Re: U-Boot FIT Signature Verification
On Wed, Sep 16, 2020 at 11:40:08AM +, Joakim Tjernlund wrote: > On Wed, 2020-09-16 at 13:14 +0200, Heinrich Schuchardt wrote: > > CAUTION: This email originated from outside of the organization. Do not > > click links or open attachments unless you recognize the sender and know > > the content is safe. > > > > > > On 16.09.20 10:13, AKASHI Takahiro wrote: > > > On Wed, Sep 16, 2020 at 01:19:03AM +0200, Heinrich Schuchardt wrote: > > > > On 9/11/20 7:26 PM, Andrii Voloshyn wrote: > > > > > Hi there, > > > > > > > > > > Does U-boot take into account certificate expiration date when > > > > > verifying signed images in FIT? In other words, is date stored along > > > > > with the public key in DTB file? > > > > > > > > > > Cheers, > > > > > Andy > > > > > > > > > > > > > Hello Philippe, > > > > > > > > looking at padding_pkcs_15_verify() in lib/rsa/rsa-verify.c I cannot > > > > find a comparison of the date on which an image was signed with the > > > > expiry date of the certificate. Shouldn't there be a check? Or did I > > > > simply look into the wrong function? > > > > > > I think Simon is the right person to answer this question, but > > > > > > as far as I know, we don't have any device tree property for the > > > expiration > > > date of a public key. See doc/uImage.FIT/signature.txt. > > > > Yes, the problem starts with mkimage not writing the dates available in > > the X509 certificate into the device tree. > > > > The dates are accessible via the X509_get0_notBefore() and > > X509_get0_notAfter() functions of the OpenSSL library. > > > > > > Takahiro, could you, please, also look at the UEFI secure boot > > implementation in U-Boot. EDK2 validates the dates via the embedded > > OpenSSL library in > > CryptoPkg/Library/OpensslLib/openssl/crypto/x509/x509_vfy.c, function > > verify_chain(). We should not do less. > > Does that mean that verified boot stops/fails when the date expires ? > How do you guarantee that the device has the correct time ? Good point. Reither had a similar comment. For trusted timestamps, we need to support RFC3161 timestamp protocol when signing an image. During the image verification, the "signed" timestamp of the image will also be verified with a certificate in "dbt" database. Well, this is in UEFI world, not FIT signature verification. (I have a prototype of timestamp revocation implementation as part of UEFI secure boot on U-Boot, but never made it public yet.) -Takahiro Akashi >Jocke
Re: U-Boot FIT Signature Verification
On Wed, Sep 16, 2020 at 02:44:45PM +0200, Heinrich Schuchardt wrote: > On 16.09.20 14:05, Joakim Tjernlund wrote: > > On Wed, 2020-09-16 at 13:55 +0200, Heinrich Schuchardt wrote: > >> On 16.09.20 13:40, Joakim Tjernlund wrote: > >>> On Wed, 2020-09-16 at 13:14 +0200, Heinrich Schuchardt wrote: > CAUTION: This email originated from outside of the organization. Do not > click links or open attachments unless you recognize the sender and know > the content is safe. > > > On 16.09.20 10:13, AKASHI Takahiro wrote: > > On Wed, Sep 16, 2020 at 01:19:03AM +0200, Heinrich Schuchardt wrote: > >> On 9/11/20 7:26 PM, Andrii Voloshyn wrote: > >>> Hi there, > >>> > >>> Does U-boot take into account certificate expiration date when > >>> verifying signed images in FIT? In other words, is date stored along > >>> with the public key in DTB file? > >>> > >>> Cheers, > >>> Andy > >>> > >> > >> Hello Philippe, > >> > >> looking at padding_pkcs_15_verify() in lib/rsa/rsa-verify.c I cannot > >> find a comparison of the date on which an image was signed with the > >> expiry date of the certificate. Shouldn't there be a check? Or did I > >> simply look into the wrong function? > > > > I think Simon is the right person to answer this question, but > > > > as far as I know, we don't have any device tree property for the > > expiration > > date of a public key. See doc/uImage.FIT/signature.txt. > > Yes, the problem starts with mkimage not writing the dates available in > the X509 certificate into the device tree. > > The dates are accessible via the X509_get0_notBefore() and > X509_get0_notAfter() functions of the OpenSSL library. > > > Takahiro, could you, please, also look at the UEFI secure boot > implementation in U-Boot. EDK2 validates the dates via the embedded > OpenSSL library in > CryptoPkg/Library/OpensslLib/openssl/crypto/x509/x509_vfy.c, function > verify_chain(). We should not do less. > >>> > >>> Does that mean that verified boot stops/fails when the date expires ? > >>> How do you guarantee that the device has the correct time ? > >>> > >>> Jocke > >>> > >> > >> We talking of the validity time range of the public key and the date of > >> signature of the intermediate certificates and the loaded image. No RTC > > > > OK, but still: will an invalid time range then stop booting ? > > > > > > If you use a certificate that is valid until 2019 to sign an image or an > intermediate certificate in 2020, the image must not be loaded. Well, I'm not confident that pckcs7_verify_one() does this. (Probably not.) -Takahiro Akashi > > Best regards > > Heinrich
Re: U-Boot FIT Signature Verification
On Wed, Sep 16, 2020 at 01:14:56PM +0200, Heinrich Schuchardt wrote: > On 16.09.20 10:13, AKASHI Takahiro wrote: > > On Wed, Sep 16, 2020 at 01:19:03AM +0200, Heinrich Schuchardt wrote: > >> On 9/11/20 7:26 PM, Andrii Voloshyn wrote: > >>> Hi there, > >>> > >>> Does U-boot take into account certificate expiration date when > >>> verifying signed images in FIT? In other words, is date stored along with > >>> the public key in DTB file? > >>> > >>> Cheers, > >>> Andy > >>> > >> > >> Hello Philippe, > >> > >> looking at padding_pkcs_15_verify() in lib/rsa/rsa-verify.c I cannot > >> find a comparison of the date on which an image was signed with the > >> expiry date of the certificate. Shouldn't there be a check? Or did I > >> simply look into the wrong function? > > > > I think Simon is the right person to answer this question, but > > > > as far as I know, we don't have any device tree property for the expiration > > date of a public key. See doc/uImage.FIT/signature.txt. > > Yes, the problem starts with mkimage not writing the dates available in > the X509 certificate into the device tree. > > The dates are accessible via the X509_get0_notBefore() and > X509_get0_notAfter() functions of the OpenSSL library. > > > Takahiro, could you, please, also look at the UEFI secure boot > implementation in U-Boot. EDK2 validates the dates via the embedded > OpenSSL library in > CryptoPkg/Library/OpensslLib/openssl/crypto/x509/x509_vfy.c, function > verify_chain(). We should not do less. Yes, we do the check. See pkcs7_verify_one() in lib/crypto/pkcs7_verify.c. -Takahiro Akashi > Best regards > > Heinrich
Re: U-Boot FIT Signature Verification
Hi Heinrich, > On 9/11/20 7:26 PM, Andrii Voloshyn wrote: >> Hi there, >> >> Does U-boot take into account certificate expiration date when verifying >> signed >> images in FIT? In other words, is date stored along with the public key in >> DTB >> file? >> >> Cheers, >> Andy >> > > Hello Philippe, > > looking at padding_pkcs_15_verify() in lib/rsa/rsa-verify.c I cannot > find a comparison of the date on which an image was signed with the > expiry date of the certificate. Shouldn't there be a check? Or did I > simply look into the wrong function? This function only check the padding using the algorithm pkcs-1.5 as defined here : https://tools.ietf.org/html/rfc3447#section-9.2 It doesn't check the certificate validity. I don't remember to have see a date checked in the signature process. If all informations are (or may be) available at runtime, we may add it. > Best regards > > Heinrich Best regards, Philippe
Re: U-Boot FIT Signature Verification
On Wed, Sep 16, 2020 at 02:44:45PM +0200, Heinrich Schuchardt wrote: > On 16.09.20 14:05, Joakim Tjernlund wrote: > > On Wed, 2020-09-16 at 13:55 +0200, Heinrich Schuchardt wrote: > >> On 16.09.20 13:40, Joakim Tjernlund wrote: > >>> On Wed, 2020-09-16 at 13:14 +0200, Heinrich Schuchardt wrote: > CAUTION: This email originated from outside of the organization. Do not > click links or open attachments unless you recognize the sender and know > the content is safe. > > > On 16.09.20 10:13, AKASHI Takahiro wrote: > > On Wed, Sep 16, 2020 at 01:19:03AM +0200, Heinrich Schuchardt wrote: > >> On 9/11/20 7:26 PM, Andrii Voloshyn wrote: > >>> Hi there, > >>> > >>> Does U-boot take into account certificate expiration date when > >>> verifying signed images in FIT? In other words, is date stored along > >>> with the public key in DTB file? > >>> > >>> Cheers, > >>> Andy > >>> > >> > >> Hello Philippe, > >> > >> looking at padding_pkcs_15_verify() in lib/rsa/rsa-verify.c I cannot > >> find a comparison of the date on which an image was signed with the > >> expiry date of the certificate. Shouldn't there be a check? Or did I > >> simply look into the wrong function? > > > > I think Simon is the right person to answer this question, but > > > > as far as I know, we don't have any device tree property for the > > expiration > > date of a public key. See doc/uImage.FIT/signature.txt. > > Yes, the problem starts with mkimage not writing the dates available in > the X509 certificate into the device tree. > > The dates are accessible via the X509_get0_notBefore() and > X509_get0_notAfter() functions of the OpenSSL library. > > > Takahiro, could you, please, also look at the UEFI secure boot > implementation in U-Boot. EDK2 validates the dates via the embedded > OpenSSL library in > CryptoPkg/Library/OpensslLib/openssl/crypto/x509/x509_vfy.c, function > verify_chain(). We should not do less. > >>> > >>> Does that mean that verified boot stops/fails when the date expires ? > >>> How do you guarantee that the device has the correct time ? > >>> > >>> Jocke > >>> > >> > >> We talking of the validity time range of the public key and the date of > >> signature of the intermediate certificates and the loaded image. No RTC > > > > OK, but still: will an invalid time range then stop booting ? > > > > > > If you use a certificate that is valid until 2019 to sign an image or an > intermediate certificate in 2020, the image must not be loaded. Right. And to be clear, the case of using a valid until 2021 cert to sign everything in 2020 will be seen as valid in 2022. -- Tom signature.asc Description: PGP signature
Re: U-Boot FIT Signature Verification
Hi there I don't think it would make sense to check for expiration (even in case we would have full certificates like PKCS#7 verifiy) At our point of the boot process we normally do not have access to a trusted time/date, so any check could be simply spoofed or even worse fails, because wall clock is not initialized properly. I think even the EFI boot-process (or shim) does not check expiration date of their certificates! What could make sense is a check for an expired certificate/key at signing time (including intermed certs), but not sure if this would be a too hard restriction (at least for developing/testing). I think a hint for the signer should be enough! Regards Robert On Wed, Sep 16, 2020 at 01:19:03AM +0200, Heinrich Schuchardt wrote: > On 9/11/20 7:26 PM, Andrii Voloshyn wrote: > > Hi there, > > > > Does U-boot take into account certificate expiration date when > > verifying signed images in FIT? In other words, is date stored along with > > the public key in DTB file? > > > > Cheers, > > Andy > > > > Hello Philippe, > > looking at padding_pkcs_15_verify() in lib/rsa/rsa-verify.c I cannot > find a comparison of the date on which an image was signed with the > expiry date of the certificate. Shouldn't there be a check? Or did I > simply look into the wrong function? I think Simon is the right person to answer this question, but as far as I know, we don't have any device tree property for the expiration date of a public key. See doc/uImage.FIT/signature.txt. -Takahiro Akashi > Best regards > > Heinrich
Re: U-Boot FIT Signature Verification
On 16.09.20 14:05, Joakim Tjernlund wrote: > On Wed, 2020-09-16 at 13:55 +0200, Heinrich Schuchardt wrote: >> On 16.09.20 13:40, Joakim Tjernlund wrote: >>> On Wed, 2020-09-16 at 13:14 +0200, Heinrich Schuchardt wrote: CAUTION: This email originated from outside of the organization. Do not click links or open attachments unless you recognize the sender and know the content is safe. On 16.09.20 10:13, AKASHI Takahiro wrote: > On Wed, Sep 16, 2020 at 01:19:03AM +0200, Heinrich Schuchardt wrote: >> On 9/11/20 7:26 PM, Andrii Voloshyn wrote: >>> Hi there, >>> >>> Does U-boot take into account certificate expiration date when >>> verifying signed images in FIT? In other words, is date stored along >>> with the public key in DTB file? >>> >>> Cheers, >>> Andy >>> >> >> Hello Philippe, >> >> looking at padding_pkcs_15_verify() in lib/rsa/rsa-verify.c I cannot >> find a comparison of the date on which an image was signed with the >> expiry date of the certificate. Shouldn't there be a check? Or did I >> simply look into the wrong function? > > I think Simon is the right person to answer this question, but > > as far as I know, we don't have any device tree property for the > expiration > date of a public key. See doc/uImage.FIT/signature.txt. Yes, the problem starts with mkimage not writing the dates available in the X509 certificate into the device tree. The dates are accessible via the X509_get0_notBefore() and X509_get0_notAfter() functions of the OpenSSL library. Takahiro, could you, please, also look at the UEFI secure boot implementation in U-Boot. EDK2 validates the dates via the embedded OpenSSL library in CryptoPkg/Library/OpensslLib/openssl/crypto/x509/x509_vfy.c, function verify_chain(). We should not do less. >>> >>> Does that mean that verified boot stops/fails when the date expires ? >>> How do you guarantee that the device has the correct time ? >>> >>> Jocke >>> >> >> We talking of the validity time range of the public key and the date of >> signature of the intermediate certificates and the loaded image. No RTC > > OK, but still: will an invalid time range then stop booting ? > > If you use a certificate that is valid until 2019 to sign an image or an intermediate certificate in 2020, the image must not be loaded. Best regards Heinrich
Re: U-Boot FIT Signature Verification
On Wed, 2020-09-16 at 13:55 +0200, Heinrich Schuchardt wrote: > On 16.09.20 13:40, Joakim Tjernlund wrote: > > On Wed, 2020-09-16 at 13:14 +0200, Heinrich Schuchardt wrote: > > > CAUTION: This email originated from outside of the organization. Do not > > > click links or open attachments unless you recognize the sender and know > > > the content is safe. > > > > > > > > > On 16.09.20 10:13, AKASHI Takahiro wrote: > > > > On Wed, Sep 16, 2020 at 01:19:03AM +0200, Heinrich Schuchardt wrote: > > > > > On 9/11/20 7:26 PM, Andrii Voloshyn wrote: > > > > > > Hi there, > > > > > > > > > > > > Does U-boot take into account certificate expiration date when > > > > > > verifying signed images in FIT? In other words, is date stored > > > > > > along with the public key in DTB file? > > > > > > > > > > > > Cheers, > > > > > > Andy > > > > > > > > > > > > > > > > Hello Philippe, > > > > > > > > > > looking at padding_pkcs_15_verify() in lib/rsa/rsa-verify.c I cannot > > > > > find a comparison of the date on which an image was signed with the > > > > > expiry date of the certificate. Shouldn't there be a check? Or did I > > > > > simply look into the wrong function? > > > > > > > > I think Simon is the right person to answer this question, but > > > > > > > > as far as I know, we don't have any device tree property for the > > > > expiration > > > > date of a public key. See doc/uImage.FIT/signature.txt. > > > > > > Yes, the problem starts with mkimage not writing the dates available in > > > the X509 certificate into the device tree. > > > > > > The dates are accessible via the X509_get0_notBefore() and > > > X509_get0_notAfter() functions of the OpenSSL library. > > > > > > > > > Takahiro, could you, please, also look at the UEFI secure boot > > > implementation in U-Boot. EDK2 validates the dates via the embedded > > > OpenSSL library in > > > CryptoPkg/Library/OpensslLib/openssl/crypto/x509/x509_vfy.c, function > > > verify_chain(). We should not do less. > > > > Does that mean that verified boot stops/fails when the date expires ? > > How do you guarantee that the device has the correct time ? > > > > Jocke > > > > We talking of the validity time range of the public key and the date of > signature of the intermediate certificates and the loaded image. No RTC OK, but still: will an invalid time range then stop booting ?
Re: U-Boot FIT Signature Verification
On 16.09.20 13:40, Joakim Tjernlund wrote: > On Wed, 2020-09-16 at 13:14 +0200, Heinrich Schuchardt wrote: >> CAUTION: This email originated from outside of the organization. Do not >> click links or open attachments unless you recognize the sender and know the >> content is safe. >> >> >> On 16.09.20 10:13, AKASHI Takahiro wrote: >>> On Wed, Sep 16, 2020 at 01:19:03AM +0200, Heinrich Schuchardt wrote: On 9/11/20 7:26 PM, Andrii Voloshyn wrote: > Hi there, > > Does U-boot take into account certificate expiration date when > verifying signed images in FIT? In other words, is date stored along with > the public key in DTB file? > > Cheers, > Andy > Hello Philippe, looking at padding_pkcs_15_verify() in lib/rsa/rsa-verify.c I cannot find a comparison of the date on which an image was signed with the expiry date of the certificate. Shouldn't there be a check? Or did I simply look into the wrong function? >>> >>> I think Simon is the right person to answer this question, but >>> >>> as far as I know, we don't have any device tree property for the expiration >>> date of a public key. See doc/uImage.FIT/signature.txt. >> >> Yes, the problem starts with mkimage not writing the dates available in >> the X509 certificate into the device tree. >> >> The dates are accessible via the X509_get0_notBefore() and >> X509_get0_notAfter() functions of the OpenSSL library. >> >> >> Takahiro, could you, please, also look at the UEFI secure boot >> implementation in U-Boot. EDK2 validates the dates via the embedded >> OpenSSL library in >> CryptoPkg/Library/OpensslLib/openssl/crypto/x509/x509_vfy.c, function >> verify_chain(). We should not do less. > > Does that mean that verified boot stops/fails when the date expires ? > How do you guarantee that the device has the correct time ? > >Jocke > We talking of the validity time range of the public key and the date of signature of the intermediate certificates and the loaded image. No RTC time is involved. Best regards Heinrich
Re: U-Boot FIT Signature Verification
On Wed, 2020-09-16 at 13:14 +0200, Heinrich Schuchardt wrote: > CAUTION: This email originated from outside of the organization. Do not click > links or open attachments unless you recognize the sender and know the > content is safe. > > > On 16.09.20 10:13, AKASHI Takahiro wrote: > > On Wed, Sep 16, 2020 at 01:19:03AM +0200, Heinrich Schuchardt wrote: > > > On 9/11/20 7:26 PM, Andrii Voloshyn wrote: > > > > Hi there, > > > > > > > > Does U-boot take into account certificate expiration date when > > > > verifying signed images in FIT? In other words, is date stored along > > > > with the public key in DTB file? > > > > > > > > Cheers, > > > > Andy > > > > > > > > > > Hello Philippe, > > > > > > looking at padding_pkcs_15_verify() in lib/rsa/rsa-verify.c I cannot > > > find a comparison of the date on which an image was signed with the > > > expiry date of the certificate. Shouldn't there be a check? Or did I > > > simply look into the wrong function? > > > > I think Simon is the right person to answer this question, but > > > > as far as I know, we don't have any device tree property for the expiration > > date of a public key. See doc/uImage.FIT/signature.txt. > > Yes, the problem starts with mkimage not writing the dates available in > the X509 certificate into the device tree. > > The dates are accessible via the X509_get0_notBefore() and > X509_get0_notAfter() functions of the OpenSSL library. > > > Takahiro, could you, please, also look at the UEFI secure boot > implementation in U-Boot. EDK2 validates the dates via the embedded > OpenSSL library in > CryptoPkg/Library/OpensslLib/openssl/crypto/x509/x509_vfy.c, function > verify_chain(). We should not do less. Does that mean that verified boot stops/fails when the date expires ? How do you guarantee that the device has the correct time ? Jocke
Re: U-Boot FIT Signature Verification
On 16.09.20 10:13, AKASHI Takahiro wrote: > On Wed, Sep 16, 2020 at 01:19:03AM +0200, Heinrich Schuchardt wrote: >> On 9/11/20 7:26 PM, Andrii Voloshyn wrote: >>> Hi there, >>> >>> Does U-boot take into account certificate expiration date when >>> verifying signed images in FIT? In other words, is date stored along with >>> the public key in DTB file? >>> >>> Cheers, >>> Andy >>> >> >> Hello Philippe, >> >> looking at padding_pkcs_15_verify() in lib/rsa/rsa-verify.c I cannot >> find a comparison of the date on which an image was signed with the >> expiry date of the certificate. Shouldn't there be a check? Or did I >> simply look into the wrong function? > > I think Simon is the right person to answer this question, but > > as far as I know, we don't have any device tree property for the expiration > date of a public key. See doc/uImage.FIT/signature.txt. Yes, the problem starts with mkimage not writing the dates available in the X509 certificate into the device tree. The dates are accessible via the X509_get0_notBefore() and X509_get0_notAfter() functions of the OpenSSL library. Takahiro, could you, please, also look at the UEFI secure boot implementation in U-Boot. EDK2 validates the dates via the embedded OpenSSL library in CryptoPkg/Library/OpensslLib/openssl/crypto/x509/x509_vfy.c, function verify_chain(). We should not do less. Best regards Heinrich
Re: U-Boot FIT Signature Verification
On Wed, Sep 16, 2020 at 01:19:03AM +0200, Heinrich Schuchardt wrote: > On 9/11/20 7:26 PM, Andrii Voloshyn wrote: > > Hi there, > > > > Does U-boot take into account certificate expiration date when > > verifying signed images in FIT? In other words, is date stored along with > > the public key in DTB file? > > > > Cheers, > > Andy > > > > Hello Philippe, > > looking at padding_pkcs_15_verify() in lib/rsa/rsa-verify.c I cannot > find a comparison of the date on which an image was signed with the > expiry date of the certificate. Shouldn't there be a check? Or did I > simply look into the wrong function? I think Simon is the right person to answer this question, but as far as I know, we don't have any device tree property for the expiration date of a public key. See doc/uImage.FIT/signature.txt. -Takahiro Akashi > Best regards > > Heinrich
Re: U-Boot FIT Signature Verification
On 9/11/20 7:26 PM, Andrii Voloshyn wrote: > Hi there, > > Does U-boot take into account certificate expiration date when verifying > signed images in FIT? In other words, is date stored along with the public > key in DTB file? > > Cheers, > Andy > Hello Philippe, looking at padding_pkcs_15_verify() in lib/rsa/rsa-verify.c I cannot find a comparison of the date on which an image was signed with the expiry date of the certificate. Shouldn't there be a check? Or did I simply look into the wrong function? Best regards Heinrich
U-Boot FIT Signature Verification
Hi there, Does U-boot take into account certificate expiration date when verifying signed images in FIT? In other words, is date stored along with the public key in DTB file? Cheers, Andy