Hi everyone, new User here.
First let me explain how we are using U-Boot: NXP MX6 Hardware, load FIT Image with Kernel, DTB, RamFS as one FIT-Image from MMC, bootm To secure the FIT we are hashing all 3 Parts using sha256 und signing the Config with our Certificate. In short we are following this process:
1. Generate Cert, name it "required-company-cert" here
2. Attach this Cert to dts/dt.dtb of U-Boot using mkimage -k <dir-with-above-cert> -K dts/dt.dtb -r
3. make U-Boot to attach the Cert with it, store it at a secure place and put it on several devices In 2. you can see that I used -r to store this cert as required. Using "fdtget u-boot.dtb /signature/required-company-cert required" I get "conf". So the Cert is attached to U-Boot and is marked as required for configurations. (To be sure, I used a hex editor to find the cert and the required in the final U-Boot image)
It is planned to never change U-Boot and FIT Updates are done using a dual image system (bootcount, altbootcmd) We create FIT images "test.itb" with Kernel, DTB, RamFS. 3 images using sha256, one configuration using above certificate.
For the following test I used the u-boot git master from today, using "make sandbox_defconfig". The FIT Images are checked using "tools/fit_check_sign -f <itb> -k u-boot.dtb"
1. Using the correct Cert I get:
Verifying Hash Integrity for node 'conf-1'... sha256,rsa4096:required-company-cert+
Verified OK, loading images
Signature check OK
2. Using no Cert I get:
Verifying Hash Integrity for node 'conf-1'... error!
for '(null)' hash node in 'conf-1' config node
Failed to verify required signature 'key-rtu-fit-sign'
3. Using the wrong Cert "tamper" I get: Verifying Hash Integrity for node 'conf-1'... sha256,rsa4096:tamper- error! Verification failed for '(null)' hash node in 'conf-1' config node Failed to verify required signature 'required-company-cert'
So fit_check_sign acts correctly by finding the cert 'required-company-cert' as required in u-boot.dtb
If I load any of these FIT Images in U-Boot only the sha256 hashes are checked, and nobody cares about the Certificate. (using iminfo here and bootm on our ARM Hardware) I can load any FIT Image with wrong Certs, or any Cert at all!
On analyzing the Problem in the Source Code I saw that U-Boot does not check Certs if it finds no "required" entry. In common/image-fit-sig.c, method "fit_config_verify_required_sigs" the "required" node is searched. As far as I can tell any FDT operation is done on the loaded FIT, I saw no access of the u-boot.dtb included in u-boot.
This makes no sense to me, as the u-boot.dtb included in u-boot must have the final word which Cert is to be used and required. Any information in the FIT must be regarded as possible tampered from a 3rd party.
Regards, Thomas