Use separate keys for payload mechanism and mTLS

ansasaki · ansasaki · commit c84c7b458d8e · 2025-09-19T17:51:00.000+02:00
This allows other algorithms to be used for mTLS.

The payload encryption mechanism requires an RSA key pair, so always
generate an RSA key for the payload mechanism.

Signed-off-by: Anderson Toshiyuki Sasaki &lt;ansasaki@redhat.com&gt;
diff --git a/keylime-agent/src/keys_handler.rs b/keylime-agent/src/keys_handler.rs
@@ -166,7 +166,7 @@ async fn u_key(
     // https://github.com/keylime/keylime/blob/f3c31b411dd3dd971fd9d614a39a150655c6797c/ \
     // keylime/crypto.py#L118
     let decrypted_key = match crypto::rsa_oaep_decrypt(
-        &quote_data.priv_key,
+        &quote_data.payload_priv_key,
         &encrypted_key,
     )
     .map_err(Error::from)
@@ -278,7 +278,7 @@ async fn v_key(
     // https://github.com/keylime/keylime/blob/f3c31b411dd3dd971fd9d614a39a150655c6797c/ \
     // keylime/crypto.py#L118
     let decrypted_key = match crypto::rsa_oaep_decrypt(
-        &quote_data.priv_key,
+        &quote_data.payload_priv_key,
         &encrypted_key,
     )
     .map_err(Error::from)
@@ -323,7 +323,7 @@ async fn pubkey(
     req: HttpRequest,
     data: web::Data<QuoteData<'_>>,
 ) -> impl Responder {
-    match crypto::pkey_pub_to_pem(&data.pub_key) {
+    match crypto::pkey_pub_to_pem(&data.payload_pub_key) {
         Ok(pubkey) => {
             let response = JsonWrapper::success(KeylimePubkey { pubkey });
             info!("GET pubkey returning 200 response.");
@@ -902,7 +902,7 @@ mod tests {
         fixture.keys_tx = keys_tx.clone();
 
         let quotedata = web::Data::new(fixture);
-        let pubkey = quotedata.pub_key.clone();
+        let pubkey = quotedata.payload_pub_key.clone();
 
         // Run server
         let mut app = test::init_service(
@@ -968,7 +968,7 @@ mod tests {
         })));
 
         let encrypted_key =
-            rsa_oaep_encrypt(&quotedata.pub_key, u.as_ref()).unwrap(); //#[allow_ci]
+            rsa_oaep_encrypt(&quotedata.payload_pub_key, u.as_ref()).unwrap(); //#[allow_ci]
 
         let ukey = KeylimeUKey {
             encrypted_key: general_purpose::STANDARD.encode(&encrypted_key),
@@ -985,7 +985,7 @@ mod tests {
         assert!(resp.status().is_success());
 
         let encrypted_key =
-            rsa_oaep_encrypt(&quotedata.pub_key, v.as_ref()).unwrap(); //#[allow_ci]
+            rsa_oaep_encrypt(&quotedata.payload_pub_key, v.as_ref()).unwrap(); //#[allow_ci]
 
         let vkey = KeylimeVKey {
             encrypted_key: general_purpose::STANDARD.encode(&encrypted_key),
@@ -1110,7 +1110,7 @@ mod tests {
             test::read_body_json(resp).await;
         assert!(pkey_pub_from_pem(&result.results.pubkey)
             .unwrap() //#[allow_ci]
-            .public_eq(&quotedata.pub_key));
+            .public_eq(&quotedata.payload_pub_key));
 
         // Explicitly drop QuoteData to cleanup keys
         drop(quotedata);
diff --git a/keylime-agent/src/main.rs b/keylime-agent/src/main.rs
@@ -114,6 +114,8 @@ pub struct QuoteData<'a> {
     )>,
     measuredboot_ml_file: Option<Mutex<fs::File>>,
     payload_tx: mpsc::Sender<payloads::PayloadMessage>,
+    payload_priv_key: PKey<Private>,
+    payload_pub_key: PKey<Public>,
     priv_key: PKey<Private>,
     pub_key: PKey<Public>,
     revocation_tx: mpsc::Sender<revocation::RevocationMessage>,
@@ -488,35 +490,36 @@ async fn main() -> Result<()> {
         (None, None)
     };
 
-    // Generate key pair for secure transmission of u, v keys. The u, v
-    // keys are two halves of the key used to decrypt the workload after
+    // Generate ephemeral RSA key pair for secure transmission of u, v keys.
+    // The u, v keys are two halves of the key used to decrypt the workload after
     // the Identity and Integrity Quotes sent by the agent are validated
     // by the Tenant and Cloud Verifier, respectively.
-    //
-    // Since we store the u key in memory, discarding this key, which
-    // safeguards u and v keys in transit, is not part of the threat model.
+    debug!("Generating ephemeral RSA key pair for payload mechanism");
+    let (payload_pub_key, payload_priv_key) =
+        crypto::rsa_generate_pair(2048)?;
 
+    // Generate mTLS key pair (separate from payload keys)
     let (nk_pub, nk_priv) = match config.server_key.as_ref() {
         "" => {
             debug!(
                 "The server_key option was not set in the configuration file"
             );
-            debug!("Generating new key pair");
+            debug!("Generating new mTLS key pair");
             crypto::rsa_generate_pair(2048)?
         }
         path => {
             let key_path = Path::new(&path);
             if key_path.exists() {
                 debug!(
-                    "Loading existing key pair from {}",
+                    "Loading existing mTLS key pair from {}",
                     key_path.display()
                 );
                 crypto::load_key_pair(
                     key_path,
                     Some(config.server_key_password.as_ref()),
                 )?
             } else {
-                debug!("Generating new key pair");
+                debug!("Generating new mTLS key pair");
                 let (public, private) = crypto::rsa_generate_pair(2048)?;
                 // Write the generated key to the file
                 crypto::write_key_pair(
@@ -694,6 +697,8 @@ async fn main() -> Result<()> {
         keys_tx: keys_tx.clone(),
         measuredboot_ml_file,
         payload_tx: payload_tx.clone(),
+        payload_priv_key,
+        payload_pub_key,
         priv_key: nk_priv,
         pub_key: nk_pub,
         revocation_tx: revocation_tx.clone(),
@@ -993,7 +998,11 @@ mod testing {
                 .join("test-rsa.pem");
 
             let (nk_pub, nk_priv) =
-                crypto::testing::rsa_import_pair(rsa_key_path)?;
+                crypto::testing::rsa_import_pair(rsa_key_path.clone())?;
+
+            // Generate separate ephemeral payload keys for testing
+            let (payload_pub_key, payload_priv_key) =
+                crypto::rsa_generate_pair(2048)?;
 
             let (mut payload_tx, mut payload_rx) =
                 mpsc::channel::<payloads::PayloadMessage>(1);
@@ -1046,6 +1055,8 @@ mod testing {
                 QuoteData {
                     api_versions,
                     tpmcontext: Mutex::new(ctx),
+                    payload_priv_key,
+                    payload_pub_key,
                     priv_key: nk_priv,
                     pub_key: nk_pub,
                     ak_handle,
diff --git a/keylime-agent/src/quotes_handler.rs b/keylime-agent/src/quotes_handler.rs
@@ -67,7 +67,7 @@ async fn identity(
     let tpm_quote = match context.quote(
         param.nonce.as_bytes(),
         0,
-        &data.pub_key,
+        &data.payload_pub_key,
         data.ak_handle,
         data.hash_alg,
         data.sign_alg,
@@ -92,7 +92,7 @@ async fn identity(
         ..Default::default()
     };
 
-    match crypto::pkey_pub_to_pem(&data.pub_key) {
+    match crypto::pkey_pub_to_pem(&data.payload_pub_key) {
         Ok(pubkey) => quote.pubkey = Some(pubkey),
         Err(e) => {
             debug!("Unable to retrieve public key for quote: {e:?}");
@@ -169,7 +169,8 @@ async fn integrity(
     // If partial="0", include the public key in the quote
     let pubkey = match &param.partial[..] {
         "0" => {
-            let pubkey = match crypto::pkey_pub_to_pem(&data.pub_key) {
+            let pubkey = match crypto::pkey_pub_to_pem(&data.payload_pub_key)
+            {
                 Ok(pubkey) => pubkey,
                 Err(e) => {
                     debug!("Unable to retrieve public key: {e:?}");
@@ -214,7 +215,7 @@ async fn integrity(
     let tpm_quote = match context.quote(
         param.nonce.as_bytes(),
         mask,
-        &data.pub_key,
+        &data.payload_pub_key,
         data.ak_handle,
         data.hash_alg,
         data.sign_alg,
@@ -389,7 +390,7 @@ mod tests {
         assert!(
             pkey_pub_from_pem(&result.results.pubkey.unwrap()) //#[allow_ci]
                 .unwrap() //#[allow_ci]
-                .public_eq(&quotedata.pub_key)
+                .public_eq(&quotedata.payload_pub_key)
         );
         assert!(result.results.quote.starts_with('r'));
 
@@ -435,7 +436,7 @@ mod tests {
         assert!(
             pkey_pub_from_pem(&result.results.pubkey.unwrap()) //#[allow_ci]
                 .unwrap() //#[allow_ci]
-                .public_eq(&quotedata.pub_key)
+                .public_eq(&quotedata.payload_pub_key)
         );
 
         if let Some(ima_mutex) = &quotedata.ima_ml_file {
