Security & Smart Card Forum Discussions

Summary

On average 1 in every 256 ECDSA signatures on the NIST P256 curve produced by the CalcSign command in OPTIGA Trust M V3 has an invalid DER encoding. The invalid signatures violate the encoding rules for integers specified in Rec. ITU-T X.690, section 8.3.2, which state that the bits of the first octet and bit 8 of the second octet shall not all be zero.

Clients have to reencode the invalid signatures, otherwise the signatures will be rejected by applications. However, this bug is not documented in the OPTIGA Trust M Solution reference manual. It came as a very unpleasant surprise for us, discovered in production.

Details

It appears that in case of ECDSA signatures on the NIST P256 curve OPTIGA Trust M always makes the contents octets of the integers at least 32 octets long. So, for example, it will produce this invalid DER encoding of an integer:
02 20 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f 10 11 12 13 14 15 16 17 18 19 1a 1b 1c 1d 1e 1f
which should be correctly encoded as
02 1f 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f 10 11 12 13 14 15 16 17 18 19 1a 1b 1c 1d 1e 1f

The likelihood of the bits of the 32nd least significant octet and bit 8 of the 31st least significant octet being zero by chance is approximately 1 in 512. The probability of this happening in at least one of the two integers that make up a signature is approximately 1 in 256.

I have not tested other curves, but there is no reason not to assume that the bug is present for other curves as well, although the probability of occurring may differ for some of them.

I am using the driver of SLB 9672XU2.0 FW16.10, but I encounter some problems. When debugging SLB 9672XU2.0 FW16.10 with the same platform and SPI driver, I find that the communication cannot be normal. But when I used the SLB 9670VQ2.0 FW7.85 was able to correctly identify the TPM device node. I was able to confirm that the hardware was working because I tested it with the Raspberry Pi and it recognized the TPM device. I have printed the SPI log when loading TPM at startup, see the attachment. Can anyone help analyze the reason? Thank you very much! ~

PS：9672 board reads 128 bytes, then only read 64 bytes each time, after reading the first frame, read the second frame, the command sent to read 00 00 00 01, return error FF FF FF FF, the result is an error. The 9670 board is 255. The second, third, and fourth frames can return 00 00 00 00 01 as normal, reading the data normally and reporting no errors. What is the difference between fifo and what are the requirements

Hi

(a) How is "lifetime" defined - is this starting from date of manufacture? The 10 year figure is lower than I would have guessed.

(b) How should the 10 year lifetime figure be used in practice? For instance, suppose we wish to protect an asset for 20 years then should we swap-out at (for example) 7 years, 14 years? 

(c) Are there expected failure modes? I'm wondering if these relate to non-volatile memory?

(d) How confident can we be that a unit of age 
    9 years < AGE < 10 years 
will not fail - is there some distribution curve?

(e) How can we detect failure in the field?

(f) What is the distinction between "Useful lifetime" and "Operating lifetime" (Data Sheet, pg11)

Many thanks for any advice
Regards
Stephen

I'm tryint to encrypt a string using TSS.Java. It goes well on Intel TPMs, but failed on Infineon TPMs. All my code borrows from TSS.Java samples and use EncryptDecrypt2() command. I tried 4 physical desktop with Intel TPM, 2 Azure VM, 2 physical laptops with Infineon. All of them are without problem but Infineon TPMs. I can't tell what the issue originate from, TSS.Java library or Infineon TPM? Any helps are appreciated.

PS: I executed the code with administrator(root), of course.

拆机看到主板上有TPM模块（如图），但BIOS里却没有相关设置，系统也找不到这个芯片，请问如何解决

现在的生活当中，店里面有很多很多的门禁，但是试了一下，竟然只有一把门禁可以扫描成功，这是为什么呢？难道其他的全部加密了吗？

这个问题来自于知乎，希望工程师能从加密出现什么情况、加密的好处是什么等几个方面，对手机NFC功能为什么基本上用不起来这个问题给出比较详细的回答。非常感谢~

I hope this post finds you all well. Today, I would like to address a specific topic that has been causing some challenges for users of Red Hat systems who are working with Infineon devices. We have identified certain issues with kernel modules and drivers for Infineon devices, and I would like to open up a discussion to gather insights, experiences, and possible solutions from the community.

Here are some of the key points related to this topic:

1. Identification of the Issue: Users have reported difficulties in properly configuring and utilizing Infineon devices on Red Hat systems due to problems with kernel modules and drivers. These issues have resulted in limited functionality, poor performance, or even complete failure to recognize the devices.

2. Affected Infineon Devices: While the issue is not limited to a specific device, it has been observed across various Infineon hardware components such as security controllers, TPMs (Trusted Platform Modules), smart card readers, and other related devices.

3. Red Hat System Versions: The issues have been reported on different versions of Red Hat systems, including both the Enterprise Linux (RHEL) distribution and the community-driven Fedora project. It is important to note that these problems may not be exclusive to Red Hat, but it is the focus of this discussion.

4. Possible Causes: The problems may stem from compatibility issues between Infineon device firmware, kernel versions, and associated drivers. It is also plausible that some configuration settings or dependencies need to be properly addressed to ensure seamless integration.

Given the importance of Infineon devices in various fields such as security, encryption, and authentication, it is crucial to establish a robust and reliable solution for Red Hat users. Therefore, I invite all community members who have encountered or have insights on these issues to participate in this discussion.

I want porting TPM SLB9672 on my custom board through the SPI, I have been porting SLB9670  on my custom board,It's work,but SLB9672 can not work when using the same step.I know SLB9670 and SLB9672 used the same driver,but I  can not get any information from TPM, What should I do? 

Hi, I am using below TPM Module

TPM Device
Vendor ID: IFX
Specification Version: 2.0
Firmware Revision: 13.11
Description: INFINEON
Characteristics:
Family configurable via platform software support
OEM-specific Information: 0x00000000

I want to add support IMA in my kernel 5.10. After enabled the below config flags:

CONFIG_INTEGRITY=y
CONFIG_IMA=y
CONFIG_IMA_MEASURE_PCR_IDX=10
CONFIG_IMA_LSM_RULES=y
CONFIG_INTEGRITY_SIGNATURE=y
CONFIG_IMA_APPRAISE=y

 I can see only one entry in PCR 10.

root@nikhil:~# cat /sys/kernel/security/ima/ascii_runtime_measurements
10 c1091b621b64546f90b059727f0ab1a08a257a71 ima-ng sha1:d5fbd75caeed26c1662f08139ee831cf807af34c boot_aggregate
root@nikhil:~#

Also I am not sure apart from these config flags what things i need to do to get all the IMA functionality.

Can someone please suggest me what wrong here.

Thanks,

Nikhil