Hi Steve,
You posted just as I was coming to reply!
The reason that corrupting bytes at the end of the PEM key file doesn't invalidate the signature is that an ECDSA key generated by openssl (and possibly other tools) contains the private key bytes at the beginning and the public key bytes after that (the PEM format is a base64-encoded form of the DER format, which is a set of ASN.1 identifiers and values, so inside the blob of text are multiple fields.)
Corrupting the public key won't prevent a valid signature being generated, but if you'd rebuilt the original app using the corrupted key then it would have failed to verify any signatures (because the public key part is embedded into the app for signature verification).
To dump the actual key parameters you can use openssl:
Code: Select all
$ openssl ec -in secure_boot_signing_key.pem -noout -text
read EC key
Private-Key: (256 bit)
priv:
1f:d6:52:99:d7:c5:60:8d:76:68:0f:f0:0f:8c:cd:
69:55:00:10:36:37:17:1e:a2:1b:3c:91:67:f0:8c:
8f:dc
pub:
04:7b:f8:07:e3:5a:32:65:81:f7:7a:e2:d6:52:5b:
78:56:2a:df:75:ab:33:c8:9f:d1:27:a8:77:ba:e2:
71:9d:0b:2f:10:e8:03:fb:7f:12:8f:05:84:22:44:
d8:95:b6:a5:de:48:17:38:0d:79:35:f2:6f:1f:14:
55:01:d9:2b:9e
ASN1 OID: prime256v1
NIST CURVE: P-256
Code: Select all
$ openssl asn1parse -in secure_boot_signing_key.pem
0:d=0 hl=2 l= 119 cons: SEQUENCE
2:d=1 hl=2 l= 1 prim: INTEGER :01
5:d=1 hl=2 l= 32 prim: OCTET STRING [HEX DUMP]:1FD65299D7C5608D76680EF00F8CCD695500103637171EA21B3C9167F08C8FDC
39:d=1 hl=2 l= 10 cons: cont [ 0 ]
41:d=2 hl=2 l= 8 prim: OBJECT :prime256v1
51:d=1 hl=2 l= 68 cons: cont [ 1 ]
53:d=2 hl=2 l= 66 prim: BIT STRING
The offsets in the binary (base64-decoded DER) format are printed at the far left. To corrupt the private key you need to change the "OCTET STRING" bytes, not the longer "BIT STRING" at the end which is the public key.
I double checked that corrupting a byte of the private key causes the update to fail on v3.3.4 as well.
(Note: the above is from a key I generated for the purposes of this test, and have just deleted.)