Verifying DVDs

From RCS Wiki
Jump to navigation Jump to search

How to Verify a Raptor Computing Systems Source DVD

Raptor Computing Systems signs their source DVD images with their publicly available Sales Team GPG key. Verification of DVD contents is strongly recommended to ensure an authentic copy of the software and information contained thereon was received.

Shipments of the Talos II systems include both the source DVD and a letter with a QR Code containing the 40-character PGP Key Fingerprint of the firmware signing key, and a link to where the detached digital signature can be found. For more information on verification of the key itself used to sign the firmware releases, see: The Chain Of Trust. You will need a copy of this signature file along with an extracted ISO image from the DVD to verify the authenticity of the source DVD and the firmware.

Overview

You will need:

  • isoinfo. This is a handy little utility which will print the image about a CD you will need to properly copy the disk in a condition where it will be in the exact condition that it was burned. isoinfo is included in the package manager of most Linux distributions.
  • GnuPG, which is usually invoked from the commandline with the command gpg. By default, almost every Linux distribution should have GnuPG which provides the necessary functions for handling cryptography.
  • The letter marked "Important Information" that came in the box with your Talos II. This should have three QR codes on it, one at the front, and two at the back.
  • A computer that you can trust to verify the integrity of the Talos. This could be an old Pentium IV you have buried away in your basement that has no networking adapter and is running an operating system installation you consider trustworthy, or an X60 laptop running coreboot from 2005.
  • A device that is capable of scanning QR codes that you trust. This could be an old Samsung Galaxy S2 running Replicant that has had cellular antennas removed.

What we will do:

  • We will first copy the CD image to someplace on your drive on your secure, trustworthy computer. Because signing and verification only works if the copying is exact, we will use the Unix utility "data definition" to do it after finding out the information on the image.
  • Once the drive is copied, we will scan the letter for its QR codes to obtain the PGP Key Fingerprints for the respective keys and copy them down.
  • With the PGP key fingerprints scanned, we will then retrieve the keys from Raptor's website or from a PGP Public Key server of our choice via the Internet.
  • We will then validate the Chain of Trust (see: Chain Of Trust, Section 2) to ensure that the key is genuine and valid, and opt to trust the key.
  • Once the chain of trust is valid, we will verify the digital signature on the CD image. If GnuPG verifies that the signature is valid and from a trusted key, we can be reasonably confident that Raptor authorized the sending of the CD image, and it has not been modified since.

Deterministic Copying Of The Disk

When the cd image was signed by Raptor, it was signed in a specific condition. You will need to reproduce this condition exactly right down to the last bit, or the verification will fail and produce a "Bad Signature" error. To do so, we will first need to obtain the information about the drive to supply the right parameters to copy the drive.


Heads-up! If you get an error that says isoinfo: command not found then the correct package has not been installed on your system. If you do not have it, on Debian-based systems such as Ubuntu or Linux Mint, you may obtain them with the command sudo apt install genisoimage which should automatically download and install isoinfo and its dependencies on your system.


This tutorial assumes that your cd rom device entry is listed as /dev/cdrom. However, some systems may not have the symbolic link of /dev/cdrom to /dev/sr0. You may check to see which device entry your DVD or BD ROM is by inserting the disk, and typing without any other arguments mount | grep udf which will display all the device entries associated with handling the currently inserted disks. The device entry will be the first entry listed, for example:

user@trustedsystem:~$ mount | grep udf
/dev/sr0 on /media/cdrom0 type udf 

In this tutorial, we will use /dev/sr0.

We will be looking for two specific items here: Logical Block Size, and Volume Size, which will become parameters will then pass on to Data Definition. To make this easier for the end user, we can use grep to search through the entire output text and only print the information we want with the following command This should return two lines, one number representing logical block size, and the other number representing the volume block size.


user@trustedsystem:~$ isoinfo -d -i /dev/sr0 | grep -E 'Logical block size|Volume size'
Logical block size is: 2048
Volume size is: 4135453

STOP! Do not simply enter the values obtained on the Wiki blindly. The values for Logical Block Size and Volume size shown here are listed as being for example only, and may change depending on which version of the disk you were supplied with. Always double check your command syntax prior to entering it. Each person's system will be slightly different, so ensure you do what is right for your system, not just what is listed on the wiki page.

With this information now known, we will now begin deterministing copying of the CD via the data definition (or define data) tool, dd. dd is a utility that has been a part of all Unix-like operating systems since approximately 1985. dd mainly utilizes two parameters, the input file, which is specified by "if", and the output file specified by "of", and will bitwise copy from the input file to the output file, along with any parameters we want to set, such as the block size, and the volume size. We will then set the parameters as such:

  • Input file, or if= The input file should be the device entry for your CD ROM, which we obtained earlier by searching for the mounted media of the type "udf". In our example, we are using /dev/sr0
  • Output file, or of= The output file is the clone we will copy to the disk to verify. Here, we will put it in your home directory, with the filename "raptordisk.iso" or the absolute filename "~/raptordisk.iso"
  • Block Size or bs= The block size will be the number indicated by "Logical block size" as given by isoinfo.
  • Volume Size, or count=The volume size is the exact size of the entire volume, in the number of blocks.

For our example, our command syntax will be the following. To include a progress meter, simply include "status=progress" to let the computer know you wish to view the progress of the copy being made in real time. This will produce an exact clone of the disk to your home directory under the name "raptordisk.iso".


dd if="/dev/sr0" of="~/raptordisk.iso" count=4135453 bs=2048 status=progress


STOP! dd is a powerful tool intended for low-level, bitwise copying of the actual ones and zeroes on the disk or media. The dd command is intended to restore backups and make exact clones of data, but can also be repurposed for secure erasure of hard drives. With great power comes great responsibility: ensure that the input file and output file denoted by if= and of= respectively are the files you really want to write. Never specify an output file to one you do not intend to overwrite!

If all has been done correctly, this will procedure should create a bit-wise (exact) clone of the disk image in your home directory, which will be called "raptordisk.iso." We will verify this clone shortly.


Using gnupg to Verify The Chain of Trust Back to Raptor

Digital signatures offer sender authentication (a guarantee of who sent the message) as well as provide message integrity (a guarantee that the message has not been altered since the sender authorized it), on one crucial, pivotal condition: that the key itself can be verified to actually belong to who it purports to belong to. If this condition is not met, an adversary could simply change the keys and replace the signatures on a counterfeit disk with one of their own, then impersonate the sender to recipient or vice-versa.

PGP was originally designed with the implicit assumption that the sender and recipient would either be able to meet each other in person to determine the validity of their keys, or would know "trusted introducers" that they believed to be trustworthy that could do so on their behalf through the use of the PGP "Web Of Trust". This "Web Of Trust" model is impractical when the sender and recipient do not know each other and are not in a position where they could meet in person or have any trusted friends in common.

As an alternative to this, Raptor has included a letter marked "Important Information" that is included with all Talos IIs. This letter contains a QR code which encodes the PGP key fingerprint of the key used to sign the firmware. The QR code is marked with Raptor Computing System's logo and should be on the opposite side of the letter. When scanned with any QR Code reading application, it will contain the 40-character plain text hexadecimal SHA-1 fingerprint used to uniquely prove the key's uniqueness. Please note that this format is not compatible with Android OpenKeyChain's "Scan From QR Code" function, and simply gives the raw 40-character fingerprint without spaces or comma separation.

This forms something of a chain of trust that looks like the following:

  • You and the message you wish to verify, in this case Raptor's DVD;
  • Genuineness of the message attested by the Digital Signature;
  • Production of the Digital Signature using the Firmware Signing Key or by a Sales Key;
  • Validation of the Firmware Signing Key by the Umbrella Signing Key;
  • Security of where the Secret Key for Raptor's Umbrella Signing Key and cryptographic materials are stored.
  • Verification of the Hash of the Signing Key via the QR Code included in Raptor's "Important Information" Letter.

The theory behind this chain of trust is simple: Raptor is a large company and may require many different keys to be used for different reasons and different jobs. Rather than needing to verify many different keys out of band for everything manually, instead Raptor can generate one key that represents them, and digitally certifies all the keys that they use, then keep that one special umbrella signing key in an ultra-secure place. Users that wish to verify that a key really does belong to Raptor then only need to verify that one key at the end of the chain of trust, and if they trust it, all the keys that it validates may be assumed to actually belong to Raptor. This approach provides separation of duties by keeping different keys for different jobs, some amount of convenience by ensuring users only need to verify one key, and ensures that the Umbrella Key does not need to be entrusted to many different people. In turn, keeping the number of people who need to be trusted with the key reduces the likelihood that someone may mishandle it and allow it to leak. As a side-benefit, in the event that one of the keys it certified is stolen, Raptor can simply use the Umbrella key to revoke its certification to inform other people that the key has been compromised and is no longer valid, without having to start over from scratch with entirely new credentials and force everyone to go through the entire exercise of verifying all of the keys all again.

The detached digital signature files produced by the signing keys are available on Raptor's Website. Copies of the public keys may then be obtained from an untrusted source, such as via the outside, untrusted internet, as long as the Key Fingerprint matches and the package has not been disturbed or surreptitiously modified while in transit.


Obtaining the Public Key

To obtain the Umbrella Signing Public Key, you may use the url included on the letter, which is also given as a QR-code that may be scanned by any QR-code reading software or by visiting the url below it. Although the download is made over Transport Layer Security (or SSL), the key should first be verified locally on your computer against the 40-character fingerprint obtained by scanning the QR code in the letter. To do this, we will check the key fingerprint of the key we receive

The public key will be available in ascii-armoured format and will be marked to note where the public key begins and ends. If your browser does not automatically download it, you may copy the page to your hard drive using wget or curl, and pass it to GnuPG with the following terminal command sequence. Note that if the url you receive on your letter is different from the one you see here, take the one on the letter to be correct.

curl https://www.raptorcs.com/keys/gpg/0x337BF51F.pub | gpg --import 

You may see a screen that resembles something like this:

pub  rsa4096/9B2BF5BD337BF51F  created: 2018-04-16  expires: never
      Key fingerprint = XXXX XXXX XXXX XXXX XXXX  XXXX XXXX XXXX XXXX XXXX

     Raptor Computing Systems Primary Signer (Umbrella Signer) <authentication@raptorcs.com>

Do you want to import this key? (y/N)

Note that in this tutorial, X's are shown here to denote where the key fingerprint would be. Compare this result displayed on your computer to the 40-character key fingerprint you obtained from scanning the QR-Code reader. It must match exactly to avoid obtaining a counterfeit key. If the 40-character key fingerprint matches exactly, you can sign it locally with one of your own keys, or you can take ownership of the key by setting its trust to ultimate. First, we will edit the key with:

Heads Up! This tutorial assumes you have no ultimately trusted keys in your GnuPG trust database. The "Ultimate" trust level in GnuPG is intended for keys you own, and is required to validate other keys. Setting ultimate trust for a key you do not own is normally a very harmful use case, as an ultimately trusted key that you do not own can be used to issue counterfeit keys for your contacts and impersonate your contacts to you unless you decide to stop trusting it. After the key is no longer needed to be trusted, you should un-set its trust from Ultimate. You can avoid using these issues by locally signing Raptor's Umbrella key with an ultimately trusted key that you own using gpg --lsign-key.

 gpg --edit-key 0x337BF51F

This will bring us to the gpg> key editing dialogue.

 
pub  rsa4096/9B2BF5BD337BF51F
     created: 2018-04-16  expires: never       usage: SC  
     trust: unknown       validity: unknown
sub  rsa4096/366FA0E6B8EE80D8
     created: 2018-04-16  expires: never       usage: E   
[ unknown] (1). Raptor Computing Systems Primary Signer (Umbrella Signer) <authentication@raptorcs.com>

gpg> 

At the prompt, type trust.

gpg> trust

This will return the trust dialogue.

Please decide how far you trust this user to correctly verify other users' keys
(by looking at passports, checking fingerprints from different sources, etc.)

  1 = I don't know or won't say
  2 = I do NOT trust
  3 = I trust marginally
  4 = I trust fully
  5 = I trust ultimately
  m = back to the main menu

Your decision? 

Enter 5 for ultimate and press return.

Please note that the shown key validity is not necessarily correct
unless you restart the program.

gpg> 

Type quit and press return.


Umbrella Key Fingerprint

Raptor Computing Systems Primary Signer (Umbrella Signer) <authentication@raptorcs.com>
Fingerprint (9C2A 6E8F AEA7 EE92 1EFD 4891 9B2B F5BD 337B F51F)
(Verify this fingerprint matches multiple independent sources.)


Additional information on validating public keys:
The GNU Privacy Handbook: Validating other keys on your public keyring

How To

Get Block and Logical Volume Sizes (Needed Later)

isoinfo -d -i /dev/sr0 | grep -E 'Logical block size|Volume size'

Logical block size is: 2048
Volume size is: 3871504

Save ISO File (Optional)

dd if="/dev/sr0" of="source.iso" count=<volume size> bs=<block size>
dd if="/dev/sr0" of="source.iso" count=3871504 bs=2048

Download Signature File:

In this example we will be verifying a v1.03 disc.
Details may vary for other versions/keys, but they all should lead back to the Raptor Umbrella Signer.
wget https://www.raptorcs.com/verification/gpg/talos_ii/recovery_disks/talos_recovery_disk_v1.03.iso.asc

Verifying ISO Signature:

Verifying ISO file:

gpg --verify talos_recover_disk_v.103.iso.asc source.iso

Verify without saving ISO (Optional):

gpg --verify talos_recovery_disk_v1.03.iso.asc <(dd if=/dev/cdrom bs=<block size> count=<volume size>)
gpg --verify talos_recovery_disk_v1.03.iso.asc <(dd if=/dev/cdrom bs=<2048> count=<3871504>)
If you see this, import the public key and verify again:
    gpg: Signature made Mon 30 Apr 2018 04:44:08 PM MDT
    gpg: using RSA key 101A7EF8EF283DDC
    gpg: Can't check signature: No public key
Importing a Key (If Applicable)
gpg --recv-keys 101A7EF8EF283DDC
    gpg: key 101A7EF8EF283DDC: public key "Raptor Computing Systems Firmware Signer (2018) (2018 Firmware Signer) <support@raptorcs.com>" imported
    gpg: no ultimately trusted keys found
    gpg: Total number processed: 1
    gpg:               imported: 1
Successful Verification of Signed ISO
    gpg: Signature made Mon 30 Apr 2018 04:44:08 PM MDT
    gpg:                using RSA key 101A7EF8EF283DDC
    gpg: Good signature from "Raptor Computing Systems Firmware Signer (2018) (2018 Firmware Signer) <support@raptorcs.com>" [marginal]
    gpg: support@raptorcs.com: Verified 1 signature in the past 10 days.  Encrypted 0 messages.
    ...
    gpg:          It is not certain that the signature belongs to the owner.
    Primary key fingerprint: D7E9 CE35 33F1 938C 6F8E  F5FD 101A 7EF8 EF28 3DDC
Verifing Keys

We've verified that source.iso was signed by 101A7EF8EF283DDC (2018 Firmware Signer) <support@raptorcs.com>.
How do we verify that key really belongs to Raptor?
gpg --list-signatures 101A7EF8EF283DDC

    pub   rsa4096 2018-04-25 [SC] [expires: 2019-01-20]
          D7E9CE3533F1938C6F8EF5FD101A7EF8EF283DDC
    uid           [marginal] Raptor Computing Systems Firmware Signer (2018) (2018 Firmware Signer) <support@raptorcs.com>
    sig 3        101A7EF8EF283DDC 2018-04-25  Raptor Computing Systems Firmware Signer (2018) (2018 Firmware Signer) <support@raptorcs.com>
    sig          9B2BF5BD337BF51F 2018-04-25  Raptor Computing Systems Primary Signer (Umbrella Signer) <authentication@raptorcs.com>
    sub   rsa4096 2018-04-25 [E] [expires: 2019-01-20]
    sig          101A7EF8EF283DDC 2018-04-25  Raptor Computing Systems Firmware Signer (2018) (2018 Firmware Signer) <support@raptorcs.com>

101A7EF8EF283DDC was signed by 9B2BF5BD337BF51F
gpg --fingerprint 9B2BF5BD337BF51F

    pub   rsa4096 2018-04-16 [SC]
          9C2A 6E8F AEA7 EE92 1EFD  4891 9B2B F5BD 337B F51F
    uid           [marginal] Raptor Computing Systems Primary Signer (Umbrella Signer) <authentication@raptorcs.com>
    sub   rsa4096 2018-04-16 [E]

Scraps=

This section is just for WIP


Once created, you may verify the ISO with GPG:

gpg --verify <GPG signature file> source.iso


Verify Without Saving ISO:

gpg --verify talos_recovery_disk_v1.0x.iso.asc <(dd if=/dev/cdrom bs=<block size> count=<volume size>)


E.g.

gpg --verify talos_recovery_disk_v1.02.iso.asc <(dd if=/dev/cdrom bs=2048 count=3861982)