In Oracle Solaris, boot verification is performed by means of elfsign signatures or keys. At the factory, Oracle Solaris kernel modules are signed with these keys. Because of their file format, these modules are also called ELF objects. The signature is created by using the SHA-1 or SHA-256 checksums of selected ELF records in an object file. The SHA-1 or SHA-256 checksums are signed with a RSA-2048 private and public key pair. The public key is distributed in /etc/certs while the private key is not distributed.
All keys are stored in the system's pre-boot environment, which is the software or firmware that runs prior to the booting of Oracle Solaris. The firmware loads and boots platform/.../unix.
The pre-boot environment differs for each category of systems. The supported pre-boot environment for each category is as follows:
Legacy SPARC systems and x86 systems - These systems have no storage capabilities outside the filesystem so configuration settings for boot verification are stored in the filesystem itself. Specifically, the configuration information is stored in /etc/system. The keys are stored in /etc/certs/*SE in the root filesystem and boot archive.
SPARC systems with verified-boot support in their Oracle Integrated Lights Out Manager (ILOM) - Keys and configuration settings are stored in Oracle ILOM.
Because Oracle ILOM is outside the operating system's filesystem, verified boot configuration is protected from tampering by users of the operating system, including those with administrator (root) privileges. Thus, verified boot in this category of systems is more secure.
You must ensure that access to Oracle ILOM is secure to prevent unauthorized changes to the verified boot configuration. For more information about securing Oracle ILOM, refer to the documentation at http://www.oracle.com/goto/ILOM/docs.
SPARC M5 Series, SPARC M6 series, and SPARC T5 series - Configuration settings are stored in the system's Oracle ILOM. The SPARC firmware sends the configuration information to Oracle Solaris.