Question about signed uefi vars at OS level

Question about signed uefi vars at OS level

[Rafael Machado]

[-- Attachment #1: Type: text/plain, Size: 826 bytes --]

Hey everyone

I have a question for the experts.

Suppose I have a BIOS feature that can be set from the OS via some OS
application (.exe) that calls the runtime services set variable ().

To set this feature I have a UEFI var, that during DXE is processed by some
uefi module.

In case I define this UEFI var as signed var
(EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS or
EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCES), at my OS application I
will have to add the signing key, so it would be possible to create new
signed data to change the uefi variable as needed from the OS level.

So my question is:
What is the correct way of creating a UEFI variable that is protected and
that can be changed, by authorized person only, from OS level without the
need of embedding my secret at the OS application (.exe) ?

Thanks
Rafael

[-- Attachment #2: Type: text/html, Size: 1015 bytes --]

Re: [edk2-devel] Question about signed uefi vars at OS level

[James Bottomley]

On Tue, 2022-07-26 at 10:09 -0300, Rafael Machado wrote:
> Hey everyone
> 
> I have a question for the experts.
> 
> Suppose I have a BIOS feature that can be set from the OS via some OS
> application (.exe) that calls the runtime services set variable ().
> 
> To set this feature I have a UEFI var, that during DXE is processed
> by some uefi module.
> 
> In case I define this UEFI var as signed var
> (EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS or
> EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCES), at my OS
> application I will have to add the signing key, so it would be
> possible to create new signed data to change the uefi variable as
> needed from the OS level.
> 
> So my question is:
> What is the correct way of creating a UEFI variable that is protected
> and that can be changed, by authorized person only, from OS level
> without the need of embedding my secret at the OS application (.exe)?

You don't give your use case, so it's hard to answer the above. 
However, the signing process of the update must be guarded because of
the need to keep the key secret, so update bundles are usually created
away from the system to be updated to preserve this.  If you want your
application to make arbitrary updates while it's running, you probably
don't want to be using signed variables.

James

Re: [edk2-devel] Question about signed uefi vars at OS level

[Rafael Machado]

[-- Attachment #1: Type: text/plain, Size: 1772 bytes --]

Hi James, thanks for the answer.

I will try to explain my scenario in simple words.
In my case, what I would like to do is to create a runtime uefi var, that
would be changed only by one .exe I have developed.
So other .exe would not be able to perform changes at this uefi var.

Any ideia?

Thanks
Rafael



On Tue, Jul 26, 2022, 10:17 AM James Bottomley <
James.Bottomley@hansenpartnership.com> wrote:

> On Tue, 2022-07-26 at 10:09 -0300, Rafael Machado wrote:
> > Hey everyone
> >
> > I have a question for the experts.
> >
> > Suppose I have a BIOS feature that can be set from the OS via some OS
> > application (.exe) that calls the runtime services set variable ().
> >
> > To set this feature I have a UEFI var, that during DXE is processed
> > by some uefi module.
> >
> > In case I define this UEFI var as signed var
> > (EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS or
> > EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCES), at my OS
> > application I will have to add the signing key, so it would be
> > possible to create new signed data to change the uefi variable as
> > needed from the OS level.
> >
> > So my question is:
> > What is the correct way of creating a UEFI variable that is protected
> > and that can be changed, by authorized person only, from OS level
> > without the need of embedding my secret at the OS application (.exe)?
>
> You don't give your use case, so it's hard to answer the above.
> However, the signing process of the update must be guarded because of
> the need to keep the key secret, so update bundles are usually created
> away from the system to be updated to preserve this.  If you want your
> application to make arbitrary updates while it's running, you probably
> don't want to be using signed variables.
>
> James
>
>
>

[-- Attachment #2: Type: text/html, Size: 2490 bytes --]

Re: [edk2-devel] Question about signed uefi vars at OS level

[Bill Paul]

Of all the gin joints in all the towns in all the world, Rafael Machado had to 
walk into mine at 11:40:00 on Friday, 29 July 2022 and say:

> Hi James, thanks for the answer.
> 
> I will try to explain my scenario in simple words.
> In my case, what I would like to do is to create a runtime uefi var, that
> would be changed only by one .exe I have developed. So other .exe would not
> be able to perform changes at this uefi var.
> 
> Any ideia?

If I remember right, changing UEFI secure variables (when UEFI is in the 
secure state) can only be done if you know the private part of the Key 
Exchange Key (KEK) for the system.

Note that there is only one KEK, and it's used to validate all secure UEFI 
variable updates.

This includes the "db" and "dbx" variables which contain the public keys that 
UEFI uses to validate signed executables during secure boot. That is, if you 
have secure boot enabled, your BOOTX64.EFI loader for your OS must be 
digitally signed, and the signer's public key must be in stored in the "db" 
secure variable.

You asked if there's a way to modify secure variables "without the need of 
embedding my secret at the OS application (.exe)" and as far as I know, I 
think the answer is no. If the data you plan to add to the variable must be 
generated on the fly, then you also have to sign it on the fly, which means 
you need to know the KEK secret key to generate the signature.

Obviously, you don't want to risk somebody extracting the KEK secret key from 
the executable, because then they can defeat secure boot on the system (they 
could modify the "db" variable to contain their own trusted public signing 
key). There *might* be some TPM gimmick you could use instead, but offhand I'm 
not sure what that would be.

Now, based on what you've described, let's suppose you're trying to create a 
software licensing scheme, where you only want to enable a licensed feature on 
a specific customer's machine once they've they've paid for it. The 
implication is that somewhere the system checks for the secure UEFI variable 
that indicates the feature is enabled. To really make this work, then a) each 
customer's machine would need to be provisioned by you (so that you know the 
KEK secret key and the customer does not), and b) each machine's KEK must be 
unique.

If all machines have the same KEK, then if you generate a signed UEFI variable 
update for one machine, it could be applied to all of them.

In this case, it would not be required that the customer run an EXE on their 
system to do the actual signing, only the updating. If you know the KEK secret 
key for a given customer's machine, you can generate the signed variable 
update remotely using your own secure internal system and then e-mail it to 
them, and then the customer just needs to run a program on their machine to 
call SetVariable() in order to store it.

-Bill


> Thanks
> Rafael
> 
> 
> 
> On Tue, Jul 26, 2022, 10:17 AM James Bottomley
> <James.Bottomley@hansenpartnership.com<mailto:James.Bottomley@hansenpartner
> ship.com>> wrote:
> On Tue, 2022-07-26 at 10:09 -0300, Rafael Machado wrote:
> > Hey everyone
> > 
> > I have a question for the experts.
> > 
> > Suppose I have a BIOS feature that can be set from the OS via some OS
> > application (.exe) that calls the runtime services set variable ().
> > 
> > To set this feature I have a UEFI var, that during DXE is processed
> > by some uefi module.
> > 
> > In case I define this UEFI var as signed var
> > (EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS or
> > EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCES), at my OS
> > application I will have to add the signing key, so it would be
> > possible to create new signed data to change the uefi variable as
> > needed from the OS level.
> > 
> > So my question is:
> > What is the correct way of creating a UEFI variable that is protected
> > and that can be changed, by authorized person only, from OS level
> > without the need of embedding my secret at the OS application (.exe)?
> 
> You don't give your use case, so it's hard to answer the above.
> However, the signing process of the update must be guarded because of
> the need to keep the key secret, so update bundles are usually created
> away from the system to be updated to preserve this.  If you want your
> application to make arbitrary updates while it's running, you probably
> don't want to be using signed variables.
> 
> James
> 


-- 
=============================================================================
-Bill Paul            (510) 749-2329 | VxWorks Software Architect,
                 wpaul@windriver.com | Master of Unix-Fu - Wind River Systems
=============================================================================
   "I put a dollar in a change machine. Nothing changed." - George Carlin
=============================================================================