[Bug 1921387] Re: launchpad signing shimaa64.efi fails to validate
Dimitri John Ledkov
1921387 at bugs.launchpad.net
Thu Mar 25 14:10:06 UTC 2021
** Description changed:
- launchpad signing shimaa64.efi fails to validate
+ [Impact]
+
+ * Calculating the hash of the binary is ill defined if there are gaps
+ in sections, or sections are not aligned to ensure that signature table
+ is aligned.
+
+ * This results in sbsign/sbverify to calculate incorrect hash when
+ there are gaps, such as in shimaa64.efi as built on focal with sbat.
+
+ * This was fixed in eoan, but launchpad signing service uses sbsign
+ from bionic.
+
+ * Thus if binaries have gaps launchpad is producing signatures that are
+ covering the wrong authenticode hash.
+
+ [Test Plan]
+
+ * Signatures produced by sbsign in bionic, must be able to verify with
+ sbverify from focal or later.
+
+ * Signatures produced by sbsign in bionic, must be able to verify with
+ pesigcheck
+
+ * Existing signatures generated by launchpad should fail validation
+
+ ie.
+
+ # Test old launchpad generated signature, ensure that it fails:
+
+ cd $(mktemp -d)
+ wget http://ppa.launchpad.net/xnox/nonvirt/ubuntu/dists/hirsute/main/signed/shim-arm64/15.3-0ubuntu1~ppa1/signed.tar.gz
+ tar xvf ./signed.tar.gz
+
+ sbverify --cert 15.3-0ubuntu1~ppa1/control/uefi.crt 15.3-0ubuntu1~ppa1/shimaa64.efi.signed
+ ...
+ Signature verification failed
+
+ Is the correct output
+
+ # Test that pesigcheck fails too
+
+ openssl x509 -outform der -out 15.3-0ubuntu1~ppa1/control/uefi.der -in
+ 15.3-0ubuntu1~ppa1/control/uefi.crt
+
+ pesigcheck -i 15.3-0ubuntu1~ppa1/shimaa64.efi.
+ signed -c 15.3-0ubuntu1~ppa1/control/uefi.der
+ pesigcheck: "15.3-0ubuntu1~ppa1/shimaa64.efi.signed" is invalid.
+
+ # Generate new key on bionic, resign using new sbsigntool, and check
+ that it is now all good:
+
+ update-secureboot-policy new-key
+ openssl x509 -inform der -outform pem -in /var/lib/shim-signed/mok/MOK.der -out /var/lib/shim-signed/mok/MOK.pem
+
+ sbsign --key /var/lib/shim-signed/mok/MOK.priv --cert /var/lib/shim-
+ signed/mok/MOK.pem 15.3-0ubuntu1~ppa1/shimaa64.efi
+
+ sbverify --cert /var/lib/shim-signed/mok/MOK.pem 15.3-0ubuntu1~ppa1/shimaa64.efi.signed
+ Signature verification OK
+
+ pesigcheck -i 15.3-0ubuntu1~ppa1/shimaa64.efi.
+ signed -c /var/lib/shim-signed/mok/MOK.der
+
+
+ [Where problems could occur]
+
+ * Existing edk2 OVMF machines in bionic possibly are calculating
+ checksums unpadded, and thus this change will make the new signatures
+ fail to validate in edk2 OVMF. However, the binaries on amd64 do not
+ have gaps and thus have always had correct signatures. arm64 binaries
+ with gaps do not exist in bionic.
+
+ [Other Info]
+
+ Original bug report:
+
+ launchpad signed shimaa64.efi fails to validate on focal
cd $(mktemp -d)
wget
http://ppa.launchpad.net/xnox/nonvirt/ubuntu/dists/hirsute/main/signed
/shim-arm64/15.3-0ubuntu1~ppa1/signed.tar.gz
tar xvf ./signed.tar.gz
sbverify --cert 15.3-0ubuntu1~ppa1/control/uefi.crt
15.3-0ubuntu1~ppa1/shimaa64.efi.signed
Signature verification failed
-
And yet inside bionic-amd64 chroot I get:
# sbverify --cert 15.3-0ubuntu1~ppa1/control/uefi.crt 15.3-0ubuntu1~ppa1/shimaa64.efi.signed
warning: gap in section table:
- .data : 0x0007f000 - 0x000b3800,
- .sbat : 0x000b4000 - 0x000b5000,
+ .data : 0x0007f000 - 0x000b3800,
+ .sbat : 0x000b4000 - 0x000b5000,
gaps in the section table may result in different checksums
warning: data remaining[740864 vs 800872]: gaps between PE/COFF sections?
Signature verification OK
-
However,
If in xenial-amd64 I perform
update-secureboot-policy new-key
openssl x509 -inform der -outform pem -in /var/lib/shim-signed/mok/MOK.der -out /var/lib/shim-signed/mok/MOK.pem
sbsign --key /var/lib/shim-signed/mok/MOK.priv --cert /var/lib/shim-
signed/mok/MOK.pem 15.3-0ubuntu1~ppa1/shimaa64.efi
sbverify --cert /var/lib/shim-signed/mok/MOK.pem 15.3-0ubuntu1~ppa1/shimaa64.efi.signed
Signature verification OK
Looks like something is dodgy in sbverify in bionic; i.e. it calculates
/ signs / verifies wrong hash.
** Also affects: sbsigntool (Ubuntu Bionic)
Importance: Undecided
Status: New
** Changed in: sbsigntool (Ubuntu)
Status: New => Fix Released
** Description changed:
[Impact]
- * Calculating the hash of the binary is ill defined if there are gaps
+ * Calculating the hash of the binary is ill defined if there are gaps
in sections, or sections are not aligned to ensure that signature table
is aligned.
- * This results in sbsign/sbverify to calculate incorrect hash when
+ * This results in sbsign/sbverify to calculate incorrect hash when
there are gaps, such as in shimaa64.efi as built on focal with sbat.
- * This was fixed in eoan, but launchpad signing service uses sbsign
+ * This was fixed in eoan, but launchpad signing service uses sbsign
from bionic.
- * Thus if binaries have gaps launchpad is producing signatures that are
+ * Thus if binaries have gaps launchpad is producing signatures that are
covering the wrong authenticode hash.
[Test Plan]
- * Signatures produced by sbsign in bionic, must be able to verify with
+ * Signatures produced by sbsign in bionic, must be able to verify with
sbverify from focal or later.
- * Signatures produced by sbsign in bionic, must be able to verify with
+ * Signatures produced by sbsign in bionic, must be able to verify with
pesigcheck
- * Existing signatures generated by launchpad should fail validation
+ * Existing signatures generated by launchpad should fail validation
ie.
# Test old launchpad generated signature, ensure that it fails:
cd $(mktemp -d)
wget http://ppa.launchpad.net/xnox/nonvirt/ubuntu/dists/hirsute/main/signed/shim-arm64/15.3-0ubuntu1~ppa1/signed.tar.gz
tar xvf ./signed.tar.gz
sbverify --cert 15.3-0ubuntu1~ppa1/control/uefi.crt 15.3-0ubuntu1~ppa1/shimaa64.efi.signed
...
Signature verification failed
Is the correct output
# Test that pesigcheck fails too
openssl x509 -outform der -out 15.3-0ubuntu1~ppa1/control/uefi.der -in
15.3-0ubuntu1~ppa1/control/uefi.crt
pesigcheck -i 15.3-0ubuntu1~ppa1/shimaa64.efi.
- signed -c 15.3-0ubuntu1~ppa1/control/uefi.der
+ signed -c 15.3-0ubuntu1~ppa1/control/uefi.der
pesigcheck: "15.3-0ubuntu1~ppa1/shimaa64.efi.signed" is invalid.
# Generate new key on bionic, resign using new sbsigntool, and check
that it is now all good:
- update-secureboot-policy new-key
+ update-secureboot-policy --new-key
openssl x509 -inform der -outform pem -in /var/lib/shim-signed/mok/MOK.der -out /var/lib/shim-signed/mok/MOK.pem
sbsign --key /var/lib/shim-signed/mok/MOK.priv --cert /var/lib/shim-
signed/mok/MOK.pem 15.3-0ubuntu1~ppa1/shimaa64.efi
sbverify --cert /var/lib/shim-signed/mok/MOK.pem 15.3-0ubuntu1~ppa1/shimaa64.efi.signed
Signature verification OK
pesigcheck -i 15.3-0ubuntu1~ppa1/shimaa64.efi.
signed -c /var/lib/shim-signed/mok/MOK.der
-
[Where problems could occur]
- * Existing edk2 OVMF machines in bionic possibly are calculating
+ * Existing edk2 OVMF machines in bionic possibly are calculating
checksums unpadded, and thus this change will make the new signatures
fail to validate in edk2 OVMF. However, the binaries on amd64 do not
have gaps and thus have always had correct signatures. arm64 binaries
with gaps do not exist in bionic.
[Other Info]
Original bug report:
-
+
launchpad signed shimaa64.efi fails to validate on focal
cd $(mktemp -d)
wget
http://ppa.launchpad.net/xnox/nonvirt/ubuntu/dists/hirsute/main/signed
/shim-arm64/15.3-0ubuntu1~ppa1/signed.tar.gz
tar xvf ./signed.tar.gz
sbverify --cert 15.3-0ubuntu1~ppa1/control/uefi.crt
15.3-0ubuntu1~ppa1/shimaa64.efi.signed
Signature verification failed
And yet inside bionic-amd64 chroot I get:
# sbverify --cert 15.3-0ubuntu1~ppa1/control/uefi.crt 15.3-0ubuntu1~ppa1/shimaa64.efi.signed
warning: gap in section table:
.data : 0x0007f000 - 0x000b3800,
.sbat : 0x000b4000 - 0x000b5000,
gaps in the section table may result in different checksums
warning: data remaining[740864 vs 800872]: gaps between PE/COFF sections?
Signature verification OK
However,
If in xenial-amd64 I perform
update-secureboot-policy new-key
openssl x509 -inform der -outform pem -in /var/lib/shim-signed/mok/MOK.der -out /var/lib/shim-signed/mok/MOK.pem
sbsign --key /var/lib/shim-signed/mok/MOK.priv --cert /var/lib/shim-
signed/mok/MOK.pem 15.3-0ubuntu1~ppa1/shimaa64.efi
sbverify --cert /var/lib/shim-signed/mok/MOK.pem 15.3-0ubuntu1~ppa1/shimaa64.efi.signed
Signature verification OK
Looks like something is dodgy in sbverify in bionic; i.e. it calculates
/ signs / verifies wrong hash.
** Description changed:
[Impact]
* Calculating the hash of the binary is ill defined if there are gaps
in sections, or sections are not aligned to ensure that signature table
is aligned.
* This results in sbsign/sbverify to calculate incorrect hash when
there are gaps, such as in shimaa64.efi as built on focal with sbat.
* This was fixed in eoan, but launchpad signing service uses sbsign
from bionic.
* Thus if binaries have gaps launchpad is producing signatures that are
covering the wrong authenticode hash.
[Test Plan]
* Signatures produced by sbsign in bionic, must be able to verify with
sbverify from focal or later.
* Signatures produced by sbsign in bionic, must be able to verify with
pesigcheck
* Existing signatures generated by launchpad should fail validation
ie.
# Test old launchpad generated signature, ensure that it fails:
cd $(mktemp -d)
wget http://ppa.launchpad.net/xnox/nonvirt/ubuntu/dists/hirsute/main/signed/shim-arm64/15.3-0ubuntu1~ppa1/signed.tar.gz
tar xvf ./signed.tar.gz
sbverify --cert 15.3-0ubuntu1~ppa1/control/uefi.crt 15.3-0ubuntu1~ppa1/shimaa64.efi.signed
...
Signature verification failed
Is the correct output
# Test that pesigcheck fails too
openssl x509 -outform der -out 15.3-0ubuntu1~ppa1/control/uefi.der -in
15.3-0ubuntu1~ppa1/control/uefi.crt
- pesigcheck -i 15.3-0ubuntu1~ppa1/shimaa64.efi.
- signed -c 15.3-0ubuntu1~ppa1/control/uefi.der
+ pesigcheck -i 15.3-0ubuntu1~ppa1/shimaa64.efi.signed -c 15.3-0ubuntu1~ppa1/control/uefi.der
pesigcheck: "15.3-0ubuntu1~ppa1/shimaa64.efi.signed" is invalid.
# Generate new key on bionic, resign using new sbsigntool, and check
that it is now all good:
update-secureboot-policy --new-key
openssl x509 -inform der -outform pem -in /var/lib/shim-signed/mok/MOK.der -out /var/lib/shim-signed/mok/MOK.pem
sbsign --key /var/lib/shim-signed/mok/MOK.priv --cert /var/lib/shim-
signed/mok/MOK.pem 15.3-0ubuntu1~ppa1/shimaa64.efi
sbverify --cert /var/lib/shim-signed/mok/MOK.pem 15.3-0ubuntu1~ppa1/shimaa64.efi.signed
Signature verification OK
- pesigcheck -i 15.3-0ubuntu1~ppa1/shimaa64.efi.
- signed -c /var/lib/shim-signed/mok/MOK.der
+ pesigcheck -i 15.3-0ubuntu1~ppa1/shimaa64.efi.signed -c /var/lib/shim-
+ signed/mok/MOK.der
[Where problems could occur]
* Existing edk2 OVMF machines in bionic possibly are calculating
checksums unpadded, and thus this change will make the new signatures
fail to validate in edk2 OVMF. However, the binaries on amd64 do not
have gaps and thus have always had correct signatures. arm64 binaries
with gaps do not exist in bionic.
[Other Info]
Original bug report:
launchpad signed shimaa64.efi fails to validate on focal
cd $(mktemp -d)
wget
http://ppa.launchpad.net/xnox/nonvirt/ubuntu/dists/hirsute/main/signed
/shim-arm64/15.3-0ubuntu1~ppa1/signed.tar.gz
tar xvf ./signed.tar.gz
sbverify --cert 15.3-0ubuntu1~ppa1/control/uefi.crt
15.3-0ubuntu1~ppa1/shimaa64.efi.signed
Signature verification failed
And yet inside bionic-amd64 chroot I get:
# sbverify --cert 15.3-0ubuntu1~ppa1/control/uefi.crt 15.3-0ubuntu1~ppa1/shimaa64.efi.signed
warning: gap in section table:
.data : 0x0007f000 - 0x000b3800,
.sbat : 0x000b4000 - 0x000b5000,
gaps in the section table may result in different checksums
warning: data remaining[740864 vs 800872]: gaps between PE/COFF sections?
Signature verification OK
However,
If in xenial-amd64 I perform
update-secureboot-policy new-key
openssl x509 -inform der -outform pem -in /var/lib/shim-signed/mok/MOK.der -out /var/lib/shim-signed/mok/MOK.pem
sbsign --key /var/lib/shim-signed/mok/MOK.priv --cert /var/lib/shim-
signed/mok/MOK.pem 15.3-0ubuntu1~ppa1/shimaa64.efi
sbverify --cert /var/lib/shim-signed/mok/MOK.pem 15.3-0ubuntu1~ppa1/shimaa64.efi.signed
Signature verification OK
Looks like something is dodgy in sbverify in bionic; i.e. it calculates
/ signs / verifies wrong hash.
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to sbsigntool in Ubuntu.
https://bugs.launchpad.net/bugs/1921387
Title:
launchpad signing shimaa64.efi fails to validate
Status in Launchpad itself:
New
Status in sbsigntool package in Ubuntu:
Fix Released
Status in sbsigntool source package in Bionic:
New
Bug description:
[Impact]
* Calculating the hash of the binary is ill defined if there are gaps
in sections, or sections are not aligned to ensure that signature
table is aligned.
* This results in sbsign/sbverify to calculate incorrect hash when
there are gaps, such as in shimaa64.efi as built on focal with sbat.
* This was fixed in eoan, but launchpad signing service uses sbsign
from bionic.
* Thus if binaries have gaps launchpad is producing signatures that
are covering the wrong authenticode hash.
[Test Plan]
* Signatures produced by sbsign in bionic, must be able to verify
with sbverify from focal or later.
* Signatures produced by sbsign in bionic, must be able to verify
with pesigcheck
* Existing signatures generated by launchpad should fail validation
ie.
# Test old launchpad generated signature, ensure that it fails:
cd $(mktemp -d)
wget http://ppa.launchpad.net/xnox/nonvirt/ubuntu/dists/hirsute/main/signed/shim-arm64/15.3-0ubuntu1~ppa1/signed.tar.gz
tar xvf ./signed.tar.gz
sbverify --cert 15.3-0ubuntu1~ppa1/control/uefi.crt 15.3-0ubuntu1~ppa1/shimaa64.efi.signed
...
Signature verification failed
Is the correct output
# Test that pesigcheck fails too
openssl x509 -outform der -out 15.3-0ubuntu1~ppa1/control/uefi.der -in
15.3-0ubuntu1~ppa1/control/uefi.crt
pesigcheck -i 15.3-0ubuntu1~ppa1/shimaa64.efi.signed -c 15.3-0ubuntu1~ppa1/control/uefi.der
pesigcheck: "15.3-0ubuntu1~ppa1/shimaa64.efi.signed" is invalid.
# Generate new key on bionic, resign using new sbsigntool, and check
that it is now all good:
update-secureboot-policy --new-key
openssl x509 -inform der -outform pem -in /var/lib/shim-signed/mok/MOK.der -out /var/lib/shim-signed/mok/MOK.pem
sbsign --key /var/lib/shim-signed/mok/MOK.priv --cert /var/lib/shim-
signed/mok/MOK.pem 15.3-0ubuntu1~ppa1/shimaa64.efi
sbverify --cert /var/lib/shim-signed/mok/MOK.pem 15.3-0ubuntu1~ppa1/shimaa64.efi.signed
Signature verification OK
pesigcheck -i 15.3-0ubuntu1~ppa1/shimaa64.efi.signed -c /var/lib/shim-
signed/mok/MOK.der
[Where problems could occur]
* Existing edk2 OVMF machines in bionic possibly are calculating
checksums unpadded, and thus this change will make the new signatures
fail to validate in edk2 OVMF. However, the binaries on amd64 do not
have gaps and thus have always had correct signatures. arm64 binaries
with gaps do not exist in bionic.
[Other Info]
Original bug report:
launchpad signed shimaa64.efi fails to validate on focal
cd $(mktemp -d)
wget
http://ppa.launchpad.net/xnox/nonvirt/ubuntu/dists/hirsute/main/signed
/shim-arm64/15.3-0ubuntu1~ppa1/signed.tar.gz
tar xvf ./signed.tar.gz
sbverify --cert 15.3-0ubuntu1~ppa1/control/uefi.crt
15.3-0ubuntu1~ppa1/shimaa64.efi.signed
Signature verification failed
And yet inside bionic-amd64 chroot I get:
# sbverify --cert 15.3-0ubuntu1~ppa1/control/uefi.crt 15.3-0ubuntu1~ppa1/shimaa64.efi.signed
warning: gap in section table:
.data : 0x0007f000 - 0x000b3800,
.sbat : 0x000b4000 - 0x000b5000,
gaps in the section table may result in different checksums
warning: data remaining[740864 vs 800872]: gaps between PE/COFF sections?
Signature verification OK
However,
If in xenial-amd64 I perform
update-secureboot-policy new-key
openssl x509 -inform der -outform pem -in /var/lib/shim-signed/mok/MOK.der -out /var/lib/shim-signed/mok/MOK.pem
sbsign --key /var/lib/shim-signed/mok/MOK.priv --cert /var/lib/shim-
signed/mok/MOK.pem 15.3-0ubuntu1~ppa1/shimaa64.efi
sbverify --cert /var/lib/shim-signed/mok/MOK.pem 15.3-0ubuntu1~ppa1/shimaa64.efi.signed
Signature verification OK
Looks like something is dodgy in sbverify in bionic; i.e. it
calculates / signs / verifies wrong hash.
To manage notifications about this bug go to:
https://bugs.launchpad.net/launchpad/+bug/1921387/+subscriptions
More information about the foundations-bugs
mailing list