From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received-SPF: None (no SPF record) identity=mailfrom; client-ip=213.75.39.10; helo=cpsmtpb-ews07.kpnxchange.com; envelope-from=wvervoorn@eltan.com; receiver=edk2-devel@lists.01.org Received: from cpsmtpb-ews07.kpnxchange.com (cpsmtpb-ews07.kpnxchange.com [213.75.39.10]) by ml01.01.org (Postfix) with ESMTP id 3714921B02821 for ; Tue, 12 Dec 2017 06:09:52 -0800 (PST) Received: from cpsps-ews15.kpnxchange.com ([10.94.84.182]) by cpsmtpb-ews07.kpnxchange.com with Microsoft SMTPSVC(7.5.7601.17514); Tue, 12 Dec 2017 15:14:31 +0100 X-KPN-SpamVerdict: BM:Clean; X-Brightmail-Tracker: H4sIAAAAAAAAC+NgFrrBJsWRWlGSWpSXmKPExsVyuJJZRNft iX6UwYTrfz6zWew5dJTZgdGje/Y/lgDGKNbMvKT8igTWjI2r1jAWHFWv+P+wpoFxmnwXIx eHkMAyRom/Sz8xdTFycjALiEvcejIfytaTuDF1ChuErS2xbOFrZpAGFoFOZom+rS/ZIbp3 Mkrc2NTICuFsYJS4c+gYC4Szm1Fiw8+TrCD9bAIaEj2r54DNEhGIllj38w87iC0skC9xqG clC0S8QKJzXRMzhG0lMWfDM7AaFgFViVP714HdxCvgLDFx1wKobb2MEpMOTgNLcAqESHTv fg2U4OBgFJCVaHnNDRKWEBCQWLLnPDOELSrx8vE/VghbWWJp91lGiJmCEidnPgG7QUhAQW LaomWMEDXBEk1TnrJMYJSYhRQ0s5CCZhZS0MxCMmoBI8sqRonkguKCYt3U8mJDU73sgjwg Qy8nPzkxZxMjMMK44kK27WCctiX2EKMpB5OSKG/CFf0oIb6k/JTKjMTijPii0pzUYiUp3k uxSlFCwnDh4tKk3Mzi4sz8vEOM1hwcShK8Bo+B+gSLUtNTK9Iyc4ApAqpVlvfxXr1IITFk GWTdxhw8SiK8B0C6eYsLEnOLM9OhOiUhOoVgoghdpxiTOY48vPOHiePZzNcNzBxTVv5rZu Z4ACZb/m9pYRZiycvPS5USh7hKAGRCRmke3FFSMrwXW4ESokgSCNNB6TgktCjsFqMgxykm qFFQsVeMhhyMSsK8zx4BtfNk5pUgnCvBO6EHFARQQYR5r4B+ZAL68XkL2I8liSVY/AgVRe iSamBk4rZlPutZ/IuT6YOSVv6RQs6uHv1lPQk1y6bOeK5UcNJFU3T2hhiHe9MfndHzK7vF 5ZSkdznQdFeKVDfn4XptB6Z59Te/H9csXtgrubrJ+O+a0oJTLStmL809ckVJ9+5jEW/hab tuvhd1v6d/5Zl0oEG22KHtc9oPZ99yfWBlN+FZiWZX/EwlluKMREMt5qLiRABLtlWl6wMA AA== Received: from CPSMTPM-CMT104.kpnxchange.com ([195.121.3.20]) by cpsps-ews15.kpnxchange.com with Microsoft SMTPSVC(8.5.9600.16384); Tue, 12 Dec 2017 15:14:29 +0100 DKIM-Signature: v=1; a=rsa-sha256; d=kpnmail.nl; s=kpnmail01; c=relaxed/relaxed; t=1513088070; h=mime-version:date:message-id:subject:from:to:content-type; bh=5L0iRsQ+Fo09ZRTZPJaMnB39zbelI36E5Tw9LYWvm2w=; b=MvpyaOuLFiM9OwwEGG1CM6KFbYKbm9PVUYM6JVvBTcqRzn0gsFyzWcdJ+ec5miKX0XCyjvdan6G YwmEpzJFBMtN6vK92j3L7TJGyYrbtPPznCJ1NRPhcNY6hmpR+2hrAzrIQQRL5kLt7WbwpC1w6i6Rm a6J8mis5c+UgBaWHpb0= Received: from Eltsrv03.Eltan.local ([84.85.114.86]) by CPSMTPM-CMT104.kpnxchange.com over TLS secured channel with Microsoft SMTPSVC(8.5.9600.16384); Tue, 12 Dec 2017 15:14:30 +0100 Received: from Eltsrv03.Eltan.local (192.168.100.3) by Eltsrv03.Eltan.local (192.168.100.3) with Microsoft SMTP Server (TLS) id 15.0.847.32; Tue, 12 Dec 2017 15:14:14 +0100 Received: from Eltsrv03.Eltan.local ([fe80::24e7:1cc6:a76a:a3a8]) by Eltsrv03.Eltan.local ([fe80::24e7:1cc6:a76a:a3a8%12]) with mapi id 15.00.0847.040; Tue, 12 Dec 2017 15:14:14 +0100 From: Wim Vervoorn To: "Long, Qin" , "edk2-devel@lists.01.org" Thread-Topic: Timebased Auth Variable driver should ensure AuthAlgorithm is SHA256 before further verification Thread-Index: AdNya9oyZYrbEV5DRNS+dLMp5NzAlAAKHWrgAC+ovGA= Date: Tue, 12 Dec 2017 14:14:13 +0000 Message-ID: <2cc8a1d642e44c52befe25a9dc0190f1@Eltsrv03.Eltan.local> References: <5492e8b3cf5e4d48ab401e085a6a25e9@Eltsrv03.Eltan.local> In-Reply-To: Accept-Language: nl-NL, en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-originating-ip: [192.168.100.108] MIME-Version: 1.0 X-OriginalArrivalTime: 12 Dec 2017 14:14:30.0265 (UTC) FILETIME=[86AA1690:01D37353] X-RcptDomain: lists.01.org Subject: Re: Timebased Auth Variable driver should ensure AuthAlgorithm is SHA256 before further verification X-BeenThere: edk2-devel@lists.01.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: EDK II Development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 12 Dec 2017 14:09:54 -0000 Content-Language: en-US Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable Hello LONG, Quin, Thank you very much for the quick response. From the discussion it is clear= to me where the problem is and how the data can be signed using signtool t= o prevent this. Do you know if there are any updates to the Linux tools (e.g. efitools) tha= t allow supporting UEFI 2.6 in an easy way? Best Regards, Wim Vervoorn Eltan B.V. Ambachtstraat 23 5481 SM Schijndel The Netherlands T : +31-(0)73-594 46 64 E : wvervoorn@eltan.com W : http://www.eltan.com "THIS MESSAGE CONTAINS CONFIDENTIAL INFORMATION. UNLESS YOU ARE THE INTENDE= D RECIPIENT OF THIS MESSAGE, ANY USE OF THIS MESSAGE IS STRICTLY PROHIBITED= . IF YOU HAVE RECEIVED THIS MESSAGE IN ERROR, PLEASE IMMEDIATELY NOTIFY THE= SENDER BY TELEPHONE +31-(0)73-5944664 OR REPLY EMAIL, AND IMMEDIATELY DELE= TE THIS MESSAGE AND ALL COPIES."=A0 -----Original Message----- From: Long, Qin [mailto:qin.long@intel.com]=20 Sent: Monday, December 11, 2017 4:56 PM To: Wim Vervoorn ; edk2-devel@lists.01.org Subject: RE: Timebased Auth Variable driver should ensure AuthAlgorithm is = SHA256 before further verification Hi, Wim Vervoorn, Yes, the logic here is a little tricky. We wouldn't like to introduce the f= ull ASN.1 parse interfaces to handle the encoding data check. So as the com= ments states, the digestAlgorithms field usually has the fixed offset (base= d on two bytes of length encoding) in one PKCS#7 signedData structure. So t= he new codes (added by that commit) used this assumption to check the Sha25= 6 OID directly.=20 // // SignedData.digestAlgorithms shall contain the digest algorithm used wh= en preparing the // signature. Only a digest algorithm of SHA-256 is accepted. // // According to PKCS#7 Definition: // SignedData ::=3D SEQUENCE { // version Version, // digestAlgorithms DigestAlgorithmIdentifiers, // contentInfo ContentInfo, // .... } // The DigestAlgorithmIdentifiers can be used to determine the hash al= gorithm=20 // in VARIABLE_AUTHENTICATION_2 descriptor. // This field has the fixed offset (+13) and be calculated based on tw= o bytes of length encoding. // ...... One typical ASN.1 structure of PKCS7 Signature is ContentInfo { contentType =3D 1.2.840.113549.1.7.2 //(signedData) content { SignedData { version =3D 1 ... } } } But please note, the PKCS#7 signedData definition for Authenticated Variabl= e in UEFI spec didn't include the contentType fields. So if you used some t= hird-party tool (e.g. OpenSSL) to generate the signedData, you need to stri= p-off some bytes.=20 See more discussion & clarifications from https://bugzilla.tianocore.org/sh= ow_bug.cgi?id=3D586 And share us the binary data for more analysis if you still have verificati= on issues.=20 Best Regards & Thanks, LONG, Qin -----Original Message----- From: edk2-devel [mailto:edk2-devel-bounces@lists.01.org] On Behalf Of Wim = Vervoorn Sent: Monday, December 11, 2017 6:40 PM To: edk2-devel@lists.01.org Subject: [edk2] Timebased Auth Variable driver should ensure AuthAlgorithm = is SHA256 before further verification Hello, We ran into issues with the Timebased Authenticated variable handling. In commit: c035e37335ae43229d7e68de74a65f2c01ebc0af This was added. This assumed the very first tag will be the Sha256 Oid. We = have noticed situations where this is the case. The question is if the check below represents the specification and the too= ls generating the databuffer should be changed. Or if this check is not cor= rect. It seems to me that the data should be parsed to check for the correc= t OID and not assume this is the first one if ((Attributes & EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS) != =3D 0) { if (SigDataSize >=3D (13 + sizeof (mSha256OidValue))) { if (((*(SigData + 1) & TWO_BYTE_ENCODE) !=3D TWO_BYTE_ENCODE) ||=20 (CompareMem (SigData + 13, &mSha256OidValue, sizeof (mSha256OidV= alue)) !=3D 0)) { return EFI_SECURITY_VIOLATION; } } } ---- Modified: SecurityPkg/Library/AuthVariableLib/AuthService.c Modified: SecurityPkg/Library/AuthVariableLib/AuthServiceInternal.h Best Regards, Wim Vervoorn Eltan B.V. Ambachtstraat 23 5481 SM Schijndel The Netherlands T : +31-(0)73-594 46 64 E : wvervoorn@eltan.com W : http://www.eltan.com "THIS MESSAGE CONTAINS CONFIDENTIAL INFORMATION. UNLESS YOU ARE THE INTENDE= D RECIPIENT OF THIS MESSAGE, ANY USE OF THIS MESSAGE IS STRICTLY PROHIBITED= . IF YOU HAVE RECEIVED THIS MESSAGE IN ERROR, PLEASE IMMEDIATELY NOTIFY THE= SENDER BY TELEPHONE +31-(0)73-5944664 OR REPLY EMAIL, AND IMMEDIATELY DELE= TE THIS MESSAGE AND ALL COPIES."=A0 _______________________________________________ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel