TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / TF-M / tf-m-extras / 90d89a0b4e5ca0394fdcb2a119665d17585c68e2 / . / partitions / dice_protection_environment / test / host / cmd.c
blob: d9139535159b6e2717e7e15df57224d5bbaf21a8 [file] [log] [blame]
/*
* SPDX-FileCopyrightText: Copyright The TrustedFirmware-M Contributors
*
* SPDX-License-Identifier: BSD-3-Clause
*
*/
#include <stdio.h>
#include <stdlib.h>
#include "dice_protection_environment.h"
#include "dpe_client.h"
#include "dpe_context_mngr.h"
#include "dpe_cmd_decode.h"
#include "dpe_cmd_encode.h"
#include "cmd.h"
#include "root_keys.h"
#include "test_framework.h"
#include "dpe_test.h"
#include "dpe_test_common.h"
#include "dpe_test_data.h"
#include "dpe_test_private.h"
#include "tfm_log_unpriv.h"
#define CLIENT_ID_NS -1
extern int retained_rot_ctx_handle;
extern const struct dpe_test_data_t test_data[5];
static const DiceInputValues dice_in = DEFAULT_DICE_INPUT;
static const unsigned int cert_id_arr[4] = {
DPE_CERT_ID_INVALID, 1, 2, DPE_CERT_ID_SAME_AS_PARENT
};
/* Data for key derivation */
static const char label[] = {
0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F,
0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, 0x19, 0x1A, 0x1B, 0x1C, 0x1D, 0x1E, 0x1F,
0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27, 0x28, 0x29, 0x2A, 0x2B, 0x2C, 0x2D, 0x2E, 0x2F,
0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x3A, 0x3B, 0x3C, 0x3D, 0x3E, 0x3F,
0x40, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, 0x47, 0x48, 0x49, 0x4A, 0x4B, 0x4C, 0x4D, 0x4E, 0x4F,
0x50, 0x51, 0x52, 0x53, 0x54, 0x55, 0x56, 0x57, 0x58, 0x59, 0x5A, 0x5B, 0x5C, 0x5D, 0x5E, 0x5F,
0x60, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66, 0x67, 0x68, 0x69, 0x6A, 0x6B, 0x6C, 0x6D, 0x6E, 0x6F,
0x70, 0x71, 0x72, 0x73, 0x74, 0x75, 0x76, 0x77, 0x78, 0x79, 0x7A, 0x7B, 0x7C, 0x7D, 0x7E, 0x7F,
0x80, 0x81, 0x82, 0x83, 0x84, 0x85, 0x86, 0x87, 0x88, 0x89, 0x8A, 0x8B, 0x8C, 0x8D, 0x8E, 0x8F,
0x90, 0x91, 0x92, 0x93, 0x94, 0x95, 0x96, 0x97, 0x98, 0x99, 0x9A, 0x9B, 0x9C, 0x9D, 0x9E, 0x9F,
0xA0, 0xA1, 0xA2, 0xA3, 0xA4, 0xA5, 0xA6, 0xA7, 0xA8, 0xA9, 0xAA, 0xAB, 0xAC, 0xAD, 0xAE, 0xAF,
0xB0, 0xB1, 0xB2, 0xB3, 0xB4, 0xB5, 0xB6, 0xB7, 0xB8, 0xB9, 0xBA, 0xBB, 0xBC, 0xBD, 0xBE, 0xBF,
0xC0, 0xC1, 0xC2, 0xC3, 0xC4, 0xC5, 0xC6, 0xC7, 0xC8, 0xC9, 0xCA, 0xCB, 0xCC, 0xCD, 0xCE, 0xCF,
0xD0, 0xD1, 0xD2, 0xD3, 0xD4, 0xD5, 0xD6, 0xD7, 0xD8, 0xD9, 0xDA, 0xDB, 0xDC, 0xDD, 0xDE, 0xDF,
0xE0, 0xE1, 0xE2, 0xE3, 0xE4, 0xE5, 0xE6, 0xE7, 0xE8, 0xE9, 0xEA, 0xEB, 0xEC, 0xED, 0xEE, 0xEF,
0xF0, 0xF1, 0xF2, 0xF3, 0xF4, 0xF5, 0xF6, 0xF7, 0xF8, 0xF9, 0xFA, 0xFB, 0xFC, 0xFD, 0xFE, 0xFF,
};
/*
* Valid COSE_Key from RFC8152:
* https://datatracker.ietf.org/doc/html/rfc8152#appendix-C.7.1
*/
static const char ext_pub_key[] = {
0xA5, 0x20, 0x01, 0x21, 0x58, 0x20, 0x65, 0xED, 0xA5, 0xA1, 0x25, 0x77, 0xC2, 0xBA, 0xE8,
0x29, 0x43, 0x7F, 0xE3, 0x38, 0x70, 0x1A, 0x10, 0xAA, 0xA3, 0x75, 0xE1, 0xBB, 0x5B, 0x5D,
0xE1, 0x08, 0xDE, 0x43, 0x9C, 0x08, 0x55, 0x1D, 0x22, 0x58, 0x20, 0x1E, 0x52, 0xED, 0x75,
0x70, 0x11, 0x63, 0xF7, 0xF9, 0xE4, 0x0D, 0xDF, 0x9F, 0x34, 0x1B, 0x3D, 0xC9, 0xBA, 0x86,
0x0A, 0xF7, 0xE0, 0xCA, 0x7C, 0xA7, 0xE9, 0xEE, 0xCD, 0x00, 0x84, 0xD1, 0x9C, 0x01, 0x02,
0x02, 0x58, 0x24, 0x6D, 0x65, 0x72, 0x69, 0x61, 0x64, 0x6F, 0x63, 0x2E, 0x62, 0x72, 0x61,
0x6E, 0x64, 0x79, 0x62, 0x75, 0x63, 0x6B, 0x40, 0x62, 0x75, 0x63, 0x6B, 0x6C, 0x61, 0x6E,
0x64, 0x2E, 0x65, 0x78, 0x61, 0x6D, 0x70, 0x6C, 0x65,
};
struct dc_fuzz_input_raw {
unsigned char test_data_id;
unsigned char cert_id;
unsigned char retain_parent_context;
unsigned char allow_new_context_to_derive;
unsigned char create_certificate;
unsigned char return_certificate;
unsigned char allow_new_context_to_export;
unsigned char export_cdi;
};
struct ck_fuzz_input_raw {
unsigned char test_data_id;
unsigned char retain_context;
unsigned char use_external_key;
unsigned char label_size;
};
struct gcc_fuzz_input_raw {
unsigned char test_data_id;
unsigned char retain_context;
unsigned char clear_from_context;
};
struct gcc_fuzz_input {
unsigned char test_data_id;
bool retain_context;
bool clear_from_context;
};
union dpe_cmd {
struct dc_fuzz_input_raw dc_raw;
struct ck_fuzz_input_raw ck_raw;
struct gcc_fuzz_input_raw gcc_raw;
};
struct rnd_cmd_fuzz_input_raw {
unsigned char cmd_id;
union dpe_cmd cmd;
};
static void print_buf(const unsigned char *buf, size_t size)
{
size_t i;
if (buf != NULL) {
for (i = 0; i < size; ++i) {
if ((i & 0xF) == 0) {
VERBOSE_UNPRIV_RAW("\n");
}
if (buf[i] < 0x10) {
VERBOSE_UNPRIV_RAW(" 0%x", buf[i]);
} else {
VERBOSE_UNPRIV_RAW(" %x", buf[i]);
}
}
}
VERBOSE_UNPRIV_RAW("\n");
VERBOSE_UNPRIV_RAW("\n");
}
static void build_internal_state(int *context_handle, unsigned char test_data_id)
{
struct test_result_t test_ret = {0};
int err;
VERBOSE_UNPRIV_RAW("\nDeriving RoT context:\n");
derive_rot_certificate_context(&test_ret);
if (test_ret.val != TEST_PASSED) {
printf("ERROR: RoT context derivation failed\n");
exit(1);
}
if (test_data_id < ARRAY_SIZE(test_data)) {
VERBOSE_UNPRIV_RAW("\nBuilding internal state: test_data[%d]\n", test_data_id);
err = build_certificate_chain(&test_data[test_data_id]);
if (err) {
printf("\nERROR: Building certificate chain based on test data failed: %d\n", err);
exit(1);
}
VERBOSE_UNPRIV_RAW("Building internal state: Done\n\n");
*context_handle = get_last_context_handle(&test_data[test_data_id]);
} else {
VERBOSE_UNPRIV_RAW("Building internal state: No\n\n");
*context_handle = retained_rot_ctx_handle;
}
}
static void
map_rnd_cmd_input(enum cmd *cmd, const char *cmd_in_buf, size_t cmd_in_size)
{
struct rnd_cmd_fuzz_input_raw *rnd_cmd_raw;
/* If input is longer than just truncate it */
rnd_cmd_raw = (struct rnd_cmd_fuzz_input_raw *)cmd_in_buf;
*cmd = rnd_cmd_raw->cmd_id % MAX_CMD_VAL;
}
static dpe_error_t
rnd_cmd(const char *cmd_in_buf, size_t cmd_in_size, int *context_handle)
{
enum cmd cmd;
map_rnd_cmd_input(&cmd, cmd_in_buf, cmd_in_size);
/* The internal state based on test_data[] will be built by the invoked
* commnad later.
*/
/* The first byte was consumed, it determines the DPE command type */
return exec_dpe_cmd(cmd, cmd_in_buf + 1, cmd_in_size - 1, context_handle);
}
/* Set a valid handle in the CBOR encoded commands */
//static void update_context_handle(const char *buf, size_t len, int ctx_handle)
//{
////TODO: If internal state is built up before command execution, then the
//// hard-coded context_handle must be updated to a valid one.
//}
static dpe_error_t
cbor_cmd(const char *cmd_in_buf, size_t cmd_in_size, int *context_handle)
{
char cmd_out_buf[2 * 4096];
size_t cmd_out_size = sizeof(cmd_out_buf);
dpe_error_t err;
//TODO: Might test with pre-built internal state
//build_internal_state(context_handle, 0);
//update_context_handle(cmd_in_buf, cmd_in_size, context_handle);
(void)context_handle;
VERBOSE_UNPRIV_RAW("DPE request (%ld):\n", cmd_in_size);
print_buf(cmd_in_buf, cmd_in_size);
err = dpe_command_decode(CLIENT_ID_NS,
cmd_in_buf, cmd_in_size,
cmd_out_buf, &cmd_out_size);
VERBOSE_UNPRIV_RAW("DPE response (%ld):\n", cmd_out_size);
print_buf(cmd_out_buf, cmd_out_size);
return err;
}
static bool map_to_bool(unsigned char val)
{
return (val % 2) ? true : false;
}
/*
* Restrict the inputs:
* - cert_id: Only allow 4 different valid values
* - bools: Ensure that true and false values appears equally frequent
*/
static void
map_dc_input(struct derive_context_cmd_input_t *dc, unsigned char *test_data_id,
const char *cmd_in_buf, size_t cmd_in_size)
{
struct dc_fuzz_input_raw *dc_raw;
/* If the input is longer than just truncate it */
dc_raw = (struct dc_fuzz_input_raw *)cmd_in_buf;
dc->cert_id = cert_id_arr[(dc_raw->cert_id % ARRAY_SIZE(cert_id_arr))];
dc->retain_parent_context = map_to_bool(dc_raw->retain_parent_context);
dc->allow_new_context_to_derive = map_to_bool(dc_raw->allow_new_context_to_derive);
dc->create_certificate = map_to_bool(dc_raw->create_certificate);
dc->return_certificate = map_to_bool(dc_raw->return_certificate);
dc->allow_new_context_to_export = map_to_bool(dc_raw->allow_new_context_to_export);
dc->export_cdi = map_to_bool(dc_raw->export_cdi);
*test_data_id = dc_raw->test_data_id;
}
static dpe_error_t
dc_cmd(const char *cmd_in_buf, size_t cmd_in_size, int *context_handle)
{
struct derive_context_cmd_input_t dc_input = DEFAULT_DC_CMD_INPUT;
struct derive_context_cmd_output_t dc_output = {0};
dpe_error_t err;
unsigned char test_data_id;
ADD_CERT_BUF(dc_output, DICE_CERT_SIZE);
ADD_EXPORT_CDI_BUF(dc_output, DICE_MAX_ENCODED_CDI_SIZE);
map_dc_input(&dc_input, &test_data_id, cmd_in_buf, cmd_in_size);
build_internal_state(context_handle, test_data_id);
/* Set the next valid context_handle */
dc_input.context_handle = *context_handle;
err = CALL_DERIVE_CONTEXT(dc_input, dc_output);
if (dc_output.certificate_actual_size > 0) {
VERBOSE_UNPRIV_RAW("Certificate:\n");
print_buf(dc_output.certificate_buf,
dc_output.certificate_actual_size);
}
if (dc_output.exported_cdi_actual_size > 0) {
VERBOSE_UNPRIV_RAW("CDIs:\n");
print_buf(dc_output.exported_cdi_buf,
dc_output.exported_cdi_actual_size);
}
return err;
}
static void
map_ck_input(struct certify_key_cmd_input_t *ck, unsigned char *test_data_id,
const char *cmd_in_buf, size_t cmd_in_size)
{
struct ck_fuzz_input_raw *ck_raw;
/* If the input is longer than just truncate it */
ck_raw = (struct ck_fuzz_input_raw *)cmd_in_buf;
ck->retain_context = map_to_bool(ck_raw->retain_context);
if (map_to_bool(ck_raw->use_external_key)) {
ck->public_key = ext_pub_key;
ck->public_key_size = sizeof(ext_pub_key);
}
ck->label_size = (size_t)ck_raw->label_size;
}
static dpe_error_t
ck_cmd(const char *cmd_in_buf, size_t cmd_in_size, int *context_handle)
{
struct certify_key_cmd_input_t ck_input = DEFAULT_CK_CMD_INPUT;
struct certify_key_cmd_output_t ck_output = {0};
dpe_error_t err;
unsigned char test_data_id;
ADD_CERT_CHAIN_BUF(ck_output, 1650);
ADD_DERIVED_PUB_KEY_BUF(ck_output, DPE_ATTEST_PUB_KEY_SIZE);
map_ck_input(&ck_input, &test_data_id, cmd_in_buf, cmd_in_size);
build_internal_state(context_handle, test_data_id);
/* Set the next valid context_handle */
ck_input.context_handle = *context_handle;
err = CALL_CERTIFY_KEY(ck_input, ck_output);
if (ck_output.certificate_chain_actual_size > 0) {
VERBOSE_UNPRIV_RAW("Certificate:\n");
print_buf(ck_output.certificate_chain_buf,
ck_output.certificate_chain_actual_size);
}
if (ck_output.derived_public_key_actual_size > 0) {
VERBOSE_UNPRIV_RAW("Public key:\n");
print_buf(ck_output.derived_public_key_buf,
ck_output.derived_public_key_actual_size);
}
return err;
}
static void
map_gcc_input(struct gcc_fuzz_input *gcc, unsigned char *test_data_id,
const char *cmd_in_buf, size_t cmd_in_size)
{
struct gcc_fuzz_input_raw *gcc_raw;
/* If the input is longer than just truncate it */
gcc_raw = (struct gcc_fuzz_input_raw *)cmd_in_buf;
gcc->retain_context = map_to_bool(gcc_raw->retain_context);
gcc->clear_from_context = map_to_bool(gcc_raw->clear_from_context);
}
static dpe_error_t
gcc_cmd(const char *cmd_in_buf, size_t cmd_in_size, int *context_handle)
{
int new_context_handle;
struct gcc_fuzz_input gcc;
char cert_buf[4096];
size_t cert_size = 0;
dpe_error_t err;
unsigned char test_data_id;
map_gcc_input(&gcc, &test_data_id, cmd_in_buf, cmd_in_size);
build_internal_state(context_handle, test_data_id);
err = dpe_get_certificate_chain(*context_handle,
gcc.retain_context,
gcc.clear_from_context,
cert_buf,
sizeof(cert_buf),
&cert_size,
&new_context_handle);
if (cert_size > 0) {
VERBOSE_UNPRIV_RAW("Certificate:\n");
print_buf(cert_buf, cert_size);
}
return err;
}
/*
* DPE Library Init:
* - crypto_lib
* - platform
* - context manager
*/
void dpe_lib_init(int *context_handle)
{
int ret;
dpe_error_t err;
ret = psa_crypto_init();
if (ret != 0) {
printf("ERROR: Crypto init failed! (%d)\n", ret);
exit(1);
}
ret = register_rot_cdi();
if (ret != 0) {
printf("ERROR: RoT CDI registration failed! (%d)\n", ret);
exit(1);
}
ret = register_root_attest_key();
if (ret != 0) {
printf("ERROR: Root attest key registration failed! (%d)\n", ret);
exit(1);
}
err = initialise_context_mngr(context_handle);
if (err != DPE_NO_ERROR) {
printf("ERROR: Context manager init failed (%d)\n", err);
exit(1);
}
}
dpe_error_t exec_dpe_cmd(enum cmd cmd, const char *cmd_in_buf,
size_t cmd_in_size, int *context_handle)
{
switch(cmd) {
case CBOR:
return cbor_cmd(cmd_in_buf, cmd_in_size, context_handle);
case DC:
return dc_cmd(cmd_in_buf, cmd_in_size, context_handle);
case CK:
return ck_cmd(cmd_in_buf, cmd_in_size, context_handle);
case GCC:
return gcc_cmd(cmd_in_buf, cmd_in_size, context_handle);
case RND:
return rnd_cmd(cmd_in_buf, cmd_in_size, context_handle);
default:
printf("ERROR: Unknown command\n");
exit(1);
}
}