create_new_keys: use single AP RO Verification root key pair

All AP RO verification platform keys must be signed by the same AP RO
verification root key, this is why the root key pair needs to be
created only once, and used for signing key blocks for all PreMP AP RO
verification platform keys.

This patch adds make_arv_root.sh, a script for generating the root
key, and modifies create_new_keys.sh to use the single root key for
signing all generated platform keys.

By default the root key is placed at the top of the root key
directory, from which all key creation scripts are invoked. It is
possible to specify the desired path for the root key to both
make_arv_root.sh and create_new_keys.sh.

Note that the keyset generated for each board still needs to include
the AP RO verification root public key, added explicit copying.

BRANCH=none
BUG=b:299965578
TEST=ran the following commands in ./scripts:
   $ mkdir keys
   $ cd keys
   $ ../keygeneration/make_arv_root.sh
   $ ../keygeneration/create_new_keys.sh --output Nissa

   This resulted in creation of directory ./scripts/keys/Nissa with
   all generated keys and the AP RO verification root public key copy.

   Then ran sign_official_build.sh using Nissa recovery image and the
   keys/Nissa directory as inputs, observed successful AP firmware
   signing, including signing of RO_GSCVD sections.

   Then successfully ran ./tests/futility/test_gscvd.sh

Change-Id: Ic024ccdcdcb751be677934bf559c40b2826c714e
Signed-off-by: Vadim Bendebury <vbendeb@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/4058180
Reviewed-by: Mike Frysinger <vapier@chromium.org>
Reviewed-by: Jason Clinton <jclinton@chromium.org>

5 files changed, 87 insertions, 2 deletions

diff --git a/scripts/keygeneration/common.sh b/scripts/keygeneration/common.sh
index c4cbb3fb..18630266 100644
--- a/scripts/keygeneration/common.sh
+++ b/scripts/keygeneration/common.sh
@@ -66,6 +66,10 @@ KERNEL_DATAKEY_ALGOID=${RSA2048_SHA256_ALGOID}
 # AP RO Verification.
 ARV_ROOT_ALGOID=${RSA4096_SHA256_ALGOID}
 ARV_PLATFORM_ALGOID=${RSA4096_SHA256_ALGOID}
+ARV_ROOT_NAME_BASE="arv_root"
+# Presumably the script is run from the top of the PreMP keys directory
+# tree, place AP RO verification root key there.
+ARV_ROOT_DIR="ApRoV1Signing-PreMP"
 
 # Keyblock modes determine which boot modes a signing key is valid for use
 # in verification.
@@ -88,6 +92,9 @@ MINIOS_KERNEL_KEYBLOCK_MODE=$((0x1 | 0x2 | 0x8 | 0x20))
 KERNEL_KEYBLOCK_MODE=$((0x1 | 0x2 | 0x4 | 0x10))
 # Only allow in dev + recovery + non-miniOS.
 INSTALLER_KERNEL_KEYBLOCK_MODE=$((0x2 | 0x8 | 0x10))
+# Only allow in non-recovery + non-miniOS, does not mean much for AP RO keys.
+ARV_KEYBLOCK_MODE=$((0x1 | 0x2 | 0x4 | 0x10))
+
 
 # Emit .vbpubk and .vbprivk using given basename and algorithm
 # NOTE: This function also appears in ../../utility/dev_make_keypair. Making
diff --git a/scripts/keygeneration/create_new_keys.sh b/scripts/keygeneration/create_new_keys.sh
index 44521e7b..21a9cfec 100755
--- a/scripts/keygeneration/create_new_keys.sh
+++ b/scripts/keygeneration/create_new_keys.sh
@@ -23,6 +23,8 @@ Options:
   --8k-installer-kernel  Use 8k key size for the installer kernel data
   --key-name <name>      Name of the keyset (for key.versions)
   --output <dir>         Where to write the keys (default is cwd)
+  --arv-root-path <dir>  Path to AP RO verificaton root key directory,
+                         defaults to ./${ARV_ROOT_DIR}
 EOF
 
   if [[ $# -ne 0 ]]; then
@@ -44,6 +46,7 @@ main() {
   local installer_kernel_algoid=${INSTALLER_KERNEL_ALGOID}
   local keyname
   local output_dir="${PWD}" setperms="false"
+  local arv_root_path=""
 
   while [[ $# -gt 0 ]]; do
     case $1 in
@@ -95,6 +98,11 @@ main() {
       installer_kernel_algoid=${RSA4096_SHA512_ALGOID}
       ;;
 
+    --arv-root-path)
+      arv_root_path="$(readlink -f "$2")"
+      shift
+      ;;
+
     --key-name)
       keyname="$2"
       shift
@@ -125,6 +133,19 @@ main() {
     chmod 700 .
   fi
 
+  if [[ -z "${arv_root_path}" ]]; then
+    # If not explicitly set, expect AP RO verification root key directory one
+    # level above the output directory where the specific board keys are going
+    # to be placed.
+    arv_root_path="$(readlink -f "../${ARV_ROOT_DIR}")"
+  fi
+
+  if [[ ! -d "${arv_root_path}" ]]; then
+    die "AP RO root key directory \"${arv_root_path}\" not found." \
+        "Run make_arv_root.sh to create it or specify --arv-root-path."
+    exit 1
+  fi
+
   if [[ ! -e "${VERSION_FILE}" ]]; then
     echo "No version file found. Creating default ${VERSION_FILE}."
     (
@@ -158,8 +179,11 @@ main() {
   make_pair recovery_kernel_data_key ${recovery_kernel_algoid}
   make_pair minios_kernel_data_key   ${minios_kernel_algoid}
   make_pair installer_kernel_data_key ${installer_kernel_algoid}
-  make_pair arv_root ${ARV_ROOT_ALGOID}
-  make_pair arv_platform ${ARV_PLATFORM_ALGOID}
+  make_pair arv_platform "${ARV_PLATFORM_ALGOID}"
+
+  # Make sure there is a copy of the AP RO verification root public key in the
+  # keyset directory.
+  cp "${arv_root_path}/${ARV_ROOT_NAME_BASE}.vbpubk" .
 
   # Create the firmware keyblock for use only in Normal mode. This is redundant,
   # since it's never even checked during Recovery mode.
@@ -180,6 +204,14 @@ main() {
   # For use in Factory Install and Developer Mode install shims.
   make_keyblock installer_kernel ${INSTALLER_KERNEL_KEYBLOCK_MODE} installer_kernel_data_key recovery_key
 
+  # Create AP RO verification platform keyblock.
+  make_keyblock arv_platform "${ARV_KEYBLOCK_MODE}" arv_platform \
+                "${arv_root_path}/${ARV_ROOT_NAME_BASE}"
+
+  # Copy AP RO verification root public key into the output directory, it is
+  # necessary for AP RO verification signing.
+  cp "${arv_root_path}/arv_root.vbpubk" . ||  die "Failed to copy"
+
   if [[ "${android_keys}" == "true" ]]; then
     mkdir android
     "${SCRIPT_DIR}"/create_new_android_keys.sh android
diff --git a/scripts/keygeneration/make_arv_root.sh b/scripts/keygeneration/make_arv_root.sh
new file mode 100755
index 00000000..39c0ae9c
--- /dev/null
+++ b/scripts/keygeneration/make_arv_root.sh
@@ -0,0 +1,46 @@
+#!/bin/bash
+# Copyright 2022 The ChromiumOS Authors
+# Use of this source code is governed by a BSD-style license that can be
+# found in the LICENSE file.
+#
+# Create AP RO verification Root key pair for PreMp signing.
+
+# Load common constants and functions.
+. "$(dirname "$0")/common.sh"
+
+usage() {
+  cat <<EOF
+Usage: $0 [destination directory]
+
+Output: arv_root.vbprivk and arv_root.vbpubk created in [destination dirctory]
+        which by default is "./${ARV_ROOT_DIR}"
+EOF
+  exit 1
+}
+
+main() {
+  local key_dir
+
+  case $# in
+    (0) # Use default directory.
+      key_dir="${ARV_ROOT_DIR}"
+      ;;
+    (1)
+      key_dir="$1"
+      ;;
+    (*)
+      usage
+  esac
+
+  if [[ -d ${key_dir} ]]; then
+    die "Destination directory \"${key_dir}\" exists. There can be only one!"
+  fi
+
+  mkdir -p "${key_dir}" || die "Failed to create \"${key_dir}\"."
+
+  cd "${key_dir}" || die "Failed to cd to \"${key_dir}\"."
+
+  make_pair "${ARV_ROOT_NAME_BASE}" "${ARV_ROOT_ALGOID}"
+}
+
+main "$@"
diff --git a/tests/devkeys/arv_root.vbprivk b/tests/ApRoV1Signing-PreMP/arv_root.vbprivk
index 7747717a..7747717a 100644
--- a/tests/devkeys/arv_root.vbprivk
+++ b/tests/ApRoV1Signing-PreMP/arv_root.vbprivk
diff --git a/tests/ApRoV1Signing-PreMP/arv_root.vbpubk b/tests/ApRoV1Signing-PreMP/arv_root.vbpubk
new file mode 100644
index 00000000..aebe2a48
--- /dev/null
+++ b/tests/ApRoV1Signing-PreMP/arv_root.vbpubk