diff options
| -rwxr-xr-x | openpower/package/Config.in | 1 | ||||
| -rw-r--r-- | openpower/package/sb-signing-utils/Config.in | 5 | ||||
| -rw-r--r-- | openpower/package/sb-signing-utils/keys/README.md | 147 | ||||
| -rw-r--r-- | openpower/package/sb-signing-utils/keys/hw_key_a.key | 25 | ||||
| -rw-r--r-- | openpower/package/sb-signing-utils/keys/hw_key_b.key | 26 | ||||
| -rw-r--r-- | openpower/package/sb-signing-utils/keys/hw_key_c.key | 26 | ||||
| -rw-r--r-- | openpower/package/sb-signing-utils/keys/sw_key_a.key | 16 | ||||
| -rw-r--r-- | openpower/package/sb-signing-utils/sb-signing-utils.mk | 34 |
8 files changed, 280 insertions, 0 deletions
diff --git a/openpower/package/Config.in b/openpower/package/Config.in index d3807843..68699e00 100755 --- a/openpower/package/Config.in +++ b/openpower/package/Config.in @@ -16,4 +16,5 @@ source "$BR2_EXTERNAL_OP_BUILD_PATH/package/ppe42-binutils/Config.in" source "$BR2_EXTERNAL_OP_BUILD_PATH/package/ppe42-gcc/Config.in" source "$BR2_EXTERNAL_OP_BUILD_PATH/package/ima-catalog/Config.in" source "$BR2_EXTERNAL_OP_BUILD_PATH/package/sbe/Config.in" +source "$BR2_EXTERNAL_OP_BUILD_PATH/package/sb-signing-utils/Config.in" diff --git a/openpower/package/sb-signing-utils/Config.in b/openpower/package/sb-signing-utils/Config.in new file mode 100644 index 00000000..87df6f3b --- /dev/null +++ b/openpower/package/sb-signing-utils/Config.in @@ -0,0 +1,5 @@ +config BR2_PACKAGE_HOST_SB_SIGNING_UTILS + bool "OpenPOWER secureboot signing utilities" + default y if (BR2_OPENPOWER_PLATFORM && BR2_OPENPOWER_SECUREBOOT_ENABLED) + help + Secureboot utilities for signing OpenPOWER firmware images diff --git a/openpower/package/sb-signing-utils/keys/README.md b/openpower/package/sb-signing-utils/keys/README.md new file mode 100644 index 00000000..f70e6c28 --- /dev/null +++ b/openpower/package/sb-signing-utils/keys/README.md @@ -0,0 +1,147 @@ +# Important Information About Secure and Trusted Boot And Signing Keys + +## Background + +IBM P8 OpenPOWER systems support a limited set of Secure and Trusted Boot +functionality. Secure Boot implements a processor based chain of trust. The +chain starts with an implicitly trusted component with other components being +authenticated and integrity checked before being executed on the host processor +cores. At the root of this trust chain is the Host Platform Core Root of Trust +for Measurement (CRTM). Immutable Read Only Memory (ROM - fixed in the POWER +processor chip) verifies the initial firmware load. That firmware verifies +cryptographic signatures on all subsequent "to be trusted" firmware that is +loaded for execution on the P8 cores. Trusted Boot also makes use of this same +CRTM by measuring and recording FW images via a Trusted Platform Module (TPM) +before control is passed on to the next layer in the boot stack. The CRTM +design is based on a Public Key Infrastructure (PKI) process to validate the +firmware images before they are executed. This process makes use of a set of +hardware and firmware asymmetric keys. Multiple organizations will want to +deliver POWER hardware, digitally signed firmware, signed boot code, +hypervisors, and operating systems. Each platform manufacturer wants to +maintain control over its own code and sign it with its own keys. A single key +hash is stored in host processor module SEEPROM representing the anchoring root +set of hardware keys. The P8 Trusted Boot supports a key management flow that +makes use of two kinds of hardware root keys, a wide open, well-known, openly +published public/private key pair (imprint keys) and a set of production keys +where the private key is protected by a hardware security module (HSM) internal +to the manufacturing facility of the key owner. + +## Purpose Of Imprint Public/Private Keys + +It is critical to note that the imprint keys are not to be used for production. +These are strictly for manufacturing and development level support given the +open nature of the private part of the Hardware keys. This allows developers +and testers to sign images and create builds for Secure and Trusted Boot +development lab testing. Systems must be transitioned to production level +keys for customer environments. + +## Manufacturer Key Management Role + +If a system is shipped from the System Manufacturer with imprint keys installed +rather than production level hardware keys, the system must be viewed as running +with a set of well-known default keys and vulnerable to exploitation. The +System Access Administrator must work with the System Manufacturer to insure +that a key transition process is utilized once a hardware based chain of trust +is to be enabled as part of Secure or Trusted Boot functionality. + +## Intentional Public Release Of Imprint Public/Private Keys + +All public and private keys in this directory are being intentionally released +to enable the developer community to sign code images. For true security, a +different set of production signing keys should be used, and the private +production signing key should be carefully guarded. Currently, we do not yet +support production key signing, only development signing. + +### Imprint Private Keys + +#### Hardware Private Keys + +The following files contain the Imprint private keys, in PEM format: + +hw_key_a.key +hw_key_b.key +hw_key_c.key + +#### Software Private Keys + +The project does not contain any Software keys. The sample scripts reuse the +Hardware keys where input is required for the Software keys. To generate your +own software keys use the openssl "ecparam" command. The following commands +will generate private software keys P, Q and R: + +$ openssl ecparam -genkey -outform pem -noout -name secp521r1 -out sw_key_p.key +$ openssl ecparam -genkey -outform pem -noout -name secp521r1 -out sw_key_q.key +$ openssl ecparam -genkey -outform pem -noout -name secp521r1 -out sw_key_r.key + +OpenPOWER secure boot supports three keys for Hardware (HW) key signing and (up +to) three keys for Software (SW) key signing, This permits a "separation of +duties" in the firmware signing process, if such a separation is desired. All +three HW keys are required, but the SW keys allow for the use of one, two or +three keys. A signature is required (i.e. must be present in the container) by +*all three* firmare keys, and by every (1-3) SW key in use, to create a +container that will boot with secure mode on. If a separation of duties is not +required, the signer may use the same key for all three required HW keys, and +for the (1-3) required SW keys. The container will boot as long as all required +signatures are present. + +#### Hardware and Software Public Keys + +The public keys can be easily extracted from the private keys. Use the openssl +"pkey" command, for example: + +$ openssl pkey -pubout -inform pem -outform pem -in sw_key_p.key -out sw_key_p.pub + +To build and sign a container locally, the public keys are not required. The +signing tool will automatically extract the public key from the private key (for +inclusion in the container) and will use the private key to create the required +signatures. + +The recommended process for production keys is to not have the private keys +present on thy system used to build firmware. In this mode you want to create +the signatures independently from the op-build process. Create your private HW +and SW keys as described above. Protect the private portion of the key (the +private key). Add the public portion of the key (the public key) to ./keys +directory. The signing tool will use the public key to populate the container. + +In this mode of operation you must sign the Prefix header and Software header +with the HW and SW keys, respectively. TODO: Instructions to follow. + +#### Hardware Keys Hash + +As mentioned above, a single key hash is stored in host processor module SEEPROM +representing the anchoring root set of HW keys. This is a 64 byte, SHA512 hash +of the three HW keys. On a running OpenPOWER machine this hash may be read from +an entry in the device tree: + +# cat /proc/device-tree/ibm,secureboot/hw-key-hash | xxd -p +40d487ff7380ed6ad54775d5795fea0de2f541fea9db06b8466a42a320e6 +5f75b48665460017d907515dc2a5f9fc50954d6ee0c9b67d219dfb708535 +1d01d6d1 + +Note this file is readable both from the target OS and the petitboot shell +environment. + +OpenPOWER secure boot protects the containerized firmware by comparing this hash +to the hash of the HW public keys in the container (as well as verifying the +signatures, of course). If the hashes don't match, the machine won't boot. For +this reason you might want to check that the HW keys hash will be correct in +container you are building. + +To check the hash of your HW keys, run the "create-container" tool from the +sb-signing-utils project. This command will create no container, but will +display the SHA512 hash of the input keys: + +$ create-container -v -w0 -a /tmp/keys/hw_key_a.key \ + -b /tmp/keys/hw_key_b.key \ + -c /tmp/keys/hw_key_c.key \ + --payload /dev/zero --imagefile /dev/null \ + | grep "HW keys hash" + +HW keys hash = 40d487ff7380ed6a... + +Note this command will work with either public or private keys as input. The +tool will also display the hash during normal container creation, when the +program is run in verbose mode. + +To check the hash of the HW keys in an existing container, run the +"print-container" tool: TODO diff --git a/openpower/package/sb-signing-utils/keys/hw_key_a.key b/openpower/package/sb-signing-utils/keys/hw_key_a.key new file mode 100644 index 00000000..8cfd2f2c --- /dev/null +++ b/openpower/package/sb-signing-utils/keys/hw_key_a.key @@ -0,0 +1,25 @@ +!!! Important WARNING About This Private Key !!! + +DO NOT STRIP THIS WARNING FROM THIS PRIVATE KEY + +This private is being intentionally released by IBM to enable the developer +community to sign code images. For true security, a different set of production +signing keys should be used, and the private production signing key should be +carefully guarded. + +-----BEGIN EC PRIVATE KEY----- +MIICnAIBAQRBVvu38Sbtau77TPvsvEmYHwAD8WY12vTjRE6SowkePCI0+3k5bawC +J9rKnafuMLCxE2SzTh5JPonVKhBPZeUpaOugggHGMIIBwgIBATBNBgcqhkjOPQEB +AkIB//////////////////////////////////////////////////////////// +//////////////////////////8wgZ4EQgH///////////////////////////// +/////////////////////////////////////////////////////////ARBUZU+ +uWGOHJofkpohoLaFQO6i2nJbmbMV87i0iZGO8QnhVhk5Uex+k3sWUsC9O7G/BzVz +34g9LDTx70Uf1GtQPwADFQDQnogAKRy4U5bMZxc5MoSqoNpkugSBhQQAxoWOBrcE +BOnNnj7LZiOVtEKcZIE5BT+1Ifgor2BrTT26oUted+/nWSj+HcEnov+o3jNIs8GF +akKb+X5+McLlvWYBGDkpaniaO8AEXIpftCx9G9mY9URJV5tEaBevvRcnPmYsl+5y +mV70JkDFULkBP60HYTU8cIaicsJAiL6Udp/RZlACQgH///////////////////// +//////////////////////pRhoeDvy+Wa3/MAUj3CaXQO7XJuImcR667b7cekThk +CQIBAaGBiQOBhgAEALseCHiWoJ4wcnQGjefKigKgnFVDj1D03ikeYzefc2y3wnoe +8neyeB+X071kpXg83nEAVuxqm1Yn1IMJCP9Tz7NhALhglEF2RzciUSwF+GDx8CW7 +RlSBlxbtEPxpODD8/tImnjRig/OngZFce8fds7NPEUxPsoS7xCQ6V+dSAaYM+QYi +-----END EC PRIVATE KEY----- diff --git a/openpower/package/sb-signing-utils/keys/hw_key_b.key b/openpower/package/sb-signing-utils/keys/hw_key_b.key new file mode 100644 index 00000000..60afd2da --- /dev/null +++ b/openpower/package/sb-signing-utils/keys/hw_key_b.key @@ -0,0 +1,26 @@ +!!! Important WARNING About This Private Key !!! + +DO NOT STRIP THIS WARNING FROM THIS PRIVATE KEY + +This private is being intentionally released by IBM to enable the developer +community to sign code images. For true security, a different set of production +signing keys should be used, and the private production signing key should be +carefully guarded. + +-----BEGIN EC PRIVATE KEY----- +MIICnQIBAQRCAQ0nt+2t5RDGWJF6S326TEWyHPdI/VHm+pKvFgCCrVujE7P5oUlv +GP3HZ3qemUX0RgmRjD27RflVdyOL6IlekHSsoIIBxjCCAcICAQEwTQYHKoZIzj0B +AQJCAf////////////////////////////////////////////////////////// +////////////////////////////MIGeBEIB//////////////////////////// +//////////////////////////////////////////////////////////wEQVGV +PrlhjhyaH5KaIaC2hUDuotpyW5mzFfO4tImRjvEJ4VYZOVHsfpN7FlLAvTuxvwc1 +c9+IPSw08e9FH9RrUD8AAxUA0J6IACkcuFOWzGcXOTKEqqDaZLoEgYUEAMaFjga3 +BATpzZ4+y2YjlbRCnGSBOQU/tSH4KK9ga009uqFLXnfv51ko/h3BJ6L/qN4zSLPB +hWpCm/l+fjHC5b1mARg5KWp4mjvABFyKX7QsfRvZmPVESVebRGgXr70XJz5mLJfu +cple9CZAxVC5AT+tB2E1PHCGonLCQIi+lHaf0WZQAkIB//////////////////// +///////////////////////6UYaHg78vlmt/zAFI9wml0Du1ybiJnEeuu2+3HpE4 +ZAkCAQGhgYkDgYYABACTA8hhnkYIZKrc1O0tojIuF5Mhs9/XLMoSfPmDeqSXg2X9 +tjq598htT5uDWU/9WfrISQ9w81RR+blEvcY+GctkEQFJPYdOapsX2TVoNwvlJeVp +gsQFwer4TOkmNV0FVbH7sJiHRw+ROHC5TOmy9YfQHCc2uAqInaZqPKTz13D8zQCG +Cw== +-----END EC PRIVATE KEY----- diff --git a/openpower/package/sb-signing-utils/keys/hw_key_c.key b/openpower/package/sb-signing-utils/keys/hw_key_c.key new file mode 100644 index 00000000..1bf4dfb5 --- /dev/null +++ b/openpower/package/sb-signing-utils/keys/hw_key_c.key @@ -0,0 +1,26 @@ +!!! Important WARNING About This Private Key !!! + +DO NOT STRIP THIS WARNING FROM THIS PRIVATE KEY + +This private is being intentionally released by IBM to enable the developer +community to sign code images. For true security, a different set of production +signing keys should be used, and the private production signing key should be +carefully guarded. + +-----BEGIN EC PRIVATE KEY----- +MIICnQIBAQRCASomU+ACnQy0UDtFX53VV2bwBrc3GPK3hbMrsU1E98YmU4eh/Dpj +FYQOyCPV27GRK8V46a1xvWs57per+X4R9LVdoIIBxjCCAcICAQEwTQYHKoZIzj0B +AQJCAf////////////////////////////////////////////////////////// +////////////////////////////MIGeBEIB//////////////////////////// +//////////////////////////////////////////////////////////wEQVGV +PrlhjhyaH5KaIaC2hUDuotpyW5mzFfO4tImRjvEJ4VYZOVHsfpN7FlLAvTuxvwc1 +c9+IPSw08e9FH9RrUD8AAxUA0J6IACkcuFOWzGcXOTKEqqDaZLoEgYUEAMaFjga3 +BATpzZ4+y2YjlbRCnGSBOQU/tSH4KK9ga009uqFLXnfv51ko/h3BJ6L/qN4zSLPB +hWpCm/l+fjHC5b1mARg5KWp4mjvABFyKX7QsfRvZmPVESVebRGgXr70XJz5mLJfu +cple9CZAxVC5AT+tB2E1PHCGonLCQIi+lHaf0WZQAkIB//////////////////// +///////////////////////6UYaHg78vlmt/zAFI9wml0Du1ybiJnEeuu2+3HpE4 +ZAkCAQGhgYkDgYYABAFUBCtSjR9PiJqVhg/EIsNGp0phvJ8gE5XBFTnox8n8a+Ji +4e7r8Uae9Qea6hnvWa6HzAup1KEJAl6vobyhyItaegDEHRy56UIij9nDVYhSIXia +EEln8xLVz5cB//hToEtexHUvdax85Nacwco6FyGNxzptGddL+/ds/rkZ05Q1fFUr +WQ== +-----END EC PRIVATE KEY----- diff --git a/openpower/package/sb-signing-utils/keys/sw_key_a.key b/openpower/package/sb-signing-utils/keys/sw_key_a.key new file mode 100644 index 00000000..548e8800 --- /dev/null +++ b/openpower/package/sb-signing-utils/keys/sw_key_a.key @@ -0,0 +1,16 @@ +!!! Important WARNING About This Private Key !!! + +DO NOT STRIP THIS WARNING FROM THIS PRIVATE KEY + +This private is being intentionally released by IBM to enable the developer +community to sign code images. For true security, a different set of production +signing keys should be used, and the private production signing key should be +carefully guarded. + +-----BEGIN EC PRIVATE KEY----- +MIHcAgEBBEIA1vyq2cSPgwWxVtPIEOqGL3UVsy5juBQz8XekOq6aeYf/nqC9u8u+ +GqCiffgBCPnXfWOWLtkaokYEPuMe7TekzomgBwYFK4EEACOhgYkDgYYABAD8W6NM +6nVfsYps75ko1gfNrJO9XqbWAuUuyFA/O8S5tPwVP+atGpc4PE+uTEI24t7mkYLa +kZhnGlmQpjr4fjkFvgAZDwhcQ+hWmzXYEBobYIPgItJi+8GvxBHBZvQWqpVWRfU9 +nSOxLTjjZ3i3dvBnQpCnx4cpTtIJPzFuE+kXqxLDnQ== +-----END EC PRIVATE KEY----- diff --git a/openpower/package/sb-signing-utils/sb-signing-utils.mk b/openpower/package/sb-signing-utils/sb-signing-utils.mk new file mode 100644 index 00000000..f6b2b4c2 --- /dev/null +++ b/openpower/package/sb-signing-utils/sb-signing-utils.mk @@ -0,0 +1,34 @@ +################################################################################ +# +# sb-signing-utils +# +################################################################################ + +SB_SIGNING_UTILS_SITE ?= $(call github,open-power,sb-signing-utils,$(SB_SIGNING_UTILS_VERSION)) + +SB_SIGNING_UTILS_LICENSE = Apache-2.0 +SB_SIGNING_UTILS_LICENSE_FILES = LICENSE +SB_SIGNING_UTILS_VERSION ?= v0.2 + +HOST_SB_SIGNING_UTILS_DEPENDENCIES = host-openssl + +HOST_SB_SIGNING_UTILS_AUTORECONF = YES +HOST_SB_SIGNING_UTILS_AUTORECONF_OPTS = -i + +define HOST_SB_SIGNING_UTILS_COPY_FILES + $(INSTALL) -m 0755 $(@D)/crtSignedContainer.sh $(HOST_DIR)/usr/bin/ +endef + +SB_SIGNING_UTILS_KEY_SRC_PATH=$(BR2_EXTERNAL)/package/sb-signing-utils/keys +SB_SIGNING_UTILS_KEY_DST_PATH=$(HOST_DIR)/etc/keys + +define HOST_SB_SIGNING_UTILS_COPY_KEYS + $(INSTALL) -d -m 0755 $(SB_SIGNING_UTILS_KEY_DST_PATH) + $(INSTALL) -m 0755 $(SB_SIGNING_UTILS_KEY_SRC_PATH)/* \ + $(SB_SIGNING_UTILS_KEY_DST_PATH) +endef + +HOST_SB_SIGNING_UTILS_POST_INSTALL_HOOKS += HOST_SB_SIGNING_UTILS_COPY_FILES +HOST_SB_SIGNING_UTILS_POST_INSTALL_HOOKS += HOST_SB_SIGNING_UTILS_COPY_KEYS + +$(eval $(host-autotools-package)) |
