Difference between revisions of "Verifying DVDs"

From RCS Wiki
Jump to navigation Jump to search
Line 96: Line 96:
 
:Fingerprint (9C2A 6E8F AEA7 EE92 1EFD  4891 9B2B F5BD 337B F51F)  
 
:Fingerprint (9C2A 6E8F AEA7 EE92 1EFD  4891 9B2B F5BD 337B F51F)  
 
:(Verify this fingerprint matches multiple independent sources.)
 
:(Verify this fingerprint matches multiple independent sources.)
 
  
 
===How To===
 
===How To===

Revision as of 22:52, 17 August 2018

How to Verify a Raptor Computing Systems Source DVD

Raptor Computing Systems signs their source DVD images with their publicly available Sales Team GPG key. Verification of DVD contents is strongly recommended to ensure an authentic copy of the software and information contained thereon was received.

Shipments of the Talos II systems include both the source DVD and a letter with a QR Code containing the 40-character PGP Key Fingerprint of the firmware signing key, and a link to where the detached digital signature can be found. For more information on verification of the key itself used to sign the firmware releases, see: The Chain Of Trust. You will need a copy of this signature file along with an extracted ISO image from the DVD to verify the authenticity of the source DVD and the firmware.

Verifying the integrity of your recovery disk

You will need:

  • isoinfo. This is a handy little utility which will print the image about a CD you will need to properly copy the disk in a condition where it will be in the exact condition that it was burned. isoinfo is included in the package manager of most Linux distributions.
  • GnuPG, which is usually invoked from the commandline with the command gpg. By default, almost every Linux distribution should have GnuPG which provides the necessary functions for handling cryptography.
  • The letter marked "Important Information" that came in the box with your Talos II. This should have three QR codes on it, one at the front, and two at the back.
  • A computer that you can trust to verify the integrity of the Talos. This could be an old Pentium IV you have buried away in your basement that has no networking adapter and is running an operating system installation you consider trustworthy, or an X60 laptop running coreboot from 2005.
  • A device that is capable of scanning QR codes that you trust. This could be an old Samsung Galaxy S2 running Replicant that has had cellular antennas removed.

What we will do:

  • We will first copy the CD image to someplace on your drive on your secure, trustworthy computer. Because signing and verification only works if the copying is exact, we will use the Unix utility "data definition" to do it after finding out the information on the image.
  • Once the drive is copied, we will scan the letter for its QR codes to obtain the PGP Key Fingerprints for the respective keys and copy them down.
  • With the PGP key fingerprints scanned, we will then retrieve the keys from Raptor's website or from a PGP Public Key server of our choice via the Internet.
  • We will then validate the Chain of Trust (see: Chain Of Trust, Section 2) to ensure that the key is genuine and valid, and opt to trust the key.
  • Once the chain of trust is valid, we will verify the digital signature on the CD image. If GnuPG verifies that the signature is valid and from a trusted key, we can be reasonably confident that Raptor authorized the sending of the CD image, and it has not been modified since.


When the cd image was signed by Raptor, it was signed in a specific condition. You will need to reproduce this condition exactly right down to the last bit, or the verification will fail and produce a "Bad Signature" error. To do so, we will first need to obtain the information about the drive to supply the right parameters to copy the drive.


Heads-up! If you get an error that says isoinfo: command not found then the correct package has not been installed on your system. If you do not have it, on Debian-based systems such as Ubuntu or Linux Mint, you may obtain them with the command sudo apt install genisoimage which should automatically download and install isoinfo and its dependencies on your system.


This tutorial assumes that your cd rom device entry is listed as /dev/cdrom. However, some systems may not have the symbolic link of /dev/cdrom to /dev/sr0. You may check to see which device entry your DVD or BD ROM is by inserting the disk, and typing without any other arguments mount | grep udf which will display all the device entries associated with handling the currently inserted disks. The device entry will be the first entry listed, for example:

user@trustedsystem:~$ mount | grep udf /dev/sr0 on /media/cdrom0 type udf

In this tutorial, we will use /dev/sr0.

We will be looking for two specific items here: Logical Block Size, and Volume Size, which will become parameters will then pass on to Data Definition. To make this easier for the end user, we can use grep to search through the entire output text and only print the information we want with the following command This should return two lines, one number representing logical block size, and the other number representing the volume block size.


user@trustedsystem:~$ isoinfo -d -i /dev/sr0 | grep -E 'Logical block size|Volume size'

Logical block size is: 2048

Volume size is: 4135453

STOP! Do not simply enter the values obtained on the Wiki blindly. The values for Logical Block Size and Volume size shown here are listed as being for example only, and may change depending on which version of the disk you were supplied with. Always double check your command syntax prior to entering it. Each person's system will be slightly different, so ensure you do what is right for your system, not just what is listed on the wiki page.

With this information now known, we will now begin deterministing copying of the CD via the data definition (or define data) tool, dd. dd is a utility that has been a part of all Unix-like operating systems since approximately 1985. dd mainly utilizes two parameters, the input file, which is specified by "if", and the output file specified by "of", and will bitwise copy from the input file to the output file, along with any parameters we want to set, such as the block size, and the volume size. We will then set the parameters as such:

  • Input file, or if= The input file should be the device entry for your CD ROM, which we obtained earlier by searching for the mounted media of the type "udf". In our example, we are using /dev/sr0
  • Output file, or of= The output file is the clone we will copy to the disk to verify. Here, we will put it in your home directory, with the filename "raptordisk.iso" or the absolute filename "~/raptordisk.iso"
  • Block Size or bs= The block size will be the number indicated by "Logical block size" as given by isoinfo.
  • Volume Size, or count=The volume size is the exact size of the entire volume, in the number of blocks.

For our example, our command syntax will be the following. To include a progress meter, simply include "status=progress" to let the computer know you wish to view the progress of the copy being made in real time. This will produce an exact clone of the disk to your home directory under the name "raptordisk.iso".


dd if="/dev/sr0" of="~/raptordisk.iso" count=4135453 bs=2048 status=progress


STOP! dd is a powerful tool intended for low-level, bitwise copying of the actual ones and zeroes on the disk or media. The dd command is intended to restore backups and make exact clones of data, but can also be repurposed for secure erasure of hard drives. With great power comes great responsibility: ensure that the input file and output file denoted by "if=" and "of" respectively are the files you really want to write. Never specify an output file to one you do not intend to overwrite!



Once created, you may verify the ISO with GPG:

gpg --verify <GPG signature file> source.iso


Verify Without Saving ISO:

gpg --verify talos_recovery_disk_v1.0x.iso.asc <(dd if=/dev/cdrom bs=<block size> count=<volume size>)


E.g.

gpg --verify talos_recovery_disk_v1.02.iso.asc <(dd if=/dev/cdrom bs=2048 count=3861982)


Using gnupg to Verify The Chain of Trust Back to Raptor

Overview

  • The letter you received with your Talos should have the fingerprint of the Raptor Umbrella signer key.
  • The umbrella key (master key) is used to sign other keys.
  • Your ISO will not be signed with the umbrella key, but rather another Raptor related key, that was signed by the umbrella key.
  • It is necessary to verify multiple keys to complete the chain of trust to the widely distributed "Umbrella Signer" key.
Hierarchy
Umbrella Key
Firmware Signer or other Raptor Key (Signed by Umbrella)
DVD ISO (Signed by Firmware or Sales Key)

Umbrella Key Fingerprint

Raptor Computing Systems Primary Signer (Umbrella Signer) <authentication@raptorcs.com>
Fingerprint (9C2A 6E8F AEA7 EE92 1EFD 4891 9B2B F5BD 337B F51F)
(Verify this fingerprint matches multiple independent sources.)

How To

Find iso version (from the included letter) and download the correct signature file:

In this example we will be using v1.03.
Details may vary for other versions/keys, but they all should lead back to the Raptor Umbrella Signer.
wget https://www.raptorcs.com/verification/gpg/talos_ii/recovery_disks/talos_recovery_disk_v1.03.iso.asc

Verifying the ISO Signature:

gpg --verify talos_recover_disk_v.103.iso.asc source.iso
If you see this message, you need to import the public key:
gpg: Signature made Mon 30 Apr 2018 04:44:08 PM MDT
gpg: using RSA key 101A7EF8EF283DDC
gpg: Can't check signature: No public key


Importing a Key (If Applicable)
gpg --recv-keys 101A7EF8EF283DDC
gpg: key 101A7EF8EF283DDC: public key "Raptor Computing Systems Firmware Signer (2018) (2018 Firmware Signer) <support@raptorcs.com>" imported
gpg: no ultimately trusted keys found
gpg: Total number processed: 1
gpg: imported: 1


Successful verification of the signed ISO
gpg: Signature made Mon 30 Apr 2018 04:44:08 PM MDT
gpg: using RSA key 101A7EF8EF283DDC
gpg: Good signature from "Raptor Computing Systems Firmware Signer (2018) (2018 Firmware Signer) <support@raptorcs.com>" [marginal]
gpg: support@raptorcs.com: Verified 1 signature in the past 10 days. Encrypted 0 messages.
...
gpg: It is not certain that the signature belongs to the owner.
Primary key fingerprint: D7E9 CE35 33F1 938C 6F8E F5FD 101A 7EF8 EF28 3DDC


Verifing Keys

We've verified that source.iso was signed by 101A7EF8EF283DDC (2018 Firmware Signer) <support@raptorcs.com>, but how do we know that key really belongs to Raptor?
gpg --list-signatures 101A7EF8EF283DDC

    pub   rsa4096 2018-04-25 [SC] [expires: 2019-01-20]
          D7E9CE3533F1938C6F8EF5FD101A7EF8EF283DDC
    uid           [marginal] Raptor Computing Systems Firmware Signer (2018) (2018 Firmware Signer) <support@raptorcs.com>
    sig 3        101A7EF8EF283DDC 2018-04-25  Raptor Computing Systems Firmware Signer (2018) (2018 Firmware Signer) <support@raptorcs.com>
    sig          9B2BF5BD337BF51F 2018-04-25  Raptor Computing Systems Primary Signer (Umbrella Signer) <authentication@raptorcs.com>
    sub   rsa4096 2018-04-25 [E] [expires: 2019-01-20]
    sig          101A7EF8EF283DDC 2018-04-25  Raptor Computing Systems Firmware Signer (2018) (2018 Firmware Signer) <support@raptorcs.com>

101A7EF8EF283DDC was signed by 9B2BF5BD337BF51F
gpg --fingerprint 9B2BF5BD337BF51F

    pub   rsa4096 2018-04-16 [SC]
          9C2A 6E8F AEA7 EE92 1EFD  4891 9B2B F5BD 337B F51F
    uid           [marginal] Raptor Computing Systems Primary Signer (Umbrella Signer) <authentication@raptorcs.com>
    sub   rsa4096 2018-04-16 [E]

todo(nashimus): Finish section on verifying signed keys.

The Chain of Trust

Digital signatures offer sender authentication (a guarantee of who sent the message) as well as provide message integrity (a guarantee that the message has not been altered since the sender authorized it), on one crucial, pivotal condition: that the key itself can be verified to actually belong to who it purports to belong to. If this condition is not met, an adversary could simply change the keys and replace the signatures on a counterfeit disk with one of their own, then impersonate the sender to recipient or vice-versa.

PGP was originally designed with the implicit assumption that the sender and recipient would either be able to meet each other in person to determine the validity of their keys, or would know "trusted introducers" that they believed to be trustworthy that could do so on their behalf through the use of the PGP "Web Of Trust". This "Web Of Trust" model is impractical when the sender and recipient do not know each other and are not in a position where they could meet in person or have any trusted friends in common.

As an alternative to this, Raptor has included a letter marked "Important Information" that is included with all Talos IIs. This letter contains a QR code which encodes the PGP key fingerprint of the key used to sign the firmware. The QR code is marked with Raptor Computing System's logo and should be on the opposite side of the letter. When scanned with any QR Code reading application, it will contain the 40-character plain text hexadecimal SHA-1 fingerprint used to uniquely prove the key's uniqueness. Please note that this format is not compatible with Android OpenKeyChain's "Scan From QR Code" function, and simply gives the raw 40-character fingerprint without spaces or comma separation.

This forms something of a chain of trust that looks like the following:

  • You and the message you wish to verify;
  • Genuineness of the message attested by the Digital Signature;
  • Production of the Digital Signature using the Firmware Signing Key;
  • Verification of the Hash of the Firmware Signing Key via the QR Code included in Raptor's "Important Information" Letter, and possibly out of band, such as via a phone call or by contacting another Talos owner you trust over an end-to-end secure and authenticated channel to get their input.

The digital signatures provided by Raptor's Website, as well as the copies of the keys may then be obtained from an untrusted source, such as via the outside, untrusted internet, as long as the Key Fingerprint matches and the package has not been disturbed or surreptitiously modified while in transit.