Generate Secure Boot Keys Ubuntu

Posted on  by

Jul 11, 2017  UEFI Secure Boot sign tool. The default signed Linux kernel on Ubuntu (=16.04.x), Fedora and perhaps on other distributions as well, won't load unsigned external kernel modules if Secure Boot is enabled on UEFI systems. Hence, any external kernel modules like the proprietary Nvidia kernel driver, Oracle VM VirtualBox's host/guest kernel driver etc.

  1. Enable Secure Boot Ubuntu
  2. Disable Secure Boot Ubuntu

SSH key generator for Ubuntu closed. How to set keys to user accounts. How to generate SSH v2 key for ubuntu one. Secure Boot Key Generation and Signing Using HSM (Example); 12 minutes to read +1; In this article. Here's an example of how to generate Secure Boot keys (PK and others) by using a hardware security module (HSM). The procedure documents the process for generating the Ubuntu secure boot signing key. This certificate/key pair is used by Launchpad to sign secure boot images (eg, the bootloader). The signing private key should not be encrypted (no password): Create the private key. You would need to pick hardware for Secure Boot key management like Hardware Security Modules (HSMs), consider special requirements on PCs to ship to governments and other agencies and finally the process of creating, populating and managing the life cycle of various Secure Boot keys. 1.3.2 Secure Boot related keys.

-->

Version 1.3

Here's an example of how to generate Secure Boot keys (PK and others) by using a hardware security module (HSM).

You'll need to know the Secure Boot Public Key Infrastructure (PKI). For more info, see Windows 8.1 Secure Boot Key Creation and Management Guidance.

Requirements

Tools Needed

Cookies are required to use this service. Please enable cookies in your browser. Apr 04, 2017  Secure Boot and Windows 10 Installation. I have Create a USB KEY with Rufus with GPT Partition Scheme for UEFI and Formatted NTFS. I didn't disable Secure boot as i do when i install Windows 7 because i supposed that it was not necessary with Windows 10. But i'm wrong. I need to understand if once i disable Secure Boot and install Windows 10.

  • certreq.exe – Available Inbox

  • certutil.exe – Available Inbox

  • Signtool.exe – Available in the latest Windows SDK

Hardware Security Module (HSM)

The whitepaper demonstrates the key generation using examples from the nCipher (now Thales) PCI HSM model nC1003P/nC3023P/nC3033P and the SafeNet Luna HSMs. Most of the concepts apply to other HSM vendors as well.

For other HSMs, contact your manufacturer for additional instructions on how to tailor your approach with the HSM Cryptographic Service Provider (CSP).

Approach

We use the Microsoft certificate creation tool: certreq.exe to generate the Secure Boot Platform Key (PK) and other keys needed for Secure Boot.

The certreq tool can be adapted to use an HSM by providing the Cryptographic Service Provider (CSP) to be the HSM.

Find the Cryptographic Service Provider (CSP)

You can use either the certutil.exe tool or a tool used by the HSM to list the CSPs.

  • This example uses the certutil tool to show the CSPs on the Thales/nCipher HSM:

    For the SHA-256 digesting algorithm, use the CNG provider: 'nCipher Security World Key Storage Provider'. Legacy providers do not support SHA-256 and are not suitable for use with Secure Boot.

  • This example uses the built-in Thales/nCipher tool to list the CSP:

    For the SHA-256 digesting algorithm, use the CNG provider: 'nCipher Security World Key Storage Provider'. Legacy providers do not support SHA-256 and are not suitable for use with Secure Boot.

  • This example uses the SafeNet Luna HSMs tool to list the CSP:

    For SHA-256 digest algorithm you will need to use a CNG provider – “SafeNet Key Storage Provider”. Legacy providers do not support SHA-256 and are not suitable for use with Secure Boot.

To generate the key:

Sample request.inf file:

Update the following values:

  • Subject: Replace the TODO’s with real data 'CN=Corporation TODO Platform Key,O=TODO Corporation,L=TODO_City,S=TODO_State,C=TODO_Country'.

  • ValidityPeriod, ValidityPeriodUnits: Use the validity period of 6 years. While a PK may only be valid for 2 years, the 6-year period allows for potential future servicing.

    If the application key is not set, your user sessions and other encrypted data will not be secure! If you have not copied the.env.example file to a new file named.env, you should do that now. Artisan key generate not working. The key can be set in the.env environment file.

  • KeyContainer: Enter the container id that you used to create the Key with the HSM. You may be asked to provide the tokens that you have used to create the Security World for the Thales HSM.

Validating certificate (self-signed)

Verify that the certificate has been generated correctly:

For example: certutil -store -v my '7569d364a2e77b814274c81ae6360ffe'

Sample output:

Backing up the certificate

Back up your certificates. This way, if either the certificate store or the server goes down, you can add the certificate back to the store. For more info on certreq.exe, see Advanced Certificate Enrollment and Management: Appendix 3: Certreq.exe Syntax

Note, the PK is a self-signed certificate, and is also used to sign the KEK.

There are 2 parts to PK signing / initial provisioning. Please talk to your Microsoft contact to get these scripts:

  • subcreate_set_PK_example_initial_provisioning_example.ps1. Used by the signtool to sign the PK comes later in the servicing case.

  • subcreate_set_PK_service_example.ps1. Since we are dealing with the HSM case, the following line applies in the script applies.

Signing with PK certificate (servicing scenario)

This section applies to signing with your PK certificate and may not be applicable for initial provisioning of system. However, you can use the method here to test your service scenario.

Determine the certificate hash (sha1)

Determine the SHA1 hash of the certificate. You can get the SHA1 hash by using either of the following methods:

  • In Windows, open the Certificate file, select the Details tab, and check the value for Thumbprint.

  • Or use the following command:

    Sample output:

Sign with signtool with the certificate store specified as a reference

Use the SHA1 hash to sign the KEK certificate:

Where KEK.bin is the filename of the binary certificate you want to sign.

Sample output:

NOTE For compatibility with the UEFI Specification and maximum compatibility across UEFI implementations, the /p7co and /p7ce parameters must be present, the value passed to /p7co must be 1.2.840.113549.1.7.1, and the value passed to /p7ce must be DetachedSignedData. Also, for improved compatibility with production signing environments, a signtool.exe commandline that fully specifies the hardware key container is as follows:

For more info, see Sign Tool (SignTool.exe) and Windows 8.1 Secure Boot Key Creation and Management Guidance.

Appendix A – Using Thales KeySafe for viewing keys

Thales KeySafe is based on a GUI.

To use KeySafe, you must have installed JRE/JDK 1.4.2, 1.5, or 1.6. Install Java before you install the nCipher software.

Configure the hardserver config file under the %NFAST_KMDATA%config folder:

Edit settings in the server_startup section:

nonpriv_port. This field specifies the port on which the hardserver listens for local non-privileged TCP connections.

  • Default to connecting to port 9000.

  • If the NFAST_SERVER_PORT environment variable is set, it overrides any value set for nonpriv_port

priv_port. This field specifies the port on which the hardserver listens for local privileged TCP connections.

  • Default to connecting to port 9001.

  • If the NFAST_SERVER_PRIVPORT environment variable is set, it overrides any value set for priv_port

The following are screenshots from the Thales KeySafe GUI:

The following image is generated by launching the KeySafe utility and then navigating to the KeyList menu.

For more info, see the nCipher/Thales Users Guide.

Appendix B: Using SafeNet CMU Utility to view keys

For more details, please consult the SafeNet Luna HSM documentation.

Related topics

Most modern PCs include 'secure boot' technology that is able to check the bootloader and kernel for signs of tampering and protect against rootkits. Some distributions extend this protection to kernel modules as well. These protections can be a problem when trying to intentionally load an out-of-tree module like input-wacom, however. The typical symptom is a non-working tablet and the message Lockdown: Loading of unsigned modules is restricted; see man kernel_lockdown.7 showing up in the output of dmesg. This page describes how to configure your system so that a trusted module is built. A high-level overview of how module signing works is also available.

Note that if you've already set up your system, then you only need to follow the build instructions. It is not necessary to re-generate or re-register the secure boot keys. Version 0.43.0 and later of input-wacom should auto-discover the keys when using a Debian-based distribution (Ubuntu, Mint, etc) but will need the paths explicitly provided (e.g. /root/MOK.priv and /root/MOK.der) with Fedora and other distributions.

Disabling secure boot is not recommended, but it can confirm if your issue really is due to secure boot rather than some other problem. The precise steps to disable secure boot will vary between systems but the following is fairly typical:

  1. Print these instructions or open them on another computer.

  2. Save and close any open documents and programs.

  3. Run systemctl reboot --firmware-setup to restart the computer and enter the UEFI (BIOS) setup

  • NOTE: If this command does not work, reboot the computer normally and when the manufacturer logo is displayed press the appropriate key to enter UEFI (BIOS) setup. This will typically be 'F2', 'Del', 'Enter', etc.

  1. Open the 'Secure Boot' item in the 'Security' tab

  2. Change the 'Secure Boot' item to 'Disabled'

  3. Save and exit setup

Once secure boot has been disabled, the Lockdown: Loading of unsigned modules is restricted; see man kernel_lockdown.7 message should no longer be present in dmesg and your tablet should begin working. If the message is still present, you will need to verify that you have actually disabled secure boot. If the message is not present but the tablet still does not work, you will need to ensure that your input-wacom driver was installed properly.

If the tablet works properly, you should re-enable secure boot and then proceed to the following section.

In order for the input-wacom driver to load with secure boot enabled, the system must recognize it as a trusted kernel module. This first requires you to create a signing key and register it with the system. Once the signing key is generated and registered, it can be used in the build process to produce a signed driver that the system will trust.

Ubuntu, Mint, Debian

Ubuntu provides a helper tool that simplifies much of the configuration process. Use the following instructions to set up your system:

  1. Run sudo update-secureboot-policy --new-key to create a key
  • NOTE: This will check to see if a key already exists and reuse it if possible.
  1. Run sudo update-secureboot-policy --enroll-key to enroll the key into the MOK database
  • NOTE: If the command indicates that secure boot is not enabled, you will need to enable it first.
  • NOTE: If the command indicates that no DKMS modules are installed, you will need to run sudo mokutil --import /var/lib/shim-signed/mok/MOK.der instead
  • NOTE: If the command completes with no message, the key has already been imported. Skip to 'Compiling a Signed Module' below.
  1. Enter a temporary password at the input password: prompt, and repeat it when asked.
  • NOTE: This password will only be used once at the next reboot to ensure you are physically present. It is okay to use something simple like password or 12345.
  1. Reboot the computer. A blue screen titled 'Perform MOK management' will start instead of Linux.
  • NOTE: If you do not respond within 10 seconds the computer continue the boot process and load Linux. If this happens you can simply go back to step 2.

  1. Select the 'Enroll MOK' option, and then 'Continue', and 'Yes'.

  2. When asked for a password, type in the temporary password from step 3.

  3. Select 'Reboot'

Fedora, SUSE, Arch Linux, etc.

  1. Run the following command to create an OpenSSL configuration file:

  1. Run sudo openssl req -x509 -new -nodes -batch -config sboot_openssl.config -out /root/MOK.der -outform der -keyout /root/MOK.priv to generate a keypair for secure boot.

  2. Run sudo mokutil --import /root/MOK.der to enroll the key into the MOK database.

  3. Enter a temporary password at the input password: prompt, and repeat it when asked.

  • NOTE: This password will only be used once at the next reboot to ensure you are physically present. It is okay to use something simple like password or 12345.
  1. Reboot the computer. A blue screen titled 'Perform MOK management' will start instead of Linux.
  • NOTE: If you do not respond within 10 seconds the computer continue the boot process and load Linux. If this happens you can simply go back to step 3.

Enable Secure Boot Ubuntu

  1. Select the 'Enroll MOK' option, and then 'Continue', and 'Yes'.

  2. When asked for a password, type in the temporary password from step 4.

  3. Select 'Reboot'

Once the system has been configured by following the instructions above, it should be possible to build the driver using the standard build instructions.

Disable Secure Boot Ubuntu

  • Ubuntu wiki 'SecureBoot' page
  • Ubuntu wiki 'Signing' page
  • Fedora Docs 'Working with Kernel Modules' page