coreboot

The open source coreboot firmware project implements verified boot, which is similar to a combination of OBB verification and UEFI Secure Boot.

Figure 3-2 shows the verified boot flow. Table 3-2 shows keys used in the verified boot flow.

Figure 3-2: coreboot Verified Boot (source: “Verified Boot in Chrome OS and how to make it work for you”)

Table 3-2: Keys used by coreboot verified boot (source: “Verified Boot: Surviving in the Internet of Insecure Things”)

Key

Verifies

Stored in

Versioned

Notes

Root Key

Firmware Data Key

RO Firmware

NO

Private key in a locked room guarded by laser sharks; N of M present. RSA4096+

Firmware Data Key

RW Firmware

RW FW Header

YES

Private key on signing server. RSA4096.

Kernel Subkey

Kernel Data Key

RW Firmware

YES (as FW)

Private key only needed to sign new kernel data key. RSA4096.

Kernel Data Key

OS Kernel

OS kernel Header

YES

Private key on signing server. RSA2048.

Recovery Key

Recovery OS Kernel

RO Firmware

NO

Locked room and laser sharks. RSA4096+. Different than all keys above. Signs recovery installer, not payload.

Table 3-3: coreboot Verified Boot (for firmware)

Item

Entity

Provider

Location

TP

Read/Write Firmware Verification

OEM

Flash (Read Only Region)

CDI

Read-Only Firmware

OEM

Flash (Read Only Region)

Root key

OEM

RO firmware, Google Binary Blob (GBB)

UDI

Read/Write Firmware

OEM

Flash (Read Write Region)

Table 3-4: coreboot Verified Boot (for OS)

Item

Entity

Provider

Location

TP

OS Kernel Verification

OEM

Flash (Read Write Region)

CDI

Read-Write Firmware

OEM

Flash (Read Write Region)

Kernel Subkey

OSV

R/W firmware, Google Binary Blob (GBB)

UDI

OS Kernel

OSV

External storage