Key Retrieval - nkxxll/optee-ta-key-retrieval GitHub Wiki

Note with findings of key retrieval research

Here I want to write down all thing I find about the key retrieval research.

What is the hardware unique key

The hardware unique key (HUK) is one of potentially many device-specific keys. It is used to derive sub keys for e.g. an application. In our case a trusted application in the OP-TEE. HUKs are generated at the boot of a device. So in our case the new HUK is generated when we build the Qemu OP-TEE. If we get the HUK at boot we can derive our own sub key with the huk_subkey_derive function in the optee_os. These sub keys are deterministic.

  • huk_subkey_derive uses SAES for key derivation see optee_os/core/drivers/crypto/stm32/stm32_saes.c:1284:12
  • could it be that huk subkey derive is an hardware specific implementation on the chip and in the qemu you can't use this so you use a software implementation $\rightarrow HMAC_{SHA256}$
  • so the key should be in the ctx what is the ctx (context)
  • the ctx struct has:
    • is a void pointer in the subkey_compat function see key_retrieval#What is "ONLY_FOR_tee_fs_ssk"
    • it is used as a crypto_mac_ctx in the mac_ops structs update function
    • and contains: ...
    • there would be a chance to log the HUK in the huk_subkey.c but this is oddly hard
    • can we print the HUK from a TA or PTA

RPMB Secure Storage

Secure Storage in OP-TEE is implemented according to the tee_internal_core_api. The storage is used to store general information and key material with the goals of confidentiality and integrity. The storage operations are atomic that means operations are either entirely completed successfully or no change is done at all. See RPMB Secure Storage Docs.

What is "ONLY_FOR_tee_fs_ssk"

This keyword can be found in the huk_subkey.c. The huk_subkey.c file is used to derive a subkey form the key_retrieval#What is the hardware unique key. This string you can find in the huk_compat function in the mentioned file. The huk_compat function Brainstorm:

  • ONLY FOR tee (OP-TEE) fs (Filesystem) ssk (secure storage key)
  • secure storage key is used to encrypt the secure storage with this we can get the other keys or any other data
  • $SSK = HMAC_{SHA256}(HUK, Chip ID || "static string")$
  • so if i know the static string and the Chip ID which shouldn't be that hard I can print the HUK and get the storage key
  • and the static string is exactly that "ONLY_FOR_tee_fs_ssk"?!