Andreas SteffenThe open source strongSwan VPN solution can directly access RSA and ECC authentication keys stored in a TPM 2.0 and use them as endpoint credentials in IPsec and TLS connection setups. The strongSwan tpm plugin is responsible for accessing the TPM 2.0 via the TSS System Level API and TPM Command Transmission Interface. Currently the tpm2-tss SAPI implementation is used. In this HOWTO we assume that the following endorsement keys, attestation keys and matching attestation key certificates have been created and persisted in the TPM 2.0 NVRAM of the endpoint using e.g. the tpm2-tools:
Handle Object 0x81010001 ECDSA Endorsement Key 0x81010002 RSA Endorsement Key 0x81010003 ECDSA Attestation Key 0x81010004 RSA Attestation Key 0x01800003 ECDSA Attestation Key Certificate 0x01800004 RSA Attestation Key Certificate
strongSwan PKI Tool
The auxiliary strongSwan pki tool can display the fingerprint of the ECC attestation key stored under the permanent TPM 2.0 handle 0x81010003:
pki --print --type priv --keyid 0x81010003 TPM 2.0 via TSS2 available AIK signature algorithm is ECDSA with SHA256 hash privkey: ECDSA 256 bits keyid: fd:32:8e:e1:c4:91:66:43:f1:8e:75:f5:c1:f0:f7:b2:93:c0:84:22 subjkey: bb:e5:c4:d7:8c:c3:20:b5:35:8e:2c:8b:aa:e1:fc:73:bd:21:c9:e7
This Attestation Key (AK) that can be used for signatures is bound to the ECC Endorsement Key (EK) with permanent handle 0x81010001. This EK is an encryption key so that no signature algorithm is defined:
pki --print --type priv --keyid 0x81010001 TPM 2.0 via TSS2 available AIK signature algorithm is NULL with ERROR hash privkey: ECDSA 256 bits keyid: 34:84:de:30:a3:48:0d:af:aa:0a:64:ea:1c:c0:f7:21:54:ec:52:9e subjkey: 91:4e:d0:45:23:67:78:50:b1:ac:dd:5b:25:ed:5c:e2:00:80:c9:fc
Alternatively there exists an RSA Attestation Key stored under the permanent handle 0x81010004:
pki --print --type priv --keyid 0x81010004 TPM 2.0 via TSS2 available AIK signature algorithm is RSASSA with SHA256 hash privkey: RSA 2048 bits keyid: a2:9a:b9:b7:45:79:ce:44:9b:01:26:6b:db:2a:ca:ae:d5:70:94:6e subjkey: ce:43:1f:64:7d:54:9f:75:92:67:42:2f:40:97:c8:74:e2:ec:a5:47
If an X.509 endpoint certificate for the ECC attestation key is needed then the strongSwan pki tool can directly generate a PKCS#10 certificate request signed by the attestation private key:
pki --req --keyid 0x81010003 --san koala.strongswan.org
--dn "C=CH, O=strongSwan, CN=koala.strongswan.org"
--outform pem > ak_ecc_req.pem
TPM 2.0 via TSS2 available
AIK signature algorithm is ECDSA with SHA256 hash
Smartcard PIN:
If the key is protected by a PIN then type in the password. Otherwise just press the return button. The PKCS#10 certificate request is stored in PEM format in the file ak_ecc_req.pem that can be sent to a Certification Authority (CA) to issue an X.509 certificate. Alternatively the strongSwan pki tool can be used to issue an endpoint certificate signed by an in-house CA:
pki --issue --cacert ca_cert.pem --cakey ca_key.pem
--type pkcs10 --in ak_ecc_req.pem --lifetime 3651
--outform pem > ak_ecc_cert.pem
Using e.g. the tpm2-tools this certificate can be stored in the TPM 2.0 NVRAM under the permanent handle 0x018000003. The following pki tool command retrieves the certificate from the TPM 2.0 and displays its contents:
pki --print --type x509 --keyid 0x01800003
TPM 2.0 via TSS2 available
loaded certificate from TPM NV index 0x01800003
subject: "C=CH, O=strongSwan, CN=koala.strongswan.org"
issuer: "C=CH, O=strongSwan, CN=strongSwan Root CA"
validity: not before Dec 01 16:24:59 2017, ok
not after Sep 01 17:24:59 2026, ok (expires in 3070 days)
serial: 34:9a:f6:04:8b:6a:b3:2a
altNames: koala.strongswan.org
authkeyId: 6d:c2:af:37:49:41:b9:fd:f4:45:8b:aa:e0:03:3b:b9:e5:7b:9c:b5
subjkeyId: bb:e5:c4:d7:8c:c3:20:b5:35:8e:2c:8b:aa:e1:fc:73:bd:21:c9:e7
pubkey: ECDSA 256 bits
keyid: fd:32:8e:e1:c4:91:66:43:f1:8e:75:f5:c1:f0:f7:b2:93:c0:84:22
subjkey: bb:e5:c4:d7:8c:c3:20:b5:35:8e:2c:8b:aa:e1:fc:73:bd:21:c9:e7
strongSwan IPsec Daemon
The strongSwan IPsec daemon stores its connection configurations in /etc/swanctl/swanctl.conf. The TPM 2.0 handle 0x0180003 of the endpoint certificate to be used can be indicated in the local section of the home connection definition:
connections {
home {
local {
auth = pubkey
cert-tpm {
handle = 0x01800003
}
id = koala.strongswan.org
}
...
}
}
whereas the handle 0x81010003 of the corresponding private key is defined in the secrets section of swanctl.conf:
secrets {
token_ak_ecc {
handle = 0x81010003
}
}
A more detailed strongSwan HOWTO including the complete tpm2-tools commands needed to generate and persist TPM 2.0 keys can be found here.
Silviu Vlasceanu
David Challener