From mboxrd@z Thu Jan 1 00:00:00 1970 From: takahiro.akashi at linaro.org Date: Thu, 17 Sep 2020 14:33:56 +0900 Subject: U-Boot FIT Signature Verification In-Reply-To: References: <1747e3433d3.128f7ab51115315.564812166944516672@d.mobilunity.com> <5075840b-acb3-5146-17ff-098dd739ee68@gmx.de> <20200916081350.GB2978867@laputa> <1e1094a9f36012baa67b504bb428fa40fab9332d.camel@infinera.com> Message-ID: <20200917053356.GB3099713@laputa> List-Id: MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit To: u-boot@lists.denx.de On Wed, Sep 16, 2020 at 02:44:45PM +0200, Heinrich Schuchardt wrote: > On 16.09.20 14:05, Joakim Tjernlund wrote: > > On Wed, 2020-09-16 at 13:55 +0200, Heinrich Schuchardt wrote: > >> On 16.09.20 13:40, Joakim Tjernlund wrote: > >>> On Wed, 2020-09-16 at 13:14 +0200, Heinrich Schuchardt wrote: > >>>> CAUTION: This email originated from outside of the organization. Do not click links or open attachments unless you recognize the sender and know the content is safe. > >>>> > >>>> > >>>> On 16.09.20 10:13, AKASHI Takahiro wrote: > >>>>> On Wed, Sep 16, 2020 at 01:19:03AM +0200, Heinrich Schuchardt wrote: > >>>>>> On 9/11/20 7:26 PM, Andrii Voloshyn wrote: > >>>>>>> Hi there, > >>>>>>> > >>>>>>> ????Does U-boot take into account certificate expiration date when verifying signed images in FIT? In other words, is date stored along with the public key in DTB file? > >>>>>>> > >>>>>>> Cheers, > >>>>>>> Andy > >>>>>>> > >>>>>> > >>>>>> Hello Philippe, > >>>>>> > >>>>>> looking at padding_pkcs_15_verify() in lib/rsa/rsa-verify.c I cannot > >>>>>> find a comparison of the date on which an image was signed with the > >>>>>> expiry date of the certificate. Shouldn't there be a check? Or did I > >>>>>> simply look into the wrong function? > >>>>> > >>>>> I think Simon is the right person to answer this question, but > >>>>> > >>>>> as far as I know, we don't have any device tree property for the expiration > >>>>> date of a public key. See doc/uImage.FIT/signature.txt. > >>>> > >>>> Yes, the problem starts with mkimage not writing the dates available in > >>>> the X509 certificate into the device tree. > >>>> > >>>> The dates are accessible via the X509_get0_notBefore() and > >>>> X509_get0_notAfter() functions of the OpenSSL library. > >>>> > >>>> > >>>> Takahiro, could you, please, also look at the UEFI secure boot > >>>> implementation in U-Boot. EDK2 validates the dates via the embedded > >>>> OpenSSL library in > >>>> CryptoPkg/Library/OpensslLib/openssl/crypto/x509/x509_vfy.c, function > >>>> verify_chain(). We should not do less. > >>> > >>> Does that mean that verified boot stops/fails when the date expires ? > >>> How do you guarantee that the device has the correct time ? > >>> > >>> ???Jocke > >>> > >> > >> We talking of the validity time range of the public key and the date of > >> signature of the intermediate certificates and the loaded image. No RTC > > > > OK, but still: will an invalid time range then stop booting ? > > > > > > If you use a certificate that is valid until 2019 to sign an image or an > intermediate certificate in 2020, the image must not be loaded. Well, I'm not confident that pckcs7_verify_one() does this. (Probably not.) -Takahiro Akashi > > Best regards > > Heinrich