From f46084b63fb818e2aea9289f97dbfbd4a6b25c36 Mon Sep 17 00:00:00 2001 From: Sree Revoori Date: Wed, 24 Jan 2024 17:27:58 +0000 Subject: [PATCH] Remove ExtendTci and rename DeriveChild to DeriveContext --- dpe/Cargo.toml | 3 +- dpe/fuzz/src/fuzz_target_1.rs | 3 +- dpe/src/commands/certify_key.rs | 2 +- .../{derive_child.rs => derive_context.rs} | 437 +++++++++++++----- dpe/src/commands/destroy_context.rs | 38 +- dpe/src/commands/extend_tci.rs | 168 ------- dpe/src/commands/initialize_context.rs | 2 + dpe/src/commands/mod.rs | 20 +- dpe/src/commands/sign.rs | 8 +- dpe/src/context.rs | 4 + dpe/src/dpe_instance.rs | 19 +- dpe/src/response.rs | 8 +- dpe/src/support.rs | 30 +- dpe/src/x509.rs | 40 +- simulator/src/main.rs | 21 +- tools/src/sample_dpe_cert.rs | 12 +- verification/client/abi.go | 147 ++---- verification/client/client.go | 5 +- verification/testing/certifyKey.go | 4 +- verification/testing/extendTCI.go | 177 ------- verification/testing/initializeContext.go | 2 +- verification/testing/negativeCases.go | 75 +-- verification/testing/rotateContextHandle.go | 2 +- verification/testing/sign.go | 2 +- verification/testing/simulator.go | 24 +- verification/testing/verification.go | 18 +- 26 files changed, 518 insertions(+), 753 deletions(-) rename dpe/src/commands/{derive_child.rs => derive_context.rs} (62%) delete mode 100644 dpe/src/commands/extend_tci.rs delete mode 100644 verification/testing/extendTCI.go diff --git a/dpe/Cargo.toml b/dpe/Cargo.toml index 9c2d40d0..d91b3779 100644 --- a/dpe/Cargo.toml +++ b/dpe/Cargo.toml @@ -12,7 +12,7 @@ dpe_profile_p384_sha384 = ["platform/dpe_profile_p384_sha384"] # Run ARBITRARY_MAX_HANDLES=n cargo build --features arbitrary_max_handles to use this feature arbitrary_max_handles = [] disable_simulation = [] -disable_extend_tci = [] +disable_recursive = [] disable_auto_init = [] disable_rotate_context = [] disable_x509 = [] @@ -21,6 +21,7 @@ disable_is_symmetric = [] disable_internal_info = [] disable_internal_dice = [] disable_is_ca = [] +disable_retain_parent_context = [] [dependencies] bitflags = "2.4.0" diff --git a/dpe/fuzz/src/fuzz_target_1.rs b/dpe/fuzz/src/fuzz_target_1.rs index 36184dbe..1b1ecf62 100644 --- a/dpe/fuzz/src/fuzz_target_1.rs +++ b/dpe/fuzz/src/fuzz_target_1.rs @@ -76,12 +76,11 @@ fn harness(data: &[u8]) { let response_code = match response { Response::GetProfile(ref res) => res.resp_hdr.status, Response::InitCtx(ref res) => res.resp_hdr.status, - Response::DeriveChild(ref res) => res.resp_hdr.status, + Response::DeriveContext(ref res) => res.resp_hdr.status, Response::RotateCtx(ref res) => res.resp_hdr.status, Response::CertifyKey(ref res) => res.resp_hdr.status, Response::Sign(ref res) => res.resp_hdr.status, Response::DestroyCtx(ref resp_hdr) => resp_hdr.status, - Response::ExtendTci(ref res) => res.resp_hdr.status, Response::GetCertificateChain(ref res) => res.resp_hdr.status, Response::Error(ref resp_hdr) => resp_hdr.status, }; diff --git a/dpe/src/commands/certify_key.rs b/dpe/src/commands/certify_key.rs index 279bd9b9..577ecb6e 100644 --- a/dpe/src/commands/certify_key.rs +++ b/dpe/src/commands/certify_key.rs @@ -100,7 +100,7 @@ impl CommandExecution for CertifyKeyCmd { label: &self.label, tci_nodes: &nodes[..tcb_count], is_ca: self.uses_is_ca(), - supports_extend_tci: dpe.support.extend_tci(), + supports_recursive: dpe.support.recursive(), }; let mut issuer_name = [0u8; MAX_CHUNK_SIZE]; diff --git a/dpe/src/commands/derive_child.rs b/dpe/src/commands/derive_context.rs similarity index 62% rename from dpe/src/commands/derive_child.rs rename to dpe/src/commands/derive_context.rs index 26d15e49..dee92ed9 100644 --- a/dpe/src/commands/derive_child.rs +++ b/dpe/src/commands/derive_context.rs @@ -3,7 +3,7 @@ use super::CommandExecution; use crate::{ context::{ActiveContextArgs, Context, ContextHandle, ContextState}, dpe_instance::{DpeEnv, DpeInstance, DpeTypes}, - response::{DeriveChildResp, DpeErrorCode, Response, ResponseHdr}, + response::{DeriveContextResp, DpeErrorCode, Response, ResponseHdr}, tci::TciMeasurement, DPE_PROFILE, }; @@ -11,57 +11,63 @@ use bitflags::bitflags; #[repr(C)] #[derive(Debug, PartialEq, Eq, zerocopy::FromBytes, zerocopy::AsBytes)] -pub struct DeriveChildFlags(u32); +pub struct DeriveContextFlags(u32); bitflags! { - impl DeriveChildFlags: u32 { + impl DeriveContextFlags: u32 { const INTERNAL_INPUT_INFO = 1u32 << 31; const INTERNAL_INPUT_DICE = 1u32 << 30; - const RETAIN_PARENT = 1u32 << 29; + const RETAIN_PARENT_CONTEXT = 1u32 << 29; const MAKE_DEFAULT = 1u32 << 28; const CHANGE_LOCALITY = 1u32 << 27; const INPUT_ALLOW_CA = 1u32 << 26; const INPUT_ALLOW_X509 = 1u32 << 25; + const RECURSIVE = 1u32 << 24; } } #[repr(C)] #[derive(Debug, PartialEq, Eq, zerocopy::FromBytes, zerocopy::AsBytes)] -pub struct DeriveChildCmd { +pub struct DeriveContextCmd { pub handle: ContextHandle, pub data: [u8; DPE_PROFILE.get_hash_size()], - pub flags: DeriveChildFlags, + pub flags: DeriveContextFlags, pub tci_type: u32, pub target_locality: u32, } -impl DeriveChildCmd { +impl DeriveContextCmd { const fn uses_internal_info_input(&self) -> bool { - self.flags.contains(DeriveChildFlags::INTERNAL_INPUT_INFO) + self.flags.contains(DeriveContextFlags::INTERNAL_INPUT_INFO) } const fn uses_internal_dice_input(&self) -> bool { - self.flags.contains(DeriveChildFlags::INTERNAL_INPUT_DICE) + self.flags.contains(DeriveContextFlags::INTERNAL_INPUT_DICE) } pub const fn retains_parent(&self) -> bool { - self.flags.contains(DeriveChildFlags::RETAIN_PARENT) + self.flags + .contains(DeriveContextFlags::RETAIN_PARENT_CONTEXT) } const fn makes_default(&self) -> bool { - self.flags.contains(DeriveChildFlags::MAKE_DEFAULT) + self.flags.contains(DeriveContextFlags::MAKE_DEFAULT) } pub const fn changes_locality(&self) -> bool { - self.flags.contains(DeriveChildFlags::CHANGE_LOCALITY) + self.flags.contains(DeriveContextFlags::CHANGE_LOCALITY) } const fn allows_ca(&self) -> bool { - self.flags.contains(DeriveChildFlags::INPUT_ALLOW_CA) + self.flags.contains(DeriveContextFlags::INPUT_ALLOW_CA) } const fn allows_x509(&self) -> bool { - self.flags.contains(DeriveChildFlags::INPUT_ALLOW_X509) + self.flags.contains(DeriveContextFlags::INPUT_ALLOW_X509) + } + + pub const fn is_recursive(&self) -> bool { + self.flags.contains(DeriveContextFlags::RECURSIVE) } /// Whether it is okay to make a default context. @@ -156,7 +162,7 @@ impl DeriveChildCmd { } } -impl CommandExecution for DeriveChildCmd { +impl CommandExecution for DeriveContextCmd { fn execute( &self, dpe: &mut DpeInstance, @@ -166,6 +172,7 @@ impl CommandExecution for DeriveChildCmd { // Make sure the operation is supported. if (!dpe.support.internal_info() && self.uses_internal_info_input()) || (!dpe.support.internal_dice() && self.uses_internal_dice_input()) + || (!dpe.support.retain_parent_context() && self.retains_parent()) { return Err(DpeErrorCode::ArgumentNotSupported); } @@ -178,74 +185,107 @@ impl CommandExecution for DeriveChildCmd { let parent_idx = dpe.get_active_context_pos(&self.handle, locality)?; if (!dpe.contexts[parent_idx].allow_ca() && self.allows_ca()) || (!dpe.contexts[parent_idx].allow_x509() && self.allows_x509()) + || (self.is_recursive() && self.retains_parent()) { return Err(DpeErrorCode::InvalidArgument); } - let child_idx = dpe - .get_next_inactive_context_pos() - .ok_or(DpeErrorCode::MaxTcis)?; - let target_locality = if !self.changes_locality() { locality } else { self.target_locality }; - if !self.safe_to_make_child(dpe, parent_idx, target_locality)? { - return Err(DpeErrorCode::InvalidArgument); - } + if self.is_recursive() { + let mut tmp_context = dpe.contexts[parent_idx]; + if tmp_context.tci.tci_type != self.tci_type { + return Err(DpeErrorCode::InvalidArgument); + } + dpe.add_tci_measurement( + env, + &mut tmp_context, + &TciMeasurement(self.data), + target_locality, + )?; + + // Rotate the handle if it isn't the default context. + dpe.roll_onetime_use_handle(env, parent_idx)?; + + dpe.contexts[parent_idx] = Context { + handle: dpe.contexts[parent_idx].handle, + ..tmp_context + }; - let child_handle = if self.makes_default() { - ContextHandle::default() + // No child context created so handle is unmeaningful + Ok(Response::DeriveContext(DeriveContextResp { + handle: ContextHandle::default(), + parent_handle: dpe.contexts[parent_idx].handle, + resp_hdr: ResponseHdr::new(DpeErrorCode::NoError), + })) } else { - dpe.generate_new_handle(env)? - }; + let child_idx = dpe + .get_next_inactive_context_pos() + .ok_or(DpeErrorCode::MaxTcis)?; - // Create a temporary context to mutate so that we avoid mutating internal state upon an error. - let mut tmp_child_context = Context::new(); - tmp_child_context.activate(&ActiveContextArgs { - context_type: dpe.contexts[parent_idx].context_type, - locality: target_locality, - handle: &child_handle, - tci_type: self.tci_type, - parent_idx: parent_idx as u8, - allow_ca: self.allows_ca(), - allow_x509: self.allows_x509(), - }); - - dpe.add_tci_measurement( - env, - &mut tmp_child_context, - &TciMeasurement(self.data), - target_locality, - )?; - - tmp_child_context.uses_internal_input_info = self.uses_internal_info_input().into(); - tmp_child_context.uses_internal_input_dice = self.uses_internal_dice_input().into(); - - // Copy the parent context to mutate so that we avoid mutating internal state upon an error. - let mut tmp_parent_context = dpe.contexts[parent_idx]; - if !self.retains_parent() { - tmp_parent_context.state = ContextState::Retired; - tmp_parent_context.handle = ContextHandle([0xff; ContextHandle::SIZE]); - } else if !tmp_parent_context.handle.is_default() { - tmp_parent_context.handle = dpe.generate_new_handle(env)?; - } + if !self.safe_to_make_child(dpe, parent_idx, target_locality)? { + return Err(DpeErrorCode::InvalidArgument); + } - // Add child to the parent's list of children. - let children_with_child_idx = tmp_parent_context.add_child(child_idx)?; - tmp_parent_context.children = children_with_child_idx; + let child_handle = if self.makes_default() { + ContextHandle::default() + } else { + dpe.generate_new_handle(env)? + }; - // At this point we cannot error out anymore, so it is safe to set the updated child and parent contexts. - dpe.contexts[child_idx] = tmp_child_context; - dpe.contexts[parent_idx] = tmp_parent_context; + let allow_ca = self.allows_ca(); + let allow_x509 = self.allows_x509(); + let uses_internal_input_info = self.uses_internal_info_input(); + let uses_internal_input_dice = self.uses_internal_dice_input(); + + // Create a temporary context to mutate so that we avoid mutating internal state upon an error. + let mut tmp_child_context = Context::new(); + tmp_child_context.activate(&ActiveContextArgs { + context_type: dpe.contexts[parent_idx].context_type, + locality: target_locality, + handle: &child_handle, + tci_type: self.tci_type, + parent_idx: parent_idx as u8, + allow_ca, + allow_x509, + uses_internal_input_info, + uses_internal_input_dice, + }); + + dpe.add_tci_measurement( + env, + &mut tmp_child_context, + &TciMeasurement(self.data), + target_locality, + )?; + + // Copy the parent context to mutate so that we avoid mutating internal state upon an error. + let mut tmp_parent_context = dpe.contexts[parent_idx]; + if !self.retains_parent() { + tmp_parent_context.state = ContextState::Retired; + tmp_parent_context.handle = ContextHandle([0xff; ContextHandle::SIZE]); + } else if !tmp_parent_context.handle.is_default() { + tmp_parent_context.handle = dpe.generate_new_handle(env)?; + } - Ok(Response::DeriveChild(DeriveChildResp { - handle: child_handle, - parent_handle: dpe.contexts[parent_idx].handle, - resp_hdr: ResponseHdr::new(DpeErrorCode::NoError), - })) + // Add child to the parent's list of children. + let children_with_child_idx = tmp_parent_context.add_child(child_idx)?; + tmp_parent_context.children = children_with_child_idx; + + // At this point we cannot error out anymore, so it is safe to set the updated child and parent contexts. + dpe.contexts[child_idx] = tmp_child_context; + dpe.contexts[parent_idx] = tmp_parent_context; + + Ok(Response::DeriveContext(DeriveContextResp { + handle: child_handle, + parent_handle: dpe.contexts[parent_idx].handle, + resp_hdr: ResponseHdr::new(DpeErrorCode::NoError), + })) + } } } @@ -263,32 +303,93 @@ mod tests { support::Support, MAX_HANDLES, }; - use crypto::OpensslCrypto; + use crypto::{Crypto, Hasher, OpensslCrypto}; use openssl::x509::X509; use openssl::{bn::BigNum, ecdsa::EcdsaSig}; use platform::default::DefaultPlatform; use zerocopy::AsBytes; - const TEST_DERIVE_CHILD_CMD: DeriveChildCmd = DeriveChildCmd { + const TEST_DERIVE_CONTEXT_CMD: DeriveContextCmd = DeriveContextCmd { handle: SIMULATION_HANDLE, data: TEST_DIGEST, - flags: DeriveChildFlags(0x1234_5678), + flags: DeriveContextFlags(0x1234_5678), tci_type: 0x9876_5432, target_locality: 0x10CA_1171, }; #[test] - fn test_deserialize_derive_child() { - let mut command = CommandHdr::new_for_test(Command::DERIVE_CHILD) + fn test_deserialize_derive_context() { + let mut command = CommandHdr::new_for_test(Command::DERIVE_CONTEXT) .as_bytes() .to_vec(); - command.extend(TEST_DERIVE_CHILD_CMD.as_bytes()); + command.extend(TEST_DERIVE_CONTEXT_CMD.as_bytes()); assert_eq!( - Ok(Command::DeriveChild(TEST_DERIVE_CHILD_CMD)), + Ok(Command::DeriveContext(TEST_DERIVE_CONTEXT_CMD)), Command::deserialize(&command) ); } + #[test] + fn test_support() { + let mut env = DpeEnv:: { + crypto: OpensslCrypto::new(), + platform: DefaultPlatform, + }; + let mut dpe = DpeInstance::new( + &mut env, + Support::AUTO_INIT | Support::INTERNAL_INFO | Support::RETAIN_PARENT_CONTEXT, + ) + .unwrap(); + + assert_eq!( + Err(DpeErrorCode::ArgumentNotSupported), + DeriveContextCmd { + handle: ContextHandle::default(), + data: [0; DPE_PROFILE.get_tci_size()], + flags: DeriveContextFlags::INTERNAL_INPUT_DICE, + tci_type: 0, + target_locality: 0 + } + .execute(&mut dpe, &mut env, TEST_LOCALITIES[0]) + ); + + dpe = DpeInstance::new( + &mut env, + Support::AUTO_INIT | Support::INTERNAL_DICE | Support::RETAIN_PARENT_CONTEXT, + ) + .unwrap(); + + assert_eq!( + Err(DpeErrorCode::ArgumentNotSupported), + DeriveContextCmd { + handle: ContextHandle::default(), + data: [0; DPE_PROFILE.get_tci_size()], + flags: DeriveContextFlags::INTERNAL_INPUT_INFO, + tci_type: 0, + target_locality: 0 + } + .execute(&mut dpe, &mut env, TEST_LOCALITIES[0]) + ); + + let mut dpe = DpeInstance::new( + &mut env, + Support::AUTO_INIT | Support::INTERNAL_INFO | Support::INTERNAL_DICE, + ) + .unwrap(); + + assert_eq!( + Err(DpeErrorCode::ArgumentNotSupported), + DeriveContextCmd { + handle: ContextHandle::default(), + data: [0; DPE_PROFILE.get_tci_size()], + flags: DeriveContextFlags::RETAIN_PARENT_CONTEXT, + tci_type: 0, + target_locality: 0 + } + .execute(&mut dpe, &mut env, TEST_LOCALITIES[0]) + ); + } + #[test] fn test_initial_conditions() { let mut env = DpeEnv:: { @@ -304,10 +405,10 @@ mod tests { // Make sure it can detect wrong locality. assert_eq!( Err(DpeErrorCode::InvalidLocality), - DeriveChildCmd { + DeriveContextCmd { handle: ContextHandle::default(), data: [0; DPE_PROFILE.get_tci_size()], - flags: DeriveChildFlags::empty(), + flags: DeriveContextFlags::empty(), tci_type: 0, target_locality: 0 } @@ -325,10 +426,10 @@ mod tests { // Fill all contexts with children (minus the auto-init context). for _ in 0..MAX_HANDLES - 1 { - DeriveChildCmd { + DeriveContextCmd { handle: ContextHandle::default(), data: [0; DPE_PROFILE.get_tci_size()], - flags: DeriveChildFlags::MAKE_DEFAULT, + flags: DeriveContextFlags::MAKE_DEFAULT, tci_type: 0, target_locality: 0, } @@ -339,10 +440,10 @@ mod tests { // Try to create one too many. assert_eq!( Err(DpeErrorCode::MaxTcis), - DeriveChildCmd { + DeriveContextCmd { handle: ContextHandle::default(), data: [0; DPE_PROFILE.get_tci_size()], - flags: DeriveChildFlags::empty(), + flags: DeriveContextFlags::empty(), tci_type: 0, target_locality: 0 } @@ -361,10 +462,10 @@ mod tests { let parent_idx = dpe .get_active_context_pos(&ContextHandle::default(), TEST_LOCALITIES[0]) .unwrap(); - DeriveChildCmd { + DeriveContextCmd { handle: ContextHandle::default(), data: [0; DPE_PROFILE.get_tci_size()], - flags: DeriveChildFlags::MAKE_DEFAULT | DeriveChildFlags::CHANGE_LOCALITY, + flags: DeriveContextFlags::MAKE_DEFAULT | DeriveContextFlags::CHANGE_LOCALITY, tci_type: 7, target_locality: TEST_LOCALITIES[1], } @@ -392,10 +493,10 @@ mod tests { }; let mut dpe = DpeInstance::new(&mut env, Support::AUTO_INIT).unwrap(); - DeriveChildCmd { + DeriveContextCmd { handle: ContextHandle::default(), data: [0; DPE_PROFILE.get_tci_size()], - flags: DeriveChildFlags::MAKE_DEFAULT | DeriveChildFlags::CHANGE_LOCALITY, + flags: DeriveContextFlags::MAKE_DEFAULT | DeriveContextFlags::CHANGE_LOCALITY, tci_type: 7, target_locality: TEST_LOCALITIES[1], } @@ -421,15 +522,15 @@ mod tests { // Make sure child handle is default when creating default child. assert_eq!( - Ok(Response::DeriveChild(DeriveChildResp { + Ok(Response::DeriveContext(DeriveContextResp { handle: ContextHandle::default(), parent_handle: ContextHandle([0xff; ContextHandle::SIZE]), resp_hdr: ResponseHdr::new(DpeErrorCode::NoError), })), - DeriveChildCmd { + DeriveContextCmd { handle: ContextHandle::default(), data: [0; DPE_PROFILE.get_tci_size()], - flags: DeriveChildFlags::MAKE_DEFAULT, + flags: DeriveContextFlags::MAKE_DEFAULT, tci_type: 0, target_locality: 0, } @@ -438,15 +539,15 @@ mod tests { // Make sure child has a random handle when not creating default. assert_eq!( - Ok(Response::DeriveChild(DeriveChildResp { + Ok(Response::DeriveContext(DeriveContextResp { handle: RANDOM_HANDLE, parent_handle: ContextHandle([0xff; ContextHandle::SIZE]), resp_hdr: ResponseHdr::new(DpeErrorCode::NoError), })), - DeriveChildCmd { + DeriveContextCmd { handle: ContextHandle::default(), data: [0; DPE_PROFILE.get_tci_size()], - flags: DeriveChildFlags::empty(), + flags: DeriveContextFlags::empty(), tci_type: 0, target_locality: 0, } @@ -462,7 +563,11 @@ mod tests { }; let mut dpe = DpeInstance::new( &mut env, - Support::INTERNAL_INFO | Support::X509 | Support::AUTO_INIT | Support::ROTATE_CONTEXT, + Support::INTERNAL_INFO + | Support::X509 + | Support::AUTO_INIT + | Support::ROTATE_CONTEXT + | Support::RETAIN_PARENT_CONTEXT, ) .unwrap(); @@ -477,16 +582,16 @@ mod tests { Err(e) => Err(e).unwrap(), }; - let parent_handle = match (DeriveChildCmd { + let parent_handle = match (DeriveContextCmd { handle, data: [0; DPE_PROFILE.get_tci_size()], - flags: DeriveChildFlags::RETAIN_PARENT, + flags: DeriveContextFlags::RETAIN_PARENT_CONTEXT, tci_type: 0, target_locality: 0, }) .execute(&mut dpe, &mut env, TEST_LOCALITIES[0]) { - Ok(Response::DeriveChild(resp)) => resp.parent_handle, + Ok(Response::DeriveContext(resp)) => resp.parent_handle, Ok(_) => panic!("Invalid response type"), Err(e) => Err(e).unwrap(), }; @@ -511,16 +616,17 @@ mod tests { Err(e) => Err(e).unwrap(), }; - let parent_handle = match (DeriveChildCmd { + let parent_handle = match (DeriveContextCmd { handle: new_context_handle, data: [0; DPE_PROFILE.get_tci_size()], - flags: DeriveChildFlags::RETAIN_PARENT | DeriveChildFlags::INTERNAL_INPUT_INFO, + flags: DeriveContextFlags::RETAIN_PARENT_CONTEXT + | DeriveContextFlags::INTERNAL_INPUT_INFO, tci_type: 0, target_locality: 0, }) .execute(&mut dpe, &mut env, 0) { - Ok(Response::DeriveChild(resp)) => resp.parent_handle, + Ok(Response::DeriveContext(resp)) => resp.parent_handle, Ok(_) => panic!("Invalid response type"), Err(e) => Err(e).unwrap(), }; @@ -551,19 +657,23 @@ mod tests { crypto: OpensslCrypto::new(), platform: DefaultPlatform, }; - let mut dpe = DpeInstance::new(&mut env, Support::AUTO_INIT).unwrap(); + let mut dpe = DpeInstance::new( + &mut env, + Support::AUTO_INIT | Support::RETAIN_PARENT_CONTEXT, + ) + .unwrap(); // Make sure the parent handle is non-sense when not retaining. assert_eq!( - Ok(Response::DeriveChild(DeriveChildResp { + Ok(Response::DeriveContext(DeriveContextResp { handle: ContextHandle::default(), parent_handle: ContextHandle([0xff; ContextHandle::SIZE]), resp_hdr: ResponseHdr::new(DpeErrorCode::NoError), })), - DeriveChildCmd { + DeriveContextCmd { handle: ContextHandle::default(), data: [0; DPE_PROFILE.get_tci_size()], - flags: DeriveChildFlags::MAKE_DEFAULT, + flags: DeriveContextFlags::MAKE_DEFAULT, tci_type: 0, target_locality: 0, } @@ -572,17 +682,17 @@ mod tests { // Make sure the default parent handle stays the default handle when retained. assert_eq!( - Ok(Response::DeriveChild(DeriveChildResp { + Ok(Response::DeriveContext(DeriveContextResp { handle: ContextHandle::default(), parent_handle: ContextHandle::default(), resp_hdr: ResponseHdr::new(DpeErrorCode::NoError), })), - DeriveChildCmd { + DeriveContextCmd { handle: ContextHandle::default(), data: [0; DPE_PROFILE.get_tci_size()], - flags: DeriveChildFlags::RETAIN_PARENT - | DeriveChildFlags::MAKE_DEFAULT - | DeriveChildFlags::CHANGE_LOCALITY, + flags: DeriveContextFlags::RETAIN_PARENT_CONTEXT + | DeriveContextFlags::MAKE_DEFAULT + | DeriveContextFlags::CHANGE_LOCALITY, tci_type: 0, target_locality: TEST_LOCALITIES[1], } @@ -598,14 +708,14 @@ mod tests { dpe.contexts[old_default_idx].handle = ContextHandle([0x1; ContextHandle::SIZE]); // Make sure neither the parent nor the child handles are default. - let Response::DeriveChild(DeriveChildResp { + let Response::DeriveContext(DeriveContextResp { handle, parent_handle, resp_hdr, - }) = DeriveChildCmd { + }) = DeriveContextCmd { handle: dpe.contexts[old_default_idx].handle, data: [0; DPE_PROFILE.get_tci_size()], - flags: DeriveChildFlags::RETAIN_PARENT, + flags: DeriveContextFlags::RETAIN_PARENT_CONTEXT, tci_type: 0, target_locality: 0, } @@ -622,10 +732,10 @@ mod tests { #[test] fn test_safe_to_make_default() { - let mut make_default_in_0 = DeriveChildCmd { + let mut make_default_in_0 = DeriveContextCmd { handle: ContextHandle::default(), data: TciMeasurement::default().0, - flags: DeriveChildFlags::MAKE_DEFAULT, + flags: DeriveContextFlags::MAKE_DEFAULT, tci_type: 0, target_locality: 0, }; @@ -649,7 +759,7 @@ mod tests { // This should never be possible, but there no contexts but somehow the is a default context assert!(!make_default_in_0.safe_to_make_default(parent_idx, Some(parent_idx), 0)); - make_default_in_0.flags |= DeriveChildFlags::RETAIN_PARENT; + make_default_in_0.flags |= DeriveContextFlags::RETAIN_PARENT_CONTEXT; // Retain parent and make default in another locality that doesn't have a default. assert!(make_default_in_0.safe_to_make_default(parent_idx, None, 0)); @@ -661,10 +771,10 @@ mod tests { #[test] fn test_safe_to_make_non_default() { - let non_default = DeriveChildCmd { + let non_default = DeriveContextCmd { handle: ContextHandle::default(), data: TciMeasurement::default().0, - flags: DeriveChildFlags(0), + flags: DeriveContextFlags(0), tci_type: 0, target_locality: 0, }; @@ -683,13 +793,17 @@ mod tests { crypto: OpensslCrypto::new(), platform: DefaultPlatform, }; - let mut dpe = DpeInstance::new(&mut env, Support::AUTO_INIT).unwrap(); + let mut dpe = DpeInstance::new( + &mut env, + Support::AUTO_INIT | Support::RETAIN_PARENT_CONTEXT, + ) + .unwrap(); assert_eq!( - DeriveChildCmd { + DeriveContextCmd { handle: ContextHandle::default(), data: TciMeasurement::default().0, - flags: DeriveChildFlags::RETAIN_PARENT, + flags: DeriveContextFlags::RETAIN_PARENT_CONTEXT, tci_type: 0, target_locality: 0, } @@ -704,14 +818,18 @@ mod tests { crypto: OpensslCrypto::new(), platform: DefaultPlatform, }; - let mut dpe = DpeInstance::new(&mut env, Support::AUTO_INIT).unwrap(); + let mut dpe = DpeInstance::new( + &mut env, + Support::AUTO_INIT | Support::RETAIN_PARENT_CONTEXT, + ) + .unwrap(); - DeriveChildCmd { + DeriveContextCmd { handle: ContextHandle::default(), data: [0; DPE_PROFILE.get_tci_size()], - flags: DeriveChildFlags::RETAIN_PARENT - | DeriveChildFlags::MAKE_DEFAULT - | DeriveChildFlags::CHANGE_LOCALITY, + flags: DeriveContextFlags::RETAIN_PARENT_CONTEXT + | DeriveContextFlags::MAKE_DEFAULT + | DeriveContextFlags::CHANGE_LOCALITY, tci_type: 7, target_locality: TEST_LOCALITIES[1], } @@ -719,10 +837,11 @@ mod tests { .unwrap(); assert_eq!( - DeriveChildCmd { + DeriveContextCmd { handle: ContextHandle::default(), data: [0; DPE_PROFILE.get_tci_size()], - flags: DeriveChildFlags::RETAIN_PARENT | DeriveChildFlags::CHANGE_LOCALITY, + flags: DeriveContextFlags::RETAIN_PARENT_CONTEXT + | DeriveContextFlags::CHANGE_LOCALITY, tci_type: 7, target_locality: TEST_LOCALITIES[1], } @@ -730,4 +849,74 @@ mod tests { Err(DpeErrorCode::InvalidArgument) ); } + + #[test] + fn test_recursive() { + let mut env = DpeEnv:: { + crypto: OpensslCrypto::new(), + platform: DefaultPlatform, + }; + let mut dpe = DpeInstance::new( + &mut env, + Support::AUTO_INIT + | Support::RECURSIVE + | Support::INTERNAL_DICE + | Support::INTERNAL_INFO, + ) + .unwrap(); + + assert_eq!( + Ok(Response::DeriveContext(DeriveContextResp { + handle: ContextHandle::default(), + parent_handle: ContextHandle::default(), + resp_hdr: ResponseHdr::new(DpeErrorCode::NoError), + })), + DeriveContextCmd { + handle: ContextHandle::default(), + data: [1; DPE_PROFILE.get_tci_size()], + flags: DeriveContextFlags::MAKE_DEFAULT + | DeriveContextFlags::RECURSIVE + | DeriveContextFlags::INTERNAL_INPUT_INFO + | DeriveContextFlags::INTERNAL_INPUT_DICE, + tci_type: 0, + target_locality: 0, + } + .execute(&mut dpe, &mut env, TEST_LOCALITIES[0]) + ); + + DeriveContextCmd { + handle: ContextHandle::default(), + data: [2; DPE_PROFILE.get_tci_size()], + flags: DeriveContextFlags::MAKE_DEFAULT + | DeriveContextFlags::RECURSIVE + | DeriveContextFlags::INTERNAL_INPUT_INFO + | DeriveContextFlags::INTERNAL_INPUT_DICE, + tci_type: 0, + target_locality: 0, + } + .execute(&mut dpe, &mut env, TEST_LOCALITIES[0]) + .unwrap(); + + let child_idx = dpe + .get_active_context_pos(&ContextHandle::default(), 0) + .unwrap(); + // ensure flags are unchanged + assert!(dpe.contexts[child_idx].allow_ca()); + assert!(dpe.contexts[child_idx].allow_x509()); + assert!(!dpe.contexts[child_idx].uses_internal_input_info()); + assert!(!dpe.contexts[child_idx].uses_internal_input_dice()); + + // check tci_cumulative correctly computed + let mut hasher = env.crypto.hash_initialize(DPE_PROFILE.alg_len()).unwrap(); + hasher.update(&[0u8; DPE_PROFILE.get_hash_size()]).unwrap(); + hasher.update(&[1u8; DPE_PROFILE.get_hash_size()]).unwrap(); + let temp_digest = hasher.finish().unwrap(); + let mut hasher_2 = env.crypto.hash_initialize(DPE_PROFILE.alg_len()).unwrap(); + hasher_2.update(temp_digest.bytes()).unwrap(); + hasher_2 + .update(&[2u8; DPE_PROFILE.get_hash_size()]) + .unwrap(); + let digest = hasher_2.finish().unwrap(); + assert_eq!(digest.bytes(), dpe.contexts[child_idx].tci.tci_cumulative.0); + } } diff --git a/dpe/src/commands/destroy_context.rs b/dpe/src/commands/destroy_context.rs index f9865fdc..00015f1c 100644 --- a/dpe/src/commands/destroy_context.rs +++ b/dpe/src/commands/destroy_context.rs @@ -71,7 +71,7 @@ impl CommandExecution for DestroyCtxCmd { mod tests { use super::*; use crate::{ - commands::{Command, CommandHdr, DeriveChildCmd, DeriveChildFlags, InitCtxCmd}, + commands::{Command, CommandHdr, DeriveContextCmd, DeriveContextFlags, InitCtxCmd}, context::{Context, ContextState}, dpe_instance::tests::{TestTypes, SIMULATION_HANDLE, TEST_HANDLE, TEST_LOCALITIES}, support::{test::SUPPORT, Support}, @@ -262,46 +262,46 @@ mod tests { let mut dpe = DpeInstance::new(&mut env, SUPPORT).unwrap(); // create new context while preserving auto-initialized context - let handle_1 = match (DeriveChildCmd { + let handle_1 = match (DeriveContextCmd { handle: ContextHandle::default(), data: [0u8; DPE_PROFILE.get_tci_size()], - flags: DeriveChildFlags::RETAIN_PARENT | DeriveChildFlags::CHANGE_LOCALITY, + flags: DeriveContextFlags::RETAIN_PARENT_CONTEXT | DeriveContextFlags::CHANGE_LOCALITY, tci_type: 0, target_locality: TEST_LOCALITIES[1], }) .execute(&mut dpe, &mut env, TEST_LOCALITIES[0]) { - Ok(Response::DeriveChild(resp)) => resp.handle, + Ok(Response::DeriveContext(resp)) => resp.handle, Ok(_) => panic!("Invalid response type"), Err(e) => Err(e).unwrap(), }; // retire context with handle 1 and create new context - let handle_2 = match (DeriveChildCmd { + let handle_2 = match (DeriveContextCmd { handle: handle_1, data: [0u8; DPE_PROFILE.get_tci_size()], - flags: DeriveChildFlags::empty(), + flags: DeriveContextFlags::empty(), tci_type: 0, target_locality: TEST_LOCALITIES[1], }) .execute(&mut dpe, &mut env, TEST_LOCALITIES[1]) { - Ok(Response::DeriveChild(resp)) => resp.handle, + Ok(Response::DeriveContext(resp)) => resp.handle, Ok(_) => panic!("Invalid response type"), Err(e) => Err(e).unwrap(), }; // retire context with handle 2 and create new context - let handle_3 = match (DeriveChildCmd { + let handle_3 = match (DeriveContextCmd { handle: handle_2, data: [0u8; DPE_PROFILE.get_tci_size()], - flags: DeriveChildFlags::empty(), + flags: DeriveContextFlags::empty(), tci_type: 0, target_locality: TEST_LOCALITIES[1], }) .execute(&mut dpe, &mut env, TEST_LOCALITIES[1]) { - Ok(Response::DeriveChild(resp)) => resp.handle, + Ok(Response::DeriveContext(resp)) => resp.handle, Ok(_) => panic!("Invalid response type"), Err(e) => Err(e).unwrap(), }; @@ -330,46 +330,46 @@ mod tests { let mut dpe = DpeInstance::new(&mut env, SUPPORT).unwrap(); // create new context while preserving auto-initialized context - let parent_handle = match (DeriveChildCmd { + let parent_handle = match (DeriveContextCmd { handle: ContextHandle::default(), data: [0u8; DPE_PROFILE.get_tci_size()], - flags: DeriveChildFlags::RETAIN_PARENT | DeriveChildFlags::CHANGE_LOCALITY, + flags: DeriveContextFlags::RETAIN_PARENT_CONTEXT | DeriveContextFlags::CHANGE_LOCALITY, tci_type: 0, target_locality: TEST_LOCALITIES[1], }) .execute(&mut dpe, &mut env, TEST_LOCALITIES[0]) { - Ok(Response::DeriveChild(resp)) => resp.handle, + Ok(Response::DeriveContext(resp)) => resp.handle, Ok(_) => panic!("Invalid response type"), Err(e) => Err(e).unwrap(), }; // derive one child from the parent - let parent_handle = match (DeriveChildCmd { + let parent_handle = match (DeriveContextCmd { handle: parent_handle, data: [0u8; DPE_PROFILE.get_tci_size()], - flags: DeriveChildFlags::RETAIN_PARENT, + flags: DeriveContextFlags::RETAIN_PARENT_CONTEXT, tci_type: 0, target_locality: TEST_LOCALITIES[1], }) .execute(&mut dpe, &mut env, TEST_LOCALITIES[1]) { - Ok(Response::DeriveChild(resp)) => resp.parent_handle, + Ok(Response::DeriveContext(resp)) => resp.parent_handle, Ok(_) => panic!("Invalid response type"), Err(e) => Err(e).unwrap(), }; // derive another child while retiring the parent handle - let handle_b = match (DeriveChildCmd { + let handle_b = match (DeriveContextCmd { handle: parent_handle, data: [0u8; DPE_PROFILE.get_tci_size()], - flags: DeriveChildFlags::empty(), + flags: DeriveContextFlags::empty(), tci_type: 0, target_locality: TEST_LOCALITIES[1], }) .execute(&mut dpe, &mut env, TEST_LOCALITIES[1]) { - Ok(Response::DeriveChild(resp)) => resp.handle, + Ok(Response::DeriveContext(resp)) => resp.handle, Ok(_) => panic!("Invalid response type"), Err(e) => Err(e).unwrap(), }; diff --git a/dpe/src/commands/extend_tci.rs b/dpe/src/commands/extend_tci.rs deleted file mode 100644 index bde5072e..00000000 --- a/dpe/src/commands/extend_tci.rs +++ /dev/null @@ -1,168 +0,0 @@ -// Licensed under the Apache-2.0 license. -use super::CommandExecution; -use crate::{ - context::{Context, ContextHandle}, - dpe_instance::{DpeEnv, DpeInstance, DpeTypes}, - response::{DpeErrorCode, NewHandleResp, Response, ResponseHdr}, - tci::TciMeasurement, - DPE_PROFILE, -}; - -#[repr(C)] -#[derive(Debug, PartialEq, Eq, zerocopy::FromBytes, zerocopy::AsBytes)] -pub struct ExtendTciCmd { - handle: ContextHandle, - data: [u8; DPE_PROFILE.get_hash_size()], -} - -impl CommandExecution for ExtendTciCmd { - fn execute( - &self, - dpe: &mut DpeInstance, - env: &mut DpeEnv, - locality: u32, - ) -> Result { - // Make sure this command is supported. - if !dpe.support.extend_tci() { - return Err(DpeErrorCode::InvalidCommand); - } - - let idx = dpe.get_active_context_pos(&self.handle, locality)?; - - let mut tmp_context = dpe.contexts[idx]; - dpe.add_tci_measurement(env, &mut tmp_context, &TciMeasurement(self.data), locality)?; - - // Rotate the handle if it isn't the default context. - dpe.roll_onetime_use_handle(env, idx)?; - - dpe.contexts[idx] = Context { - handle: dpe.contexts[idx].handle, - ..tmp_context - }; - - Ok(Response::ExtendTci(NewHandleResp { - handle: dpe.contexts[idx].handle, - resp_hdr: ResponseHdr::new(DpeErrorCode::NoError), - })) - } -} - -#[cfg(test)] -mod tests { - use super::*; - use crate::{ - commands::{tests::TEST_DIGEST, Command, CommandHdr, InitCtxCmd}, - dpe_instance::tests::{TestTypes, RANDOM_HANDLE, SIMULATION_HANDLE, TEST_LOCALITIES}, - support::Support, - }; - use crypto::OpensslCrypto; - use platform::default::{DefaultPlatform, AUTO_INIT_LOCALITY}; - use zerocopy::AsBytes; - - const TEST_EXTEND_TCI_CMD: ExtendTciCmd = ExtendTciCmd { - handle: SIMULATION_HANDLE, - data: TEST_DIGEST, - }; - - #[test] - fn test_deserialize_extend_tci() { - let mut command = CommandHdr::new_for_test(Command::EXTEND_TCI) - .as_bytes() - .to_vec(); - command.extend(TEST_EXTEND_TCI_CMD.as_bytes()); - assert_eq!( - Ok(Command::ExtendTci(TEST_EXTEND_TCI_CMD)), - Command::deserialize(&command) - ); - } - - #[test] - fn test_extend_tci() { - let mut env = DpeEnv:: { - crypto: OpensslCrypto::new(), - platform: DefaultPlatform, - }; - let mut dpe = DpeInstance::new(&mut env, Support::default()).unwrap(); - // Make sure it returns an error if the command is marked unsupported. - assert_eq!( - Err(DpeErrorCode::InvalidCommand), - ExtendTciCmd { - handle: ContextHandle::default(), - data: [0; DPE_PROFILE.get_hash_size()], - } - .execute(&mut dpe, &mut env, TEST_LOCALITIES[0]) - ); - - // Turn on support. - dpe.support = dpe.support | Support::EXTEND_TCI; - InitCtxCmd::new_use_default() - .execute(&mut dpe, &mut env, TEST_LOCALITIES[0]) - .unwrap(); - - // Wrong locality. - assert_eq!( - Err(DpeErrorCode::InvalidLocality), - ExtendTciCmd { - handle: ContextHandle::default(), - data: [0; DPE_PROFILE.get_hash_size()], - } - .execute(&mut dpe, &mut env, TEST_LOCALITIES[1]) - ); - - let locality = AUTO_INIT_LOCALITY; - let default_handle = ContextHandle::default(); - let handle = dpe.contexts[dpe - .get_active_context_pos(&default_handle, locality) - .unwrap()] - .handle; - let data = [1; DPE_PROFILE.get_hash_size()]; - ExtendTciCmd { - handle: ContextHandle::default(), - data, - } - .execute(&mut dpe, &mut env, TEST_LOCALITIES[0]) - .unwrap(); - - // Make sure extending the default TCI doesn't change the handle. - let default_context = &dpe.contexts[dpe - .get_active_context_pos(&default_handle, locality) - .unwrap()]; - assert_eq!(handle, default_context.handle); - // Make sure the current TCI was updated correctly. - assert_eq!(data, default_context.tci.tci_current.0); - // Make sure cached private key is invalidated - - let sim_local = TEST_LOCALITIES[1]; - dpe.support = dpe.support | Support::SIMULATION; - InitCtxCmd::new_simulation() - .execute(&mut dpe, &mut env, sim_local) - .unwrap(); - - // Give the simulation context another handle so we can prove the handle rotates when it - // gets extended. - let simulation_ctx = &mut dpe.contexts[dpe - .get_active_context_pos(&RANDOM_HANDLE, sim_local) - .unwrap()]; - let sim_tmp_handle = ContextHandle([0xff; ContextHandle::SIZE]); - simulation_ctx.handle = sim_tmp_handle; - assert!(dpe - .get_active_context_pos(&RANDOM_HANDLE, sim_local) - .is_err()); - - match (ExtendTciCmd { - handle: sim_tmp_handle, - data, - } - .execute(&mut dpe, &mut env, TEST_LOCALITIES[1])) - { - Ok(Response::ExtendTci(NewHandleResp { handle, .. })) => { - // Make sure it rotated back to the deterministic simulation handle. - assert!(dpe - .get_active_context_pos(&sim_tmp_handle, sim_local) - .is_err()); - assert!(dpe.get_active_context_pos(&handle, sim_local).is_ok()); - } - _ => panic!("Extend TCI failed"), - } - } -} diff --git a/dpe/src/commands/initialize_context.rs b/dpe/src/commands/initialize_context.rs index 6f5fbc6b..60e2c410 100644 --- a/dpe/src/commands/initialize_context.rs +++ b/dpe/src/commands/initialize_context.rs @@ -76,6 +76,8 @@ impl CommandExecution for InitCtxCmd { parent_idx: Context::ROOT_INDEX, allow_ca: true, allow_x509: true, + uses_internal_input_info: false, + uses_internal_input_dice: false, }); Ok(Response::InitCtx(NewHandleResp { handle, diff --git a/dpe/src/commands/mod.rs b/dpe/src/commands/mod.rs index b7732067..cb417807 100644 --- a/dpe/src/commands/mod.rs +++ b/dpe/src/commands/mod.rs @@ -4,14 +4,13 @@ Licensed under the Apache-2.0 license. Abstract: DPE Commands and deserialization. --*/ -pub use self::derive_child::{DeriveChildCmd, DeriveChildFlags}; +pub use self::derive_context::{DeriveContextCmd, DeriveContextFlags}; pub use self::destroy_context::DestroyCtxCmd; pub use self::get_certificate_chain::GetCertificateChainCmd; pub use self::initialize_context::InitCtxCmd; pub use self::certify_key::{CertifyKeyCmd, CertifyKeyFlags}; -use self::extend_tci::ExtendTciCmd; pub use self::rotate_context::{RotateCtxCmd, RotateCtxFlags}; pub use self::sign::{SignCmd, SignFlags}; @@ -24,9 +23,8 @@ use core::mem::size_of; use zerocopy::FromBytes; mod certify_key; -mod derive_child; +mod derive_context; mod destroy_context; -mod extend_tci; mod get_certificate_chain; mod initialize_context; mod rotate_context; @@ -36,25 +34,23 @@ mod sign; pub enum Command { GetProfile, InitCtx(InitCtxCmd), - DeriveChild(DeriveChildCmd), + DeriveContext(DeriveContextCmd), CertifyKey(CertifyKeyCmd), Sign(SignCmd), RotateCtx(RotateCtxCmd), DestroyCtx(DestroyCtxCmd), - ExtendTci(ExtendTciCmd), GetCertificateChain(GetCertificateChainCmd), } impl Command { pub const GET_PROFILE: u32 = 0x01; pub const INITIALIZE_CONTEXT: u32 = 0x07; - pub const DERIVE_CHILD: u32 = 0x08; + pub const DERIVE_CONTEXT: u32 = 0x08; pub const CERTIFY_KEY: u32 = 0x09; pub const SIGN: u32 = 0x0A; pub const ROTATE_CONTEXT_HANDLE: u32 = 0x0e; pub const DESTROY_CONTEXT: u32 = 0x0f; - pub const GET_CERTIFICATE_CHAIN: u32 = 0x80; - pub const EXTEND_TCI: u32 = 0x81; + pub const GET_CERTIFICATE_CHAIN: u32 = 0x10; /// Returns the command with its parameters given a slice of bytes. /// @@ -68,7 +64,7 @@ impl Command { match header.cmd_id { Command::GET_PROFILE => Ok(Command::GetProfile), Command::INITIALIZE_CONTEXT => Self::parse_command(Command::InitCtx, bytes), - Command::DERIVE_CHILD => Self::parse_command(Command::DeriveChild, bytes), + Command::DERIVE_CONTEXT => Self::parse_command(Command::DeriveContext, bytes), Command::CERTIFY_KEY => Self::parse_command(Command::CertifyKey, bytes), Command::SIGN => Self::parse_command(Command::Sign, bytes), Command::ROTATE_CONTEXT_HANDLE => Self::parse_command(Command::RotateCtx, bytes), @@ -76,7 +72,6 @@ impl Command { Command::GET_CERTIFICATE_CHAIN => { Self::parse_command(Command::GetCertificateChain, bytes) } - Command::EXTEND_TCI => Self::parse_command(Command::ExtendTci, bytes), _ => Err(DpeErrorCode::InvalidCommand), } } @@ -96,12 +91,11 @@ impl From for u32 { match cmd { Command::GetProfile => Command::GET_PROFILE, Command::InitCtx(_) => Command::INITIALIZE_CONTEXT, - Command::DeriveChild(_) => Command::DERIVE_CHILD, + Command::DeriveContext(_) => Command::DERIVE_CONTEXT, Command::CertifyKey(_) => Command::CERTIFY_KEY, Command::Sign(_) => Command::SIGN, Command::RotateCtx(_) => Command::ROTATE_CONTEXT_HANDLE, Command::DestroyCtx(_) => Command::DESTROY_CONTEXT, - Command::ExtendTci(_) => Command::EXTEND_TCI, Command::GetCertificateChain(_) => Command::GET_CERTIFICATE_CHAIN, } } diff --git a/dpe/src/commands/sign.rs b/dpe/src/commands/sign.rs index 8b955821..c3f5dfb4 100644 --- a/dpe/src/commands/sign.rs +++ b/dpe/src/commands/sign.rs @@ -133,9 +133,9 @@ mod tests { commands::{ certify_key::CertifyKeyCmd, certify_key::CertifyKeyFlags, - derive_child::DeriveChildFlags, + derive_context::DeriveContextFlags, tests::{TEST_DIGEST, TEST_LABEL}, - Command, CommandHdr, DeriveChildCmd, InitCtxCmd, + Command, CommandHdr, DeriveContextCmd, InitCtxCmd, }, dpe_instance::tests::{TestTypes, RANDOM_HANDLE, SIMULATION_HANDLE, TEST_LOCALITIES}, support::{test::SUPPORT, Support}, @@ -255,10 +255,10 @@ mod tests { let mut dpe = DpeInstance::new(&mut env, SUPPORT).unwrap(); for i in 0..3 { - DeriveChildCmd { + DeriveContextCmd { handle: ContextHandle::default(), data: [i; DPE_PROFILE.get_hash_size()], - flags: DeriveChildFlags::MAKE_DEFAULT | DeriveChildFlags::INPUT_ALLOW_X509, + flags: DeriveContextFlags::MAKE_DEFAULT | DeriveContextFlags::INPUT_ALLOW_X509, tci_type: i as u32, target_locality: 0, } diff --git a/dpe/src/context.rs b/dpe/src/context.rs index 3d5e7a9a..f61b61f9 100644 --- a/dpe/src/context.rs +++ b/dpe/src/context.rs @@ -87,6 +87,8 @@ impl Context { self.locality = args.locality; self.allow_ca = args.allow_ca.into(); self.allow_x509 = args.allow_x509.into(); + self.uses_internal_input_info = args.uses_internal_input_info.into(); + self.uses_internal_input_dice = args.uses_internal_input_dice.into(); } /// Destroy this context so it can no longer be used until it is re-initialized. The default @@ -198,6 +200,8 @@ pub struct ActiveContextArgs<'a> { pub parent_idx: u8, pub allow_ca: bool, pub allow_x509: bool, + pub uses_internal_input_info: bool, + pub uses_internal_input_dice: bool, } pub(crate) struct ChildToRootIter<'a> { diff --git a/dpe/src/dpe_instance.rs b/dpe/src/dpe_instance.rs index 065f1068..cd889a08 100644 --- a/dpe/src/dpe_instance.rs +++ b/dpe/src/dpe_instance.rs @@ -137,12 +137,11 @@ impl DpeInstance { let resp = match command { Command::GetProfile => Ok(Response::GetProfile(self.get_profile(&mut env.platform)?)), Command::InitCtx(cmd) => cmd.execute(self, env, locality), - Command::DeriveChild(cmd) => cmd.execute(self, env, locality), + Command::DeriveContext(cmd) => cmd.execute(self, env, locality), Command::CertifyKey(cmd) => cmd.execute(self, env, locality), Command::Sign(cmd) => cmd.execute(self, env, locality), Command::RotateCtx(cmd) => cmd.execute(self, env, locality), Command::DestroyCtx(cmd) => cmd.execute(self, env, locality), - Command::ExtendTci(cmd) => cmd.execute(self, env, locality), Command::GetCertificateChain(cmd) => cmd.execute(self, env, locality), }; @@ -283,7 +282,7 @@ impl DpeInstance { } // TODO: The root node isn't a real node with measurements and - // shouldn't be in the cert. But we don't support DeriveChild yet, + // shouldn't be in the cert. But we don't support DeriveContext yet, // so this is the only node we can create to test cert creation. nodes[out_idx] = curr.tci; out_idx += 1; @@ -440,7 +439,7 @@ impl Iterator for FlagsIter { #[cfg(test)] pub mod tests { use super::*; - use crate::commands::{DeriveChildCmd, DeriveChildFlags}; + use crate::commands::{DeriveContextCmd, DeriveContextFlags}; use crate::response::NewHandleResp; use crate::support::test::SUPPORT; use crate::{commands::CommandHdr, CURRENT_PROFILE_MAJOR_VERSION}; @@ -668,10 +667,10 @@ pub mod tests { let mut last_cdi = vec![]; for i in 0..3 { - DeriveChildCmd { + DeriveContextCmd { handle: ContextHandle::default(), data: [i; DPE_PROFILE.get_hash_size()], - flags: DeriveChildFlags::MAKE_DEFAULT, + flags: DeriveContextFlags::MAKE_DEFAULT, tci_type: i as u32, target_locality: 0, } @@ -723,10 +722,10 @@ pub mod tests { let parent_context_idx = dpe .get_active_context_pos(&ContextHandle::default(), TEST_LOCALITIES[0]) .unwrap(); - DeriveChildCmd { + DeriveContextCmd { handle: ContextHandle::default(), data: [0; DPE_PROFILE.get_hash_size()], - flags: DeriveChildFlags::MAKE_DEFAULT | DeriveChildFlags::INTERNAL_INPUT_INFO, + flags: DeriveContextFlags::MAKE_DEFAULT | DeriveContextFlags::INTERNAL_INPUT_INFO, tci_type: 0u32, target_locality: 0, } @@ -779,10 +778,10 @@ pub mod tests { let parent_context_idx = dpe .get_active_context_pos(&ContextHandle::default(), TEST_LOCALITIES[0]) .unwrap(); - DeriveChildCmd { + DeriveContextCmd { handle: ContextHandle::default(), data: [0; DPE_PROFILE.get_hash_size()], - flags: DeriveChildFlags::MAKE_DEFAULT | DeriveChildFlags::INTERNAL_INPUT_DICE, + flags: DeriveContextFlags::MAKE_DEFAULT | DeriveContextFlags::INTERNAL_INPUT_DICE, tci_type: 0u32, target_locality: 0, } diff --git a/dpe/src/response.rs b/dpe/src/response.rs index c0d4daa8..d01927d2 100644 --- a/dpe/src/response.rs +++ b/dpe/src/response.rs @@ -17,12 +17,11 @@ use zerocopy::AsBytes; pub enum Response { GetProfile(GetProfileResp), InitCtx(NewHandleResp), - DeriveChild(DeriveChildResp), + DeriveContext(DeriveContextResp), RotateCtx(NewHandleResp), CertifyKey(CertifyKeyResp), Sign(SignResp), DestroyCtx(ResponseHdr), - ExtendTci(NewHandleResp), GetCertificateChain(GetCertificateChainResp), Error(ResponseHdr), } @@ -32,12 +31,11 @@ impl Response { match self { Response::GetProfile(res) => res.as_bytes(), Response::InitCtx(res) => res.as_bytes(), - Response::DeriveChild(res) => res.as_bytes(), + Response::DeriveContext(res) => res.as_bytes(), Response::RotateCtx(res) => res.as_bytes(), Response::CertifyKey(res) => res.as_bytes(), Response::Sign(res) => res.as_bytes(), Response::DestroyCtx(res) => res.as_bytes(), - Response::ExtendTci(res) => res.as_bytes(), Response::GetCertificateChain(res) => res.as_bytes(), Response::Error(res) => res.as_bytes(), } @@ -105,7 +103,7 @@ pub struct NewHandleResp { #[repr(C)] #[derive(Debug, PartialEq, Eq, zerocopy::AsBytes, zerocopy::FromBytes)] -pub struct DeriveChildResp { +pub struct DeriveContextResp { pub resp_hdr: ResponseHdr, pub handle: ContextHandle, pub parent_handle: ContextHandle, diff --git a/dpe/src/support.rs b/dpe/src/support.rs index 527aff11..36e615e2 100644 --- a/dpe/src/support.rs +++ b/dpe/src/support.rs @@ -10,7 +10,7 @@ pub struct Support(u32); bitflags! { impl Support: u32 { const SIMULATION = 1u32 << 31; - const EXTEND_TCI = 1u32 << 30; + const RECURSIVE = 1u32 << 30; const AUTO_INIT = 1u32 << 29; const ROTATE_CONTEXT = 1u32 << 27; const X509 = 1u32 << 26; @@ -19,6 +19,7 @@ bitflags! { const INTERNAL_INFO = 1u32 << 22; const INTERNAL_DICE = 1u32 << 21; const IS_CA = 1u32 << 20; + const RETAIN_PARENT_CONTEXT = 1u32 << 19; } } @@ -26,8 +27,8 @@ impl Support { pub fn simulation(&self) -> bool { self.contains(Support::SIMULATION) } - pub fn extend_tci(&self) -> bool { - self.contains(Support::EXTEND_TCI) + pub fn recursive(&self) -> bool { + self.contains(Support::RECURSIVE) } pub fn auto_init(&self) -> bool { self.contains(Support::AUTO_INIT) @@ -53,6 +54,9 @@ impl Support { pub fn is_ca(&self) -> bool { self.contains(Support::IS_CA) } + pub fn retain_parent_context(&self) -> bool { + self.contains(Support::RETAIN_PARENT_CONTEXT) + } pub fn preprocess_support(&self) -> Support { #[allow(unused_mut)] let mut support = Support::empty(); @@ -60,9 +64,9 @@ impl Support { { support.insert(Support::SIMULATION); } - #[cfg(feature = "disable_extend_tci")] + #[cfg(feature = "disable_recursive")] { - support.insert(Support::EXTEND_TCI); + support.insert(Support::RECURSIVE); } #[cfg(feature = "disable_auto_init")] { @@ -96,6 +100,10 @@ impl Support { { support.insert(Support::IS_CA); } + #[cfg(feature = "disable_retain_parent_context")] + { + support.insert(Support::RETAIN_PARENT_CONTEXT); + } self.difference(support) } } @@ -109,7 +117,8 @@ pub mod test { Support::SIMULATION, Support::AUTO_INIT, Support::ROTATE_CONTEXT, - Support::X509 + Support::X509, + Support::RETAIN_PARENT_CONTEXT ); #[test] @@ -117,8 +126,8 @@ pub mod test { // Supports simulation flag. let flags = Support::SIMULATION.bits(); assert_eq!(flags, 1 << 31); - // Supports extended TCI flag. - let flags = Support::EXTEND_TCI.bits(); + // Supports recursive flag. + let flags = Support::RECURSIVE.bits(); assert_eq!(flags, 1 << 30); // Supports auto-init. let flags = Support::AUTO_INIT.bits(); @@ -144,6 +153,8 @@ pub mod test { // Supports is ca. let flags = Support::IS_CA.bits(); assert_eq!(flags, 1 << 20); + let flags = Support::RETAIN_PARENT_CONTEXT.bits(); + assert_eq!(flags, 1 << 19); // Supports a couple combos. let flags = (Support::SIMULATION | Support::AUTO_INIT @@ -156,7 +167,7 @@ pub mod test { (1 << 31) | (1 << 29) | (1 << 27) | (1 << 25) | (1 << 21) ); let flags = - (Support::EXTEND_TCI | Support::X509 | Support::IS_SYMMETRIC | Support::INTERNAL_INFO) + (Support::RECURSIVE | Support::X509 | Support::IS_SYMMETRIC | Support::INTERNAL_INFO) .bits(); assert_eq!(flags, (1 << 30) | (1 << 26) | (1 << 24) | (1 << 22)); // Supports everything. @@ -173,6 +184,7 @@ pub mod test { | (1 << 22) | (1 << 21) | (1 << 20) + | (1 << 19) ); } } diff --git a/dpe/src/x509.rs b/dpe/src/x509.rs index 5305b83b..e05a7309 100644 --- a/dpe/src/x509.rs +++ b/dpe/src/x509.rs @@ -48,7 +48,7 @@ pub struct MeasurementData<'a> { pub label: &'a [u8], pub tci_nodes: &'a [TciNodeData], pub is_ca: bool, - pub supports_extend_tci: bool, + pub supports_recursive: bool, } pub struct CertWriter<'a> { @@ -330,11 +330,11 @@ impl CertWriter<'_> { /// extension fields. Only include the size of the structure itself. fn get_tcb_info_size( node: &TciNodeData, - supports_extend_tci: bool, + supports_recursive: bool, tagged: bool, ) -> Result { let fwid0_size = Self::get_fwid_size(&node.tci_current.0, /*tagged=*/ true)?; - let fwid1_size = if supports_extend_tci { + let fwid1_size = if supports_recursive { Self::get_fwid_size(&node.tci_cumulative.0, /*tagged=*/ true)? } else { 0 @@ -361,7 +361,7 @@ impl CertWriter<'_> { let tcb_infos_size = measurements.tci_nodes.len() * Self::get_tcb_info_size( &measurements.tci_nodes[0], - measurements.supports_extend_tci, + measurements.supports_recursive, /*tagged=*/ true, )?; @@ -1044,10 +1044,10 @@ impl CertWriter<'_> { fn encode_tcb_info( &mut self, node: &TciNodeData, - supports_extend_tci: bool, + supports_recursive: bool, ) -> Result { let tcb_info_size = - Self::get_tcb_info_size(node, supports_extend_tci, /*tagged=*/ false)?; + Self::get_tcb_info_size(node, supports_recursive, /*tagged=*/ false)?; // TcbInfo sequence let mut bytes_written = self.encode_byte(Self::SEQUENCE_TAG)?; bytes_written += self.encode_size_field(tcb_info_size)?; @@ -1056,7 +1056,7 @@ impl CertWriter<'_> { // IMPLICIT [6] Constructed let fwid_size = Self::get_fwid_size(&node.tci_current.0, /*tagged=*/ true)?; bytes_written += self.encode_byte(Self::CONTEXT_SPECIFIC | Self::CONSTRUCTED | 0x06)?; - if supports_extend_tci { + if supports_recursive { bytes_written += self.encode_size_field(fwid_size * 2)?; } else { bytes_written += self.encode_size_field(fwid_size)?; @@ -1066,8 +1066,8 @@ impl CertWriter<'_> { bytes_written += self.encode_fwid(&node.tci_current)?; // fwid[1] journey measurement - // Omit fwid[1] from tcb_info if DPE_PROFILE does not support extend_tci - if supports_extend_tci { + // Omit fwid[1] from tcb_info if DPE_PROFILE does not support recursive + if supports_recursive { bytes_written += self.encode_fwid(&node.tci_cumulative)?; } @@ -1110,7 +1110,7 @@ impl CertWriter<'_> { let tcb_infos_size = if !measurements.tci_nodes.is_empty() { Self::get_tcb_info_size( &measurements.tci_nodes[0], - measurements.supports_extend_tci, + measurements.supports_recursive, /*tagged=*/ true, )? * measurements.tci_nodes.len() } else { @@ -1128,7 +1128,7 @@ impl CertWriter<'_> { // Encode multiple tcg-dice-TcbInfos for node in measurements.tci_nodes { - bytes_written += self.encode_tcb_info(node, measurements.supports_extend_tci)?; + bytes_written += self.encode_tcb_info(node, measurements.supports_recursive)?; } Ok(bytes_written) @@ -1987,14 +1987,14 @@ mod tests { let mut cert = [0u8; 256]; let mut w = CertWriter::new(&mut cert, true); - let mut supports_extend_tci = true; - let mut bytes_written = w.encode_tcb_info(&node, supports_extend_tci).unwrap(); + let mut supports_recursive = true; + let mut bytes_written = w.encode_tcb_info(&node, supports_recursive).unwrap(); let mut parsed_tcb_info = asn1::parse_single::(&cert[..bytes_written]).unwrap(); assert_eq!( bytes_written, - CertWriter::get_tcb_info_size(&node, supports_extend_tci, true).unwrap() + CertWriter::get_tcb_info_size(&node, supports_recursive, true).unwrap() ); // FWIDs @@ -2013,16 +2013,16 @@ mod tests { node.locality.to_be_bytes() ); - // test tbs_info with supports_extend_tci = false - supports_extend_tci = false; + // test tbs_info with supports_recursive = false + supports_recursive = false; w = CertWriter::new(&mut cert, true); - bytes_written = w.encode_tcb_info(&node, supports_extend_tci).unwrap(); + bytes_written = w.encode_tcb_info(&node, supports_recursive).unwrap(); parsed_tcb_info = asn1::parse_single::(&cert[..bytes_written]).unwrap(); assert_eq!( bytes_written, - CertWriter::get_tcb_info_size(&node, supports_extend_tci, true).unwrap() + CertWriter::get_tcb_info_size(&node, supports_recursive, true).unwrap() ); // Check that only FWID[0] is present @@ -2084,7 +2084,7 @@ mod tests { label: &[0xCC; DPE_PROFILE.get_hash_size()], tci_nodes: &[node], is_ca: false, - supports_extend_tci: true, + supports_recursive: true, }; let validity = CertValidity { @@ -2150,7 +2150,7 @@ mod tests { label: &[0; DPE_PROFILE.get_hash_size()], tci_nodes: &[node], is_ca, - supports_extend_tci: true, + supports_recursive: true, }; let validity = CertValidity { diff --git a/simulator/src/main.rs b/simulator/src/main.rs index 6175a393..919d7d0c 100644 --- a/simulator/src/main.rs +++ b/simulator/src/main.rs @@ -51,12 +51,11 @@ fn handle_request(dpe: &mut DpeInstance, env: &mut DpeEnv, stream let response_code = match response { Response::GetProfile(ref res) => res.resp_hdr.status, Response::InitCtx(ref res) => res.resp_hdr.status, - Response::DeriveChild(ref res) => res.resp_hdr.status, + Response::DeriveContext(ref res) => res.resp_hdr.status, Response::RotateCtx(ref res) => res.resp_hdr.status, Response::CertifyKey(ref res) => res.resp_hdr.status, Response::Sign(ref res) => res.resp_hdr.status, Response::DestroyCtx(ref resp_hdr) => resp_hdr.status, - Response::ExtendTci(ref res) => res.resp_hdr.status, Response::GetCertificateChain(ref res) => res.resp_hdr.status, Response::Error(ref resp_hdr) => resp_hdr.status, }; @@ -81,9 +80,9 @@ struct Args { #[arg(long)] supports_simulation: bool, - /// Supports the ExtendTci command. + /// Supports the RECURSIVE extension to DeriveContext. #[arg(long)] - supports_extend_tci: bool, + supports_recursive: bool, /// Automatically initializes the default context. #[arg(long)] @@ -109,13 +108,17 @@ struct Args { #[arg(long)] supports_is_symmetric: bool, - /// Supports the INTERNAL_INPUT_INFO extension to DeriveChild + /// Supports the INTERNAL_INPUT_INFO extension to DeriveContext #[arg(long)] supports_internal_info: bool, - /// Supports the INTERNAL_INPUT_DICE extension to DeriveChild + /// Supports the INTERNAL_INPUT_DICE extension to DeriveContext #[arg(long)] supports_internal_dice: bool, + + /// Supports the RETAIN_PARENT_CONTEXT extension to DeriveContext + #[arg(long)] + supports_retain_parent_context: bool, } struct SimTypes {} @@ -152,12 +155,16 @@ fn main() -> std::io::Result<()> { support.set(Support::AUTO_INIT, args.supports_auto_init); support.set(Support::X509, args.supports_x509); support.set(Support::CSR, args.supports_csr); - support.set(Support::EXTEND_TCI, args.supports_extend_tci); + support.set(Support::RECURSIVE, args.supports_recursive); support.set(Support::ROTATE_CONTEXT, args.supports_rotate_context); support.set(Support::INTERNAL_DICE, args.supports_internal_dice); support.set(Support::INTERNAL_INFO, args.supports_internal_info); support.set(Support::IS_CA, args.supports_is_ca); support.set(Support::IS_SYMMETRIC, args.supports_is_symmetric); + support.set( + Support::RETAIN_PARENT_CONTEXT, + args.supports_retain_parent_context, + ); let mut env = DpeEnv:: { crypto: ::Crypto::new(), diff --git a/tools/src/sample_dpe_cert.rs b/tools/src/sample_dpe_cert.rs index e6e3bd7c..3cbf5a13 100644 --- a/tools/src/sample_dpe_cert.rs +++ b/tools/src/sample_dpe_cert.rs @@ -4,7 +4,7 @@ use std::env; use { crypto::OpensslCrypto, dpe::commands::{ - self, CertifyKeyCmd, CertifyKeyFlags, CommandHdr, DeriveChildCmd, DeriveChildFlags, + self, CertifyKeyCmd, CertifyKeyFlags, CommandHdr, DeriveContextCmd, DeriveContextFlags, }, dpe::context::ContextHandle, dpe::dpe_instance::{DpeEnv, DpeTypes}, @@ -22,7 +22,7 @@ impl DpeTypes for TestTypes { type Platform<'a> = DefaultPlatform; } -// Call DeriveChild on the default context so the generated cert will have a +// Call DeriveContext on the default context so the generated cert will have a // TcbInfo populated. fn add_tcb_info( dpe: &mut DpeInstance, @@ -30,15 +30,15 @@ fn add_tcb_info( data: &[u8; DPE_PROFILE.get_hash_size()], tci_type: u32, ) { - let cmd = DeriveChildCmd { + let cmd = DeriveContextCmd { handle: ContextHandle::default(), data: *data, - flags: DeriveChildFlags::INPUT_ALLOW_X509 | DeriveChildFlags::MAKE_DEFAULT, + flags: DeriveContextFlags::INPUT_ALLOW_X509 | DeriveContextFlags::MAKE_DEFAULT, tci_type, target_locality: 0, // Unused since flag isn't set }; let cmd_body = cmd.as_bytes().to_vec(); - let cmd_hdr = CommandHdr::new_for_test(dpe::commands::Command::DERIVE_CHILD) + let cmd_hdr = CommandHdr::new_for_test(dpe::commands::Command::DERIVE_CONTEXT) .as_bytes() .to_vec(); let mut command = cmd_hdr; @@ -48,7 +48,7 @@ fn add_tcb_info( let _ = match resp { // Expect CertifyKey response return an error in all other cases. - Response::DeriveChild(res) => res, + Response::DeriveContext(res) => res, Response::Error(res) => panic!("Error response {}", res.status), _ => panic!("Unexpected Response"), }; diff --git a/verification/client/abi.go b/verification/client/abi.go index b6075baa..3a4f7cd3 100644 --- a/verification/client/abi.go +++ b/verification/client/abi.go @@ -24,29 +24,29 @@ type CommandCode uint32 // Support is the set of features a DPE supports type Support struct { - Simulation bool - ExtendTci bool - AutoInit bool - RotateContext bool - X509 bool - Csr bool - IsSymmetric bool - InternalInfo bool - InternalDice bool - IsCA bool + Simulation bool + Recursive bool + AutoInit bool + RotateContext bool + X509 bool + Csr bool + IsSymmetric bool + InternalInfo bool + InternalDice bool + IsCA bool + RetainParentContext bool } // All DPE profile command codes const ( CommandGetProfile CommandCode = 0x1 CommandInitializeContext CommandCode = 0x7 - CommandDeriveChild CommandCode = 0x8 + CommandDeriveContext CommandCode = 0x8 CommandCertifyKey CommandCode = 0x9 CommandSign CommandCode = 0xa CommandRotateContextHandle CommandCode = 0xe CommandDestroyContext CommandCode = 0xf - CommandGetCertificateChain CommandCode = 0x80 - CommandExtendTCI CommandCode = 0x81 + CommandGetCertificateChain CommandCode = 0x10 ) // CommandHdr is the DPE command header common to all commands @@ -80,27 +80,9 @@ const ( // ContextHandle is a DPE context handle type ContextHandle [16]byte -// DestroyCtxFlags is input flags to DestroyContext -type DestroyCtxFlags uint32 - -// Supported flags to DestroyContext -const ( - DestroyDescendants DestroyCtxFlags = 1 << 31 -) - // DestroyCtxCmd is input parameters to DestroyContext type DestroyCtxCmd struct { handle ContextHandle - flags DestroyCtxFlags -} - -// NewDestroyCtx creates a new DestroyContext command -func NewDestroyCtx(handle ContextHandle, destroyDescendants bool) *DestroyCtxCmd { - flags := DestroyCtxFlags(0) - if destroyDescendants { - flags |= DestroyDescendants - } - return &DestroyCtxCmd{handle: handle, flags: flags} } // InitCtxResp is the response parameters from InitializeContext @@ -183,31 +165,32 @@ type RotatedContextHandle struct { NewContextHandle ContextHandle } -// DeriveChildFlags is the input flags to DeriveChild -type DeriveChildFlags uint32 +// DeriveContextFlags is the input flags to DeriveContext +type DeriveContextFlags uint32 -// Supported flags to DeriveChild +// Supported flags to DeriveContext const ( - InternalInputInfo DeriveChildFlags = 1 << 31 - InternalInputDice DeriveChildFlags = 1 << 30 - RetainParent DeriveChildFlags = 1 << 29 - MakeDefault DeriveChildFlags = 1 << 28 - ChangeLocality DeriveChildFlags = 1 << 27 - InputAllowCA DeriveChildFlags = 1 << 26 - InputAllowX509 DeriveChildFlags = 1 << 25 + InternalInputInfo DeriveContextFlags = 1 << 31 + InternalInputDice DeriveContextFlags = 1 << 30 + RetainParentContext DeriveContextFlags = 1 << 29 + MakeDefault DeriveContextFlags = 1 << 28 + ChangeLocality DeriveContextFlags = 1 << 27 + InputAllowCA DeriveContextFlags = 1 << 26 + InputAllowX509 DeriveContextFlags = 1 << 25 + Recursive DeriveContextFlags = 1 << 24 ) -// DeriveChildReq is the input request to DeriveChild -type DeriveChildReq[Digest DigestAlgorithm] struct { +// DeriveContextReq is the input request to DeriveContext +type DeriveContextReq[Digest DigestAlgorithm] struct { ContextHandle ContextHandle InputData Digest - Flags DeriveChildFlags + Flags DeriveContextFlags TciType uint32 TargetLocality uint32 } -// DeriveChildResp is the output response from DeriveChild -type DeriveChildResp struct { +// DeriveContextResp is the output response from DeriveContext +type DeriveContextResp struct { NewContextHandle ContextHandle ParentContextHandle ContextHandle } @@ -235,17 +218,6 @@ type SignResp[Digest DigestAlgorithm] struct { SignatureS Digest } -// ExtendTCIReq is the input request to ExtendTCI -type ExtendTCIReq[Digest DigestAlgorithm] struct { - ContextHandle ContextHandle - InputData Digest -} - -// ExtendTCIResp is the output response from ExtendTCI -type ExtendTCIResp struct { - NewContextHandle ContextHandle -} - // DPEABI is a connection to a DPE instance, parameterized by hash algorithm and ECC curve. type DPEABI[CurveParameter Curve, Digest DigestAlgorithm] struct { transport Transport @@ -463,11 +435,11 @@ func (c *DPEABI[_, _]) GetCertificateChainABI() (*GetCertificateChainResp, error return &certs, nil } -// DeriveChildABI calls DPE DeriveChild command. -func (c *DPEABI[_, Digest]) DeriveChildABI(cmd *DeriveChildReq[Digest]) (*DeriveChildResp, error) { - var respStruct DeriveChildResp +// DeriveContextABI calls DPE DeriveContext command. +func (c *DPEABI[_, Digest]) DeriveContextABI(cmd *DeriveContextReq[Digest]) (*DeriveContextResp, error) { + var respStruct DeriveContextResp - _, err := execCommand(c.transport, CommandDeriveChild, c.Profile, cmd, &respStruct) + _, err := execCommand(c.transport, CommandDeriveContext, c.Profile, cmd, &respStruct) if err != nil { return nil, err } @@ -499,18 +471,6 @@ func (c *DPEABI[_, Digest]) SignABI(cmd *SignReq[Digest]) (*SignResp[Digest], er return &respStruct, nil } -// ExtendTCIABI calls the DPE ExtendTCI command. -func (c *DPEABI[_, Digest]) ExtendTCIABI(cmd *ExtendTCIReq[Digest]) (*ExtendTCIResp, error) { - var respStruct ExtendTCIResp - - _, err := execCommand(c.transport, CommandExtendTCI, c.Profile, cmd, &respStruct) - if err != nil { - return nil, err - } - - return &respStruct, nil -} - // InitializeContext calls the DPE InitializeContext command func (c *DPEABI[_, _]) InitializeContext(flags InitCtxFlags) (*ContextHandle, error) { cmd := InitCtxCmd{flags: flags} @@ -563,10 +523,9 @@ func (c *DPEABI[_, Digest]) CertifyKey(handle *ContextHandle, label []byte, form } // DestroyContext calls DPE DestroyContext command -func (c *DPEABI[_, _]) DestroyContext(handle *ContextHandle, flags DestroyCtxFlags) error { +func (c *DPEABI[_, _]) DestroyContext(handle *ContextHandle) error { cmd := DestroyCtxCmd{ handle: *handle, - flags: flags, } return c.DestroyContextABI(&cmd) @@ -582,8 +541,8 @@ func (c *DPEABI[_, _]) GetCertificateChain() ([]byte, error) { return resp.CertificateChain, nil } -// DeriveChild calls DPE DeriveChild command -func (c *DPEABI[_, Digest]) DeriveChild(handle *ContextHandle, inputData []byte, flags DeriveChildFlags, tciType uint32, targetLocality uint32) (*DeriveChildResp, error) { +// DeriveContext calls DPE DeriveContext command +func (c *DPEABI[_, Digest]) DeriveContext(handle *ContextHandle, inputData []byte, flags DeriveContextFlags, tciType uint32, targetLocality uint32) (*DeriveContextResp, error) { if len(inputData) != DigestLen[Digest]() { return nil, fmt.Errorf("invalid digest length") } @@ -593,14 +552,14 @@ func (c *DPEABI[_, Digest]) DeriveChild(handle *ContextHandle, inputData []byte, return nil, err } - cmd := DeriveChildReq[Digest]{ + cmd := DeriveContextReq[Digest]{ ContextHandle: *handle, InputData: input, Flags: flags, TciType: tciType, TargetLocality: targetLocality, } - resp, err := c.DeriveChildABI(&cmd) + resp, err := c.DeriveContextABI(&cmd) if err != nil { return nil, err } @@ -662,38 +621,13 @@ func (c *DPEABI[_, Digest]) Sign(handle *ContextHandle, label []byte, flags Sign return signedResp, nil } -// ExtendTCI calls DPE ExtendTCI command -func (c *DPEABI[_, Digest]) ExtendTCI(handle *ContextHandle, inputData []byte) (*ContextHandle, error) { - - if len(inputData) != DigestLen[Digest]() { - return nil, fmt.Errorf("invalid digest length") - } - - input, err := NewDigest[Digest](inputData) - if err != nil { - return nil, err - } - - cmd := ExtendTCIReq[Digest]{ - ContextHandle: *handle, - InputData: input, - } - - resp, err := c.ExtendTCIABI(&cmd) - if err != nil { - return nil, err - } - - return &resp.NewContextHandle, nil -} - // ToFlags converts support to the profile-defined support flags format func (s *Support) ToFlags() uint32 { flags := uint32(0) if s.Simulation { flags |= (1 << 31) } - if s.ExtendTci { + if s.Recursive { flags |= (1 << 30) } if s.AutoInit { @@ -720,5 +654,8 @@ func (s *Support) ToFlags() uint32 { if s.IsCA { flags |= (1 << 20) } + if s.RetainParentContext { + flags |= (1 << 19) + } return flags } diff --git a/verification/client/client.go b/verification/client/client.go index 7bedf243..5010e430 100644 --- a/verification/client/client.go +++ b/verification/client/client.go @@ -52,11 +52,10 @@ type DPEClient interface { GetProfile() (*GetProfileResp, error) CertifyKey(handle *ContextHandle, label []byte, format CertifyKeyFormat, flags CertifyKeyFlags) (*CertifiedKey, error) GetCertificateChain() ([]byte, error) - DestroyContext(handle *ContextHandle, flags DestroyCtxFlags) error - DeriveChild(handle *ContextHandle, inputData []byte, flags DeriveChildFlags, tciType uint32, targetLocality uint32) (*DeriveChildResp, error) + DestroyContext(handle *ContextHandle) error + DeriveContext(handle *ContextHandle, inputData []byte, flags DeriveContextFlags, tciType uint32, targetLocality uint32) (*DeriveContextResp, error) RotateContextHandle(handle *ContextHandle, flags RotateContextHandleFlags) (*ContextHandle, error) Sign(handle *ContextHandle, label []byte, flags SignFlags, toBeSigned []byte) (*DPESignedHash, error) - ExtendTCI(handle *ContextHandle, inputData []byte) (*ContextHandle, error) } // NewClient returns a new DPE client diff --git a/verification/testing/certifyKey.go b/verification/testing/certifyKey.go index a7d347b6..39160cb3 100644 --- a/verification/testing/certifyKey.go +++ b/verification/testing/certifyKey.go @@ -460,7 +460,7 @@ func testCertifyKey(d client.TestDPEInstance, c client.DPEClient, t *testing.T, handle := getInitialContextHandle(d, c, t, simulation) defer func() { if simulation { - c.DestroyContext(handle, client.DestroyDescendants) + c.DestroyContext(handle) } }() @@ -517,7 +517,7 @@ func testCertifyKey(d client.TestDPEInstance, c client.DPEClient, t *testing.T, // same default context handle is returned in default mode. handle = &certifyKeyResp.Handle } - // TODO: When DeriveChild is implemented, call it here to add more TCIs and call CertifyKey again. + // TODO: When DeriveContext is implemented, call it here to add more TCIs and call CertifyKey again. } // Builds and verifies certificate chain. diff --git a/verification/testing/extendTCI.go b/verification/testing/extendTCI.go deleted file mode 100644 index 9e0d07c1..00000000 --- a/verification/testing/extendTCI.go +++ /dev/null @@ -1,177 +0,0 @@ -// Licensed under the Apache-2.0 license - -package verification - -import ( - "bytes" - "crypto/sha256" - "crypto/sha512" - "hash" - - "testing" - - "github.com/chipsalliance/caliptra-dpe/verification/client" -) - -// TestExtendTCI checks whether the ExtendTCI command updates the current TCI -// and cumulative TCI. -func TestExtendTCI(d client.TestDPEInstance, c client.DPEClient, t *testing.T) { - var err error - useSimulation := false // To indicate that simulation context is not used - - // Get default context handle - handle := getInitialContextHandle(d, c, t, useSimulation) - - // Get digest size - profile, err := client.GetTransportProfile(d) - if err != nil { - t.Fatalf("[FATAL]: Could not get profile: %v", err) - } - digestLen := profile.GetDigestSize() - - tciValue := make([]byte, digestLen) - for i := range tciValue { - tciValue[i] = byte(i) - } - - handle, tcbInfo, err := getTcbInfoForHandle(c, handle) - if err != nil { - t.Fatal(err) - } - lastCumulative := tcbInfo.Fwids[1].Digest - - // Set current TCI value - _, err = c.ExtendTCI(handle, tciValue) - if err != nil { - t.Fatalf("[FATAL]: Could not extend TCI: %v", err) - } - - // Check current and cumulative measurement by CertifyKey - expectedCumulative := computeExpectedCumulative(lastCumulative, tciValue) - verifyMeasurements(c, t, handle, tciValue, expectedCumulative) -} - -func computeExpectedCumulative(lastCumulative []byte, tciValue []byte) []byte { - var hasher hash.Hash - digestLen := len(lastCumulative) - if digestLen == 32 { - hasher = sha256.New() - } else if digestLen == 48 { - hasher = sha512.New384() - } - hasher.Write(lastCumulative) - hasher.Write(tciValue) - return hasher.Sum(nil) -} - -// TestExtendTciOnDerivedContexts checks whether the ExtendTCI command with -// derived child context. -func TestExtendTciOnDerivedContexts(d client.TestDPEInstance, c client.DPEClient, t *testing.T) { - useSimulation := false // To indicate that simulation context is not used - - // Get default context handle - handle := getInitialContextHandle(d, c, t, useSimulation) - - // Get digest size - profile, err := client.GetTransportProfile(d) - if err != nil { - t.Fatalf("[FATAL]: Could not get profile: %v", err) - } - digestLen := profile.GetDigestSize() - - // Initialize TCI inputs - tciValue := make([]byte, digestLen) - for i := range tciValue { - tciValue[i] = byte(i + 1) - } - - extendTciValue := make([]byte, digestLen) - for i := range extendTciValue { - extendTciValue[i] = byte(i + 2) - } - - // Preserve parent context to restore for subsequent tests. - parentHandle, err := c.RotateContextHandle(handle, client.RotateContextHandleFlags(0)) - if err != nil { - t.Errorf("[ERROR]: Error while rotating parent context handle, this may cause failure in subsequent tests: %s", err) - } - - // Change parent back to default context - defer func() { - _, err = c.RotateContextHandle(parentHandle, client.RotateContextHandleFlags(client.TargetIsDefault)) - if err != nil { - t.Errorf("[ERROR]: Error while restoring parent context handle as default context handle, this may cause failure in subsequent tests: %s", err) - } - }() - - // Derive Child context with input data, tag it and check TCI_CUMULATIVE - childCtx, err := c.DeriveChild(parentHandle, tciValue, client.DeriveChildFlags(client.RetainParent|client.InputAllowX509), 0, 0) - if err != nil { - t.Fatalf("[FATAL]: Error while creating default child handle in default context: %s", err) - } - - childHandle := &childCtx.NewContextHandle - parentHandle = &childCtx.ParentContextHandle - - // Clean up contexts - defer func() { - err := c.DestroyContext(childHandle, client.DestroyDescendants) - if err != nil { - t.Errorf("[ERROR]: Error while cleaning up derived context, this may cause failure in subsequent tests: %s", err) - } - }() - - childHandle, childTcbInfo, err := getTcbInfoForHandle(c, childHandle) - if err != nil { - t.Fatalf("[FATAL]: Could not get TcbInfo: %v", err) - } - - if !bytes.Equal(childTcbInfo.Fwids[0].Digest, tciValue) { - t.Errorf("[ERROR]: Got current TCI %x, expected %x", childTcbInfo.Fwids[0].Digest, tciValue) - } - - // Check TCI_CUMULATIVE after creating child context - wantCumulativeTCI := computeExpectedCumulative(make([]byte, digestLen), childTcbInfo.Fwids[0].Digest) - if !bytes.Equal(childTcbInfo.Fwids[1].Digest, wantCumulativeTCI) { - t.Errorf("[ERROR]: Child node's cumulative TCI %x, expected %x", childTcbInfo.Fwids[1].Digest, wantCumulativeTCI) - } - - // Set current TCI value - lastCumulative := childTcbInfo.Fwids[1].Digest - childHandle, err = c.ExtendTCI(childHandle, extendTciValue) - if err != nil { - t.Fatalf("[FATAL]: Could not extend TCI: %v", err) - } - - childHandle, childTcbInfo, err = getTcbInfoForHandle(c, childHandle) - if err != nil { - t.Fatalf("[FATAL]: Could not get TcbInfo: %v", err) - } - - if !bytes.Equal(childTcbInfo.Fwids[0].Digest, extendTciValue) { - t.Errorf("[ERROR]: Got current TCI %x, expected %x", childTcbInfo.Fwids[0].Digest, extendTciValue) - } - - wantCumulativeTCI = computeExpectedCumulative(lastCumulative, extendTciValue) - if !bytes.Equal(childTcbInfo.Fwids[1].Digest, wantCumulativeTCI) { - t.Errorf("[ERROR]: Child node's cumulative TCI %x, expected %x", childTcbInfo.Fwids[1].Digest, wantCumulativeTCI) - } -} - -func verifyMeasurements(c client.DPEClient, t *testing.T, handle *client.ContextHandle, expectedCurrent []byte, expectedCumulative []byte) { - handle, tcbInfo, err := getTcbInfoForHandle(c, handle) - if err != nil { - t.Fatal(err) - } - - // Check that the last TcbInfo current/cumulative are as expected - current := tcbInfo.Fwids[0].Digest - cumulative := tcbInfo.Fwids[1].Digest - if !bytes.Equal(current, expectedCurrent) { - t.Errorf("[ERROR]: Unexpected TCI_CURRENT digest, want %v but got %v", expectedCurrent, current) - } - - if !bytes.Equal(cumulative, expectedCumulative) { - t.Errorf("[ERROR]: Unexpected cumulative TCI value, want %v but got %v", expectedCumulative, cumulative) - } -} diff --git a/verification/testing/initializeContext.go b/verification/testing/initializeContext.go index f796db30..0bdfb091 100644 --- a/verification/testing/initializeContext.go +++ b/verification/testing/initializeContext.go @@ -63,7 +63,7 @@ func testInitContext(d client.TestDPEInstance, c client.DPEClient, t *testing.T, if err != nil { t.Fatal("Failed to create a simulation context.") } - defer c.DestroyContext(handle, client.DestroyDescendants) + defer c.DestroyContext(handle) // Could prove difficult to prove it is a cryptographically secure random. if *handle == client.ContextHandle([16]byte{0}) { diff --git a/verification/testing/negativeCases.go b/verification/testing/negativeCases.go index 37450734..08956cc9 100644 --- a/verification/testing/negativeCases.go +++ b/verification/testing/negativeCases.go @@ -18,7 +18,7 @@ var InvalidHandle = client.ContextHandle{0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 1 // which do not need context handle as input parameter. func TestInvalidHandle(d client.TestDPEInstance, c client.DPEClient, t *testing.T) { ctx := getInitialContextHandle(d, c, t, true) - defer c.DestroyContext(ctx, client.DestroyDescendants) + defer c.DestroyContext(ctx) profile, err := client.GetTransportProfile(d) if err != nil { @@ -26,11 +26,11 @@ func TestInvalidHandle(d client.TestDPEInstance, c client.DPEClient, t *testing. } digestLen := profile.GetDigestSize() - // Check DeriveChild with invalid handle - if _, err := c.DeriveChild(&InvalidHandle, make([]byte, digestLen), 0, 0, 0); err == nil { - t.Errorf("[ERROR]: DeriveChild should return %q, but returned no error", client.StatusInvalidHandle) + // Check DeriveContext with invalid handle + if _, err := c.DeriveContext(&InvalidHandle, make([]byte, digestLen), 0, 0, 0); err == nil { + t.Errorf("[ERROR]: DeriveContext should return %q, but returned no error", client.StatusInvalidHandle) } else if !errors.Is(err, client.StatusInvalidHandle) { - t.Errorf("[ERROR]: Incorrect error type. DeriveChild should return %q, but returned %q", client.StatusInvalidHandle, err) + t.Errorf("[ERROR]: Incorrect error type. DeriveContext should return %q, but returned %q", client.StatusInvalidHandle, err) } // Check CertifyKey with invalid handle @@ -55,18 +55,11 @@ func TestInvalidHandle(d client.TestDPEInstance, c client.DPEClient, t *testing. } // Check DestroyContext with invalid handle - if err := c.DestroyContext(&InvalidHandle, 0); err == nil { + if err := c.DestroyContext(&InvalidHandle); err == nil { t.Errorf("[ERROR]: DestroyContext should return %q, but returned no error", client.StatusInvalidHandle) } else if !errors.Is(err, client.StatusInvalidHandle) { t.Errorf("[ERROR]: Incorrect error type. DestroyContext should return %q, but returned %q", client.StatusInvalidHandle, err) } - - // Check ExtendTCI with invalid handle - if _, err := c.ExtendTCI(&InvalidHandle, make([]byte, digestLen)); err == nil { - t.Errorf("[ERROR]: ExtendTCI should return %q, but returned no error", client.StatusInvalidHandle) - } else if !errors.Is(err, client.StatusInvalidHandle) { - t.Errorf("[ERROR]: Incorrect error type. ExtendTCI should return %q, but returned %q", client.StatusInvalidHandle, err) - } } // TestWrongLocality checks whether error is reported when caller from one @@ -94,11 +87,11 @@ func TestWrongLocality(d client.TestDPEInstance, c client.DPEClient, t *testing. digestLen := profile.GetDigestSize() - // Check DeriveChild from wrong context - if _, err := c.DeriveChild(handle, make([]byte, digestLen), 0, 0, 0); err == nil { - t.Errorf("[ERROR]: DeriveChild should return %q, but returned no error", client.StatusInvalidLocality) + // Check DeriveContext from wrong context + if _, err := c.DeriveContext(handle, make([]byte, digestLen), 0, 0, 0); err == nil { + t.Errorf("[ERROR]: DeriveContext should return %q, but returned no error", client.StatusInvalidLocality) } else if !errors.Is(err, client.StatusInvalidLocality) { - t.Errorf("[ERROR]: Incorrect error type. DeriveChild should return %q, but returned %q", client.StatusInvalidLocality, err) + t.Errorf("[ERROR]: Incorrect error type. DeriveContext should return %q, but returned %q", client.StatusInvalidLocality, err) } // Check CertifyKey from wrong locality @@ -123,46 +116,26 @@ func TestWrongLocality(d client.TestDPEInstance, c client.DPEClient, t *testing. } // Check DestroyContext from wrong locality - if err := c.DestroyContext(handle, 0); err == nil { + if err := c.DestroyContext(handle); err == nil { t.Errorf("[ERROR]: DestroyContext should return %q, but returned no error", client.StatusInvalidLocality) } else if !errors.Is(err, client.StatusInvalidLocality) { t.Errorf("[ERROR]: Incorrect error type. DestroyContext should return %q, but returned %q", client.StatusInvalidLocality, err) } - - // Check ExtendTCI from wrong locality - if _, err := c.ExtendTCI(handle, make([]byte, digestLen)); err == nil { - t.Errorf("[ERROR]: ExtendTCI should return %q, but returned no error", client.StatusInvalidLocality) - } else if !errors.Is(err, client.StatusInvalidLocality) { - t.Errorf("[ERROR]: Incorrect error type. ExtendTCI should return %q, but returned %q", client.StatusInvalidLocality, err) - } } // TestUnsupportedCommand checks whether error is reported while using commands // that are turned off in DPE. -// DPE commands - RotateContextHandle, ExtendTCI, require support to be enabled in DPE profile +// DPE commands - RotateContextHandle requires support to be enabled in DPE profile // before being called. func TestUnsupportedCommand(d client.TestDPEInstance, c client.DPEClient, t *testing.T) { ctx := &client.DefaultContextHandle - profile, err := client.GetTransportProfile(d) - if err != nil { - t.Fatalf("Could not get profile: %v", err) - } - digestLen := profile.GetDigestSize() - // Check whether RotateContextHandle is unsupported by DPE profile if _, err := c.RotateContextHandle(ctx, client.RotateContextHandleFlags(client.TargetIsDefault)); err == nil { t.Errorf("[ERROR]: RotateContextHandle is not supported by DPE, should return %q, but returned no error", client.StatusInvalidCommand) } else if !errors.Is(err, client.StatusInvalidCommand) { t.Errorf("[ERROR]: Incorrect error type. RotateContextHandle is not supported by DPE, should return %q, but returned %q", client.StatusInvalidCommand, err) } - - // Check whether ExtendTCI is unsupported by DPE profile - if _, err := c.ExtendTCI(ctx, make([]byte, digestLen)); err == nil { - t.Errorf("[ERROR]: ExtendTCI is not supported by DPE, should return %q, but returned no error", client.StatusInvalidCommand) - } else if !errors.Is(err, client.StatusInvalidCommand) { - t.Errorf("[ERROR]: Incorrect error type. ExtendTCI is not supported by DPE, should return %q, but returned %q", client.StatusInvalidCommand, err) - } } // TestUnsupportedCommandFlag checks whether error is reported while enabling @@ -221,30 +194,30 @@ func TestUnsupportedCommandFlag(d client.TestDPEInstance, c client.DPEClient, t } // Check whether error is returned since InternalInfo usage is unsupported by DPE profile - if _, err := c.DeriveChild(handle, make([]byte, digestLen), client.DeriveChildFlags(client.InternalInputInfo), 0, 0); err == nil { - t.Errorf("[ERROR]:InternalInfo is not supported by DPE, DeriveChild should return %q, but returned no error", client.StatusArgumentNotSupported) + if _, err := c.DeriveContext(handle, make([]byte, digestLen), client.DeriveContextFlags(client.InternalInputInfo), 0, 0); err == nil { + t.Errorf("[ERROR]:InternalInfo is not supported by DPE, DeriveContext should return %q, but returned no error", client.StatusArgumentNotSupported) } else if !errors.Is(err, client.StatusArgumentNotSupported) { - t.Errorf("[ERROR]: Incorrect error type. InternalInfo is not supported by DPE, DeriveChild should return %q, but returned %q", client.StatusArgumentNotSupported, err) + t.Errorf("[ERROR]: Incorrect error type. InternalInfo is not supported by DPE, DeriveContext should return %q, but returned %q", client.StatusArgumentNotSupported, err) } // Check whether error is returned since InternalDice usgae is unsupported by DPE profile - if _, err := c.DeriveChild(handle, make([]byte, digestLen), client.DeriveChildFlags(client.InternalInputDice), 0, 0); err == nil { - t.Errorf("[ERROR]:InternalDice is not supported by DPE, DeriveChild should return %q, but returned no error", client.StatusArgumentNotSupported) + if _, err := c.DeriveContext(handle, make([]byte, digestLen), client.DeriveContextFlags(client.InternalInputDice), 0, 0); err == nil { + t.Errorf("[ERROR]:InternalDice is not supported by DPE, DeriveContext should return %q, but returned no error", client.StatusArgumentNotSupported) } else if !errors.Is(err, client.StatusArgumentNotSupported) { - t.Errorf("[ERROR]: Incorrect error type. InternalDice is not supported by DPE, DeriveChild should return %q, but returned %q", client.StatusArgumentNotSupported, err) + t.Errorf("[ERROR]: Incorrect error type. InternalDice is not supported by DPE, DeriveContext should return %q, but returned %q", client.StatusArgumentNotSupported, err) } // Check whether error is returned since InternalInfo usage is unsupported by DPE profile - if _, err := c.DeriveChild(handle, make([]byte, digestLen), client.DeriveChildFlags(client.InputAllowCA), 0, 0); err == nil { - t.Errorf("[ERROR]:IS_CA is not supported by DPE, DeriveChild should return %q, but returned no error", client.StatusArgumentNotSupported) + if _, err := c.DeriveContext(handle, make([]byte, digestLen), client.DeriveContextFlags(client.InputAllowCA), 0, 0); err == nil { + t.Errorf("[ERROR]:IS_CA is not supported by DPE, DeriveContext should return %q, but returned no error", client.StatusArgumentNotSupported) } else if !errors.Is(err, client.StatusArgumentNotSupported) { - t.Errorf("[ERROR]: Incorrect error type. IS_CA is not supported by DPE, DeriveChild should return %q, but returned %q", client.StatusArgumentNotSupported, err) + t.Errorf("[ERROR]: Incorrect error type. IS_CA is not supported by DPE, DeriveContext should return %q, but returned %q", client.StatusArgumentNotSupported, err) } // Check whether error is returned since InternalDice usgae is unsupported by DPE profile - if _, err := c.DeriveChild(handle, make([]byte, digestLen), client.DeriveChildFlags(client.InputAllowX509), 0, 0); err == nil { - t.Errorf("[ERROR]:X509 is not supported by DPE, DeriveChild should return %q, but returned no error", client.StatusArgumentNotSupported) + if _, err := c.DeriveContext(handle, make([]byte, digestLen), client.DeriveContextFlags(client.InputAllowX509), 0, 0); err == nil { + t.Errorf("[ERROR]:X509 is not supported by DPE, DeriveContext should return %q, but returned no error", client.StatusArgumentNotSupported) } else if !errors.Is(err, client.StatusArgumentNotSupported) { - t.Errorf("[ERROR]: Incorrect error type. X509 is not supported by DPE, DeriveChild should return %q, but returned %q", client.StatusArgumentNotSupported, err) + t.Errorf("[ERROR]: Incorrect error type. X509 is not supported by DPE, DeriveContext should return %q, but returned %q", client.StatusArgumentNotSupported, err) } } diff --git a/verification/testing/rotateContextHandle.go b/verification/testing/rotateContextHandle.go index cbb037c4..446e6c9d 100644 --- a/verification/testing/rotateContextHandle.go +++ b/verification/testing/rotateContextHandle.go @@ -49,7 +49,7 @@ func TestRotateContextHandleSimulation(d client.TestDPEInstance, c client.DPECli simulation := true handle := getInitialContextHandle(d, c, t, simulation) defer func() { - c.DestroyContext(handle, client.DestroyDescendants) + c.DestroyContext(handle) }() // Check whether the rotated context handle is a random context handle diff --git a/verification/testing/sign.go b/verification/testing/sign.go index b8a8656a..7f4c0e4d 100644 --- a/verification/testing/sign.go +++ b/verification/testing/sign.go @@ -89,7 +89,7 @@ func TestSignSimulation(d client.TestDPEInstance, c client.DPEClient, t *testing useSimulation := true handle := getInitialContextHandle(d, c, t, useSimulation) defer func() { - c.DestroyContext(handle, client.DestroyDescendants) + c.DestroyContext(handle) }() // Get digest size diff --git a/verification/testing/simulator.go b/verification/testing/simulator.go index 5b0c1199..81e3deb7 100644 --- a/verification/testing/simulator.go +++ b/verification/testing/simulator.go @@ -54,8 +54,8 @@ func (s *DpeSimulator) PowerOn() error { if s.supports.Simulation { args = append(args, "--supports-simulation") } - if s.supports.ExtendTci { - args = append(args, "--supports-extend-tci") + if s.supports.Recursive { + args = append(args, "--supports-recursive") } if s.supports.AutoInit { args = append(args, "--supports-auto-init") @@ -81,6 +81,9 @@ func (s *DpeSimulator) PowerOn() error { if s.supports.InternalDice { args = append(args, "--supports-internal-dice") } + if s.supports.RetainParentContext { + args = append(args, "--supports-retain-parent-context") + } s.cmd = exec.Command(s.exePath, args...) s.cmd.Stdout = os.Stdout @@ -252,7 +255,7 @@ func GetSimulatorTargets() []TestTarget { }, { "DefaultSupport", - getTestTarget([]string{"AutoInit", "Simulation", "X509", "Csr", "IsCA", "RotateContext", "ExtendTci", "IsSymmetric"}), + getTestTarget([]string{"AutoInit", "Simulation", "X509", "Csr", "IsCA", "RotateContext", "Recursive", "IsSymmetric"}), AllTestCases, }, { @@ -261,8 +264,8 @@ func GetSimulatorTargets() []TestTarget { []TestCase{GetProfileTestCase}, }, { - "GetProfile_ExtendTCI", - getTestTarget([]string{"ExtendTci"}), + "GetProfile_Recursive", + getTestTarget([]string{"Recursive"}), []TestCase{GetProfileTestCase}, }, { @@ -305,6 +308,11 @@ func GetSimulatorTargets() []TestTarget { getTestTarget([]string{"IsCA"}), []TestCase{GetProfileTestCase}, }, + { + "GetProfile_RetainParentContext", + getTestTarget([]string{"RetainParentContext"}), + []TestCase{GetProfileTestCase}, + }, { "GetProfile_Combo01", getTestTarget([]string{"Simulation", "AutoInit", "RotateContext", "Csr", "InternalDice", "IsCA"}), @@ -312,12 +320,12 @@ func GetSimulatorTargets() []TestTarget { }, { "GetProfile_Combo02", - getTestTarget([]string{"ExtendTci", "X509", "InternalInfo"}), + getTestTarget([]string{"Recursive", "X509", "InternalInfo"}), []TestCase{GetProfileTestCase}, }, { "GetProfile_All", - getTestTarget([]string{"Simulation", "ExtendTci", "AutoInit", "RotateContext", "X509", "Csr", "IsSymmetric", "InternalInfo", "InternalDice", "IsCA"}), + getTestTarget([]string{"Simulation", "Recursive", "AutoInit", "RotateContext", "X509", "Csr", "IsSymmetric", "InternalInfo", "InternalDice", "IsCA"}), []TestCase{GetProfileTestCase}, }, { @@ -327,7 +335,7 @@ func GetSimulatorTargets() []TestTarget { }, { "NegativeCase_UnsupportedFeatureByDPE", - getTestTarget([]string{"AutoInit", "RotateContext", "ExtendTci"}), + getTestTarget([]string{"AutoInit", "RotateContext"}), []TestCase{UnsupportedCommandFlag}, }, } diff --git a/verification/testing/verification.go b/verification/testing/verification.go index 6dc217c7..990f195a 100644 --- a/verification/testing/verification.go +++ b/verification/testing/verification.go @@ -57,16 +57,6 @@ var GetCertificateChainTestCase = TestCase{ "GetCertificateChain", TestGetCertificateChain, []string{"AutoInit", "X509"}, } -// ExtendTCITestCase tests ExtendTci -var ExtendTCITestCase = TestCase{ - "ExtendTCITestCase", TestExtendTCI, []string{"AutoInit", "ExtendTci"}, -} - -// ExtendDerivedTciTestCase tests ExtendTci on derived child contexts -var ExtendDerivedTciTestCase = TestCase{ - "ExtendDerivedTciTestCase", TestExtendTciOnDerivedContexts, []string{"AutoInit", "ExtendTci"}, -} - // GetProfileTestCase tests GetProfile var GetProfileTestCase = TestCase{ "GetProfile", TestGetProfile, []string{}, @@ -74,12 +64,12 @@ var GetProfileTestCase = TestCase{ // InvalidHandleTestCase tests various commands with invalid context handles var InvalidHandleTestCase = TestCase{ - "CheckInvalidHandle", TestInvalidHandle, []string{"Simulation", "RotateContext", "ExtendTci"}, + "CheckInvalidHandle", TestInvalidHandle, []string{"Simulation", "RotateContext"}, } // WrongLocalityTestCase tests various commands with invalid localities var WrongLocalityTestCase = TestCase{ - "CheckWrongLocality", TestWrongLocality, []string{"AutoInit", "RotateContext", "ExtendTci"}, + "CheckWrongLocality", TestWrongLocality, []string{"AutoInit", "RotateContext"}, } // UnsupportedCommand tests calling unsupported commands @@ -89,7 +79,7 @@ var UnsupportedCommand = TestCase{ // UnsupportedCommandFlag tests calling unsupported commands flags var UnsupportedCommandFlag = TestCase{ - "CheckSupportForCommandFlag", TestUnsupportedCommandFlag, []string{"AutoInit", "RotateContext", "ExtendTci"}, + "CheckSupportForCommandFlag", TestUnsupportedCommandFlag, []string{"AutoInit", "RotateContext"}, } // RotateContextTestCase tests RotateContext @@ -129,8 +119,6 @@ var AllTestCases = []TestCase{ CertifyKeySimulationTestCase, GetCertificateChainTestCase, TpmPolicySigningTestCase, - ExtendTCITestCase, - ExtendDerivedTciTestCase, RotateContextTestCase, RotateContextSimulationTestCase, SignAsymmetricTestCase,