Discovery of Clevo Boot Guard Signing Keys
I may have uncovered the Clevo Boot Guard signing keys, which might have been staring us in the face all along. I need help from those more experienced in this field to develop a method for disabling BootGuard using a modified, SIGNED OEM BIOS. This could enable flashing mods or Coreboot distros onto Clevo laptops. I know only enough to be dangerous!
I also know this is a potential (ok, well it just is) a very large security vulnerability. Don't download random bioses unless it's from Clevo or self modified! I'm not responsible for bricking your machine if we get that far, and you should have a dump of your running bios and a ch341a programmer anyway! I could have probably profited off this as a bug bounty issue or something, but instead am being altruistic as I want more coreboot in the world!
Also note that aside from bootguard, the other applications in this package appear to be the full shebang necessary to produce flashable, OEM firmware update files. Be careful!
Now before you go posting this on reddit or whatever, let's make sure it is what I think it is so we don't get pie on our face...
Background
- Context: Since the 10th or 11th generation of Core CPUs, Clevo has been using BootGuard, making BIOS modding and using System76 and Dasharo ports difficult or really, impossible.
- Motivation: After my System76 machine failed, I chose a more affordable Clevo laptop since I like the hardware and the potential firmware hackability, but didn't really want to pay the premium and be locked into limited hardware choices, when their (and Dasharo's) firmware would work with other Clevo machines with slight modification. I want to mod the BIOS and/or install a coreboot distro and open source EC firmware on this new machine - ideally Dasharo, or the System76 firmware, if not vanilla coreboot.
Resources
- BIOS Repositories:
- Official Clevo BIOS: https://my.hidrive.com/share/yze8mg-wf8#$/BIOS%20and%20EC%20Firmware/CLEVO
- User-Created Repository (user: repo, pass: repo): https://repo.palkeo.com/clevo-mirror/
- Example BIOS Image + Tools:
- P_Series/PDxx_Series/PDxxSxx/PDxxSNED/B10717.zip
Please note that there are various readmes, pdf/doc guides, and a text file with some instructions in the above zip. That last one needs translated from Chinese to English to read in my case (thanks Google), but there are further clues inside of these documents, as well.
Current Process
The BIOS rebuild batch files are messy, so you’ll need to work from within the BpmGen2 directory and copy the relevant files there to ensure everything functions correctly. Here’s the process:
- Extract Keys:
Use
BootGuardKey.exeto extract 4 PEM key files (public and private). These keys are embedded in plaintext within the executable, indicating they are used across various BootGuard-enabled Clevo machines. Security by obscurity! Make sure to copy the pem files to the BpmGen2 directory - running it a second time deletes the keys, running it a 3rd extracts them again... "Secure." The extracted keys are essential for generating the key manifest and signing the BIOS images. - Copy Files:
Locate from the tree the below two files, and relocate and rename them inside the BpmGen2 directory accordingly:
@copy /b PD5xSNC.BIN Tool\RaptorLakeS_FIT.fd @copy /b RaptorLakeS.fdm Tool\RaptorLakeS.fdm - Patch Hash:
@PatchFdmHash.exe RaptorLakeS_FIT.fd RaptorLakeS.fdm - Generate Key Manifest:
@BpmGen2.exe KMGEN -KEY pubkey.pem BPM -SIGNKEY keyprivkey.pem -SIGNPUBKEY keypubkey.pem -SIGHASHALG SHA384 -SCHEME RSAPSS -KMKHASH SHA384 -KMID 0x01 -SVN 1 -KM Manifest.bin -d:2 >bpmgen2_km.txt - Generate Signed Boot Guard:
@BpmGen2\BpmGen2.exe GEN RaptorLakeS_FIT.fd bpmgen2.params -BPM Manifest.bin -U RaptorLakeS.fd -KM KeyManifest.bin -d:2 >bpmgen2_bpm.txt - Verify Signatures:
Use
BpmGen2.exe INFOto verify the signatures of the specific pieces processed by theBpmGen2tool. This ensures that the key manifest and BIOS image segments match the official release.
Past this point, I have not yet determined what else needs done because I was up way too late figuring this much out. I was hoping for some help and confirmation if possible on this discovery, but if nobody else pitches in, I'll eventually get to it but it may be a few weeks.
Next Steps
- Disable BootGuard (mode 0) to allow for custom firmware or replacement with Coreboot. This will be with the CSME mfit tool?
- Help Appreciated - Assistance with the final steps to disable BootGuard and complete the confirmation and modification process is much appreciated! I'll work on this when I can but I'm exhausted!
[color=blue][u]Edit by Fernando:[/u] Thread title shortened and specified[/color]