1fapi-profile(5) File Formats Manual fapi-profile(5)
2
6 fapi-config(5)
7
9 FAPI Cryptographic Profile
10 Cryptographic profiles determine the cryptographic algorithms and pa‐
12 rameters for all keys and operations of a specific TPM interaction.
13 The values affected by these profiles are:
14 • the name hash algorithm
16 • asymmetric signature algorithm, scheme and parameters (such as curve,
18 keysize, default padding, hash, etc)
19 • PCR bank selection (which PCR banks shall be extended, quoted and
21 read)
22 Two exemplary profiles for RSA and ECC are installed with the TSS. By
24 default, the RSA cryptographic profile is activated. The user is free
25 to create own cryptographic profiles according to his needs.
26 Specific profiles are activated in the FAPI configuration file. If not
28 otherwise specified during TSS installation, the default location for
29 the exemplary profiles is /etc/tpm2-tss/profiles/ and /etc/tpm2-tss/
30 for the FAPI configuration file.
31 The parameters of the profile are:
33 • type: The asymmetric algorithm used for this profile.
35 • nameAlg: The hash algorithm which will be used for sessions and keys.
37 • srk_template: The type definition for the /SRK object. See the type
39 parameter of Fapi_CreateKey.
40 • srk_description: The description to be set for the /EK object. See
42 Fapi_GetDescription.
43 • ek_template: The type definition for the /EK object. See the type
45 parameter of Fapi_CreateKey.
46 • ek_description: The description to be set for the /SRK object. See
48 Fapi_GetDescription.
49 • ecc_signing_scheme: The signing scheme used for ECC keys.
51 • rsa_signing_scheme: The signing scheme used for RSA keys.
53 • keyBits: The key size for RSA keys.
55 • exponent: The exponent of RSA keys.
57 • sym_mode: The block cipher mode for symmetric encryption.
59 • sym_parameters: The algorithm and parameters used for symmetric en‐
61 cryption.
62 • sym_block_size: The block size used for symmetric encryption.
64 • session_symmetric: The algorithm and parameters used for parameter
66 encryption of a session (The same format and default as sym_parame‐
67 ters).
68 • pcr_selection: The PCR registers and banks used by FAPI.
70 • curveID: The curve ID for ECC keys.
72 • ek_policy: The JSON encoded policy for the /EK object.
74 • srk_policy: The JSON encoded policy for the /SRK object.
76 • eh_policy: The JSON encoded policy for the endorsement hierarchy /HE.
78 • sh_policy: The JSON encoded policy for the owner hierarchy /HS.
80 • lockout_policy: The JSON encoded policy for the lockout hierarchy
82 /LOCKOUT.
83 • newMaxTries: Count of authorization failures before the lockout is
85 imposed. If not set the default is 5.
86 • newRecoveryTime: Time in seconds before the authorization failure
88 count is automatically decremented. A value of zero indicates that
89 DA protection is disabled. If not set the default is 1000.
90 • lockoutRecovery: Time in seconds after a lockoutAuth failure before
92 use of lockoutAuth is allowed A value of zero indicates that a reboot
93 is required. If not set the default is 1000.
94 • ignore_ek_template: Ignore EK template stored in NV ram. If not set
96 the default is "no".
97
99 The following JSON encoded example shows the standard profile for ECC
100 keys:
101 {
103 "type": "TPM2_ALG_ECC",
104 "nameAlg":"TPM2_ALG_SHA256",
105 "srk_template": "system,restricted,decrypt,0x81000001",
106 "srk_description": "Storage root key SRK",
107 "ek_template": "system,restricted,decrypt",
108 "ek_description": "Endorsement key EK",
109 "ecc_signing_scheme": {
110 "scheme":"TPM2_ALG_ECDSA",
111 "details":{
112 "hashAlg":"TPM2_ALG_SHA256"
113 },
114 },
115 "sym_mode":"TPM2_ALG_CFB",
116 "sym_parameters": {
117 "algorithm":"TPM2_ALG_AES",
118 "keyBits":"128",
119 "mode":"TPM2_ALG_CFB"
120 },
121 "sym_block_size": 16,
122 "pcr_selection": [
123 { "hash": "TPM2_ALG_SHA1",
124 "pcrSelect": [ ],
125 },
126 { "hash": "TPM2_ALG_SHA256",
127 "pcrSelect": [ 8, 9, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23 ]
128 }
129 ],
130 "curveID": "TPM2_ECC_NIST_P256",
131 "ek_policy": {
132 "description": "Endorsement hierarchy used for policy secret.",
133 "policy":[
134 {
135 "type":"POLICYSECRET",
136 "objectName": "4000000b",
137 }
138 ]
139 }
140 }
141 Beside the cryptographic parameters descriptions for the storage root
143 key and the endorsement key can be set. For the endorsement hierarchy
144 the policy "ek_policy" is set according to the TCG Credential profile
145 EK 2.0. The values of the constants are the same as the constants de‐
146 fined in the TSS header files, where the prefix TPM2_ can be omitted.
147 The key type of the storage root key and the endorsement key is defined
149 by the JSON fields srk_template and ek_template. The type consists of
150 a list of comma and/or space separated keywords. If a keyword is not
151 present the inverse of the reference TPM attribute bits SHALL be set or
152 cleared. The keywords are:
153 • sign: Sets the sign attribute of a key.
155 • decrypt: Sets the decrypt attribute of a key.
157 • If neither sign nor decrypt are provided, both attributes SHALL be
159 set.
160 • restricted: Sets the restricted attribute of a key.
162 • If restricted is set, either sign or decrypt (but not both) SHALL be
164 set.
165 • noda: Sets the noda attribute of a key or NV index.
167 • A hexadecimal number: Marks a key object to be made persistent and
169 sets the persistent object handle to this value.
170 The RSA profile has specific values for the signing scheme and the de‐
172 crypt scheme:
173 "rsa_signing_scheme": {
175 "scheme":"TPM2_ALG_RSAPSS",
176 "details":{
177 "hashAlg":"TPM2_ALG_SHA256"
178 }
179 "rsa_decrypt_scheme": {
182 "scheme":"TPM2_ALG_OAEP",
183 "details":{
184 "hashAlg":"TPM2_ALG_SHA256"
185 }
186 },
187 Possible values for the signing schemes are:
189 • RSA: RSASSA, RSAPSS
191 • ECC: ECDSA, ECDAA
193 Possible modes for symmetric encryption are:
195 • CTR, OFB, CBC, CFB, ECB, NULL
197 Possible modes for the RSA decrypt scheme are:
199 • RSAES, OAEP
201 The following curve ids can be used:
203 • ECC_NIST_P192, ECC_NIST_P224, ECC_NIST_P256, ECC_NIST_P384,
205 ECC_NIST_P521, ECC_BN_P256, ECC_BN_P638, ECC_SM2_P256
206 If the PCR registers 0 to 10 are extended by BIOS and IMA in the SHA1 bank the following PCR selection should
209 be used to enable the use of FAPI quote and verify quote:
210 "pcr_selection": [
212 { "hash": "TPM2_ALG_SHA1",
213 "pcrSelect": [ 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10 ],
214 },
215 { "hash": "TPM2_ALG_SHA256",
216 "pcrSelect": [ 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23 ]
217 }
218 ],
219
221 This page is part of release 4.0.1 of Open Source implementation of the
222 TCG TPM2 Software Stack (TSS2). A description of the project, informa‐
223 tion about reporting bugs, and the latest version of this page can be
224 found at https://github.com/tpm2-software/tpm2-tss/.
225TPM2 Software Stack JULI 2020 fapi-profile(5)