IETF Logo Mail Archive

Re: [Suit] Improvements to draft-moran-suit-manifest-03

Rønningstad, Øyvind <Oyvind.Ronningstad@nordicsemi.no> Mon, 11 February 2019 14:14 UTC

Return-Path: <Oyvind.Ronningstad@nordicsemi.no>
X-Original-To: suit@ietfa.amsl.com
Delivered-To: suit@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D0254130E95 for <suit@ietfa.amsl.com>; Mon, 11 Feb 2019 06:14:19 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.921
X-Spam-Level:
X-Spam-Status: No, score=-0.921 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_MED=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, FROM_EXCESS_BASE64=0.979, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=nordicsemi.onmicrosoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 06k5sIiZHzyu for <suit@ietfa.amsl.com>; Mon, 11 Feb 2019 06:14:16 -0800 (PST)
Received: from EUR03-AM5-obe.outbound.protection.outlook.com (mail-eopbgr30049.outbound.protection.outlook.com [40.107.3.49]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id CAB7412008A for <suit@ietf.org>; Mon, 11 Feb 2019 06:14:15 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=nordicsemi.onmicrosoft.com; s=selector1-nordicsemi-no; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=trllRJCSGGAtgbHdrUzSYntFouwS8QtB6czfp/KT43U=; b=SWRLGwBEuhk+dMsW3kNt6O6C6XcyNWAEinKVKiNAErM3zZuZqPY26PUy4qkP7BP7d4zZxq8pLGWXsA0XJteY689yrqN3D0xeG+WfofXJsAl8+7V14t4wEhVKXzWODBajvGwLtKFSUr2cUPYyyNx3dl8WSLXN4ZHhFYolASYIHKk=
Received: from HE1PR05MB3228.eurprd05.prod.outlook.com (10.170.243.14) by HE1PR05MB3225.eurprd05.prod.outlook.com (10.170.243.11) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.1601.21; Mon, 11 Feb 2019 14:14:12 +0000
Received: from HE1PR05MB3228.eurprd05.prod.outlook.com ([fe80::e075:212f:1658:5012]) by HE1PR05MB3228.eurprd05.prod.outlook.com ([fe80::e075:212f:1658:5012%5]) with mapi id 15.20.1601.023; Mon, 11 Feb 2019 14:14:12 +0000
From: "Rønningstad, Øyvind" <Oyvind.Ronningstad@nordicsemi.no>
To: Amyas Phillips <amyas@ambotec.org>
CC: "hannes.tschofenig@gmx.net" <hannes.tschofenig@gmx.net>, "suit@ietf.org" <suit@ietf.org>, Henk Birkholz <henk.birkholz@sit.fraunhofer.de>, Brendan Moran <Brendan.Moran@arm.com>
Thread-Topic: [Suit] Improvements to draft-moran-suit-manifest-03
Thread-Index: AQHUuWi8UixHuaseU0GRJA2HOUI10qXao+oAgAADpiA=
Date: Mon, 11 Feb 2019 14:14:12 +0000
Message-ID: <HE1PR05MB3228C1819381A6B0630AF6DB88640@HE1PR05MB3228.eurprd05.prod.outlook.com>
References: <78FF2A20-1AF3-425F-B4BB-6F520E85DE46@arm.com> <CAO6t1cj7qDNA3VnkbxiPQEm6P+o=mQALYVr+JMTvVXnvV_4vNQ@mail.gmail.com>
In-Reply-To: <CAO6t1cj7qDNA3VnkbxiPQEm6P+o=mQALYVr+JMTvVXnvV_4vNQ@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: spf=none (sender IP is ) smtp.mailfrom=Oyvind.Ronningstad@nordicsemi.no;
x-originating-ip: [2001:8c0:5140:12:353d:238e:e1bd:5a66]
x-ms-publictraffictype: Email
x-microsoft-exchange-diagnostics: 1; HE1PR05MB3225; 6:eZx+DF82VLx/wjii77B1AQ2fRQaOcsL80StSvTH5Ez94rDYooaIB9+gygisV6EMSi+F3XaUMvoJIkAbzlNFluKf5CARgxIBDHpfzUXoPwtNgKUxaSjTGbmsZC1AQJ7yip4gfERHVKgS7mb4v5+KlaYiiKJ0/5OjXQQEOz0aVXZVYCBHBU6yymZ7StDSczcVR6ijaY+z+SHhB4tHl4yO/DWMtC4kGgp5JlHQTYOzFhRYKSHbtSgmS2YihadeNIl4uZknPJUpbJfgSPMGP9Lqc8AtmL7if71KiAroPNZqZg1ScH8gMTLzmMAZtzN/pVa3SJuB5HFvuAuZ/hneTiWzEro+mrx1mJmPcMRcDps0p+pUwHTdHlSmH1h70TqVqqhh3CICjFNISAfCUCBEJlvK/ZbhkPB6ZspaMoDe4UbcD3KP0SmtvgrZ00Na02l9fpe77esmXP8lE2/IXSg3U2i3+Zw==; 5:ZcN/nN3z7seA1jiLoJJt3PEOz2C9mWULcwg1Jl1BqRa3Sue3QE1Zkq1Dc5Ep54r02RRen+1+QzvvAeAOfpGhRx/1hZwEn0X28mUFxqDjaNLlIn3n6kYORjA2IW81dg1dC5lQi2Z13KrwFCeQXbmPjR9qVCX1m3CcVS7SOJM9aQnN4i8s5qv9whrsMJQG/6xkTDcRVk+4G92YzdwFgIOGkA==; 7:aylaMnBzksptydwqJ7XoPLFT47SL5JRvxBpDhCaaUskjV+XWb4VupnWnEWljK79z5OeALHObfNn2R8tXBaw9sLrgS+W+uqAJV0/mWt5tSDJcnqY5mL5UYirrPMUNbV2NvfjqP5Cdk9Ze/9ky2o7l5g==
x-ms-office365-filtering-correlation-id: 6ee50c6b-3779-4e9a-97a4-08d6902b3282
x-microsoft-antispam: BCL:0; PCL:0; RULEID:(2390118)(7020095)(4652040)(8989299)(4534185)(4627221)(201703031133081)(201702281549075)(8990200)(5600110)(711020)(4605077)(2017052603328)(7153060)(7193020); SRVR:HE1PR05MB3225;
x-ms-traffictypediagnostic: HE1PR05MB3225:
x-ms-exchange-purlcount: 1
x-microsoft-antispam-prvs: <HE1PR05MB32257ECC29615570E118D34488640@HE1PR05MB3225.eurprd05.prod.outlook.com>
x-forefront-prvs: 0945B0CC72
x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(136003)(376002)(346002)(396003)(366004)(39850400004)(199004)(189003)(40434004)(256004)(106356001)(4326008)(11346002)(68736007)(446003)(316002)(71190400001)(33656002)(6116002)(14454004)(790700001)(6436002)(85202003)(102836004)(105586002)(476003)(71200400001)(74482002)(72206003)(85182001)(5024004)(53936002)(14444005)(186003)(6246003)(478600001)(99286004)(46003)(229853002)(966005)(76176011)(2906002)(8676002)(8936002)(25786009)(55016002)(9686003)(54896002)(6306002)(97736004)(7696005)(81156014)(81166006)(6506007)(74316002)(54906003)(486006)(66574012)(6916009)(7736002)(53546011)(86362001)(606006)(236005)(290074003)(777600001); DIR:OUT; SFP:1101; SCL:1; SRVR:HE1PR05MB3225; H:HE1PR05MB3228.eurprd05.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; A:1; MX:1;
received-spf: None (protection.outlook.com: nordicsemi.no does not designate permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam-message-info: SUW40lYDiE1MeDaMdXI2dD42S1k7Ft0Jz3/emjqqS9kkba+PN4jPUBJTIvFiv6DYQnyOhcM7WgGEBhFWa6tYlY35O+boDC0oU5NluNltYl46Efjp2Ns2CYQfFADYgzK1CWKKhVd6OAjmE6K6D1/ve8c5IJD1tmTyXw87qgL9u8zKgn7H63kYS9OK4wP0/f+kmqT4T4gnhEIzBPjDh2ymsahQZnsrGLQp9simkErwvl6Qr587FdhCru3sLKcsIbOIQ9sxSDOE527U1HXx0Ah1Gb33QpYLtSjaHhAzJWB1MWQAeO9hYVe3z4G1wKUBDJowBm/nM/T2Jkav/Ds9aP42sXxLIbwDofUHI6MndppbUwNqVifoDKa9Ek8X0OuNLrb/moBllng2ev4sUg+5bglWv6tkRm7pBOx0u2W0Sb/td64=
Content-Type: multipart/alternative; boundary="_000_HE1PR05MB3228C1819381A6B0630AF6DB88640HE1PR05MB3228eurp_"
MIME-Version: 1.0
X-OriginatorOrg: nordicsemi.no
X-MS-Exchange-CrossTenant-Network-Message-Id: 6ee50c6b-3779-4e9a-97a4-08d6902b3282
X-MS-Exchange-CrossTenant-originalarrivaltime: 11 Feb 2019 14:14:12.3205 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 28e5afa2-bf6f-419a-8cf6-b31c6e9e5e8d
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-Transport-CrossTenantHeadersStamped: HE1PR05MB3225
Archived-At: <https://mailarchive.ietf.org/arch/msg/suit/3Ui7Ga3pE7YW9_3fuOApB6Kco38>
Subject: Re: [Suit] Improvements to draft-moran-suit-manifest-03
X-BeenThere: suit@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Software Updates for Internet of Things <suit.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/suit>, <mailto:suit-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/suit/>
List-Post: <mailto:suit@ietf.org>
List-Help: <mailto:suit-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/suit>, <mailto:suit-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 11 Feb 2019 14:14:20 -0000

Hi Amyas.

Brendan probably has his own thoughts, but here is how I envision this being solved. The upgrade procedure will go something like this:


  1.  The manifest specifies that the payload is encrypted.
  2.  Upon reception, the payload is processed (decrypted, decompressed etc) before being stored.
  3.  The manifest is permanently stored for use during boot validation.
  4.  The bootloader will, on each boot, check the manifest signature, and then validate the postConditions (which contain the hash of the unencrypted firmware image).

The bootloader needs to be a little smart, by which I mean that it will correctly infer on each boot whether it should treat the manifest as an incoming update or as an existing app. This can be achieved in a number of ways: e.g. with some sort of flag stored with the manifest, or by moving the manifest from an “upgrade” spot to a “boot” spot, or by checking the postConditions first, and if they fail, treat the manifest as an upgrade.

This might be similar to your option 2, but I disagree that it is any more a “wrapper around SUIT” that what is needed for upgrades. For upgrades as well, there must be a device-specific way to tag data as being manifests and payloads in various stages of processing.

Of course, anyone is free to do option 5. I.e. use SUIT for upgrades but not for booting.

Best regards,
Øyvind Rønningstad

From: Suit <suit-bounces@ietf.org> On Behalf Of Amyas Phillips
Sent: Monday, February 11, 2019 14:12
To: Brendan Moran <Brendan.Moran@arm.com>
Cc: hannes.tschofenig@gmx.net; suit@ietf.org; Henk Birkholz <henk.birkholz@sit.fraunhofer.de>
Subject: Re: [Suit] Improvements to draft-moran-suit-manifest-03

I have another use case for you Brendan:

A project wants to send its firmware images encrypted, and wants a trusted boot process.

Faced with this, my first thought might be that I'm going to have the bootloader validate the manifest.

What should we recommend?

I can see lots of ways of doing it:
1. Encrypt the firmware image, then create the manifest. Store the encrypted firmware on the target device and on each start have the bootloader validate the manifest and encrypted firmware, before decrypting the firmware into a location from where it can be run. This is the model more-or-less implied in the manifest specification. It works for devices that can afford to decrypt the image to an executable location on each start, e.g. execute-from-RAM devices.
2. Reverse the order of signing and encryption: first create the manifest, then encrypt the firmware image. Have the receiving process on the device decrypt the image and store the decrypt and the manifest in NVRAM for the bootloader to validate. This saves devices from having to decrypt and install the firmware image on each start. Receiving processes can potentially also decrypt images into storage as they arrive, saving on NVRAM. This approach is in effect a wrapper around SUIT.
3. Create a manifest for the bootloader's use and package it up with the firmware. Encrypt this package as a new payload and mint another manifest for the use of the retrieving process.  Have the retrieving process assemble the package, validate it and then decrypt it into the appropriate location for the bootloader.
4. Create a manifest for the bootloader's use. Encrypt the firmware image and create a second manifest for the retrieving process's use, this time including a dependency on the first manifest. Have the retrieving process retrieve, validate, decrypt and install the firmware image. Have it also retrieve and install the first manifest.
5. Relax the requirement for the bootloader to validate a manifest. Maybe it doesn't really need to. I can't see any benefits to having a bootloader validate manifests except that it seems tidier to use manifests for all our validation needs. Instead of that simply sign the firmware image, in whatever way the bootloader expects. Then encrypt the signed object and ship it under a manifest. Have the receiving process validate it and decrypt it into the appropriate location for the bootloader.
6. Rely on channel security for confidentiality. Relying on encrypted channels nets you confidentiality without having to leave space on each device to store encrypted images for validation. This may often be acceptable but is against one of the SUIT design principles as I understand them: channel-independence.   I think SUIT can recognise it as an option but not rely on it for in-scope usecases.

My vote is for option 5.

Many thanks
Amyas Phillips







On Thu, 31 Jan 2019 at 13:27, Brendan Moran <Brendan.Moran@arm.com<mailto:Brendan.Moran@arm.com>> wrote:
Following IETF103, I have been collecting more use cases and user stories to influence the development of the manifest.

Three points have become very clear:

First, the processing tree is too complicated. There are many possible configurations that would never be used. There is plenty of room for error. In reality, the configurations that seem to be usable are all the combinations of these three operations:
* decrypt
* decompress
* unpack (delta, relocate, hex, etc.)

I have yet to find a use-case where these operations do not appear in this order, or where there is another operation that is missing from this list.

That being the case, a processing tree, while very general-purpose is extra overhead that is not needed. With that in mind, I would like to propose changing the payload model back to something more conventional.

The payload-installation-info structure contains information about
* where to store the firmware image (install-component),
* where to retrieve it (uris),
* whether the firmware image is encrypted and with what algorithm (encrypt-info),
* whether a compression algorithm has been applied to the firmware image and what algorithm has been used (compression-algorithm),
* whether the image is a binary diff or requires relocation (unpack), and
* an indication whether these fields may be overridden by an authorized party (allow-override).

Here is a proposed CDDL snippet for draft-moran-suit-manifest-04:

payload-installation-info = {
   install-component => component-identifier,
   ? allow-override => bool,
   ? uris => uri-list,
   ? encrypt-info => COSE_Encrypt0 / COSE_Encrypt,
   ? compression-algorithm => compression-algorithm-ids,
   ? unpack => [
       unpack-algorithm : unpack-algorithm-ids, ; binary diff, or relocation, or binary-to-text algorithm identifier
       ? unpack-arguments : bytes                 ; private config for the unpack algorithm selected
   ]
}

This should be much easier to understand and implement.


The second point is that regen-info is frequently misunderstood and misused.. After some discussion with suit participants, it’s become clear that the regen-info block should be represented as a dedicated “digest algorithm” which solves the same problem as the regen-info block currently does. When incorporated with the changes recommended by Jim Schaad, the result is that we replace COSE_Digest with SUIT_Digest and we remove regen-info. Here is a CDDL snippet that represents SUIT_Digest:

SUIT_Digest = [
   digest-algorithm-id: int,
   digest: bytes,
   ? digest-extra-info: bytes
]

Any needed regen-info can then be contained in the digest-extra-info section with an appropriate algorithm identifier.


The third point of clarity is that we need to do some work in making the manifest easier to parse and process in a constrained environment. I don’t have a simple change to enable that, but we’re working on it.

Best Regards,
Brendan
IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you.
_______________________________________________
Suit mailing list
Suit@ietf.org<mailto:Suit@ietf.org>
https://www.ietf.org/mailman/listinfo/suit

v2.23.0 | Report a Bug | By Email