TPM Provider does not persist imported private RSA keys

[wiktor-k]

When importing private RSA keys Parsec uses a method that will make the keys unusable after a power cycle.

The import method uses load_external_rsa of TransientKeyContext.

The tss_esapi's TransientKeyContext.html::load_external_rsa uses the LoadExternal TPM function and saves the loaded keys in the Null hierarchy. Quoting the spec:

External objects are Temporary Objects. The saved external object contexts shall be invalidated at the next TPM Reset.

And the book:

Ephemeral keys are keys that are erased at reboot. An entire hierarchy, primary keys, storage keys, and leaf keys can be constructed in the NULL hierarchy. On reboot, as the seed changes, the entire key hierarchy is cryptographically erased. That is, the wrapped keys may exist on disk, but they can't be loaded.

The issue was observed by @ionut-arm on Slack. I'm just recording the problem so it's easier to track.

As far as I've seen it GnuPG uses TPM2_Import for moving private keys to TPM but that one requires a primary key to attach imported key to. (It's not currently implemented by tss-esapi crate but is on my radar in September).

Cc: @hug-dev

[ionut-arm]

Thanks for flagging this (and for the links to the GnuPG project!). In the fix I'm working on for #504 I've opted to remove the import RSA keypair operation completely. We can re-implement it after we deal with the fallout from the persistence issue. I'll have to look into TPM2_Import because I couldn't follow precisely how one can use it for externally generated keys.

[wiktor-k]

No problem @ionut-arm 👍

I'll be exploring TPM2_Import and other functions in coming weeks so removing RSA keypair import temporarily (until a better alternative is available) is definitely a good approach IMO.