- Release Signoff Checklist
- Summary
- Motivation
- Proposal
- Design Details
- Drawbacks
- Alternatives
- Infrastructure Needed (optional)
- Enhancement issue in release milestone, which links to pull request in [keylime/enhancements]
- Core members have approved the issue with the label
implementable - Design details are appropriately documented
- Test plan is in place
- User-facing documentation has been created in [keylime/keylime-docs]
Keylime currently only supports verification of IMA measurement lists against an allowlist (whitelist) and exclude list. This proposal suggests to extend Keylime to support IMA signature verification by supporting the 'ima-sig' template.
The allowlist that is used to verify the IMA measurements received from a system may be a huge list with multiple thousand entries. The size of the allowlist primarily depends on the number of software packages installed on a system and thus the expected number of possible measurements coming from that system. An alternative to allowlist reconciliation is to verify file signatures using a few keys that were used to sign immutable files on such a system. A combination of both is also possible.
Having an exclude list to skip over measurements on mutable files will still be necessary since those cannot be signed.
The goal of this extension involves the following:
- Support for parsing 'ima-sig' template entries in the IMA measurement list
- Support for signature verification of each signature found in an 'ima-sig' template using per-system public keys
- Registration of per-system public keys to be used for signature verification
The following is a list of non-goals:
- Addition of support for other IMA templates besides the proposed 'ima-sig' template; others can be supported later through separate enhancements
This proposal will develop and deliver the following features:
- The verifier will be extended to support parsing the 'ima-sig' template
- The verifier will be extended to support signature verification on signatures found in a 'ima-sig' template entry using per-system registered public keys (RSA, DSA, EC, etc)
- The verifier will require that each IMA measurement list entry will either be verifiable with a key or can be reconciled against a allowlist or exclude list; every IMA measurement list entry must be 'covered'
- The tenant client tool will be extended to support registering per-system public keys to be used for signature verification
- Test cases will be written that read in the example keys and IMA measuement lists and perform signature verification along with alllwlist and exclude list reconciliation
- Signature verification may be more CPU intensive than verification against a small allowlist of measurements; on the other hand the advantage of signature verification is that it only needs a few keys rather than a possibly huge allowlist
- Every IMA measurement entry should be covered either using a measurement allowlist reconciliation, be part of an exclude list, or the signature verification has to succeed; the complexity on the user side is to setup a system by signing some immutable files while leaving others to allowlist and putting mutable files into an exclude list
- A prototype of this extension is being built here: https://github.com/stefanberger/keylime/commits/ima_sig
TBD
To make it easy for a client, the tenant tool will be able to read public key files in various format, such as PEM or DER formatted public keys, x509 certificates, or even private keys. Only the public key parts will be stored in the Keylime database.
The existing exclude list will be used for skipping of mutable files. If no allowlist is passed via the tenant tool, only signatures Will be verified. All IMA measurement list entries that have signatures must be verifiable with one of the provided public keys, otherwise the file must be in the excluded list. If an allowlist, exclude list, and keys for signature verification are provided then each measurement list entry that is not skipped due to the exclude list must pass both the signature verification and be in the allowlist. Another model would be to require signature validation for entries that show a signature and be in the allowlist otherwise. If such a model is valid, then this could be enabled with some sort of evaluation policy (a simple flag). Different behavior on a per measurement list entry basis may be too complicated to setup for a user.
For testing we will use sample IMA measurement lists that have the 'ima-sig' template and file signatures, along with measurement whitelists and excluded lists and with various formats of keys for usage in signature verification. Test cases will verify the successes and intended failures to verify 'ima-sig' measurement lists.
TBD
No known drawbacks.
No known alternatives.