Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Extendtci command as separate branch #253

Merged
merged 12 commits into from
Nov 20, 2023
Merged

Extendtci command as separate branch #253

Show file tree
Hide file tree
Changes from 4 commits
Commits
Show all changes
12 commits
Select commit Hold shift + click to select a range
b85ae0b
extendtci command as separate branch
hpya93 Nov 3, 2023
3d00462
rebased code in accordance to PR 255
hpya93 Nov 7, 2023
79980b3
Merge branch 'main' into extendtci_support
hpya93 Nov 9, 2023
83a0d8c
Update tagTCI.go
hpya93 Nov 9, 2023
d15f7d8
comments addressed
hpya93 Nov 10, 2023
fb4c3ec
Update initializeContext.go
hpya93 Nov 10, 2023
e4a4387
Update tagTCI.go
hpya93 Nov 10, 2023
29fd0f8
Clean up derived context and restore parent context for subsequent tests
hpya93 Nov 11, 2023
bd55fe2
review comments
hpya93 Nov 14, 2023
6ed437f
review comments
hpya93 Nov 16, 2023
440bbdd
Update README.md
hpya93 Nov 16, 2023
1f788a9
Merge branch 'chipsalliance:main' into extendtci_support
hpya93 Nov 18, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
206 changes: 180 additions & 26 deletions verification/tagTCI.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3,55 +3,209 @@
package verification

import (
"bytes"
"crypto/sha256"
"crypto/sha512"
"errors"
"hash"

//"reflect"
"testing"
)

func TestTagTCI(d TestDPEInstance, client DPEClient, t *testing.T) {
useSimulation := false
ctx := getInitialContextHandle(d, client, t, useSimulation)
// This file is used to test the tagTCI command.

func TestTagTCI(d TestDPEInstance, c DPEClient, t *testing.T) {
var err error
jhand2 marked this conversation as resolved.
Show resolved Hide resolved
useSimulation := false // To indicate that simulation context is not used

// Get the default context
handle := getInitialContextHandle(d, c, t, useSimulation)

// Get digest size
profile, err := GetTransportProfile(d)
if err != nil {
t.Fatalf("Could not get profile: %v", err)
}

digestLen := profile.GetDigestSize()

// Tag the default context
tag := TCITag(12345)
// Check to see our tag is not yet found.
if _, err := client.GetTaggedTCI(tag); !errors.Is(err, StatusBadTag) {
if _, err := c.GetTaggedTCI(tag); !errors.Is(err, StatusBadTag) {
t.Fatalf("GetTaggedTCI returned %v, want %v", err, StatusBadTag)
}

// Tag the default context
handle, err := client.TagTCI(ctx, tag)
// Make sure default handle returns same handle when extended
testTagTCIHandle(d, c, t, handle, digestLen, tag)

// Make sure the current TCI is updated
// For profiles which use auto-initialization, we don't know the expected TCIs so we can check only current TCI
testCurrentAndCumulativeTCI(d, c, t, handle, digestLen, tag)

// Make sure some other tag is still not found.
if _, err := c.GetTaggedTCI(TCITag(98765)); !errors.Is(err, StatusBadTag) {
t.Fatalf("GetTaggedTCI returned %v, want %v", err, StatusBadTag)
}

// Pass TCI input to DerivedChild context and check cumulative TCI
testForDerivedChildContexts(d, c, t, handle, digestLen, tag)
jhand2 marked this conversation as resolved.
Show resolved Hide resolved
}

// Checks whether the default handle remains unchanged when extended with TCI value.
func testTagTCIHandle(d TestDPEInstance, c DPEClient, t *testing.T, handle *ContextHandle, digestLen int, tag TCITag) {
jhand2 marked this conversation as resolved.
Show resolved Hide resolved
tciValue := make([]byte, digestLen)
for i := range tciValue {
tciValue[i] = byte(i)
}
hpya93 marked this conversation as resolved.
Show resolved Hide resolved

newHandle, err := c.TagTCI(handle, tag)
if err != nil {
t.Fatalf("Could not tag TCI: %v", err)
}
if *newHandle != *handle {
t.Errorf("New context handle from TagTCI was %x, expected %x", newHandle, handle)
}
}

if *handle != *ctx {
t.Errorf("New context handle from TagTCI was %x, expected %x", handle, ctx)
// Checks whether the ExtendTCI command updates the current TCI and cumulative TCI.
func testCurrentAndCumulativeTCI(d TestDPEInstance, c DPEClient, t *testing.T, handle *ContextHandle, digestLen int, tag TCITag) {
// Initialize TCI inputs
defaultTci := make([]byte, digestLen)

tciValue := make([]byte, digestLen)
for i := range tciValue {
tciValue[i] = byte(i)
}

// Initialize hasher
var hasher hash.Hash
if digestLen == 32 {
hasher = sha256.New()
} else if digestLen == 48 {
hasher = sha512.New384()
} else {
t.Error("[ERROR]: Unsupported hash algorithm used for TCI value generation")
}

// Set current TCI value
_, err := c.ExtendTCI(handle, tciValue)
if err != nil {
t.Fatalf("Could not tag TCI: %v", err)
}

_, err = client.GetTaggedTCI(tag)
taggedTCI, err := c.GetTaggedTCI(tag)
if err != nil {
t.Fatalf("Could not get tagged TCI: %v", err)
}

// TODO: For profiles which use auto-initialization, we don't know the expected
// TCIs. Uncomment this once the DeriveChild API is implemented so the test
// can control the TCI inputs.
/*
wantCumulativeTCI := make([]byte, profile.GetDigestSize())
if !reflect.DeepEqual(taggedTCI.CumulativeTCI, wantCumulativeTCI) {
t.Errorf("GetTaggedTCI returned cumulative TCI %x, expected %x", taggedTCI.CumulativeTCI, wantCumulativeTCI)
}
// Check TCI_CURRENT
wantCurrentTCI := tciValue
if !bytes.Equal(taggedTCI.CurrentTCI, tciValue) {
t.Errorf("GetTaggedTCI returned current TCI %x, expected %x", taggedTCI.CurrentTCI, wantCurrentTCI)
}

wantCurrentTCI := make([]byte, profile.GetDigestSize())
if !reflect.DeepEqual(taggedTCI.CurrentTCI, wantCurrentTCI) {
t.Errorf("GetTaggedTCI returned current TCI %x, expected %x", taggedTCI.CurrentTCI, wantCurrentTCI)
}
*/
// Cross-verify TCI_CUMULATIVE
hasher.Write(defaultTci)
hasher.Write(taggedTCI.CurrentTCI)
if wantCumulativeTCI := hasher.Sum(nil); !bytes.Equal(taggedTCI.CumulativeTCI, wantCumulativeTCI) {
t.Errorf("GetTaggedTCI returned cumulative TCI %x, expected %x", taggedTCI.CumulativeTCI, wantCumulativeTCI)
}
}

// Make sure some other tag is still not found.
if _, err := client.GetTaggedTCI(TCITag(98765)); !errors.Is(err, StatusBadTag) {
t.Fatalf("GetTaggedTCI returned %v, want %v", err, StatusBadTag)
// Checks whether the ExtendTCI command updates the current TCI.
func testForDerivedChildContexts(d TestDPEInstance, c DPEClient, t *testing.T, handle *ContextHandle, digestLen int, parentTag TCITag) {
var wantCumulativeTCI []byte
childTag := TCITag(23456)

// Initialize TCI inputs
defaultTci := make([]byte, digestLen)

tciValue := make([]byte, digestLen)
for i := range tciValue {
tciValue[i] = byte(i + 1)
}

// TODO: When DeriveChild is implemented, call it here to add more TCIs and call TagTCI again.
extendTciValue := make([]byte, digestLen)
for i := range extendTciValue {
extendTciValue[i] = byte(i + 2)
}

// Initialize hasher
var hasher hash.Hash
if digestLen == 32 {
hasher = sha256.New()
} else if digestLen == 48 {
hasher = sha512.New384()
} else {
t.Error("[ERROR]: Unsupported hash algorithm used for TCI value generation")
}

// Get parent context TCI values for cumulative value calculation
parentTci, err := c.GetTaggedTCI(parentTag)
if err != nil {
t.Fatalf("Could not get tagged TCI: %v", err)
}

// Cross-verify parent's TCI_CUMULATIVE
hasher.Write(defaultTci)
hasher.Write(parentTci.CurrentTCI)
wantCumulativeTCI = hasher.Sum(nil)
if !bytes.Equal(parentTci.CumulativeTCI, wantCumulativeTCI) {
t.Errorf("Parent node's cumulative TCI %x, expected %x", parentTci.CumulativeTCI, wantCumulativeTCI)
}

// Derive Child context with input data, tag it and check TCI_CUMULATIVE
child, err := c.DeriveChild(handle, tciValue, DeriveChildFlags(MakeDefault), 0, 0)
if err != nil {
t.Fatalf("[FATAL]: Error while creating default child handle in default context: %s", err)
}

newHandle, err := c.TagTCI(&child.NewContextHandle, childTag)
if err != nil {
t.Fatalf("Could not tag TCI: %v", err)
}

childTci, err := c.GetTaggedTCI(childTag)
if err != nil {
t.Fatalf("Could not get tagged TCI: %v", err)
}

if !bytes.Equal(childTci.CurrentTCI, tciValue) {
t.Errorf("GetTaggedTCI returned current TCI %x, expected %x", childTci.CurrentTCI, tciValue)
}

// Check TCI_CUMULATIVE after creating child context
hasher.Reset()
hasher.Write(defaultTci)
hasher.Write(childTci.CurrentTCI)
wantCumulativeTCI = hasher.Sum(nil)
if !bytes.Equal(childTci.CumulativeTCI, wantCumulativeTCI) {
t.Errorf("Child node's cumulative TCI %x, expected %x", childTci.CumulativeTCI, wantCumulativeTCI)
}

// Extend TCI to child context and check TCI_CURRENT and TCI_CUMULATIVE
_, err = c.ExtendTCI(newHandle, extendTciValue)
if err != nil {
t.Fatalf("Could not tag TCI: %v", err)
}

childExtendTci, err := c.GetTaggedTCI(childTag)
if err != nil {
t.Fatalf("Could not get tagged TCI: %v", err)
}

if !bytes.Equal(childExtendTci.CurrentTCI, extendTciValue) {
t.Errorf("GetTaggedTCI returned current TCI %x, expected %x", childExtendTci.CurrentTCI, extendTciValue)
}

// Check TCI_CUMULATIVE after extending input to child context
hasher.Reset()
hasher.Write(childTci.CumulativeTCI)
hasher.Write(childExtendTci.CurrentTCI)
wantCumulativeTCI = hasher.Sum(nil)
if !bytes.Equal(childExtendTci.CumulativeTCI, wantCumulativeTCI) {
t.Errorf("Child node's cumulative TCI %x, expected %x", childExtendTci.CumulativeTCI, wantCumulativeTCI)
}
jhand2 marked this conversation as resolved.
Show resolved Hide resolved
}
2 changes: 1 addition & 1 deletion verification/verification.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -56,9 +56,9 @@ var UnsupportedCommandFlag = TestCase{

var AllTestCases = []TestCase{
CertifyKeyTestCase,
TagTCITestCase,
jhand2 marked this conversation as resolved.
Show resolved Hide resolved
CertifyKeySimulationTestCase,
GetCertificateChainTestCase,
TagTCITestCase,
GetProfileTestCase,
InitializeContextTestCase,
InitializeContextSimulationTestCase,
Expand Down