n/a
If the threat actor obtains the private part of the RSA signing key (which is quite possible as this is a test untrusted key), they can generate and sign BMC firmware with arbitrary content and it will be successfully validated during the boot process. For example, such firmware may contain an implanted backdoor, allowing an attacker to remotely control the BMC system and the target host operating system.
We also noticed that the same key is present in the firmware used by these series of servers, indicating that they are also likely to be affected:
If the threat actor obtains the private part of the RSA signing key (which is quite possible as this is a test untrusted key), they can generate and sign BMC firmware with arbitrary content and it will be successfully validated during the boot process. For example, such firmware may contain an implanted backdoor, allowing an attacker to remotely control the BMC system and the target host operating system.
The following figure shows the RoT chain implementation used by the Supermicro BMC firmware:
This process can be summarised in 3 main steps:
In general, the code in the ROM is responsible for verifying the U-Boot SPL bootloader with the public keys stored in the OTP (one time programmable) memory. Since we don't have the actual device, we can't be sure which keys are stored in the OTP. However, we have noticed that the logic in the custom U-Boot regular bootloader also performs the U-Boot SPL verification, trying 3 RSA modules located at 0xBDCO, 0xBFCO, 0xC1CO in sequence and exponent 65537, using the signature located at 0xC400. Subsequent execution is only allowed if the signature is successfully validated with at least one of the keys. It is therefore highly likely that the same keys are stored in the OTP. Crucially, the RSA module located at 0xBDCO matches the module of the "BMC Test Key".
The logic in the customised U-Boot SPL performs the verification of the regular U-Boot bootloader by trying 2 RSA modules located at 0xB9C0, 0xBBC0 in sequence and exponent 65537, using the signature located at 0xFFC00. Subsequent execution is only allowed if the signature is successfully validated with at least one of the keys. Crucially, the RSA module located at 0xB9C0 matches the module of the "BMC Test Key".
The logic in the custom U-Boot regular bootloader performs the verification of the rest of the firmware by trying 2 RSA modules located at 0xFEA00, 0xFEC00 in sequence and exponent 65537, using the signature located at 0x34F0400. Subsequent execution is only allowed if the signature is successfully validated with at least one of the keys. Crucially, the RSA module located at 0xFEA00 matches the module of the "BMC Test Key".
Note: The certificate of the above mentioned "BMC Test Key" is located in the firmware at offset 0xFE004
, the public exponent of the RSA key is 65537.
Note: BINARLY REsearch team has not identified the presence of the private part of the key in the wild at this moment.
Note: The expiration date of the "BMC Test Key" is Feb 1 03:14:28 2070 GMT.
Note: We noticed that U-Boot SPL and U-Boot regular bootloaders are signed with the same private key. It is better to use different keys to sign different stages, in which case a compromise of a single key will only affect one stage. Note: We have noticed that the U-Boot SPL of some Supermicro BMC images is signed with "BMC Test Key", which may indicate that this key is stored in the OTP memory for these devices:
This bug is subject to a 90 day disclosure deadline. After 90 days elapsed or a patch has been made broadly available (whichever is earlier), the bug report will become visible to the public
BINARLY team
Test key certificate:
Data:
Version: 3 (0x2)
Serial Number:
1a:da:e6:cf:23:66:6a:36:d9:dd:69:4c:2f:ba:30:14:90:f7:3d:5e
Signature Algorithm: sha512WithRSAEncryption
Issuer: C = US, ST = CA, L = SanJose, O = Super Micro Computer Inc., CN = RD1 BMC Test Key - DO NOT TRUST
Validity
Not Before: Feb 14 03:14:28 2020 GMT
Not After : Feb 1 03:14:28 2070 GMT
Subject: C = US, ST = CA, L = SanJose, O = Super Micro Computer Inc., CN = RD1 BMC Test Key - DO NOT TRUST
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (4096 bit)
Modulus:
00:c6:b3:42:c9:36:c3:a1:24:0c:ec:e5:1a:31:96:
5b:1d:a6:c7:85:66:50:bf:59:78:9c:2d:8d:07:5e:
6f:9b:f0:a0:70:7a:42:f0:0a:68:bd:e1:aa:80:ef:
2c:70:bd:7a:36:59:6a:ca:2a:1d:21:f1:1c:a1:31:
f3:d6:3d:2c:ea:32:0f:d6:62:99:01:57:99:e1:13:
fd:82:1a:78:c7:29:2b:4c:2d:70:43:b0:c5:28:94:
78:33:d5:c2:0b:d3:84:6c:86:08:18:e5:2e:6a:40:
d6:f4:fe:41:02:7f:ad:7a:96:16:af:86:9d:01:d7:
71:74:bb:0b:7b:24:3d:26:31:23:2b:91:05:2f:f9:
c5:6a:bb:b8:c1:85:bc:be:e7:6b:2f:bf:f9:5b:fa:
e9:c8:ce:f0:b7:af:4c:c7:eb:5c:f0:32:9f:f0:a3:
7a:a9:b3:eb:27:cd:a5:f3:3a:24:81:5d:01:e4:ac:
44:9a:59:fc:ee:04:86:03:9c:89:ce:65:ec:4d:34:
b5:9a:d8:86:71:97:8e:a7:b6:ec:91:61:89:b3:6c:
b1:7c:d8:8d:6b:fa:0d:51:0e:2a:cb:89:d6:06:f1:
c4:6b:27:25:66:92:d2:37:0f:5b:dc:fb:22:8f:18:
32:a4:42:52:68:55:5f:bd:8f:f5:20:c1:1e:1a:9a:
e4:32:ca:a4:e0:93:1d:f4:7f:41:8f:b7:78:9a:f4:
b0:b4:89:3f:93:d7:96:d7:cf:61:77:96:65:6f:03:
cf:82:e4:3d:c1:20:2e:1d:60:10:41:7d:2d:7f:5a:
0f:c3:52:0b:96:0b:a1:56:3b:47:6e:67:db:54:b1:
76:10:61:e7:34:1e:5f:63:b3:6c:27:9d:76:6f:d3:
39:11:e9:34:07:66:55:1d:fc:32:53:b6:91:54:d5:
5c:44:73:01:98:75:cc:71:04:8d:9d:a5:ca:f8:68:
26:a6:52:ab:bc:53:ac:65:08:56:ba:ad:f8:e9:51:
59:d5:24:d4:34:1b:c1:b4:f3:43:c7:69:ee:36:2d:
75:26:6c:7e:20:12:83:6b:1f:6f:fc:05:f7:7c:ae:
c8:3f:ca:49:7c:e6:a1:91:44:b5:db:55:5a:5c:ea:
f1:b1:46:71:1b:2a:fe:4e:9f:db:c1:e7:10:91:fb:
80:c2:8f:04:74:c6:31:aa:ed:71:0f:a4:b3:03:2d:
57:70:0c:ff:d0:aa:ed:f5:d7:1f:02:d5:75:8a:11:
d9:ca:07:9c:e7:02:39:2d:8b:1a:78:62:98:e4:d9:
1d:f2:2a:30:a4:29:ce:03:c9:56:08:d8:79:12:2e:
53:0d:b0:3f:0e:be:b4:51:06:a2:77:c2:dc:04:0b:
4a:a8:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:F0:A8:8C:87:67:4E:0A:D2:AD:20:B6:26:40:CA:A2:C4:01:1D:7F
X509v3 Authority Key Identifier:
2A:F0:A8:8C:87:67:4E:0A:D2:AD:20:B6:26:40:CA:A2:C4:01:1D:7F
X509v3 Basic Constraints: critical
CA:TRUE
Signature Algorithm: sha512WithRSAEncryption
Signature Value:
bc:05:cd:3b:e8:62:06:e6:ff:b0:80:5b:a8:02:2a:0c:20:9d:
0b:eb:c6:fd:19:74:62:5c:34:aa:37:8d:46:84:2c:39:97:0d:
08:ea:1a:8f:ae:cb:ff:dd:2e:1d:1d:85:3c:29:a5:fc:ed:99:
d6:1b:17:2e:c6:d2:e0:28:b1:aa:62:58:06:11:fc:17:45:1b:
a4:fd:4f:14:79:fb:42:5d:4c:35:72:73:3f:09:32:c6:c7:dc:
b0:d2:63:4e:41:54:39:47:0e:a8:46:50:c3:43:7a:15:d9:a0:
1e:ba:95:20:34:db:97:9f:7c:6e:c6:07:7a:76:2a:a2:b2:f2:
06:c7:00:f3:a8:ef:5e:63:86:5e:e8:aa:de:07:f5:83:92:93:
92:1a:86:04:85:bd:0b:c6:9a:04:3f:1e:10:8e:8f:8a:04:61:
e7:b3:b2:af:5a:40:b2:ac:28:56:2e:b5:13:98:22:b3:71:df:
5f:f0:8d:aa:c8:3e:20:66:bc:44:8a:cc:f5:e2:0e:aa:aa:9e:
2b:43:46:cf:97:dc:b0:7b:b4:24:40:11:e0:bb:87:de:00:76:
b1:2e:2d:c8:9a:e0:4b:b6:7c:33:ee:8c:0d:f8:72:15:ad:d4:
35:9d:8f:79:ad:7f:f2:a1:da:a3:51:b0:55:5e:13:eb:72:bf:
d8:91:7e:9f:65:83:ec:8a:70:23:4e:f2:e5:14:ef:b7:c5:67:
67:50:76:71:1c:b1:e0:73:1c:ff:07:a7:2e:92:7d:e4:d3:4c:
f9:2e:39:3a:e1:34:e0:35:55:19:91:62:54:5b:ac:04:13:3b:
29:4a:cc:d2:18:59:65:60:0f:c2:c5:77:f3:a3:17:f2:68:1c:
94:61:ef:70:48:90:c9:25:17:ad:e5:51:6e:90:12:97:45:67:
ce:cc:16:e4:f7:67:e8:89:e4:39:40:c5:7f:84:5a:70:db:0c:
1d:99:ea:32:58:43:39:2c:f4:6a:5a:5e:a9:a3:f1:f8:20:9e:
42:f3:6f:35:60:6f:80:1d:ac:98:96:b3:45:51:fb:e7:6f:7e:
3d:91:d7:96:1d:cf:5b:cd:89:56:f8:94:d0:b9:d0:92:b7:d0:
51:01:11:54:57:7c:2a:21:91:91:42:37:35:63:52:d2:67:d3:
47:6f:9e:27:3f:26:07:f0:d5:65:d4:a7:cf:3e:1c:88:ac:35:
69:47:f4:1f:fd:2b:a2:c7:26:fd:b0:96:53:0e:5c:98:18:e3:
16:c1:ae:d3:c8:61:34:92:17:3a:10:86:ea:46:1e:ad:16:98:
0d:8c:fa:16:3a:3f:af:49:60:ee:76:a8:3a:61:a9:fe:03:c7:
28:25:a3:be:3f:03:92:35
-----BEGIN CERTIFICATE-----
MIIF1zCCA7+gAwIBAgIUGtrmzyNmajbZ3WlML7owFJD3PV4wDQYJKoZIhvcNAQEN
BQAwejELMAkGA1UEBhMCVVMxCzAJBgNVBAgMAkNBMRAwDgYDVQQHDAdTYW5Kb3Nl
MSIwIAYDVQQKDBlTdXBlciBNaWNybyBDb21wdXRlciBJbmMuMSgwJgYDVQQDDB9S
RDEgQk1DIFRlc3QgS2V5IC0gRE8gTk9UIFRSVVNUMCAXDTIwMDIxNDAzMTQyOFoY
DzIwNzAwMjAxMDMxNDI4WjB6MQswCQYDVQQGEwJVUzELMAkGA1UECAwCQ0ExEDAO
BgNVBAcMB1Nhbkpvc2UxIjAgBgNVBAoMGVN1cGVyIE1pY3JvIENvbXB1dGVyIElu
Yy4xKDAmBgNVBAMMH1JEMSBCTUMgVGVzdCBLZXkgLSBETyBOT1QgVFJVU1QwggIi
MA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDGs0LJNsOhJAzs5RoxllsdpseF
ZlC/WXicLY0HXm+b8KBwekLwCmi94aqA7yxwvXo2WWrKKh0h8RyhMfPWPSzqMg/W
YpkBV5nhE/2CGnjHKStMLXBDsMUolHgz1cIL04RshggY5S5qQNb0/kECf616lhav
hp0B13F0uwt7JD0mMSMrkQUv+cVqu7jBhby+52svv/lb+unIzvC3r0zH61zwMp/w
o3qps+snzaXzOiSBXQHkrESaWfzuBIYDnInOZexNNLWa2IZxl46ntuyRYYmzbLF8
2I1r+g1RDirLidYG8cRrJyVmktI3D1vc+yKPGDKkQlJoVV+9j/UgwR4amuQyyqTg
kx30f0GPt3ia9LC0iT+T15bXz2F3lmVvA8+C5D3BIC4dYBBBfS1/Wg/DUguWC6FW
O0duZ9tUsXYQYec0Hl9js2wnnXZv0zkR6TQHZlUd/DJTtpFU1VxEcwGYdcxxBI2d
pcr4aCamUqu8U6xlCFa6rfjpUVnVJNQ0G8G080PHae42LXUmbH4gEoNrH2/8Bfd8
rsg/ykl85qGRRLXbVVpc6vGxRnEbKv5On9vB5xCR+4DCjwR0xjGq7XEPpLMDLVdw
DP/Qqu311x8C1XWKEdnKB5znAjktixp4Ypjk2R3yKjCkKc4DyVYI2HkSLlMNsD8O
vrRRBqJ3wtwEC0qoxQIDAQABo1MwUTAdBgNVHQ4EFgQUKvCojIdnTgrSrSC2JkDK
osQBHX8wHwYDVR0jBBgwFoAUKvCojIdnTgrSrSC2JkDKosQBHX8wDwYDVR0TAQH/
BAUwAwEB/zANBgkqhkiG9w0BAQ0FAAOCAgEAvAXNO+hiBub/sIBbqAIqDCCdC+vG
/Rl0Ylw0qjeNRoQsOZcNCOoaj67L/90uHR2FPCml/O2Z1hsXLsbS4CixqmJYBhH8
F0UbpP1PFHn7Ql1MNXJzPwkyxsfcsNJjTkFUOUcOqEZQw0N6FdmgHrqVIDTbl598
bsYHenYqorLyBscA86jvXmOGXuiq3gf1g5KTkhqGBIW9C8aaBD8eEI6PigRh57Oy
r1pAsqwoVi61E5gis3HfX/CNqsg+IGa8RIrM9eIOqqqeK0NGz5fcsHu0JEAR4LuH
3gB2sS4tyJrgS7Z8M+6MDfhyFa3UNZ2Pea1/8qHao1GwVV4T63K/2JF+n2WD7Ipw
I07y5RTvt8VnZ1B2cRyx4HMc/wenLpJ95NNM+S45OuE04DVVGZFiVFusBBM7KUrM
0hhZZWAPwsV386MX8mgclGHvcEiQySUXreVRbpASl0VnzswW5Pdn6InkOUDFf4Ra
cNsMHZnqMlhDOSz0alpeqaPx+CCeQvNvNWBvgB2smJazRVH7529+PZHXlh3PW82J
VviU0LnQkrfQUQERVFd8KiGRkUI3NWNS0mfTR2+eJz8mB/DVZdSnzz4ciKw1aUf0
H/0roscm/bCWUw5cmBjjFsGu08hhNJIXOhCG6kYerRaYDYz6Fjo/r0lg7naoOmGp
/gPHKCWjvj8DkjU=
-----END CERTIFICATE-----