Hi,
I am using U-Boot as UEFI firmware and trying to boot a Unified Kernel Image
(UKI) with Secure Boot enabled.
I see a signature verification failure in U-Boot, even though the image is
signed with the correct key (trusted in db).
The issue appears to be related to gaps between PE sections (UKI built by ukify
from systemd).
My understanding of the current flow / why signature verification fails:
1. efi_image_parse() computes bytes_hashed as a sum of aligned section sizes
(without explicitly accounting for file gaps). This seems consistent with what
sbsign is doing.
2. Then the final "extra data" region is defined as the range from efi +
bytes_hashed up to the certificate table. This region will have non-zero length
in case if there were gaps.
3. The start of "extra data" region will overlap with already added regions.
4. As a result, efi_image_region_add(..., nocheck=0) will reject this final
region because of the detected overlap, so it is not included in the hashed
region list. In contrast, sbsigntools still computes the hash including this
final extra-data range, which leads to a mismatch and signature verification
failure in U-Boot.
I'm not entirely sure - is this an issue on the U-Boot side? I reviewed the
Authenticode specification (the PE/COFF hashing rules), but I did not find a
clear description of how gaps between sections should be handled when computing
the hashed regions. In practice, the way U-Boot computes the hash in this case
it seems differs from how sbsigntools computes it. Would it make sense to
include the final "extra data" region regardless of a potential overlap (i.e.,
using nocheck=1) so that verification remains consistent with the signing tools?
Thanks for your feedback.
