cryptenroll: add support for password protected owner hierarchy

Is your feature request related to a problem? Please describe.
Yes, the problem being unable to enroll keys in a tpm2 device with the owner hierarchy password protected. See here for reference.
When running systemd-cryptenroll on a tpm2 device with the owner hierarchy protected by a password the following message is reported:

WARNING:esys:src/tss2-esys/api/Esys_CreatePrimary.c:400:Esys_CreatePrimary_Finish() Received TPM Error 
ERROR:esys:src/tss2-esys/api/Esys_CreatePrimary.c:135:Esys_CreatePrimary() Esys Finish ErrorCode (0x000009a2) 
WARNING:esys:src/tss2-esys/api/Esys_CreatePrimary.c:400:Esys_CreatePrimary_Finish() Received TPM Error 
ERROR:esys:src/tss2-esys/api/Esys_CreatePrimary.c:135:Esys_CreatePrimary() Esys Finish ErrorCode (0x000009a2) 
Failed to generate RSA primary key in TPM: tpm:session(1):authorization failure without DA implications

Describe the solution you'd like
A mechanism to specify the authorization hierarchy password when running systemd-cryptenroll, or systemd-cryptenroll should
take ownership of the tpm device itself.

Describe alternatives you've considered

• Up until now i have used a custom approach based on initrd hooks and scripts which work well, i was just trying to switch to systemd-cryptenroll and found out i can only use it with a passwordless tpm device.

• Removing the password from the owner hierarchy and systemd-cryptenroll works as expected.

The systemd version you checked that didn't have the feature you are asking for
systemd 250 (250.2-2-arch)

[DemiMarie]

This would allow taking advantage of the TPM’s anti-barging support.

[fansari]

I just wanted to test this systemd-cryptencroll and as it seems I have the same error.

[root@bat test]# systemd-cryptenroll --tpm2-device=/dev/tpmrm0 --unlock-key-file=disk.key --tpm2-with-pin=yes /dev/loop1
Please enter TPM2 PIN: ****
Please enter TPM2 PIN (repeat): ****
WARNING:esys:src/tss2-esys/api/Esys_CreatePrimary.c:401:Esys_CreatePrimary_Finish() Received TPM Error
ERROR:esys:src/tss2-esys/api/Esys_CreatePrimary.c:135:Esys_CreatePrimary() Esys Finish ErrorCode (0x000009a2)
WARNING:esys:src/tss2-esys/api/Esys_CreatePrimary.c:401:Esys_CreatePrimary_Finish() Received TPM Error
ERROR:esys:src/tss2-esys/api/Esys_CreatePrimary.c:135:Esys_CreatePrimary() Esys Finish ErrorCode (0x000009a2)
Failed to generate RSA primary key in TPM: tpm:session(1):authorization failure without DA implications

All hierachies of my TPM2 chip are password protected. If systemd-cryptenroll needs the password for the owner hierarchy: why does it not ask for it? Or how is it meant to work?

[PiQuer]

From the discussion in #26185:

         > does this also close #22129?

Maybe. Yes if you're OK saying for password protected owner hierarchies you must create the SRK externally if it doesn't exist, ie via tpm2-tools , a one shot service, etc. If not, then we need to plumb owner auth prompt if required. I'd like to avoid that because it could be a policy protecting the hierarchy and not a password.

Originally posted by @williamcroberts in #26185 (comment)

@williamcroberts I assume the route via tpm2-tools means creating the SRK with tpm2_createprimary and then persisting it at 0x8100001 with tpm2_evictcontrol, but what are the correct attributes etc? Would the commands shown in Figure 1 of this document create an SRK that systemd-cryptenroll can work with? Will systemd-creds also work with this SRK, i.e., can we encrypt secrets with systemd-creds encrypt for later decryption in units without having to provide the owner password?

Thanks for the clarifications and the ongoing improvements to systemd tpm2 support :)

[poettering]

systemd-cryptsetup simply does not support querying for a PIN set on the owner hierarchy/SRK. If you have set up things like that, systemd-cryptsetup won't be useful to you at all.

Happy to review patches that add this however.

[PiQuer]

Yes, systemd does not ask for a PIN. But with the changes from #26185, would it still have to know the owner hierarchy password if the SRK was generated and persisted externally? If I understood the description correctly, with #26185 systemd would also happily use an SRK created by Windows. The SRK itself is passwordless, in the end.

[PiQuer]

I can confirm that with systemd version 255.2 it is possible to set a password on the owner hierarchy. I used tss2_provision to generate the SRK, systemd-cryptenroll will reuse the persisted SRK in 0x81000001.

Edit: however, systemd-creds with --with-key=host+tpm2 still fails with error code 0x000009a2 (tpm:session(1):authorization failure without DA implications) if an owner hierarchy password is set.

I guess this review comment anticipated the observed systemd-creds behaviour.

[toddhow]

Would this add the ability to use a password and a hardware device?