Add AES-GCM encryption support. Move argon2 to new crypto package. Default dev and debug config to ECC certs

jeremyhahn · jeremyhahn · commit b3841e926580 · 2024-07-07T14:48:30.000-04:00
diff --git a/configs/platform/config.debug.yaml b/configs/platform/config.debug.yaml
@@ -203,14 +203,16 @@ certificate-authority:
   # Supported schemes: RSA_PSS | RSA_PKCS1v15
   rsa-scheme: RSA_PSS
  
-  # The default algorithm to use when creating keys and certificates
+  # The key algorithm used for the CA signing certificate
   # Supported algorithms: RSA, ECC
-  key-algorithm: RSA
+  # key-algorithm: RSA
+  key-algorithm: ECC
 
   # The default signature algorithm
   # Any fully supported Go x509 SignatureAlgorithm:
   # https://pkg.go.dev/crypto/x509#SignatureAlgorithm
-  signature-algorithm: SHA256WithRSA
+  # signature-algorithm: SHA256WithRSA
+  signature-algorithm: ECDSAWithSHA256
   
   # The Elliptical Curve Cryptography Curve
   # Supported curves: P224, P256, P384, P521
diff --git a/configs/platform/config.dev.yaml b/configs/platform/config.dev.yaml
@@ -197,12 +197,12 @@ certificate-authority:
  
   # The default algorithm to use when creating keys and certificates
   # Supported algorithms: RSA, ECC
-  key-algorithm: RSA
+  key-algorithm: ECC
 
   # The default signature algorithm
   # Any fully supported Go x509 SignatureAlgorithm:
   # https://pkg.go.dev/crypto/x509#SignatureAlgorithm
-  signature-algorithm: SHA256WithRSA
+  signature-algorithm: ECDSAWithSHA256
   
   # The Elliptical Curve Cryptography Curve
   # Supported curves: P224, P256, P384, P521
diff --git a/configs/platform/config.fips.yaml b/configs/platform/config.fips.yaml
@@ -2,7 +2,7 @@
 
 
 # Global platform configs
-debug: true
+debug: false
 debug-secrets: false
 platform-dir: trusted-data
 config-dir: trusted-data/etc
@@ -138,10 +138,10 @@ tpm:
   ek-cert: ../ECcert.bin
   
   # Use TPM Simulator instead of real TPM
-  simulator: true
+  simulator: false
   
   # Automatically import EK Platform (Manufacturer) Certificate(s) into trust store
-  auto-import-ek-certs: true
+  auto-import-ek-certs: false
 
   # PCRs to use for local attestation
   # https://uapi-group.org/specifications/specs/linux_tpm_pcr_registry/
@@ -169,7 +169,7 @@ certificate-authority:
   issued-valid: 365
   
   # Set to true to include "localhost" in SANS names
-  sans-include-localhost: true
+  sans-include-localhost: false
   
   # Delete revoked certificates. They can be safely
   # discarded after revocation, but you may want them
@@ -217,7 +217,7 @@ certificate-authority:
 
   # The Certificate Authority identity
   identity:
-  - key-size: 2048
+  - key-size: 4096
      # CA cert expiration (years)
     valid: 50
     subject:
@@ -309,4 +309,5 @@ argon2:
   iterations: 2
   parallelism: 1
   saltLen: 16
-  keyLen: 32
+  keyLen: 32
+  
diff --git a/pkg/app/app.go b/pkg/app/app.go
@@ -17,7 +17,7 @@ import (
 
 	"github.com/jeremyhahn/go-trusted-platform/pkg/ca"
 	"github.com/jeremyhahn/go-trusted-platform/pkg/config"
-	"github.com/jeremyhahn/go-trusted-platform/pkg/hash"
+	"github.com/jeremyhahn/go-trusted-platform/pkg/crypto/argon2"
 	"github.com/jeremyhahn/go-trusted-platform/pkg/pkcs11"
 	"github.com/jeremyhahn/go-trusted-platform/pkg/platform/auth"
 	"github.com/jeremyhahn/go-trusted-platform/pkg/platform/setup"
@@ -35,25 +35,25 @@ type App struct {
 	CA                   ca.CertificateAuthority     `yaml:"-" json:"-" mapstructure:"-"`
 	TPM                  tpm2.TrustedPlatformModule2 `yaml:"-" json:"-" mapstructure:"-"`
 	PKCS11               pkcs11.PKCS11
-	CAConfig             ca.Config          `yaml:"certificate-authority" json:"certificate_authority" mapstructure:"certificate-authority"`
-	TPMConfig            tpm2.Config        `yaml:"tpm" json:"tpm" mapstructure:"tpm"`
-	PKCS11Config         pkcs11.Config      `yaml:"pkcs11" json:"pkcs11" mapstructure:"pkcs11"`
-	AttestationConfig    config.Attestation `yaml:"attestation" json:"attestation" mapstructure:"attestation"`
-	DebugFlag            bool               `yaml:"debug" json:"debug" mapstructure:"debug"`
-	DebugSecretsFlag     bool               `yaml:"debug-secrets" json:"debug-secrets" mapstructure:"debug-secrets"`
-	PlatformDir          string             `yaml:"platform-dir" json:"platform_dir" mapstructure:"platform-dir"`
-	ConfigDir            string             `yaml:"config-dir" json:"config_dir" mapstructure:"config-dir"`
-	LogDir               string             `yaml:"log-dir" json:"log_dir" mapstructure:"log-dir"`
-	Logger               *logging.Logger    `yaml:"-" json:"-" mapstructure:"-"`
-	RuntimeUser          string             `yaml:"runtime-user" json:"runtime_user" mapstructure:"runtime-user"`
-	Argon2               hash.Argon2Params  `yaml:"argon2" json:"argon2" mapstructure:"argon2"`
-	WebService           config.WebService  `yaml:"webservice" json:"webservice" mapstructure:"webservice"`
-	PasswordPolicy       string             `yaml:"password-policy" json:"password-policy" mapstructure:"password-policy"`
-	RootPassword         string             `yaml:"root-password" json:"root_password" mapstructure:"root-password"`
-	IntermediatePassword string             `yaml:"intermediate-password" json:"intermediate_password" mapstructure:"intermediate-password"`
-	ServerPassword       string             `yaml:"server-password" json:"server_password" mapstructure:"server-password"`
-	EKAuth               string             `yaml:"ek-auth" json:"ek_auth mapstructure:"ek-auth"`
-	SRKAuth              string             `yaml:"srk-auth" json:"srk_auth mapstructure:"srk-auth"`
+	CAConfig             ca.Config           `yaml:"certificate-authority" json:"certificate_authority" mapstructure:"certificate-authority"`
+	TPMConfig            tpm2.Config         `yaml:"tpm" json:"tpm" mapstructure:"tpm"`
+	PKCS11Config         pkcs11.Config       `yaml:"pkcs11" json:"pkcs11" mapstructure:"pkcs11"`
+	AttestationConfig    config.Attestation  `yaml:"attestation" json:"attestation" mapstructure:"attestation"`
+	DebugFlag            bool                `yaml:"debug" json:"debug" mapstructure:"debug"`
+	DebugSecretsFlag     bool                `yaml:"debug-secrets" json:"debug-secrets" mapstructure:"debug-secrets"`
+	PlatformDir          string              `yaml:"platform-dir" json:"platform_dir" mapstructure:"platform-dir"`
+	ConfigDir            string              `yaml:"config-dir" json:"config_dir" mapstructure:"config-dir"`
+	LogDir               string              `yaml:"log-dir" json:"log_dir" mapstructure:"log-dir"`
+	Logger               *logging.Logger     `yaml:"-" json:"-" mapstructure:"-"`
+	RuntimeUser          string              `yaml:"runtime-user" json:"runtime_user" mapstructure:"runtime-user"`
+	Argon2               argon2.Argon2Params `yaml:"argon2" json:"argon2" mapstructure:"argon2"`
+	WebService           config.WebService   `yaml:"webservice" json:"webservice" mapstructure:"webservice"`
+	PasswordPolicy       string              `yaml:"password-policy" json:"password-policy" mapstructure:"password-policy"`
+	RootPassword         string              `yaml:"root-password" json:"root_password" mapstructure:"root-password"`
+	IntermediatePassword string              `yaml:"intermediate-password" json:"intermediate_password" mapstructure:"intermediate-password"`
+	ServerPassword       string              `yaml:"server-password" json:"server_password" mapstructure:"server-password"`
+	EKAuth               string              `yaml:"ek-auth" json:"ek_auth mapstructure:"ek-auth"`
+	SRKAuth              string              `yaml:"srk-auth" json:"srk_auth mapstructure:"srk-auth"`
 	cAPassword           string
 }
 
diff --git a/pkg/config.yaml b/pkg/config.yaml
@@ -203,14 +203,16 @@ certificate-authority:
   # Supported schemes: RSA_PSS | RSA_PKCS1v15
   rsa-scheme: RSA_PSS
  
-  # The default algorithm to use when creating keys and certificates
+  # The key algorithm used for the CA signing certificate
   # Supported algorithms: RSA, ECC
-  key-algorithm: RSA
+  # key-algorithm: RSA
+  key-algorithm: ECC
 
   # The default signature algorithm
   # Any fully supported Go x509 SignatureAlgorithm:
   # https://pkg.go.dev/crypto/x509#SignatureAlgorithm
-  signature-algorithm: SHA256WithRSA
+  # signature-algorithm: SHA256WithRSA
+  signature-algorithm: ECDSAWithSHA256
   
   # The Elliptical Curve Cryptography Curve
   # Supported curves: P224, P256, P384, P521
diff --git a/pkg/crypto/aesgcm/aesgcm.go b/pkg/crypto/aesgcm/aesgcm.go
@@ -0,0 +1,117 @@
+package aesgcm
+
+import (
+	"crypto/aes"
+	"crypto/cipher"
+	"crypto/rand"
+	"errors"
+	"fmt"
+	"io"
+
+	"github.com/op/go-logging"
+)
+
+var (
+	ErrInvalidNonce         = errors.New("crypto/cipher: incorrect nonce length given to GCM")
+	ErrMessageTooLarge      = errors.New("crypto/cipher: message too large for GCM")
+	ErrInvalidBufferOverlap = errors.New("crypto/cipher: invalid buffer overlap")
+)
+
+type AESGCM struct {
+	logger       *logging.Logger
+	debugSecrets bool
+	random       io.Reader
+}
+
+// AES CGM encrypter / decrypter. Accepts a logger and optional source of
+// entropy, such as the TPM or an HSM. A randomly generated nonce, not exceeding
+// 96 bits, is automatically generated to add nonce misuse-resistance.
+//
+// In addition, this code wraps the panic that the Golang runtime throws
+// when a nonce is incorrect, a message is too large, or a buffer overlap is
+// detected, and returns a recoverable error instead of allowing it to crash
+// servers.
+// https://pkg.go.dev/crypto/cipher
+// https://datatracker.ietf.org/doc/html/rfc8452
+func NewAESGCM(
+	logger *logging.Logger,
+	debugSecrets bool,
+	random io.Reader) AESGCM {
+
+	if random == nil {
+		random = rand.Reader
+	}
+	return AESGCM{
+		logger:       logger,
+		debugSecrets: debugSecrets,
+		random:       random,
+	}
+}
+
+// Seal the provided plain-test and "additional data" data
+// with the specified encryption key, using AES256 in GCM mode,
+// which provides authenticated encryption. Returns the ciphertext
+// and a nonce, used as the Initialization Vector for the AES
+// counter mode.
+func (this AESGCM) Seal(key, data, additionalData []byte) ([]byte, []byte, error) {
+
+	block, err := aes.NewCipher(key)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	// IV's longer than 96 bits require additional calcuations
+	// https://crypto.stackexchange.com/questions/41601/aes-gcm-recommended-iv-size-why-12-bytes
+	nonce := make([]byte, 12)
+	if _, err := io.ReadFull(this.random, nonce); err != nil {
+		return nil, nil, err
+	}
+
+	aesgcm, err := cipher.NewGCM(block)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	ciphertext := aesgcm.Seal(nil, nonce, data, additionalData)
+
+	if this.debugSecrets {
+		this.logger.Debugf("aesgcm/Seal: key: %s", string(key))
+		this.logger.Debugf("aesgcm/Seal: data: %s", string(data))
+		this.logger.Debugf("aesgcm/Seal: additionalData: %s", string(data))
+	}
+
+	this.logger.Debugf("aesgcm/Seal: ciphtertext: %x\n", ciphertext)
+	this.logger.Debugf("aesgcm/Seal: nonce: %x\n", nonce)
+
+	return ciphertext, nonce, nil
+}
+
+// Seal encrypts and authenticates plaintext, authenticates the
+// additional data and
+func (this AESGCM) Open(key, ciphertext, nonce, additionalData []byte) (plaintext []byte, err error) {
+	block, err := aes.NewCipher(key)
+	if err != nil {
+		this.logger.Error(err)
+		return nil, err
+	}
+	aesgcm, err := cipher.NewGCM(block)
+	if err != nil {
+		this.logger.Error(err)
+		return nil, err
+	}
+	defer func() error {
+		// Recover from panic to keep prevent servers from crashing
+		if r := recover(); r != nil {
+			this.logger.Debugf("aesgcm/Open: panic: %s", r)
+			err = fmt.Errorf("%s", r)
+		}
+		return nil
+	}()
+	plaintext, err = aesgcm.Open(nil, nonce, ciphertext, additionalData)
+	if err != nil {
+		this.logger.Error(err)
+		return nil, err
+	}
+
+	return plaintext, nil
+}
diff --git a/pkg/crypto/aesgcm/aesgcm_test.go b/pkg/crypto/aesgcm/aesgcm_test.go
@@ -0,0 +1,85 @@
+package aesgcm
+
+import (
+	"crypto/rand"
+	"io"
+	"os"
+	"testing"
+
+	"github.com/op/go-logging"
+	"github.com/stretchr/testify/assert"
+)
+
+func TestSealWithoutAdditionalData(t *testing.T) {
+
+	logger := createLogger()
+
+	// Use rand.Reader for entropy
+	aesgcm := NewAESGCM(logger, true, nil)
+
+	// Generate a key
+	key := make([]byte, 32)
+	_, err := io.ReadFull(rand.Reader, key)
+	assert.Nil(t, err)
+
+	// Seal the data and get back the cipher-text and nonce
+	secret := []byte("my-secret")
+	ciphertext, nonce, err := aesgcm.Seal(key, secret, nil)
+
+	// Open the cipher-text using the nonce returned from Seal
+	decrypted, err := aesgcm.Open(key, ciphertext, nonce, nil)
+	assert.Nil(t, err)
+	assert.Equal(t, secret, decrypted)
+
+	// Ensure failure with a bad nonce
+	_, err = aesgcm.Open(key, ciphertext, []byte("foo"), nil)
+	assert.NotNil(t, err)
+	assert.Equal(t, ErrInvalidNonce, err)
+}
+
+func TestSealWithAdditionalData(t *testing.T) {
+
+	logger := createLogger()
+
+	// Use rand.Reader for entropy
+	aesgcm := NewAESGCM(logger, true, nil)
+
+	// Generate a key
+	key := make([]byte, 32)
+	_, err := io.ReadFull(rand.Reader, key)
+	assert.Nil(t, err)
+
+	// Create "additional data". The Open operation will fail
+	// if the additional data does not match the same data
+	// that was passed to Seal.
+	additionalData := []byte("some authorization data")
+
+	// Seal the data and get back the cipher-text and nonce
+	secret := []byte("my-secret")
+	ciphertext, nonce, err := aesgcm.Seal(key, secret, additionalData)
+
+	// Open the cipher-text using the nonce returned from Seal
+	decrypted, err := aesgcm.Open(key, ciphertext, nonce, additionalData)
+	assert.Nil(t, err)
+	assert.Equal(t, secret, decrypted)
+
+	// Ensure failure when additional data doesnt match
+	_, err = aesgcm.Open(key, ciphertext, nonce, []byte("foo"))
+	assert.NotNil(t, err)
+}
+
+// Create a logger for the tests
+func createLogger() *logging.Logger {
+	stdout := logging.NewLogBackend(os.Stdout, "", 0)
+	logging.SetBackend(stdout)
+	logger := logging.MustGetLogger("tpm")
+
+	logFormat := logging.MustStringFormatter(
+		`%{color}%{time:15:04:05.000} %{shortpkg}.%{shortfunc} %{level:.4s} %{id:03x}%{color:reset} %{message}`,
+	)
+	logFormatter := logging.NewBackendFormatter(stdout, logFormat)
+	backends := logging.MultiLogger(stdout, logFormatter)
+	logging.SetBackend(backends)
+
+	return logger
+}
diff --git a/pkg/crypto/argon2/argon2id.go b/pkg/crypto/argon2/argon2id.go
@@ -1,4 +1,4 @@
-package hash
+package argon2
 
 import (
 	"crypto/subtle"
@@ -12,23 +12,10 @@ import (
 )
 
 var (
-	ErrInvalidHash         = errors.New("argon2di: invalid format")
-	ErrIncompatibleVersion = errors.New("argon2di: version incompatible")
+	ErrInvalidHash         = errors.New("argon2id: invalid format")
+	ErrIncompatibleVersion = errors.New("argon2id: version incompatible")
 )
 
-type Argon2Params struct {
-	Memory      uint32 `yaml:"memory" json:"memory" mapstructure:"memory"`
-	Iterations  uint32 `yaml:"iterations" json:"iterations" mapstructure:"iterations"`
-	Parallelism uint8  `yaml:"parallelism" json:"parallelism" mapstructure:"parallelism"`
-	SaltLength  uint32 `yaml:"saltLen" json:"saltLen" mapstructure:"saltLen"`
-	KeyLength   uint32 `yaml:"keyLen" json:"keyLen" mapstructure:"keyLen"`
-}
-
-type Argon2 interface {
-	Hash(password string) (string, error)
-	Compare(password, hash string) (match bool, err error)
-}
-
 type Argon2Hasher struct {
 	random io.Reader
 	params Argon2Params
diff --git a/pkg/crypto/argon2/argon2id_test.go b/pkg/crypto/argon2/argon2id_test.go
@@ -1,4 +1,4 @@
-package hash
+package argon2
 
 import (
 	"crypto/rand"
diff --git a/pkg/crypto/argon2/types.go b/pkg/crypto/argon2/types.go

Original file line number	Diff line number	Diff line change
`@@ -1,4 +1,4 @@`
`1`		`-package hash`
	`1`	`+package argon2`
`2`	`2`
`3`	`3`	`import (`
`4`	`4`	`"crypto/rand"`