GPG User Authentication: In-memory gpg keygen + keytocard and GPG key material backup enabling (plus a lot of code cleanup and UX improvements)

[tlaurion]

Goal of this PR: Permit User Authentication prior of going to Recovery Shell or USB boot. But prior of enabling that functionality, we need to make sure that the user has a backup of his key material. And to have a backup of key material, we need to generate master key and subkeys in memory and backup over encrypted partition and then keytocard the subkeys to the USB Security dongle. This PR does that and clean the code that was reviewed along the way.

EDIT: this comment from @JonathonHall-Purism shows the new flow graphically: #1515 (comment)

Ok! from #1515 (comment):

• oem-factory-reset script can be asked to be launched early at boot with the 'o' key (just as 'r' key goes to recovery shell if permitted in boot policy)
• Purism OEM Factory Reset default workflow is now promoted by default, leaving advanced prompts to acknowledge not using defaults.
• A questionnaire is introduced when defaults are not accepted, guiding users into properly answer prompts or entering Enter key when answer is unknown.
• Questionnaire asks if the user wants to create an encrypted thumb drive backup of GPG key material, which when enabled currently enables GPG Authentication by default
• Next question in questionnaire is by default Y to copy keys to USB Security dongle. p256 is enabled automatically when a NK3 is connected.
• When enabled, GPG Authentication now authenticates prior of recovery shell access or USB boot.

Unrelated work under this PR:

• Streamlining of tpm owner password usage across codebase, where if invalid, is now cleaned by tpmr directly.
• When TPM Disk Unlock Key is enabled on either TPM1/TPM2, upgrading firmware past TPM TOTP/HOTP resealing reuses encrypted disks configuration and only prompts to reseal DUK with Disk Recovery Key passphrase and DUK passphrase, and then uses GPG authentication method to detach sign required changes and reboots.
• A lot of cleanup and wording consolidation has been done.

Discussions on how GPG Authentication and OEM Factory Reset/Re-Ownership features should evolve are happening under #1520 and #1521 respectively.

Please participate, your voice is important to be considered!

---

Old:
Creating WiP PR to track changes.

WARNING: At current stage, prior merged PR #1476 makes it possible (warning with Intel 3rd gen I3 laptops without RDRAND: crng is not ready early on boot, will need to update board configs for notice even though those CPUs are not widely used).

Raw notes:

• oem-factory-reset on extended provisioning mode (non-default) gives possibility of creating in-memory key generation for GPG key material (m option), creates a GPG backup thumb drive with selection of percentage of drive to be assigned to LUKS container's ext4 partition (private key container) and leftover of drive assigned to exfat partition (which contains public key)
• oem-factory-reset also does proper keytocard of subkeys to USB Security dongle (warning: NK3 supports RSA only under pre-release version >= v1.3.1-test.20230417 where upgrading NK3 firmware is not so straightforward (impossible under debian-12, was successful with workarounds under debian-11
  • TODO: support in-memory p256 GPG algo and revert PoC changes under usb_security_token_capabilities_check (My only testing key is NK3 and I wanted to support RSA first.... so stay tuned here for latest changes and squashing prior of testing this if you have NK3 and not testing pre-releases, this is not ready to use).
• When a GPG key material thumb drive backup is created, codebase activates Heads authentication on usb boot and recovery shell codepaths. It works in current state if you own a NitrokeyPro/Librem Key/Nitrokey Storage you are willing to wipe and dedicate for testing of this PR
• Consequently, this PoC PR permits in-memory key gen of RSA key (2048 bits for testing here both smartcard keygen/in-memory keygen + keytocard, which sets CONFIG_HAVE_GPG_KEY_BACKUP and saves it in config.user, injects it and then checks against in in codebase to automatically activate authentication on recovery shell and usb boot codepath

Creating PR since I came across changes needed and wanted to be able to discuss them with stakeholders prior of proposing final version. Will comment on those in next comments, and will come back to OP and modify it with current state as I progress up to proposing final version. Will set PR as draft after creating PR.

[tlaurion]

As you can see in this screenshot, some guidelines were added in warnings so that the user is made aware of signing errors that can happen under Heads if TPM reset is needed to re-create TPM counter which otherwise sealing operations fail. As of now, the user faces a loop when doing TPM Disk Unlock Key resealing and is now informed that he should do a TPM reset in such corner case.

[tlaurion]

As of now, after having re-owned/oem factory reset secrets accepting to create a GPG thumb drive backup, the user can use either the backup or the USB security dongle, interchangeably:

On recovery/usb boot, we now have maybe too verbose output but those access are authenticated with either USB Security dongle or the Thumb drive backup:

[tlaurion]

Some unrelated changes in vocabulary for consistency in current state of PR when resealing TPM Disk Unlock Key

[tlaurion]

Latest commit fixes output and forces dmesg output pushed in console to be of warning level and lower if no debugging mode set in board config/through configuration menu.

Accessing the recovery shell gives something like this in production environement:

[tlaurion]

Last commit removes unnecessary output. Just tracing here, will hide messages later on

[tlaurion]

With last commit b7c4f1a

NK3 is supported with ECC p256 in-memory keygen and keytocard (as well as non-officially supported RSA2048 subkeys).

It looks like this when asking recovery shell access or USB boot (non-debug qemu tpm2 whiptail):

Normal behavior (default) is to authenticate against USB Security dongle (NK3 here):

Otherwise GPG Thumb drive key material backup looks like this:

[tlaurion]

Next step is to reprovision USB Security dongle (keytocard) from GPG key material backup thumb drive.
All the TODO in code will be cleaned prior of asking for final review, but implementation skeleton should be in place now, so comments welcome @daringer @JonathonHall-Purism

[tlaurion]

As current state:

• code can generate both in memory+ keytocard or under USB Security dongle's smartcard
• tested with tpm1/tpm2
• with NK3 to be consistent on shipped state (p256 with current dongle detection code based on lsbuid
• works with RSA 2048 (if detection code hacked out) and p256 inmemory and on smartcard only

A lot of code cleanup has been made along the way.

@JonathonHall-Purism Please check left TODO in code. The check for TPM2 primary handle has been removed from now since if causes a lot of issues linked to default boot and it not being signed. That would need to be fixed on master separately and would need some advice/coop.

• oem-factory-reset has been modified to warn qemu users that internal flashing is not supported. We could extend that, since setting config options in board config is needed alongside injecting public key manually at build time with proper make options as written in md file alongside config file. Suggestions welcome
• oem-factory-reset now includes a questionnaire warning when default oem-factory-reset is not enforced (only librems as of now, qemu enforces it).

Here is a quick preview of what to expect:
TPM2 warning to TPM reset when primary handle is not existing:

Questionnaire changes:

[JonathonHall-Purism]

Thanks @tlaurion. I think the ideas here and general structure are good. I haven't tested any of it yet, but I did review it thoroughly keeping in mind it's still WIP.

Specific comments above, but as some key highlights:

• I suggest moving the "boot authentication" (gpg_auth) to a separate PR so we can more easily discuss the goals and behavior of that feature (but I think it is a great idea and on a good path).
• I suggested wording improvements for the new prompts in OEM reset but I think the strategy makes sense
• I'll look into the issues with the TPM2 primary handle hash as there are some clear gaps there as we've discussed before

I looked over the new GPG functionality and don't have any problems with it, with that said I'm not really a GPG expert at this point so testing will be pretty important there IMO.

[tlaurion]

So with latest commit

Testing extended, normal (without in-memory GPG keygen nor move to card) but with different passphrases for each security components, the workflow is as expected (tpm2-whiptail-non-hotp, with debug on). It is to note that old Nitrokey Pro (non-upgradeable firmware outside of external flashing) takes more then 3 minutes to generate RSA 3072 subkeys. I do not expect a lot of users to have such keys, but this is what it is. Taking notes to compare with next test which moves sybkeys to card. I love to test with whiptail because the output is directly on console and can be copy pasted.

Would you like to use default configuration options?
If N, you will be prompted for each option [Y/n]: N
****************************************************
**** Factory Reset / Re-Ownership Questionnaire ****
****************************************************
The following questionnaire will help you configure the security components of your system.
Each prompt requires a single letter answer: eg. (Y/n).
If you don't know what to answer, pressing Enter will select the default answer for that prompt: eg. Y, above.



Would you like to change the current LUKS Disk Recovery Key passphrase?
 (Highly recommended if you didn't install the Operating System yourself, so that past configured passphrase would not permit to access content.
  Note that without re-encrypting disk, a backed up header could be restored to access encrypted content with old passphrase) [y/N]: 

Would you like to re-encrypt LUKS encrypted container and generate new Disk Recovery key?
 (Highly recommended if you didn't install the operating system yourself: this would prevent any LUKS backed up header to be restored to access encrypted data) [y/N]: 

Would you like to format an encrypted USB Thumb drive to store GPG key material?
 (Required to enable GPG authentication) [y/N]: 

GPG key material will be generated on USB Security Dongle's smartcard without backup

The following Security Components will be configured with defaults or further chosen PINs/passwords:
	
TPM Owner Password
GPG Admin PIN
GPG User PIN


Would you like to set a single custom password to all previously stated security components? [y/N]: 

Would you like to set distinct PINs/passwords to configure previously stated security components? [y/N]: y

They must be each at least 8 characters in length.


Enter desired TPM Owner Password: Insurgo Open Technologies

This PIN should be between 8 to 25 characters in length.
Enter desired GPG Admin PIN: Insurgo open

This PIN should be between 8 to 25 characters in length.
Enter desired GPG User PIN: Insurgo Open

Would you like to set custom user information for the GnuPG key? [y/N]: y



We will generate a GnuPG (PGP) keypair identifiable with the following text form:
Real Name (Comment) email@address.org

Enter your Real Name (Optional):
Insurgo Open Technologies

Enter your email@adress.org:
insurgo@riseup.net

Enter Comment (Optional, to distinguish this key from others with same previous attributes. Must be smaller then 60 characters):
No Backup

Would you like to export your public key to an USB drive? [y/N]: y
[  183.244741] TRACE: Under /bin/mount-usb
[  183.332601] DEBUG: Parameters: --mode=rw, --device=empty, --mountpoint=/media, --pass=
[  183.472270] TRACE: Under /etc/ash_functions:enable_usb
[  183.639763] TRACE: Under /etc/functions:enable_usb_storage
[  183.755619] DEBUG: Cleaning /media directory
[  183.886483] TRACE: Under /etc/functions:list_usb_storage
[  183.986605] DEBUG: Listing USB storage devices (including partitions)
[  184.108516] DEBUG: USB storage device of size greater then 0: /sys/block/sda
[  184.272476] DEBUG: USB storage device with partition table: /dev/sda













┌───────────────────────────┤ Select your USB disk ├───────────────────────────┐
│ Choose your USB disk [1-2, a to abort]:                                      │
│                                                                              │
│                              1 /dev/sda1                                     │
│                              2 /dev/sda2_public                              │
│                              a Abort                                         │
│                                                                              │
│                                                                              │
│                     <Ok>                         <Cancel>                    │
│                                                                              │
└──────────────────────────────────────────────────────────────────────────────┘






[  186.208480] DEBUG: Checking if /dev/sda2 is a LUKS device/partition
[  186.340844] DEBUG: Selected USB partition is not a LUKS device, continuing...
[  186.448259] DEBUG: Mounting /dev/sda2 as read-write

Checking for USB Security Dongle...

[  186.694911] TRACE: Under /etc/ash_functions:enable_usb
[  190.179231] TRACE: Under /bin/oem-factory-reset:usb_security_token_capabilities_check
[  190.261117] TRACE: Under /etc/ash_functions:enable_usb
[  190.446761] TRACE: Under /etc/functions:assert_signable

Detecting and setting boot device...

[  190.687861] TRACE: Under /etc/functions:detect_boot_device
[  191.122311] EXT4-fs (vda1): mounting ext2 file system using the ext4 subsystem
[  191.138184] EXT4-fs (vda1): mounted filesystem without journal. Opts: (null)
Boot device set to /dev/vda1

[  191.250177] TRACE: Under /etc/functions:replace_config
[  191.425332] TRACE: Under /etc/ash_functions:combine_configs

Resetting TPM...

[  191.600524] TRACE: Under /bin/tpmr
[  191.684610] TRACE: Under /bin/tpmr:tpm2_reset
[  191.796623] DEBUG: Caching TPM Owner Password to /tmp/secret/tpm_owner_password
[  193.050853] TRACE: Under /bin/tpmr:tpm2_startsession

Resetting USB Security Dongle's GPG smartcard...
(this will take around 3 minutes...)

[  194.165649] TRACE: Under oem-factory-reset:gpg_key_factory_reset
[  194.233415] TRACE: Under /etc/ash_functions:enable_usb
GPG factory reset of USB Security Dongle's smartcard...
[  210.410779] DEBUG: GPG setting RSA key length to 3072 bits...
[  213.223151] TRACE: oem-factory-reset:gpg_key_factory_reset done
[  213.280870] TRACE: Under oem-factory-reset:generate_OEM_gpg_keys
Generating GPG keys in USB Security Dongle's smartcard...
[  568.560381] TRACE: oem-factory-reset:generate_OEM_gpg_keys done
gpg: checking the trustdb
gpg: marginals needed: 3  completes needed: 1  trust model: pgp
gpg: depth: 0  valid:   1  signed:   0  trust: 0-, 0q, 0n, 0m, 0f, 1u

Changing default GPG Admin PIN

[  568.985056] TRACE: Under oem-factory-reset:gpg_key_change_pin
[  569.098956] DEBUG: Changing GPG key PIN
[  570.266877] TRACE: oem-factory-reset:gpg_key_change_pin done

Changing default GPG User PIN

[  570.387872] TRACE: Under oem-factory-reset:gpg_key_change_pin
[  570.512862] DEBUG: Changing GPG key PIN
[  571.107562] TRACE: oem-factory-reset:gpg_key_change_pin done

Exporting generated key to USB...

[  571.539699]  *** WARNING: Skipping flash of GPG key to ROM because we are running in QEMU without internal flashing support. ***
[  572.815472]  *** WARNING: Please review boards/qemu*/qemu*.md documentation to extract public key from raw disk and inject at build time ***
[  573.974782]  *** WARNING: Also review boards/qemu*/qemu*.config to tweak CONFIG_* options you might need to turn on/off manually at build time ***

Signing boot files and generating checksums...

[  575.127532] TRACE: Under oem-factory-reset:generate_checksums
[  575.258397] EXT4-fs (vda1): warning: mounting unchecked fs, running e2fsck is recommended
[  575.287734] EXT4-fs (vda1): re-mounted. Opts: (null)
[  575.688972] TRACE: Under /bin/tpmr
[  575.843169] TRACE: Under /bin/tpmr:tpm2_counter_create
[  575.970841] TRACE: Under /etc/functions:prompt_tpm_owner_password
[  576.128429] DEBUG: /tmp/secret/tpm_owner_password already cached in file. Reusing
3+0 records in
3+0 records out
3 bytes (3B) copied, 0.001702 seconds, 1.7KB/s
1f79f8f: (valid after an increment)
[  577.223848] TRACE: Under /etc/functions:increment_tpm_counter
[  577.538409] TRACE: Under /bin/tpmr
[  577.687089] TRACE: Under /bin/tpmr:tpm2_counter_inc
[  578.231005] TRACE: Under oem-factory-reset:set_default_boot_option
[  578.532184] TRACE: Under /bin/kexec-parse-boot
[  578.643615] DEBUG: filedir= /boot/grub
[  578.735424] DEBUG: bootdir= /boot
[  578.816414] DEBUG: bootlen= 5
[  578.961551] DEBUG: appenddir= /grub
[  582.646157] DEBUG:  grub_entry : linux trimcmd prior of kernel/append parsing: linux /vmlinuz-6.1.0-13-amd64 root=/dev/mapper/debian--vg-root ro co
nsole=ttyS0 console=tty systemd.zram=0 quiet
[  582.981593] DEBUG:  grub_entry: linux initrd= /initrd.img-6.1.0-13-amd64
[  583.754689] DEBUG:  grub_entry : linux trimcmd prior of kernel/append parsing: linux /vmlinuz-6.1.0-13-amd64 root=/dev/mapper/debian--vg-root ro co
nsole=ttyS0 console=tty systemd.zram=0 quiet
[  584.139657] DEBUG:  grub_entry: linux initrd= /initrd.img-6.1.0-13-amd64
[  584.996480] DEBUG:  grub_entry : linux trimcmd prior of kernel/append parsing: linux /vmlinuz-6.1.0-13-amd64 root=/dev/mapper/debian--vg-root ro si
ngle console=ttyS0 console=tty systemd.zram=0
[  585.509703] DEBUG:  grub_entry: linux initrd= /initrd.img-6.1.0-13-amd64
[  586.432718] DEBUG:  grub_entry : linux trimcmd prior of kernel/append parsing: linux /vmlinuz-6.1.0-11-amd64 root=/dev/mapper/debian--vg-root ro co
nsole=ttyS0 console=tty systemd.zram=0 quiet
[  586.807072] DEBUG:  grub_entry: linux initrd= /initrd.img-6.1.0-11-amd64
[  587.675736] DEBUG:  grub_entry : linux trimcmd prior of kernel/append parsing: linux /vmlinuz-6.1.0-11-amd64 root=/dev/mapper/debian--vg-root ro si
ngle console=ttyS0 console=tty systemd.zram=0
[  588.088718] DEBUG:  grub_entry: linux initrd= /initrd.img-6.1.0-11-amd64
[  588.972549] DEBUG:  grub_entry : linux trimcmd prior of kernel/append parsing: linux /vmlinuz-6.1.0-10-amd64 root=/dev/mapper/debian--vg-root ro co
nsole=ttyS0 console=tty systemd.zram=0 quiet
[  589.355274] DEBUG:  grub_entry: linux initrd= /initrd.img-6.1.0-10-amd64
[  590.378627] DEBUG:  grub_entry : linux trimcmd prior of kernel/append parsing: linux /vmlinuz-6.1.0-10-amd64 root=/dev/mapper/debian--vg-root ro si
ngle console=ttyS0 console=tty systemd.zram=0
[  590.809127] DEBUG:  grub_entry: linux initrd= /initrd.img-6.1.0-10-amd64
[  591.185779] TRACE: Under /bin/kexec-boot
[  591.627734] DEBUG: kexectype= elf
[  591.771906] DEBUG: restval=
[  591.872118] DEBUG: filepath= /boot/vmlinuz-6.1.0-13-amd64
[  591.969936] DEBUG: kexeccmd= kexec -d -l /boot/vmlinuz-6.1.0-13-amd64
[  595.877541] TRACE: oem-factory-reset:set_default_boot_option done
[  595.965526] DEBUG: Generating hashes
[  608.023217] TRACE: Under /etc/functions:print_tree
[  608.340931] DEBUG: Detach-signing boot files under kexec.sig: /boot/kexec_default.1.txt
[  608.481131] /boot/kexec_default_hashes.txt
[  608.617931] /boot/kexec_hashes.txt
[  608.714871] /boot/kexec_rollback.txt
[  608.804440] /boot/kexec_tree.txt
[  610.891847] TRACE: Under /etc/functions:check_config
[  611.257640] TRACE: Under /bin/gpgv
[  611.544538] EXT4-fs (vda1): re-mounted. Opts: (null)
[  611.688937] TRACE: oem-factory-reset:generate_checksums done













┌────────────────────────────┤ Configured secrets ├────────────────────────────┐
│                                                                              │
│                                                                              │
│                                                                              │
│ TPM Owner Password: Insurgo Open Technologies                                │
│ GPG Admin PIN: Insurgo open                                                  │
│ GPG User PIN: Insurgo Open                                                   │
│                                                                              │
│                                    <Ok>                                      │
│                                                                              │
└──────────────────────────────────────────────────────────────────────────────┘

Analysis:

• [ 194.165649] TRACE: Under oem-factory-reset:gpg_key_factory_reset
• [ 571.107562] TRACE: oem-factory-reset:gpg_key_change_pin done
• (571-194)/60= more then 6 minutes to generate USB Security Dongle's smartcard subkeys

After injecting public key in next build, GPG User Authentication against USB Security dongle works as expected with GPG User PIN configured.

---

Then redoing with in-memory keygen, backup to asked to be prepared USB Thumb drive backup:

Would you like to use default configuration options?
If N, you will be prompted for each option [Y/n]: N
****************************************************
**** Factory Reset / Re-Ownership Questionnaire ****
****************************************************
The following questionnaire will help you configure the security components of your system.
Each prompt requires a single letter answer: eg. (Y/n).
If you don't know what to answer, pressing Enter will select the default answer for that prompt: eg. Y, above.



Would you like to change the current LUKS Disk Recovery Key passphrase?
 (Highly recommended if you didn't install the Operating System yourself, so that past configured passphrase would not permit to access content.
  Note that without re-encrypting disk, a backed up header could be restored to access encrypted content with old passphrase) [y/N]: 

Would you like to re-encrypt LUKS encrypted container and generate new Disk Recovery key?
 (Highly recommended if you didn't install the operating system yourself: this would prevent any LUKS backed up header to be restored to access encrypted data) [y/N]: 

Would you like to format an encrypted USB Thumb drive to store GPG key material?
 (Required to enable GPG authentication) [y/N]: y
 ++++ Master key and subkeys will be generated in memory, backed up to dedicated LUKS container +++
Would you like in-memory generated subkeys to be copied to USB Security Dongle's smartcard?
 (Highly recommended so the smartcard is used on daily basis and backup is kept safe, but not required) [Y/n]: 

++++ Subkeys will be copied to USB Security Dongle's smartcard ++++
[   97.820902]  *** WARNING: Please keep your GPG key material backup thumb drive safe ***

The following Security Components will be configured with defaults or further chosen PINs/passwords:
	
TPM Owner Password
GPG Key material backup passphrase (Same as GPG Admin PIN)
GPG Admin PIN
GPG User PIN


Would you like to set a single custom password to all previously stated security components? [y/N]: 

Would you like to set distinct PINs/passwords to configure previously stated security components? [y/N]: Y

They must be each at least 8 characters in length.


Enter desired TPM Owner Password: Insurgo Open Technologies

This PIN should be between 8 to 25 characters in length.
Enter desired GPG Admin PIN: Insurgo Open

This PIN should be between 8 to 25 characters in length.
Enter desired GPG User PIN: Insurgo Tech

Would you like to set custom user information for the GnuPG key? [y/N]: y



We will generate a GnuPG (PGP) keypair identifiable with the following text form:
Real Name (Comment) email@address.org

Enter your Real Name (Optional):
Insurgo Open Technologies

Enter your email@adress.org:
insurgo@riseup.net

Enter Comment (Optional, to distinguish this key from others with same previous attributes. Must be smaller then 60 characters):
Backuped key material

Checking for USB Security Dongle...

[  146.894921] TRACE: Under /etc/ash_functions:enable_usb
[  147.078047] TRACE: Under insmod.sh
[  147.129357] DEBUG: Extending TPM PCR 5 with /lib/modules/ehci-hcd.ko prior of usage
[  147.309744] TRACE: Under /bin/tpmr
[  147.407073] TRACE: Under /bin/tpmr:tpm2_extend
[  147.606444] DEBUG: tpm2 pcrread sha256:5
  sha256:
    5 : 0x3E86F4F0A9B0CCD0DF0C2DDA1B9ED0D7C00CBA3524105741761A73A0ACCEB15E
[  147.893457] DEBUG: Loading /lib/modules/ehci-hcd.ko with busybox insmod
[  148.054941] ehci_hcd: USB 2.0 'Enhanced' Host Controller (EHCI) Driver
[  148.353661] TRACE: Under insmod.sh
[  148.454131] DEBUG: Extending TPM PCR 5 with /lib/modules/uhci-hcd.ko prior of usage
[  148.689871] TRACE: Under /bin/tpmr
[  148.823827] TRACE: Under /bin/tpmr:tpm2_extend
[  148.976096] DEBUG: tpm2 pcrread sha256:5
  sha256:
    5 : 0xAD568C6F572EC4C30388BDC250439AECEFE4AD6F458266DFB771C1A92BF5DE07
[  149.304044] DEBUG: Loading /lib/modules/uhci-hcd.ko with busybox insmod
[  149.472100] uhci_hcd: USB Universal Host Controller Interface driver
[  149.666445] TRACE: Under insmod.sh
[  149.807006] DEBUG: Extending TPM PCR 5 with /lib/modules/ohci-hcd.ko prior of usage
[  149.949987] TRACE: Under /bin/tpmr
[  150.046966] TRACE: Under /bin/tpmr:tpm2_extend
[  150.228128] DEBUG: tpm2 pcrread sha256:5
  sha256:
    5 : 0x56AF2472FA41E5944CBDDDF9B2C786BF091EDC9653C8261B038D8137144AE1FC
[  150.463844] DEBUG: Loading /lib/modules/ohci-hcd.ko with busybox insmod
[  150.557097] ohci_hcd: USB 1.1 'Open' Host Controller (OHCI) Driver
[  150.726069] TRACE: Under insmod.sh
[  150.819704] DEBUG: Extending TPM PCR 5 with /lib/modules/ohci-pci.ko prior of usage
[  150.966480] TRACE: Under /bin/tpmr
[  151.079929] TRACE: Under /bin/tpmr:tpm2_extend
[  151.270098] DEBUG: tpm2 pcrread sha256:5
  sha256:
    5 : 0xECE66C65361DDA5083AA17B98928D086BCF387FC83DCBBC646A21DBB980DF22F
[  151.487325] DEBUG: Loading /lib/modules/ohci-pci.ko with busybox insmod
[  151.602273] ohci-pci: OHCI PCI platform driver
[  151.762191] TRACE: Under insmod.sh
[  151.847305] DEBUG: Extending TPM PCR 5 with /lib/modules/ehci-pci.ko prior of usage
[  152.011653] TRACE: Under /bin/tpmr
[  152.179565] TRACE: Under /bin/tpmr:tpm2_extend
[  152.422984] DEBUG: tpm2 pcrread sha256:5
  sha256:
    5 : 0xCBD4D57AFA9A32C653506FB18FB0D14426478FF807F21F5FA557FAAE0DFECD43
[  152.614516] DEBUG: Loading /lib/modules/ehci-pci.ko with busybox insmod
[  152.665931] ehci-pci: EHCI PCI platform driver
[  152.867967] TRACE: Under insmod.sh
[  152.943263] DEBUG: Extending TPM PCR 5 with /lib/modules/xhci-hcd.ko prior of usage
[  153.096062] TRACE: Under /bin/tpmr
[  153.238025] TRACE: Under /bin/tpmr:tpm2_extend
[  153.388504] DEBUG: tpm2 pcrread sha256:5
  sha256:
    5 : 0x983EE7FE32911EF63684D31730F41AB258909E045F47F68B39A48BB1FF860ED6
[  153.580377] DEBUG: Loading /lib/modules/xhci-hcd.ko with busybox insmod
[  153.821853] TRACE: Under insmod.sh
[  153.899466] DEBUG: Extending TPM PCR 5 with /lib/modules/xhci-pci.ko prior of usage
[  154.121277] TRACE: Under /bin/tpmr
[  154.225988] TRACE: Under /bin/tpmr:tpm2_extend
[  154.402558] DEBUG: tpm2 pcrread sha256:5
  sha256:
    5 : 0xA9A074D0DF65CBCEB80498B781E78D25C5E5C4485DBFE2D4CBEE8498E63077A2
[  154.569698] DEBUG: Loading /lib/modules/xhci-pci.ko with busybox insmod
[  154.699115] xhci_hcd 0000:00:04.0: xHCI Host Controller
[  154.701348] xhci_hcd 0000:00:04.0: new USB bus registered, assigned bus number 1
[  154.797563] xhci_hcd 0000:00:04.0: hcc params 0x00087001 hci version 0x100 quirks 0x0000000000000010
[  154.911012] hub 1-0:1.0: USB hub found
[  154.923887] hub 1-0:1.0: 4 ports detected
[  154.959206] xhci_hcd 0000:00:04.0: xHCI Host Controller
[  155.007180] xhci_hcd 0000:00:04.0: new USB bus registered, assigned bus number 2
[  155.059876] xhci_hcd 0000:00:04.0: Host supports USB 3.0 SuperSpeed
[  155.069166] usb usb2: We don't know the algorithms for LPM for this host, disabling LPM.
[  155.172223] hub 2-0:1.0: USB hub found
[  155.175404] hub 2-0:1.0: 4 ports detected
[  155.387213] usb 1-1: new high-speed USB device number 2 using xhci_hcd
[  155.732572] usb 2-2: new SuperSpeed Gen 1 USB device number 2 using xhci_hcd
[  155.945584] usb 1-3: new full-speed USB device number 3 using xhci_hcd
[  156.249900] usb 1-3: can't set config #1, error -32














┌──────────────────────────────────┤ Error ├───────────────────────────────────┐
│                                                                              │
│ Can't access USB Security Dongle;                                            │
│ Please remove and reinsert, then press Enter.                                │
│                                                                              │
│                                                                              │
│                                    <qemu: libusb_release_interface: -4 [NO_DEVICE]
[  165.387628] usb 1-3: USB disconnect, device number 3                        │
[  169.918061] usb 1-3: new full-speed USB device number 4 using xhci_hcd──────┘
[  170.088288] usb 1-3: can't set config #1, error -32
qemu: libusb_release_interface: -4 [NO_DEVICE]
[  175.467118] usb 1-3: USB disconnect, device number 4
[  182.026221] usb 1-3: new full-speed USB device number 5 using xhci_hcd



[  197.543696] TRACE: Under /bin/oem-factory-reset:usb_security_token_capabilities_check
[  197.623923] TRACE: Under /etc/ash_functions:enable_usb
[  197.859952] TRACE: Under /etc/functions:assert_signable

Detecting and setting boot device...

[  198.168924] TRACE: Under /etc/functions:detect_boot_device
[  198.648743] EXT4-fs (vda1): mounting ext2 file system using the ext4 subsystem
[  198.707757] EXT4-fs (vda1): mounted filesystem without journal. Opts: (null)
Boot device set to /dev/vda1

[  198.807400] TRACE: Under /etc/functions:replace_config
[  199.024568] TRACE: Under /etc/ash_functions:combine_configs

Resetting TPM...

[  199.218887] TRACE: Under /bin/tpmr
[  199.330371] TRACE: Under /bin/tpmr:tpm2_reset
[  199.448586] DEBUG: Caching TPM Owner Password to /tmp/secret/tpm_owner_password
[  200.758746] TRACE: Under /bin/tpmr:tpm2_startsession
[  202.078765] TRACE: Under oem-factory-reset:generate_inmemory_RSA_master_and_subkeys
Generating GPG key material in memory:
Generating GPG RSA 3072 bits master key...
Generating GPG RSA 3072 bits signing subkey...
Generating GPG RSA 3072 bits encryption subkey...
Generating GPG RSA 3072 bits authentication subkey...
[  250.977474] DEBUG: Setting public key to ultimate trust...
[  251.264857] TRACE: Under oem-factory-reset:wipe_thumb_drive_and_copy_gpg_key_material
[  251.400035] TRACE: Under oem-factory-reset:disconnect_external_USB_storage_device














┌────────┤ WARNING: Please disconnect any external USB storage device ├────────┐
│                                                                              │
│ An external USB storage device will be WIPED next.                           │
│                                                                              │
│ Please disconnect all external USB storage devices.                          │
│                                                                              │
│                                    <Ok>                                      │
│                                                                              │
└──────────────────────────────────────────────────────────────────────────────┘







[  253.638736] TRACE: Under oem-factory-reset:list_blkid_devices
[  254.018507] TRACE: Under /etc/ash_functions:enable_usb
[  254.181582] TRACE: Under /etc/functions:enable_usb_storage
Scanning for USB storage devices...
[  254.381674] TRACE: Under insmod.sh
[  254.468287] DEBUG: Extending TPM PCR 5 with /lib/modules/usb-storage.ko prior of usage
[  254.663116] TRACE: Under /bin/tpmr
[  254.788807] TRACE: Under /bin/tpmr:tpm2_extend
[  254.999811] DEBUG: tpm2 pcrread sha256:5
[  255.163280] DEBUG: Loading /lib/modules/usb-storage.ko with busybox insmod
[  255.304627] usb-storage 2-2:1.0: USB Mass Storage device detected
[  255.347767] scsi host6: usb-storage 2-2:1.0
[  255.359669] usbcore: registered new interface driver usb-storage
[  255.528838] TRACE: Under /etc/functions:list_usb_storage
[  255.656848] DEBUG: Listing USB storage devices (including partitions)
[  256.400505] scsi 6:0:0:0: Direct-Access     QEMU     QEMU HARDDISK    2.5+ PQ: 0 ANSI: 5
[  256.474096] sd 6:0:0:0: Attached scsi generic sg1 type 0
[  256.568543] sd 6:0:0:0: Power-on or device reset occurred
[  256.649418] sd 6:0:0:0: [sda] 524288 512-byte logical blocks: (268 MB/256 MiB)
[  256.682189] sd 6:0:0:0: [sda] Write Protect is off
[  256.685956] sd 6:0:0:0: [sda] Mode Sense: 63 00 00 08
[  256.741870] sd 6:0:0:0: [sda] Write cache: enabled, read cache: enabled, doesn't support DPO or FUA
[  256.894867]  sda: sda1 sda2
[  256.898835] TRACE: Under /etc/functions:list_usb_storage
[  257.060521] sd 6:0:0:0: [sda] Attached SCSI disk
[  257.160924] DEBUG: Listing USB storage devices (including partitions)
[  257.330190] DEBUG: USB storage device of size greater then 0: /sys/block/sda
[  257.535280] DEBUG: USB storage device with partition table: /dev/sda
[  257.687684] TRACE: Under oem-factory-reset:prompt_insert_to_be_wiped_thumb_drive














┌────────────┤ WARNING: Please insert the thumb drive to be wiped ├────────────┐
│                                                                              │
│ The thumb drive will be WIPED next.                                          │
│                                                                              │
│ Please have connected only the thumb drive to be wiped.                      │
│                                                                              │
│                                    <Ok>                                      │
│                                                                              │
└──────────────────────────────────────────────────────────────────────────────┘







[  258.723171] TRACE: Under oem-factory-reset:list_blkid_devices
[  259.133912] TRACE: Under /etc/luks-functions:select_luks_container_size_percent()













┌─────────────┤ Select LUKS container size percentage of device ├──────────────┐
│ Select LUKS container size percentage of device:                             │
│                                                                              │
│                                    10 10%                                    │
│                                    25 25%                                    │
│                                    50 50%                                    │
│                                    75 75%                                    │
│                                                                              │
│                                                                              │
│                     <Ok>                         <Cancel>                    │
│                                                                              │
└──────────────────────────────────────────────────────────────────────────────┘





[  259.932107] TRACE: Under /etc/luks-functions:prepare_thumb_drive()
[  260.028553] DEBUG: DEVICE to partition: /dev/sda
[  260.123467] DEBUG: PERCENTAGE of device that will be used for LUKS container: 10
[  260.201280] DEBUG: PASSPHRASE for LUKS container: provided













┌──────────┤ WARNING: Wiping and repartitioning /dev/sda of 256 MB ├───────────┐
│                                                                              │
│ WARNING: Wiping and repartitioning /dev/sda with 25 MB                       │
│  assigned to private LUKS contained private ext4 partition,                  │
│  rest assigned to extfat public partition.                                   │
│                                                                              │
│ Are you sure you want to continue?                                           │
│                                                                              │
│                     <Yes>                        <No>                        │
│                                                                              │
└──────────────────────────────────────────────────────────────────────────────┘






Preparing /dev/sda with 25 MB for private LUKS container while rest of device will be assigned to extfat public partition...

Please wait...
[  260.939966] DEBUG: Creating empty DOS partition table on device through fdisk to start clean
[  262.048639]  sda:
[  262.124906] DEBUG: partition device with two partitions: first one being the percent applied and rest for second partition through fdisk
[  263.243955]  sda: sda1 sda2
[  263.356687] DEBUG: cryptsetup luksFormat  first partition with LUKS container aes-xts-plain64 cipher with sha256 hash and 512 bit key
[  263.478603] DEBUG: Creating 25MB LUKS container on /dev/sda1...
[  263.561069] DEBUG: cryptsetup --batch-mode -c aes-xts-plain64 -h sha256 -s 512 -y luksFormat /dev/sda1 --key-file /dev/fd/63
[  279.262953] DEBUG: Opening LUKS device and mapping under /dev/mapper/private...
[  279.355503] DEBUG: cryptsetup open /dev/sda1 private --key-file /dev/fd/63
[  283.507955] DEBUG: Formatting LUKS container mapped under /dev/mapper/private as an ext4 partition...
[  284.022375] DEBUG: Closing LUKS device /dev/mapper/private...
[  284.259223] DEBUG: Formatting second partition /dev/sda2 with exfat filesystem...
Done.
[  284.569768] TRACE: Under oem-factory-reset:export_master_key_subkeys_and_revocation_key_to_private_LUKS_container
[  284.818461] TRACE: Under /bin/mount-usb
[  284.899198] DEBUG: Parameters: --mode=rw, --device=/dev/sda1, --mountpoint=/media, --pass=provided
[  285.000624] TRACE: Under /etc/ash_functions:enable_usb
[  285.199189] TRACE: Under /etc/functions:enable_usb_storage
[  285.364499] DEBUG: Cleaning /media directory
[  285.482559] TRACE: Under /etc/functions:list_usb_storage
[  285.628599] DEBUG: Listing USB storage devices (including partitions)
[  285.765912] DEBUG: USB storage device of size greater then 0: /sys/block/sda
[  285.999076] DEBUG: USB storage device with partition table: /dev/sda
[  286.145285] DEBUG: Checking if /dev/sda1 is a USB detected block device
[  286.312647] DEBUG: Selected device is a USB block device
[  286.410067] DEBUG: Checking if /dev/sda1 is a LUKS device/partition
[  286.537994] DEBUG: Selected USB partition is a LUKS device
[  286.654124] DEBUG: Opening LUKS device /dev/sda1
[  290.866334]  *** WARNING: Note that you cannot boot from a mounted encrypted device ***
[  292.010851] DEBUG: Setting USB_MOUNT_DEVICE=/dev/mapper/usb_mount_sda1
[  292.140460] DEBUG: Mounting /dev/mapper/usb_mount_sda1 as read-write
[  292.308365] EXT4-fs (dm-0): mounted filesystem with ordered data mode. Opts: (null)
[  292.422179] DEBUG: Exporting master key and subkeys to private LUKS container's partition...
[  294.222956] TRACE: oem-factory-reset:export_master_key_subkeys_and_revocation_key_to_private_LUKS_container done
[  294.288638] TRACE: Under oem-factory-reset:export_public_key_to_thumbdrive_public_partition
[  294.496070] TRACE: Under /bin/mount-usb
[  294.632259] DEBUG: Parameters: --mode=rw, --device=/dev/sda2, --mountpoint=/media, --pass=
[  294.714245] TRACE: Under /etc/ash_functions:enable_usb
[  294.949796] TRACE: Under /etc/functions:enable_usb_storage
[  295.079395] DEBUG: Cleaning /media directory
[  295.183569] TRACE: Under /etc/functions:list_usb_storage
[  295.304514] DEBUG: Listing USB storage devices (including partitions)
[  295.529685] DEBUG: USB storage device of size greater then 0: /sys/block/sda
[  295.718718] DEBUG: USB storage device with partition table: /dev/sda
[  295.910638] DEBUG: Checking if /dev/sda2 is a USB detected block device
[  296.028683] DEBUG: Selected device is a USB block device
[  296.151001] DEBUG: Checking if /dev/sda2 is a LUKS device/partition
[  296.358961] DEBUG: Selected USB partition is not a LUKS device, continuing...
[  296.485830] DEBUG: Mounting /dev/sda2 as read-write
[  296.820730] TRACE: oem-factory-reset:export_public_key_to_thumbdrive_public_partition done
[  296.892948] TRACE: Under oem-factory-reset:wipe_thumb_drive_and_copy_gpg_key_material done
[  296.988929] TRACE: Under /etc/ash_functions:combine_configs
[  297.122386] TRACE: Under oem-factory-reset:keytocard_subkeys_to_smartcard
[  297.231270] TRACE: Under /etc/ash_functions:enable_usb
[  297.491561] TRACE: Under /etc/functions:enable_usb_storage
[  302.210470] TRACE: Under oem-factory-reset:gpg_key_factory_reset
[  302.290002] TRACE: Under /etc/ash_functions:enable_usb
GPG factory reset of USB Security Dongle's smartcard...
[  314.277106] DEBUG: GPG setting RSA key length to 3072 bits...
[  317.230622] TRACE: oem-factory-reset:gpg_key_factory_reset done
Moving subkeys to smartcard...
[  324.604460] TRACE: oem-factory-reset:keytocard_subkeys_to_smartcard done

Changing default GPG Admin PIN

[  324.787691] TRACE: Under oem-factory-reset:gpg_key_change_pin
[  324.923152] DEBUG: Changing GPG key PIN
[  325.440510] TRACE: oem-factory-reset:gpg_key_change_pin done

Changing default GPG User PIN

[  325.503149] TRACE: Under oem-factory-reset:gpg_key_change_pin
[  325.621029] DEBUG: Changing GPG key PIN
[  326.176646] TRACE: oem-factory-reset:gpg_key_change_pin done

Exporting generated key to USB...

[  326.566969]  *** WARNING: Skipping flash of GPG key to ROM because we are running in QEMU without internal flashing support. ***
[  327.682191]  *** WARNING: Please review boards/qemu*/qemu*.md documentation to extract public key from raw disk and inject at build time ***
[  328.849151]  *** WARNING: Also review boards/qemu*/qemu*.config to tweak CONFIG_* options you might need to turn on/off manually at build time ***

Signing boot files and generating checksums...

[  330.023371] TRACE: Under oem-factory-reset:generate_checksums
[  330.139752] EXT4-fs (vda1): warning: mounting unchecked fs, running e2fsck is recommended
[  330.192694] EXT4-fs (vda1): re-mounted. Opts: (null)
[  330.360636] TRACE: Under /bin/tpmr
[  330.484362] TRACE: Under /bin/tpmr:tpm2_counter_create
[  330.560140] TRACE: Under /etc/functions:prompt_tpm_owner_password
[  330.635336] DEBUG: /tmp/secret/tpm_owner_password already cached in file. Reusing
3+0 records in
3+0 records out
3 bytes (3B) copied, 0.000406 seconds, 7.2KB/s
1267fbc: (valid after an increment)
[  331.136812] TRACE: Under /etc/functions:increment_tpm_counter
[  331.318935] TRACE: Under /bin/tpmr
[  331.456618] TRACE: Under /bin/tpmr:tpm2_counter_inc
[  332.031640] TRACE: Under oem-factory-reset:set_default_boot_option
[  332.303927] TRACE: Under /bin/kexec-parse-boot
[  332.413114] DEBUG: filedir= /boot/grub
[  332.522068] DEBUG: bootdir= /boot
[  332.616648] DEBUG: bootlen= 5
[  332.699217] DEBUG: appenddir= /grub
[  335.040158] DEBUG:  grub_entry : linux trimcmd prior of kernel/append parsing: linux /vmlinuz-6.1.0-13-amd64 root=/dev/mapper/debian--vg-root ro co
nsole=ttyS0 console=tty systemd.zram=0 quiet
[  335.367567] DEBUG:  grub_entry: linux initrd= /initrd.img-6.1.0-13-amd64
[  336.223325] DEBUG:  grub_entry : linux trimcmd prior of kernel/append parsing: linux /vmlinuz-6.1.0-13-amd64 root=/dev/mapper/debian--vg-root ro co
nsole=ttyS0 console=tty systemd.zram=0 quiet
[  336.606860] DEBUG:  grub_entry: linux initrd= /initrd.img-6.1.0-13-amd64
[  337.445891] DEBUG:  grub_entry : linux trimcmd prior of kernel/append parsing: linux /vmlinuz-6.1.0-13-amd64 root=/dev/mapper/debian--vg-root ro si
ngle console=ttyS0 console=tty systemd.zram=0
[  337.846321] DEBUG:  grub_entry: linux initrd= /initrd.img-6.1.0-13-amd64
[  338.654107] DEBUG:  grub_entry : linux trimcmd prior of kernel/append parsing: linux /vmlinuz-6.1.0-11-amd64 root=/dev/mapper/debian--vg-root ro co
nsole=ttyS0 console=tty systemd.zram=0 quiet
[  339.024555] DEBUG:  grub_entry: linux initrd= /initrd.img-6.1.0-11-amd64
[  339.892759] DEBUG:  grub_entry : linux trimcmd prior of kernel/append parsing: linux /vmlinuz-6.1.0-11-amd64 root=/dev/mapper/debian--vg-root ro si
ngle console=ttyS0 console=tty systemd.zram=0
[  340.258752] DEBUG:  grub_entry: linux initrd= /initrd.img-6.1.0-11-amd64
[  341.101303] DEBUG:  grub_entry : linux trimcmd prior of kernel/append parsing: linux /vmlinuz-6.1.0-10-amd64 root=/dev/mapper/debian--vg-root ro co
nsole=ttyS0 console=tty systemd.zram=0 quiet
[  341.497686] DEBUG:  grub_entry: linux initrd= /initrd.img-6.1.0-10-amd64
[  342.360614] DEBUG:  grub_entry : linux trimcmd prior of kernel/append parsing: linux /vmlinuz-6.1.0-10-amd64 root=/dev/mapper/debian--vg-root ro si
ngle console=ttyS0 console=tty systemd.zram=0
[  342.738990] DEBUG:  grub_entry: linux initrd= /initrd.img-6.1.0-10-amd64
[  343.166087] TRACE: Under /bin/kexec-boot
[  343.403379] DEBUG: kexectype= elf
[  343.542500] DEBUG: restval=
[  343.679673] DEBUG: filepath= /boot/vmlinuz-6.1.0-13-amd64
[  343.805305] DEBUG: kexeccmd= kexec -d -l /boot/vmlinuz-6.1.0-13-amd64
[  347.913916] TRACE: oem-factory-reset:set_default_boot_option done
[  347.998319] DEBUG: Generating hashes
[  358.047275] TRACE: Under /etc/functions:print_tree
[  358.189164] DEBUG: Detach-signing boot files under kexec.sig: /boot/kexec_default.1.txt
[  358.262603] /boot/kexec_default_hashes.txt
[  358.340089] /boot/kexec_hashes.txt
[  358.436415] /boot/kexec_rollback.txt
[  358.487249] /boot/kexec_tree.txt
[  360.438336] TRACE: Under /etc/functions:check_config
[  360.651208] TRACE: Under /bin/gpgv
[  360.818066] EXT4-fs (vda1): re-mounted. Opts: (null)
[  360.925950] TRACE: oem-factory-reset:generate_checksums done













┌────────────────────────────┤ Configured secrets ├────────────────────────────┐
│                                                                              │
│                                                                              │
│                                                                              │
│ TPM Owner Password: Insurgo Open Technologies                                │
│ GPG Admin PIN: Insurgo Open                                                  │
│ GPG User PIN: Insurgo Tech                                                   │
│ GPG key material backup passphrase: Insurgo Open                             │
│                                                                              │
│                                    <Ok>                                      │
│                                                                              │
└──────────────────────────────────────────────────────────────────────────────┘
















┌────────────────┤ OEM Factory Reset / Re-Ownership Complete ├─────────────────┐
│                                                                              │
│                                                                              │
│     OEM Factory Reset / Re-Ownership has completed successfully              │
│                                                                              │
│                                                                              │
│     After rebooting, you will need to generate new TOTP/HOTP secrets         │
│                                                                              │
│     when prompted in order to complete the setup process.                    │
│                                                                              │
│                                                                              │
│     Press Enter to reboot.                                                   │
│                                                                              │
│                                    <Ok>                                      │
│                                                                              │
└──────────────────────────────────────────────────────────────────────────────┘

Analysis:

• [ 202.078765] TRACE: Under oem-factory-reset:generate_inmemory_RSA_master_and_subkeys
• [ 251.264857] TRACE: Under oem-factory-reset:wipe_thumb_drive_and_copy_gpg_key_material
  In memory key-gen took 251-202 seconds 49 seconds over qemu (this is loooong. It takes seconds over real hardware
• [ 314.277106] DEBUG: GPG setting RSA key length to 3072 bits...
• [ 317.230622] TRACE: oem-factory-reset:gpg_key_factory_reset done
  - [ 324.604460] TRACE: oem-factory-reset:keytocard_subkeys_to_smartcard done
  Setting key attributes took ~3 seconds, moving subkeys to card took ~7 seconds for a total of less then 60 seconds to generate subkeys usable from smartcard and where backup depends of size of the drive and here is irrelevant to show details since QEMU IO operations are not comparable.

---

After injecting public key to rom and enabling CONFIG_HAVE_GPG_KEY_BACKUP=y in used qemu board config (and disabling debug and tracing)

• sudo losetup --find --partscan ~/heads/build/x86/qemu-coreboot-whiptail-tpm1/usb_fd.raw
• sudo mount /dev/loop0p2 /media/
• cp /media/pubkey.asc ~/
• sudo umount /media
• sudo losetup --detach /dev/loop0
• sed 's/#export CONFIG_HAVE_GPG_KEY_BACKUP=y/export CONFIG_HAVE_GPG_KEY_BACKUP=y/g' -i boards/qemu-coreboot-whiptail-tpm2/qemu-coreboot-whiptail-tpm2.config
• make CPUS=16 BOARD=qemu-coreboot-whiptail-tpm2 USB_TOKEN=Nitrokey3NFC PUBKEY_ASC=~/pubkey.asc ROOT_DISK_IMG=~/QubesIncoming/heads-tests/root.qcow2 inject_gpg && make BOARD=qemu-coreboot-whiptail-tpm2 USB_TOKEN=NitrokeyPro PUBKEY_ASC=~/pubkey.asc ROOT_DISK_IMG=~/QubesIncoming/heads-tests/root.qcow2 INSTALL_IMG=~/heads/build/x86/qemu-coreboot-whiptail-tpm1/usb_fd.raw run

[    8.395405] Run /init as init process
[    8.420807]   with arguments:
[    8.431346]     /init
[    8.464594]   with environment:
[    8.490862]     HOME=/
[    8.534559]     TERM=linux
[    8.690434] [U] hello world
!!! Hit enter to proceed to recovery shell !!!

!!!!! Console recovery shell
  sha256:
    4 : 0x51737C77C481AA22095B38D38FC9FD494B0FFA4EAE7D3AC238082083D0AFD614
!!!!! Please authenticate with OpenPGP smartcard/backup media to prove you are the owner of this machine !!!!!
Please confirm that your GPG card is inserted(Y/n) or your GPG key material (b)backup thumbdrive is inserted [Y/n/b]: b

Please enter GPG Admin PIN needed to use the GPG backup thumb drive: 
 *** WARNING: Please select encrypted LUKS on GPG key material backup thumb drive (not public labeled one) ***
  sha256:
    5 : 0x3E86F4F0A9B0CCD0DF0C2DDA1B9ED0D7C00CBA3524105741761A73A0ACCEB15E
  sha256:
    5 : 0xAD568C6F572EC4C30388BDC250439AECEFE4AD6F458266DFB771C1A92BF5DE07
  sha256:
    5 : 0x56AF2472FA41E5944CBDDDF9B2C786BF091EDC9653C8261B038D8137144AE1FC
  sha256:
    5 : 0xECE66C65361DDA5083AA17B98928D086BCF387FC83DCBBC646A21DBB980DF22F
  sha256:
    5 : 0xCBD4D57AFA9A32C653506FB18FB0D14426478FF807F21F5FA557FAAE0DFECD43
  sha256:
    5 : 0x983EE7FE32911EF63684D31730F41AB258909E045F47F68B39A48BB1FF860ED6
  sha256:
    5 : 0xA9A074D0DF65CBCEB80498B781E78D25C5E5C4485DBFE2D4CBEE8498E63077A2
[   32.261524] usb 1-3: can't set config #1, error -32
Scanning for USB storage devices...







┌───────────────────────────┤ Select your USB disk ├───────────────────────────┐
│ Choose your USB disk [1-2, a to abort]:                                      │
│                                                                              │
│                              1 /dev/sda1                                     │
│                              2 /dev/sda2_public                              │
│                              a Abort                                         │
│                                                                              │
│                                                                              │
│                     <Ok>                         <Cancel>                    │
│                                                                              │
└──────────────────────────────────────────────────────────────────────────────┘






 *** WARNING: Note that you cannot boot from a mounted encrypted device ***
++++ Testing detach-sign operation and verifiying against fused public key in ROM
++++ Local GPG keyring can be used to sign/encrypt/authenticate in this boot session ++++
!!!!! Starting recovery shell
~ # 

or

[tlaurion]

@JonathonHall-Purism

*** WARNING: GPG key material will be generated on USB Security Dongle's smartcard wtihout backup *** I don't think this should be a warning. This is normal for a lot of users that just use the GPG key on the dongle with Heads, I would tell them to ignore this warning. If we get users accustomed to ignoring warnings, the warnings lose their meaning.

Fixed under 160367d

OEM reset failed when attempting to use a single password for everything and with USB dongle only (no flash drive). Said Error signing kexec boot files: gpg: signing failed: Bad PIN (qemu-coreboot-fbwhiptail-tpm1-hotp)

Saying N to encrypted USB thumb drive should say GPG User PIN is getting set GPG_GEN_KEY_IN_MEMORY=0 doesn't align with -z (empty) tests later. Suggest sticking with the "y or not-y" convention for booleans we use elsewhere for the new booleans in this file

Fixed under 3787293

[JonathonHall-Purism]

The refactors all look great, confirmed everything reported above was fixed. Testing the new functionality now on L1UM v2 (TPM2).

@tlaurion I didn't unplug my flash drive when it asked me to remove all external USB devices (to see what happens). It still selected that flash drive automatically when I continued. Isn't this supposed to exclude USB devices that remained connected? I figured this was to exclude internal USB devices, like the Librem 14's SD card reader.

edit: Then when I looked back after posting this, it had errored out and sent me back to the main menu (no error prompt). This was on the console:

750 MB is right, it's an "8GB" flash drive and I selected 10%. So it had the right device, I'll pull it and see what it put on there.

[tlaurion]

@tlaurion I didn't unplug my flash drive when it asked me to remove all external USB devices (to see what happens). It still selected that flash drive automatically when I continued. Isn't this supposed to exclude USB devices that remained connected? I figured this was to exclude internal USB devices, like the Librem 14's SD card reader.

@JonathonHall-Purism I'll rework the removal/insert prompt to list all usb connected block devices and list capacity for user to select disk prior of confirming once after selection for wiping.

edit: Then when I looked back after posting this, it had errored out and sent me back to the main menu (no error prompt). This was on the console:

newer librems based on config/linux-librem_common-6.1.8.config didn't have EXFAT support in the kernel. That was fixed under 23c967f

(Note that CircleCI is having temporarily difficulties fetching tarballs on coreboot build as of now, and also flash boards seem to have race condition (what? Why!) so I might disable the builds in CircleCI here if they fail on clean cache. Nitrokey deprecated them and I will do the same, moving them to boards/UNSUPPORTED_ boardname if they cause problem on a rerun. No time for that anymore. Was told before, might be the time for it now.)

[JonathonHall-Purism]

Thanks @tlaurion. Kconfig changes look good, saved as defconfig locally to compare, we'll stick to oldconfig going forward. Let me know when USB device selection is ready for review again 👍

[tlaurion]

Let me know when USB device selection is ready for review again

@JonathonHall-Purism that would be that moment :)

[JonathonHall-Purism]

@tlaurion I tested this a lot and made some changes to smooth out the OEM reset flow with flash drive format:

https://github.com/JonathonHall-Purism/heads/commits/oem_reset_fd_sel_improvement

Changes:

commit a925219efb526188780ecba8d3fc8c8961405816
Author: Jonathon Hall <jonathon.hall@puri.sm>
Date:   Mon Nov 13 13:54:37 2023 -0500

    oem-factory-reset: Improve prompt flow formatting flash drive
    
    Combine prompt to disconnect other devices with prompt to connect the
    desired device.
    
    Show block device sizes in MB/GB when selecting device so it is easier
    to select.  file_selector now supports --show-size to include block
    device sizes in menu.
    
    Rework file_selector so menu options can contain spaces (use bash
    array) and to simplify logic.
    
    Prompt to select flash drive and LUKS percentage in OEM reset before
    actually taking any actions, so aborting doesn't half-reset the system.
    
    Abort OEM reset if user aborts the flash drive selection instead of
    looping forever.  (Canceling the confirmation still loops to retry but
    it is possible to exit by aborting the repeated menu.)
    
    Signed-off-by: Jonathon Hall <jonathon.hall@puri.sm>

commit d39fc26dd95ae4b7a82376ede49e9a2612cafa36
Author: Jonathon Hall <jonathon.hall@puri.sm>
Date:   Mon Nov 13 14:37:19 2023 -0500

    oem-factory-reset: Move format confirmation before resetting anything
    
    Move confirmation of formatting flash drive with LUKS percentage
    selection before any reset actions have been taken, so aborting does
    not result in a half-reset system.  Combine with the more basic
    "confirm" prompt that existed after selecting the device (but did not
    include the LUKS size information).
    
    Split up prepare_flash_drive into interactive_prepare_flash_drive (both
    prompts and formats as before), confirm_thumb_drive_format (just
    confirms the selections), and prepare_thumb_drive (now noninteractive).
    
    Signed-off-by: Jonathon Hall <jonathon.hall@puri.sm>

commit 97d903f22a7ab1b4abb3eca09dbf7db165cb065b (HEAD -> oem_reset_fd_sel_improvement, github-jh/oem_reset_fd_sel_improvement)
Author: Jonathon Hall <jonathon.hall@puri.sm>
Date:   Mon Nov 13 14:52:09 2023 -0500

    oem-factory-reset: Don't repeat "insert flash drive" message
    
    Don't repeat this message if the user says "no" to the confirmation
    prompt.  Go directly to the menu.
    
    Signed-off-by: Jonathon Hall <jonathon.hall@puri.sm>

This is the resulting sequence. All prompts occur before OEM reset starts to reset anything, so aborting will not leave a half-reset system. You can now abort by aborting the flash drive selection (no longer loops in this case). Deduplicated some prompts. Put some of the better-size-display enhancements in the more specific confirmation prompt and used that instead of the more basic one.

[tlaurion]

Wow @JonathonHall-Purism . Merging disk sizes with prompts is a really good flow improvement, and your changes to parametrize functions makes it easier to understand, follow and improve further as well. Wow!

I think it's a merge day! Doing one last whole test case on real hardware and as discussed I will merge (reviewing your changes on top of the changes you reviewed and applied changes you saw fit better.)

I really love the graphics and your work on this! Awesome collaboration! I'm in awwwwwwwe! :)

[JonathonHall-Purism]

Thanks @tlaurion ! I think this is a great result. Merge when ready! 💯