I was recently looking through librem5-flash-image in order to see how images for the librem5 are actually downloaded, verified and flashed to the device. When I had a detailed look at the image verification process, I was surprised to discover that only a SHA256 hash was calculated from the image and compared to the hash from a file with metadata and no cryptographic signature was checked.
Is there any reason not to sign images (e.g., using gpg or signify) and not to check the signatures?
Perhaps because the image is just a straight disk image and maybe there is no way to sign a disk.
If so, probably this would be solvable by enclosing the disk image in a signable container (from which the disk image would have to be extracted before actual flashing onto the phone).
If the disk image is generated automatically (e.g. every night) then it can be difficult to automate the signing in a secure way (whereas it is easy to automate the generation and publishing of a hash).
When it all comes down to it, I don’t know that there’s much difference between securely accessing a hash and then checking the hash v. checking a signature. If their end is (sufficiently) compromised then both checks will be unreliable. If your end is compromised then both checks will be unreliable. If the transfer is compromised then both checks will be reliable.
But if you want a real answer then it will have to come from Purism.
Agreed. Would be nice of purism given their privacy stance to see them sign binaries.
Don’t see why gpg couldn’t be used to sign any file,including a raw disk image.
If purism was compromised,a sha256 sum would likely be updated to the new,compromised image so that users wouldn’t suspect anything is wrong. All an attacker would need to make a working sha hash would be access to the file.
Gpg signing would help ensure it’s coming from purism.
Providing staffs/companies public keys somewhere obvious so we can save them for later communications would also be great
Of course it’s possible to sign disk images and it’s common practice. In some cases, this isn’t necessary, e.g., for projects that embed signatures directly into the image and let the signature be validated upon boot by specialized hardware with a properly initialized key store. To my knowledge, the Librem5 does not have this. So it would be nice to be able to verify a cryptographic signature by hand.
However, maybe there is something that wouldn’t let a signature add much to the security, e.g., if the image is built automatically by a CI in an untrusted environment.
Of course it must be trusted, otherwise you cannot trust the generated image. However, it is actually pretty difficult to implement a trusted build environment. Unless you’re building on your own hardware at your own premises you cannot trust the generated artifacts.
Anyways, I’m still surprised that there are no signatures. Maybe someone from Purism could shed some light on this? A git blame on the sources of the flashing script shows that much of the code doing the image verification was written by @guido.gunther. Maybe he knows why there are no signatures…