr in order to give you a test build of the native library I would need to know more about your environment and .NET version. The full output from |
|
@vcsjones I will grab that info on the target machine probably tomorrow. But its on .net 8 on Ubuntu 22.x on a x86 based processor. we tried as self contained app. our desire is to run on .net 8 |
|
@vcsjones Here is the info from the target machine where we want to run |
I'm trying to do an equivalent of this command in a .net core library for doing a TLS server where the private key is in TPM with a reference of 0x8100001:
openssl s_server -cert rsa.crt -key 0x8100002-keyform engine -engine tpm2tss -accept 8im trying for this to be running in Ubuntu on .net core. In Windows this is abstracted well by the cert store with crypto provider but the same doesn't exist in Ubuntu.
Does anyone have an example of using a package that works in Ubuntu? The below is the equivalent in windows that we use to get from cert store(the cert store abstracts the TPM access)
I also tried this example(#94493) with the 0x8100002 reference but it fails as well
The text was updated successfully, but these errors were encountered: