From b869aaddc2cc5ff5cddce49f66aaf895e4d7ae2d Mon Sep 17 00:00:00 2001 From: Doug Flick Date: Mon, 28 Apr 2025 12:11:58 -0700 Subject: [PATCH 1/3] Renaming variables (and filenames) --- .github/workflows/prepare-binaries.yml | 2 +- Templates/MicrosoftAndOptionRoms.toml | 18 +++++++-------- ...ompat.toml => MicrosoftAndThirdParty.toml} | 22 +++++++++---------- scripts/windows/InstallSecureBootKeys.ps1 | 12 +++++----- 4 files changed, 27 insertions(+), 27 deletions(-) rename Templates/{3rdPartyCompat.toml => MicrosoftAndThirdParty.toml} (94%) diff --git a/.github/workflows/prepare-binaries.yml b/.github/workflows/prepare-binaries.yml index 9da3ad3..fd30bf1 100644 --- a/.github/workflows/prepare-binaries.yml +++ b/.github/workflows/prepare-binaries.yml @@ -59,7 +59,7 @@ jobs: run: python scripts/secure_boot_default_keys.py --keystore Templates/MicrosoftAndOptionRoms.toml -o FirmwareArtifacts - name: Build Compatible Defaults Template (2023 MSFT + 2023 3P + 2023 OROM) - run: python scripts/secure_boot_default_keys.py --keystore Templates/3rdPartyCompat.toml -o FirmwareArtifacts + run: python scripts/secure_boot_default_keys.py --keystore Templates/MicrosoftAndThirdParty.toml -o FirmwareArtifacts - name: Upload Firmware Binaries as Artifacts uses: actions/upload-artifact@v4 diff --git a/Templates/MicrosoftAndOptionRoms.toml b/Templates/MicrosoftAndOptionRoms.toml index b1236ab..d384e2b 100644 --- a/Templates/MicrosoftAndOptionRoms.toml +++ b/Templates/MicrosoftAndOptionRoms.toml @@ -12,10 +12,10 @@ # Default PK File Entry # ################################ -[DefaultPk] +[PK] help = "Contains the Microsoft PK to enable signature database updates and binary execution." -[[DefaultPk.files]] +[[PK.files]] path = "PreSignedObjects/PK/Certificate/WindowsOEMDevicesPK.der" sha1 = 0x3D8660C0CB2D57B189C3D7995572A552F75E48B5 signature_owner = "77fa9abd-0359-4d32-bd60-28f4e78f784b" @@ -24,10 +24,10 @@ description = "Platform Key (owner) who may authorize changes to the KEK Variabl ################################### # Default Kek File Entries # ################################### -[DefaultKek] +[KEK] help = "Contains the Microsoft KEKs to enable signature database updates and binary execution." -[[DefaultKek.files]] +[[KEK.files]] path = "PreSignedObjects/KEK/Certificates/microsoft corporation kek 2k ca 2023.der" url = "https://go.microsoft.com/fwlink/?linkid=2239775" sha1 = 0x459ab6fb5e284d272d5e3e6abc8ed663829d632b @@ -37,17 +37,17 @@ description = "2023+ Microsoft Authorizes Signature Database Updates" ################################## # Default Db File Entries # ################################## -[DefaultDb] +[DB] help = "Contains only Microsoft certificates to verify binaries before execution. More than Default3PDb." -[[DefaultDb.files]] +[[DB.files]] path = "PreSignedObjects/DB/Certificates/windows uefi ca 2023.der" url = "https://go.microsoft.com/fwlink/?linkid=2239776" sha1 = 0x45a0fa32604773c82433c3b7d59e7466b3ac0c67 signature_owner = "77fa9abd-0359-4d32-bd60-28f4e78f784b" description = "2023+ signed Windows Boot Media (e.g. 2023 signed Windows)" -[[DefaultDb.files]] +[[DB.files]] path = "PreSignedObjects/DB/Certificates/microsoft option rom uefi ca 2023.der" url = "http://www.microsoft.com/pkiops/certs/microsoft%20option%20rom%20uefi%20ca%202023.crt" sha1 = 0x3FB39E2B8BD183BF9E4594E72183CA60AFCD4277 @@ -57,10 +57,10 @@ description = "2023+ signed UEFI Third-Party Option ROMs (e.g. Graphics/Storage/ ############################ # Default Dbx File Entries # ############################ -[DefaultDbx] +[DBX] help = "Contains a list of revoked certificates that will not execute on this system. Filtered per Architecture (ARM, Intel)." -[[DefaultDbx.files]] +[[DBX.files]] # # New recommendation is to allow the OS to manage the dbx and not ship a DefaultDbx with the firmware. # A valid configuration is to ship an unset DBX variable. diff --git a/Templates/3rdPartyCompat.toml b/Templates/MicrosoftAndThirdParty.toml similarity index 94% rename from Templates/3rdPartyCompat.toml rename to Templates/MicrosoftAndThirdParty.toml index 54101fa..e8e1683 100644 --- a/Templates/3rdPartyCompat.toml +++ b/Templates/MicrosoftAndThirdParty.toml @@ -10,10 +10,10 @@ ################################ # Default PK File Entry # ################################ -[DefaultPk] +[PK] help = "Contains the Microsoft PK to enable signature database updates and binary execution." -[[DefaultPk.files]] +[[PK.files]] path = "PreSignedObjects/PK/Certificate/WindowsOEMDevicesPK.der" sha1 = 0x3D8660C0CB2D57B189C3D7995572A552F75E48B5 signature_owner = "77fa9abd-0359-4d32-bd60-28f4e78f784b" @@ -22,10 +22,10 @@ description = "Platform Key (owner) who may authorize changes to the KEK Variabl ################################### # Default Kek File Entries # ################################### -[DefaultKek] +[KEK] help = "Contains the Microsoft KEKs to enable signature database updates and binary execution." -[[DefaultKek.files]] +[[KEK.files]] path = "PreSignedObjects/KEK/Certificates/microsoft corporation kek 2k ca 2023.der" url = "https://go.microsoft.com/fwlink/?linkid=2239775" sha1 = 0x459ab6fb5e284d272d5e3e6abc8ed663829d632b @@ -35,31 +35,31 @@ description = "2023+ Microsoft Authorizes Signature Database Updates" ################################## # Default Db File Entries # ################################## -[DefaultDb] +[DB] help = "Contains 2023 Microsoft and UEFI third party certificates to verify binaries before execution. More compatible than MicrosoftOnlyDefaults." -[[DefaultDb.files]] +[[DB.files]] path = "PreSignedObjects/DB/Certificates/windows uefi ca 2023.der" url = "https://go.microsoft.com/fwlink/?linkid=2239776" sha1 = 0x45a0fa32604773c82433c3b7d59e7466b3ac0c67 signature_owner = "77fa9abd-0359-4d32-bd60-28f4e78f784b" description = "2023+ signed Windows Boot Media (e.g. 2023 signed Windows)" -[[DefaultDb.files]] +[[DB.files]] path = "PreSignedObjects/DB/Certificates/microsoft uefi ca 2023.der" url = "https://go.microsoft.com/fwlink/?linkid=2239872" sha1 = 0xb5eeb4a6706048073f0ed296e7f580a790b59eaa signature_owner = "77fa9abd-0359-4d32-bd60-28f4e78f784b" description = "2023+ signed Third-Party UEFI CA Signed Applications (e.g. 2023 signed Linux)" -[[DefaultDb.files]] +[[DB.files]] path = "PreSignedObjects/DB/Certificates/microsoft option rom uefi ca 2023.der" url = "http://www.microsoft.com/pkiops/certs/microsoft%20option%20rom%20uefi%20ca%202023.crt" sha1 = 0x3FB39E2B8BD183BF9E4594E72183CA60AFCD4277 signature_owner = "77fa9abd-0359-4d32-bd60-28f4e78f784b" description = "2023+ signed UEFI Third-Party Option ROMs (e.g. Graphics/Storage/Networking Drivers)" -[[DefaultDb.files]] +[[DB.files]] path = "PreSignedObjects/DB/Certificates/MicCorUEFCA2011_2011-06-27.der" url = "https://go.microsoft.com/fwlink/p/?linkid=321194" sha1 = 0x46def63b5ce61cf8ba0de2e6639c1019d0ed14f3 @@ -69,10 +69,10 @@ description = "2011 signed UEFI Applications and Third-Party Option ROMs (e.g. 2 ############################ # Default Dbx File Entries # ############################ -[DefaultDbx] +[DBX] help = "Contains a list of revoked certificates that will not execute on this system. Filtered per Architecture (ARM, Intel)." -[[DefaultDbx.files]] +[[DBX.files]] # # New recommendation is to allow the OS to manage the dbx and not ship a DefaultDbx with the firmware. # A valid configuration is to ship an unset DBX variable. diff --git a/scripts/windows/InstallSecureBootKeys.ps1 b/scripts/windows/InstallSecureBootKeys.ps1 index 85aa2ef..993541a 100644 --- a/scripts/windows/InstallSecureBootKeys.ps1 +++ b/scripts/windows/InstallSecureBootKeys.ps1 @@ -13,7 +13,7 @@ A path to the directory containing the pre-signed Secure Boot objects. .NOTES Author: Microsoft Date: 4/2/25 -Version: 1 +Version: 1.1 #> param( @@ -57,7 +57,7 @@ try { Log-Message "Enrolling certificates for Secure Boot..." "Green" # Validate the presence of required pre-signed objects - $RequiredFiles = @("DefaultPk.bin", "DefaultKek.bin", "DefaultDb.bin", "DefaultDbx.bin") + $RequiredFiles = @("PK.bin", "KEK.bin", "DB.bin", "DBX.bin") foreach ($RequiredFile in $RequiredFiles) { $FilePath = Join-Path -Path $PresignedObjectsPath -ChildPath $RequiredFile if (-not (Test-Path -Path $FilePath)) { @@ -68,7 +68,7 @@ try { } # Validate the size of the DBX file (minimum 28 bytes - EFI_SIGNATURE_LIST minimum size assuming 0 entries) - $DbxFilePath = Join-Path -Path $PresignedObjectsPath -ChildPath "DefaultDbx.bin" + $DbxFilePath = Join-Path -Path $PresignedObjectsPath -ChildPath "DBX.bin" Validate-FileSize -FilePath $DbxFilePath -MinSizeBytes 28 # Timestamp for Secure Boot enrollment @@ -76,7 +76,7 @@ try { # Enroll certificates in reverse order Log-Message "Enrolling DB..." "Green" - $Result = Set-SecureBootUEFI -Time $time -ContentFilePath (Join-Path $PresignedObjectsPath "DefaultDb.bin") -Name db + $Result = Set-SecureBootUEFI -Time $time -ContentFilePath (Join-Path $PresignedObjectsPath "DB.bin") -Name db if ($null -ne $Result) { Log-Message "DB enrolled successfully." "Green" } else { @@ -94,7 +94,7 @@ try { } Log-Message "Enrolling KEK..." "Green" - $Result = Set-SecureBootUEFI -Time $time -ContentFilePath (Join-Path $PresignedObjectsPath "DefaultKek.bin") -Name KEK + $Result = Set-SecureBootUEFI -Time $time -ContentFilePath (Join-Path $PresignedObjectsPath "KEK.bin") -Name KEK if ($null -ne $Result) { Log-Message "KEK enrolled successfully." "Green" } else { @@ -103,7 +103,7 @@ try { } Log-Message "Enrolling PK..." "Green" - $PkFilePath = Join-Path -Path $PresignedObjectsPath -ChildPath "DefaultPk.bin" + $PkFilePath = Join-Path -Path $PresignedObjectsPath -ChildPath "PK.bin" $Result = $null if (-not [string]::IsNullOrEmpty($PathToPkP7b)) { $Result = Set-SecureBootUEFI -Time $time -ContentFilePath $PkFilePath -Name PK -SignedFilePath $PathToPkP7b From 4367807bf1b28ea742d7dc3be8868bec522baf75 Mon Sep 17 00:00:00 2001 From: Doug Flick Date: Mon, 28 Apr 2025 12:16:42 -0700 Subject: [PATCH 2/3] Adding a additional most compatible template --- Templates/MostCompatible.toml | 92 +++++++++++++++++++++++++++++++++++ 1 file changed, 92 insertions(+) create mode 100644 Templates/MostCompatible.toml diff --git a/Templates/MostCompatible.toml b/Templates/MostCompatible.toml new file mode 100644 index 0000000..8583769 --- /dev/null +++ b/Templates/MostCompatible.toml @@ -0,0 +1,92 @@ +# @file +# Template Name: Most Compatible – Microsoft and 3rd Party +# Description: +# This template is the most compatible template however it is the least secure. This template will allow for anything +# signed by the 2011 CAs or the 2023 CAs to execute. This template is not recommended for +# secure systems however will allow for Windows and Linux to boot with secure boot enabled. +# +# Copyright (C) Microsoft Corporation +# SPDX-License-Identifier: BSD-2-Clause-Patent +# +## +################################ +# Default PK File Entry # +################################ +[PK] +help = "Contains the Microsoft PK to enable signature database updates and binary execution." + +[[PK.files]] +path = "PreSignedObjects/PK/Certificate/WindowsOEMDevicesPK.der" +sha1 = 0x3D8660C0CB2D57B189C3D7995572A552F75E48B5 +signature_owner = "77fa9abd-0359-4d32-bd60-28f4e78f784b" +description = "Platform Key (owner) who may authorize changes to the KEK Variable" + +################################### +# Default Kek File Entries # +################################### +[KEK] +help = "Contains the Microsoft KEKs to enable signature database updates and binary execution." + +[[KEK.files]] +path = "PreSignedObjects/KEK/Certificates/microsoft corporation kek 2k ca 2023.der" +url = "https://go.microsoft.com/fwlink/?linkid=2239775" +sha1 = 0x459ab6fb5e284d272d5e3e6abc8ed663829d632b +signature_owner = "77fa9abd-0359-4d32-bd60-28f4e78f784b" +description = "2023+ Microsoft Authorizes Signature Database Updates" + +################################## +# Default Db File Entries # +################################## +[DB] +help = "Contains 2023 Microsoft and UEFI third party certificates to verify binaries before execution. Most Compatible." + +[[DB.files]] +path = "PreSignedObjects/DB/Certificates/windows uefi ca 2023.der" +url = "https://go.microsoft.com/fwlink/?linkid=2239776" +sha1 = 0x45a0fa32604773c82433c3b7d59e7466b3ac0c67 +signature_owner = "77fa9abd-0359-4d32-bd60-28f4e78f784b" +description = "2023+ signed Windows Boot Media (e.g. 2023 signed Windows)" + +[[DB.files]] +path = "PreSignedObjects/DB/Certificates/microsoft uefi ca 2023.der" +url = "https://go.microsoft.com/fwlink/?linkid=2239872" +sha1 = 0xb5eeb4a6706048073f0ed296e7f580a790b59eaa +signature_owner = "77fa9abd-0359-4d32-bd60-28f4e78f784b" +description = "2023+ signed Third-Party UEFI CA Signed Applications (e.g. 2023 signed Linux)" + +[[DB.files]] +path = "PreSignedObjects/DB/Certificates/microsoft option rom uefi ca 2023.der" +url = "http://www.microsoft.com/pkiops/certs/microsoft%20option%20rom%20uefi%20ca%202023.crt" +sha1 = 0x3FB39E2B8BD183BF9E4594E72183CA60AFCD4277 +signature_owner = "77fa9abd-0359-4d32-bd60-28f4e78f784b" +description = "2023+ signed UEFI Third-Party Option ROMs (e.g. Graphics/Storage/Networking Drivers)" + +[[DB.files]] +path = "PreSignedObjects/DB/Certificates/MicWinProPCA2011_2011-10-19.der" +url = "https://go.microsoft.com/fwlink/p/?linkid=321192" +sha1 = 0x580a6f4cc4e4b669b9ebdc1b2b3e087b80d0678d +signature_owner = "77fa9abd-0359-4d32-bd60-28f4e78f784b" +description = "2011 signed Windows Boot Media (e.g. 2011 signed Windows)" + +[[DB.files]] +path = "PreSignedObjects/DB/Certificates/MicCorUEFCA2011_2011-06-27.der" +url = "https://go.microsoft.com/fwlink/p/?linkid=321194" +sha1 = 0x46def63b5ce61cf8ba0de2e6639c1019d0ed14f3 +signature_owner = "77fa9abd-0359-4d32-bd60-28f4e78f784b" +description = "2011 signed Third-Party UEFI Applications and Third-Party Option ROMs (e.g. 2011+ Linux and Graphics/Storage/Networking Drivers)" + +############################ +# Default Dbx File Entries # +############################ +[DBX] +help = "Contains a list of revoked certificates that will not execute on this system. Filtered per Architecture (ARM, Intel)." + +[[DBX.files]] +# +# New recommendation is to allow the OS to manage the dbx and not ship a DefaultDbx with the firmware. +# A valid configuration is to ship an unset DBX variable. +# +path = "PreSignedObjects/DBX/dbx.empty" +sha1 = 0xF8D326CCD9233747A29E2F67AFEB77C25787BD39 +signature_owner = "77fa9abd-0359-4d32-bd60-28f4e78f784b" +description = "Special file to create an empty signature database." From 29689df67fc6b741a945aedb3957cf6244b9b2b3 Mon Sep 17 00:00:00 2001 From: Doug Flick Date: Mon, 28 Apr 2025 12:20:17 -0700 Subject: [PATCH 3/3] adding a warning for Microsoft + Option ROMs --- Templates/MicrosoftAndOptionRoms.toml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Templates/MicrosoftAndOptionRoms.toml b/Templates/MicrosoftAndOptionRoms.toml index d384e2b..6400591 100644 --- a/Templates/MicrosoftAndOptionRoms.toml +++ b/Templates/MicrosoftAndOptionRoms.toml @@ -1,8 +1,8 @@ # @file # Template Name: Secure Desktop – Microsoft Only # Description: -# This template is for systems that need to support only Windows signed by the 2023 Windows UEFI Certificate Authority. -# For Windows only systems, this is the most secure template. +# [#!IMPORTANT] This template is not yet recommended for production systems. While this would be more secure than including the UEFI CA, +# currently, the Option ROM CA (e.g. Graphics cards) has not saturated the ecosystem enough to be recommended for production systems. # # Copyright (C) Microsoft Corporation # SPDX-License-Identifier: BSD-2-Clause-Patent