search

AMDESE / AMDSEV

AMD Secure Encrypted Virtualization
291 stars 86 forks source link

CA certificate format improvements #24

Open npmccallum opened 5 years ago

npmccallum commented 5 years ago

The current version of CA certs looks like this:

Byte Offset Bits Name
00h 31:0 VERSION
04h 127:0 KEY_ID
14h 127:0 CERTIFYING_ID
24h 31:0 KEY_USAGE
28h 127:0 (reserved)
38h 31:0 PUBEXP_SIZE
3Ch 31:0 MODULUS_SIZE
40h 2047:0 or 4095:0 PUBEXP
- 2047:0 or 4095:0 MODULUS
- 2047:0 or 4095:0 SIGNATURE

I am proposing that version 2 consider the following improvements:

Byte Offset Bits Name Comments
00h 31:0 VERSION Version 2
04h 31:0 KEY_USAGE
08h 63:0 (reserved)
10h 127:0 KEY_ID
20h 31:0 PUBEXP_SIZE
24h 2047:0 or 4095:0 PUBEXP
- 31:0 MODULUS_SIZE
- 2047:0 or 4095:0 MODULUS
- 31:0 SIGNATURE_SIZE Self-describing signature length
- 2047:0 or 4095:0 SIGNATURE
- 127:0 CERTIFYING_ID Excluded from signature

The improvements are as follows:

  1. Add SIGNATURE_SIZE
  2. CERTIFYING_ID excluded from signature
  3. Field sizes always appear adjacent to their corresponding fields

The self-describing signature length is the most important improvement. As the format currently stands, there is no way to know the size of this field when parsing. The only way to know is to have the parent certificate in the parsing code context. This is a layering violation.

Excluding the CERTIFYING_ID makes the signing workflow much simpler. Generally, you will generate an unsigned certificate and later append a signature (including CERTIFYING_ID) later. When the CERTIFYING_ID is included in the signature, then the serialization code needs to know the signer's CERTIFYING_ID. This is a layering violation.

The third improvement is minor. It allows a single parsing function to be used for each of the fields. Thus, it enables code reuse.

npmccallum commented 5 years ago

An alternative to this proposal would be to create a new version of the SEV certificate format which includes the KEY_ID in the header and the CERTIFYING_ID in each of the signatures. This would allow SEV to retire the use of CA certificates altogether, unifying them into a single format.

npmccallum commented 5 years ago

My clear preference, however, is using X.509 (#20). But if we aren't going to get that, then at least some other improvements would be helpful.