The On-Die Certificate Authority (ODCA) is a feature added to Intel CSME hardware starting from Tiger Lake. It replaces the existing Intel EPID signing algorithm, which is planned for deprecation.
The On-Die Certificate Authority is used for issuing certificates for Intel CSE applications (e.g., Intel AMT). Each platform is manufactured with a unique ODCA key and certificate.
• The Intel AMT ODCA certificate can be used as an Intel AMT TLS Server certificate for PKI MTLS (mutual TLS) provisioning, assuring that the configuration software is communicating with authentic Intel AMT firmware.
• Before provisioning Intel AMT and after Intel AMT has been provisioned, the Intel AMT ODCA Certificate can be used to verify that the Intel AMT firmware has not been revoked because of a vulnerability by checking the ODCA certificate chain against the Intel ODCA CRL. (Use the AMT_GeneralSettings.AMTAuthenticate challenge response for post provisioning). This allows you to update the firmware before the system is compromised
• You can use the CSME ODCA ROM certificate (the 4th certificate in the chain including the leaf certificate) or its hash for maintaining a persistent non-spoofable hardware identifier of the device. Use the AMT_GeneralSettings.AMTAuthenticate challenge response to verify the identity. This is also useful for strong verification of the identity of the device connecting to a CIRA MPS gateway before exposing any Intel AMT credentials to the device.
• When operating system software collects the contents of the Intel AMT Audit Log for monitoring Intel AMT before or after Intel AMT provisioning via the CFG_GetAuditLogRecords MEI command, it can use the CFG_GetAuditLogSignature command to request an ODCA signature over the Audit Log contents. This is useful when Intel AMT is not provisioned, and for environments that lack a TLS setup. Use the ODCA ROM certificate hash to verify the identity of the device from which the log originated.
This section describes how to verify the ODCA certificate chain, including verifying that this is an Intel AMT certificate. The ODCA certificate chain is verified like any other certificate chain, with the following properties:
• For the leaf certificate: Verify that in the Subject field the Common Name field is:
|
Field Value |
Means |
|
iAMT-RCFG |
For Intel AMT Server certificate during remote configuration with TLS-PKI |
|
iAMT-AuditL |
MEI API that reads the ODCA signed AMT Audit Log |
|
iAMT-WSMAN |
WS-MAN Authenticate command |
• Verify that the Intel ODCA Root CA is at the root of the certificate chain: https://tsci.intel.com/content/OnDieCA/certs/OnDie_CA_RootCA_Certificate.cer
• Verify against the Intel ODCA CRL that no certificate in the chain has been revoked.
• Recommended: Verify that you are communicating with a device that you manage:
• When provisioning Intel AMT, store a hash of the Intel CSME ROM ODCA certificate that is baked into the device fuses and is therefore persistent and not replaceable.
• The ODCA ROM certificate is identified in the chain by the Subject CN field including “ROM CA” in it (the 4th certificate in the chain including the leaf certificate).
• Note that it is also recommended that the management console store the digest realm for each platform, as this is also unique per device and per Intel AMT provisioning instance.
For platforms that support the Intel Unique Platform ID, the Intel AMT ODCA certificate also includes the Unique Platform ID. The UPID is included in the certificate as defined in IEEE 802.1AR for an IDevID certificate.
The Unique Platform ID has 2 parts. The first 32 bytes are the OEM Platform ID and are set by the OEM and stored in CSME protected NVM. The OEM can replace this part of the UPID when a device is refurbished/repurposed. The second 32 bytes are the “CSME HW ID” and are set by the Intel CSME firmware and derived from chipset fuses.
|
OEM Platform ID |
Truncated SHA256 (ROM CA Certificate) |
Reserved |
Ref. Cntr |
HW Gen |
OEM ID |
|
32 bytes |
20 bytes |
60 bits |
4 bits |
2 bytes |
2 bytes
|
Note: The OEM ID field is specified in little endian format. E.g., an OEM ID of 0xabcd is represented as 0xcdab.
|
Field
in UPID |
Size |
Description |
Location
in the AMT IDevID On-Die CA Certificate |
|
|
OEM
Platform ID |
32
bytes |
Platform
ID set by the OEM (Optional) |
In
Subject field X520SerialNumber attribute per IEEE 802.1AR |
|
|
CSME
HW ID |
Truncated
SHA256 (ROM CA certificate) |
20
bytes |
The
first 20 bytes of the SHA-256 hash over the ODCA ROM Certificate. When
verifying the ODCA certificate chain it is recommended to verify that there
is a match. |
In
subjectAltName field per IEEE
802.1AR and RFC 4108 Note: The OEM ID at the end of the CSME HW ID in the SubjectAltName field is represented in little endian format, i.e., for Intel this is 8680 instead of 8086. The
OEM ID is also represented in the Subject field in the
X520OrganizationName attribute. In this case it is represented in big endian format,
e.g., 8086. |
|
Ref.
Counter |
4
bits |
Refurbish
Counter implemented in CSME as 16 refurbish fuses. The
OEM BIOS can increment the refurbish counter when device is refurbished or
repurposed up to 16 times. |
||
|
HW
Gen |
2
bytes |
An
ID allocated by Intel that identifies the generation of the HW e.g. TGL, ADL
etc. |
||
|
OEM
ID |
2
bytes |
PCIe
Vendor ID allocated by PCI-SIG of the OEM who
manufactured the device in hex characters (e.g. Intel PCIe Vendor ID is 8086.
Here we would have an OEM vendor ID). The
OEM configures this value into the CSME fuses during manufacturing. |
||
HardwareModuleName ::= SEQUENCE {
hwType OBJECT IDENTIFIER
hwSerialNum OCTET STRING}
hwType: 2.16.840.1.113741.1.5.3.6.1 indicates that this is a CSME ODCA Certificate
hwSerialNum: is a 32 byte “CSME HW ID”. The first 20 bytes are from the first 20 bytes of the SHA256 hash of the ODCA ROM certificate. It is recommended to verify that they match.
When an increase in SVN is detected in the Intel AMT firmware version via the AMT_GeneralSettings.AMTAuthenticate command, the keys and passwords in Intel AMT need to be replaced.
Copyright © 2006-2022, Intel Corporation. All rights reserved.