Work Package 5: Trusted Platform Module and Unified Extensible Firmware Interface “Secure Boot” Version: 1.0 Federal Office for Information Security Post Box 20 03 63 D-53133 Bonn Phone: +49 22899 9582-0 E-Mail: [email protected] Internet: https://www.bsi.bund.de © Federal Office for Information Security 2018 Table of Contents Table of Contents 1 Introduction.......................................................................................................................................................................................... 7 1.1 Zusammenfassung...................................................................................................................................................................... 7 1.2 Executive Summary................................................................................................................................................................. 11 1.3 General Concepts and Terminology.................................................................................................................................13 2 Technical Analysis of Functionalities..................................................................................................................................... 16 2.1 TPM Communication Interfaces....................................................................................................................................... 16 2.1.1 TPM Communication: User-land...............................................................................................................................17 2.1.2 TPM Communication: Kernel-land...........................................................................................................................22 2.1.3 TPM Usage Profiles............................................................................................................................................................ 22 2.2 Windows Boot............................................................................................................................................................................ 23 2.2.1 Boot Manager....................................................................................................................................................................... 24 2.2.2 Windows Loader................................................................................................................................................................. 27 2.2.3 Windows Kernel.................................................................................................................................................................. 29 2.3 The Windows Defender ELAM Driver............................................................................................................................. 36 2.4 Integrity Measurement........................................................................................................................................................... 40 2.5 TPM Provisioning..................................................................................................................................................................... 46 2.5.1 Manual Provisioning......................................................................................................................................................... 47 2.5.2 Auto-provisioning.............................................................................................................................................................. 51 2.6 Security Aspects......................................................................................................................................................................... 53 3 Configuration and Logging Capabilities...............................................................................................................................56 3.1 Configuration Capabilities.................................................................................................................................................... 56 3.1.1 Programmatic Configuration Capabilities.............................................................................................................57 3.1.2 Non-programmatic Configuration Capabilities..................................................................................................58 3.1.3 Recommended Configuration Settings....................................................................................................................63 3.2 Logging Capabilities................................................................................................................................................................. 64 Appendix.............................................................................................................................................................................................. 69 Tools................................................................................................................................................................................................ 69 TPM Usage Profiler................................................................................................................................................................... 70 TPM Usage.................................................................................................................................................................................... 71 ELAM Database Parser............................................................................................................................................................ 71 WBCL Parser................................................................................................................................................................................ 74 Measured Executables............................................................................................................................................................. 74 Reference Documentation........................................................................................................................................................... 77 Keywords and Abbreviations...................................................................................................................................................... 78 Federal Office for Information Security 3 Table of Contents eeeeeeeeeee Figures Figure 1: A TPM key hierarchy................................................................................................................................................................. 14 Figure 2: Interfaces for communicating with the TPM...............................................................................................................16 Figure 3: Submitting a TPM command using Tbsip_Submit_Command...........................................................................18 Figure 4: Execution of Tbsip_Submit_Command........................................................................................................................... 19 Figure 5: Submission of TPM commands..........................................................................................................................................20 Figure 6: The ACPI TPM2 table................................................................................................................................................................ 20 Figure 7: Loading and initializing the Platform Cryptographic Provider...........................................................................21 Figure 8: Dynamic loading of TPM-related library files..............................................................................................................21 Figure 9: The booting process of a Windows-based platform..................................................................................................23 Figure 10: Public keys stored in the boot manager and the UEFI firmware......................................................................25 Figure 11: Function stack: Image loading and integrity verification by the boot manager........................................26 Figure 12: A public key of a root certificate stored in the boot manager.............................................................................27 Figure 13: Function stack: Image loading and integrity verification by the Windows loader...................................28 Figure 14: Function stack: Image loading and integrity verification by the Windows kernel...................................29 Figure 15: Snippet of a Windows compatibility database file...................................................................................................31 Figure 16: Pseudo-code of CipValidateFileHash and functions it invokes.........................................................................32 Figure 17: An Authenticode signature and a PE hash value......................................................................................................33 Figure 18: A hash code and a list of signers.......................................................................................................................................34 Figure 19: crashdmp.sys: The ContentInfo section and the PE hash value........................................................................35 Figure 20: A public key of a root certificate