Skip to content

Commit

Permalink
Update dpe and cfi versions
Browse files Browse the repository at this point in the history
  • Loading branch information
@sree-revoori1 @jhand2
sree-revoori1 authored and jhand2 committed Feb 29, 2024
1 parent bc0ea32 commit f1875cb
Show file tree
Hide file tree
Showing 7 changed files with 51 additions and 36 deletions.
4 changes: 2 additions & 2 deletions Cargo.lock
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

4 changes: 2 additions & 2 deletions Cargo.toml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -93,8 +93,8 @@ bit-vec = "0.6.3"
caliptra-api = { path = "api" }
caliptra-cfi-lib = { path = "cfi/lib", default-features = false, features = ["cfi", "cfi-counter" ] }
caliptra-cfi-derive = { path = "cfi/derive" }
caliptra-cfi-lib-git = { git = "https://github.com/chipsalliance/caliptra-cfi.git", package = "caliptra-cfi-lib-git", rev = "9f315fcf11fe006e95e62149f54f98620e5244e7", default-features = false, features = ["cfi", "cfi-counter" ] }
caliptra-cfi-derive-git = { git = "https://github.com/chipsalliance/caliptra-cfi.git", package = "caliptra-cfi-derive-git", rev = "9f315fcf11fe006e95e62149f54f98620e5244e7"}
caliptra-cfi-lib-git = { git = "https://github.com/chipsalliance/caliptra-cfi.git", package = "caliptra-cfi-lib-git", rev = "a98e499d279e81ae85881991b1e9eee354151189", default-features = false, features = ["cfi", "cfi-counter" ] }
caliptra-cfi-derive-git = { git = "https://github.com/chipsalliance/caliptra-cfi.git", package = "caliptra-cfi-derive-git", rev = "a98e499d279e81ae85881991b1e9eee354151189"}
caliptra_common = { path = "common", default-features = false }
caliptra-coverage = { path = "coverage" }
caliptra-builder = { path = "builder" }
Expand Down
2 changes: 1 addition & 1 deletion dpe
Submodule dpe updated 22 files
+10 −10 Cargo.lock
+4 −2 Cargo.toml
+2 −2 crypto/Cargo.toml
+2 −2 dpe/Cargo.toml
+10 −10 dpe/fuzz/Cargo.lock
+137 −11 dpe/src/commands/certify_key.rs
+5 −0 dpe/src/dpe_instance.rs
+1 −1 dpe/src/lib.rs
+322 −38 dpe/src/x509.rs
+1 −1 platform/Cargo.toml
+31 −0 platform/src/default.rs
+12 −2 platform/src/lib.rs
+1 −1 simulator/Cargo.toml
+1 −1 tools/Cargo.toml
+3 −2 verification/client/abi.go
+7 −0 verification/sim/go.mod
+230 −0 verification/sim/transport.go
+79 −8 verification/testing/certifyKey.go
+42 −1 verification/testing/certs.go
+5 −0 verification/testing/getCertificateChain.go
+4 −1 verification/testing/go.mod
+6 −219 verification/testing/simulator.go
20 changes: 16 additions & 4 deletions runtime/src/dpe_platform.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -25,7 +25,7 @@ use dpe::{
};
use platform::{
CertValidity, Platform, PlatformError, SignerIdentifier, MAX_CHUNK_SIZE, MAX_ISSUER_NAME_SIZE,
MAX_SKI_SIZE, MAX_SN_SIZE,
MAX_KEY_IDENTIFIER_SIZE, MAX_SN_SIZE,
};
use zerocopy::AsBytes;

Expand Down Expand Up @@ -126,19 +126,31 @@ impl Platform for DpePlatform<'_> {
/// See X509::subj_key_id in fmc/src/flow/x509.rs for code that generates the
/// SubjectKeyIdentifier extension in the RT alias certificate.
fn get_signer_identifier(&mut self) -> Result<SignerIdentifier, PlatformError> {
let mut ski = [0u8; MAX_SKI_SIZE];
let mut ski = [0u8; MAX_KEY_IDENTIFIER_SIZE];
let hashed_rt_pub_key = self.hashed_rt_pub_key.bytes();
if hashed_rt_pub_key.len() < MAX_SKI_SIZE {
if hashed_rt_pub_key.len() < MAX_KEY_IDENTIFIER_SIZE {
return Err(PlatformError::SubjectKeyIdentifierError(0));
}
ski.copy_from_slice(&hashed_rt_pub_key[..MAX_SKI_SIZE]);
ski.copy_from_slice(&hashed_rt_pub_key[..MAX_KEY_IDENTIFIER_SIZE]);
let mut ski_vec = ArrayVec::new();
ski_vec
.try_extend_from_slice(&ski)
.map_err(|_| PlatformError::SubjectKeyIdentifierError(0))?;
Ok(SignerIdentifier::SubjectKeyIdentifier(ski_vec))
}

fn get_issuer_key_identifier(
&mut self,
out: &mut [u8; MAX_KEY_IDENTIFIER_SIZE],
) -> Result<(), PlatformError> {
let hashed_rt_pub_key = self.hashed_rt_pub_key.bytes();
if hashed_rt_pub_key.len() < MAX_KEY_IDENTIFIER_SIZE {
return Err(PlatformError::IssuerKeyIdentifierError(0));
}
out.copy_from_slice(&hashed_rt_pub_key[..MAX_KEY_IDENTIFIER_SIZE]);
Ok(())
}

fn write_str(&mut self, str: &str) -> Result<(), PlatformError> {
cprintln!("{}", str);
Ok(())
Expand Down
23 changes: 13 additions & 10 deletions test/dpe_verification/go.mod
View file
Original file line number Diff line number Diff line change
Expand Up @@ -6,32 +6,35 @@ replace github.com/chipsalliance/caliptra-dpe/verification/testing => ../../dpe/

replace github.com/chipsalliance/caliptra-dpe/verification/client => ../../dpe/verification/client

replace github.com/chipsalliance/caliptra-dpe/verification/sim => ../../dpe/verification/sim

require (
github.com/chipsalliance/caliptra-dpe/verification/client v0.0.0-20240126223313-d61940a4bf01
github.com/chipsalliance/caliptra-dpe/verification/testing v0.0.0-20240126223313-d61940a4bf01
github.com/chipsalliance/caliptra-dpe/verification/client v0.0.0-20240227181801-29d5ca397c66
github.com/chipsalliance/caliptra-dpe/verification/testing v0.0.0-20240227181801-29d5ca397c66
)

require (
github.com/chipsalliance/caliptra-dpe/verification/sim v0.0.0-20240227181801-29d5ca397c66 // indirect
github.com/github/smimesign v0.2.0 // indirect
github.com/golang/protobuf v1.5.3 // indirect
github.com/google/go-configfs-tsm v0.2.2 // indirect
github.com/google/go-sev-guest v0.10.1 // indirect
github.com/google/go-tdx-guest v0.2.3-0.20231011100059-4cf02bed9d33 // indirect
github.com/google/go-sev-guest v0.11.0 // indirect
github.com/google/go-tdx-guest v0.3.1 // indirect
github.com/google/go-tpm v0.9.0 // indirect
github.com/google/go-tpm-tools v0.4.2 // indirect
github.com/google/go-tpm-tools v0.4.3 // indirect
github.com/google/logger v1.1.1 // indirect
github.com/google/uuid v1.6.0 // indirect
github.com/pborman/uuid v1.2.1 // indirect
github.com/pelletier/go-toml v1.9.5 // indirect
github.com/pkg/errors v0.9.1 // indirect
github.com/weppos/publicsuffix-go v0.30.2-0.20230730094716-a20f9abcc222 // indirect
github.com/zmap/zcrypto v0.0.0-20231219022726-a1f61fb1661c // indirect
github.com/zmap/zlint/v3 v3.6.0 // indirect
github.com/zmap/zlint/v3 v3.6.1 // indirect
go.uber.org/multierr v1.11.0 // indirect
golang.org/x/crypto v0.18.0 // indirect
golang.org/x/exp v0.0.0-20240119083558-1b970713d09a // indirect
golang.org/x/net v0.20.0 // indirect
golang.org/x/sys v0.16.0 // indirect
golang.org/x/crypto v0.20.0 // indirect
golang.org/x/exp v0.0.0-20240222234643-814bf88cf225 // indirect
golang.org/x/net v0.21.0 // indirect
golang.org/x/sys v0.17.0 // indirect
golang.org/x/text v0.14.0 // indirect
google.golang.org/protobuf v1.32.0 // indirect
)
32 changes: 16 additions & 16 deletions test/dpe_verification/go.sum
View file
Original file line number Diff line number Diff line change
Expand Up @@ -24,14 +24,14 @@ github.com/google/go-configfs-tsm v0.2.2 h1:YnJ9rXIOj5BYD7/0DNnzs8AOp7UcvjfTvt21
github.com/google/go-configfs-tsm v0.2.2/go.mod h1:EL1GTDFMb5PZQWDviGfZV9n87WeGTR/JUg13RfwkgRo=
github.com/google/go-github/v50 v50.2.0/go.mod h1:VBY8FB6yPIjrtKhozXv4FQupxKLS6H4m6xFZlT43q8Q=
github.com/google/go-querystring v1.1.0/go.mod h1:Kcdr2DB4koayq7X8pmAG4sNG59So17icRSOU623lUBU=
github.com/google/go-sev-guest v0.10.1 h1:kZIcGD513eqInbezqxchTtOLJlVXALyWlIXu5E0tNJE=
github.com/google/go-sev-guest v0.10.1/go.mod h1:/5hrgGWqG7+MPTXKhQz+v9ZE+Eh4MCBdItCNwgshlrk=
github.com/google/go-tdx-guest v0.2.3-0.20231011100059-4cf02bed9d33 h1:lRlUusuieEuqljjihCXb+Mr73VNitOYPJYWXzJKtBWs=
github.com/google/go-tdx-guest v0.2.3-0.20231011100059-4cf02bed9d33/go.mod h1:84ut3oago/BqPXD4ppiGXdkZNW3WFPkcyAO4my2hXdY=
github.com/google/go-sev-guest v0.11.0 h1:BOwThd1h7y4S5CphfZsW4umMMysJrD/yNGhvYZo0P5Y=
github.com/google/go-sev-guest v0.11.0/go.mod h1:/5hrgGWqG7+MPTXKhQz+v9ZE+Eh4MCBdItCNwgshlrk=
github.com/google/go-tdx-guest v0.3.1 h1:gl0KvjdsD4RrJzyLefDOvFOUH3NAJri/3qvaL5m83Iw=
github.com/google/go-tdx-guest v0.3.1/go.mod h1:/rc3d7rnPykOPuY8U9saMyEps0PZDThLk/RygXm04nE=
github.com/google/go-tpm v0.9.0 h1:sQF6YqWMi+SCXpsmS3fd21oPy/vSddwZry4JnmltHVk=
github.com/google/go-tpm v0.9.0/go.mod h1:FkNVkc6C+IsvDI9Jw1OveJmxGZUUaKxtrpOS47QWKfU=
github.com/google/go-tpm-tools v0.4.2 h1:iyaCPKt2N5Rd0yz0G8ANa022SgCNZkMpp+db6QELtvI=
github.com/google/go-tpm-tools v0.4.2/go.mod h1:fGUDZu4tw3V4hUVuFHmiYgRd0c58/IXivn9v3Ea/ck4=
github.com/google/go-tpm-tools v0.4.3 h1:L5dc34fttMIREoKRmnIJfv2NSZDSZ+RfBD+izN0EZoA=
github.com/google/go-tpm-tools v0.4.3/go.mod h1:T8jXkp2s+eltnCDIsXR84/MTcVU9Ja7bh3Mit0pa4AY=
github.com/google/go-tspi v0.3.0 h1:ADtq8RKfP+jrTyIWIZDIYcKOMecRqNJFOew2IT0Inus=
github.com/google/logger v1.1.1 h1:+6Z2geNxc9G+4D4oDO9njjjn2d0wN5d7uOo0vOIW1NQ=
github.com/google/logger v1.1.1/go.mod h1:BkeJZ+1FhQ+/d087r4dzojEg1u2ZX+ZqG1jTUrLM+zQ=
Expand Down Expand Up @@ -80,8 +80,8 @@ github.com/zmap/zcrypto v0.0.0-20201211161100-e54a5822fb7e/go.mod h1:aPM7r+JOkfL
github.com/zmap/zcrypto v0.0.0-20231219022726-a1f61fb1661c h1:U1b4THKcgOpJ+kILupuznNwPiURtwVW3e9alJvji9+s=
github.com/zmap/zcrypto v0.0.0-20231219022726-a1f61fb1661c/go.mod h1:GSDpFDD4TASObxvfZfvpZZ3OWHIUHMlhVWlkOe4ewVk=
github.com/zmap/zlint/v3 v3.0.0/go.mod h1:paGwFySdHIBEMJ61YjoqT4h7Ge+fdYG4sUQhnTb1lJ8=
github.com/zmap/zlint/v3 v3.6.0 h1:vTEaDRtYN0d/1Ax60T+ypvbLQUHwHxbvYRnUMVr35ug=
github.com/zmap/zlint/v3 v3.6.0/go.mod h1:NVgiIWssgzp0bNl8P4Gz94NHV2ep/4Jyj9V69uTmZyg=
github.com/zmap/zlint/v3 v3.6.1 h1:IM1jJ35YFBKFrbBMc8Kq34MGyDYttwRGZjO/qxIYG2Y=
github.com/zmap/zlint/v3 v3.6.1/go.mod h1:NVgiIWssgzp0bNl8P4Gz94NHV2ep/4Jyj9V69uTmZyg=
go.uber.org/multierr v1.11.0 h1:blXXJkSxSSfBVBlC76pxqeO+LN3aDfLQo+309xJstO0=
go.uber.org/multierr v1.11.0/go.mod h1:20+QtiLqy0Nd6FdQB9TLXag12DsQkrbs3htMFfDN80Y=
golang.org/x/crypto v0.0.0-20180904163835-0709b304e793/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4=
Expand All @@ -94,10 +94,10 @@ golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5y
golang.org/x/crypto v0.7.0/go.mod h1:pYwdfH91IfpZVANVyUOhSIPZaFoJGxTFbZhFTx+dXZU=
golang.org/x/crypto v0.11.0/go.mod h1:xgJhtzW8F9jGdVFWZESrid1U1bjeNy4zgy5cRr/CIio=
golang.org/x/crypto v0.17.0/go.mod h1:gCAAfMLgwOJRpTjQ2zCCt2OcSfYMTeZVSRtQlPC7Nq4=
golang.org/x/crypto v0.18.0 h1:PGVlW0xEltQnzFZ55hkuX5+KLyrMYhHld1YHO4AKcdc=
golang.org/x/crypto v0.18.0/go.mod h1:R0j02AL6hcrfOiy9T4ZYp/rcWeMxM3L6QYxlOuEG1mg=
golang.org/x/exp v0.0.0-20240119083558-1b970713d09a h1:Q8/wZp0KX97QFTc2ywcOE0YRjZPVIx+MXInMzdvQqcA=
golang.org/x/exp v0.0.0-20240119083558-1b970713d09a/go.mod h1:idGWGoKP1toJGkd5/ig9ZLuPcZBC3ewk7SzmH0uou08=
golang.org/x/crypto v0.20.0 h1:jmAMJJZXr5KiCw05dfYK9QnqaqKLYXijU23lsEdcQqg=
golang.org/x/crypto v0.20.0/go.mod h1:Xwo95rrVNIoSMx9wa1JroENMToLWn3RNVrTBpLHgZPQ=
golang.org/x/exp v0.0.0-20240222234643-814bf88cf225 h1:LfspQV/FYTatPTr/3HzIcmiUFH7PGP+OQ6mgDYo3yuQ=
golang.org/x/exp v0.0.0-20240222234643-814bf88cf225/go.mod h1:CxmFvTBINI24O/j8iY7H1xHzx2i4OsyguNBmN/uPtqc=
golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4/go.mod h1:jJ57K6gSWd91VN4djpZkiMVwK6gcyfeH4XE8wZrZaV4=
golang.org/x/mod v0.8.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs=
golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
Expand All @@ -111,8 +111,8 @@ golang.org/x/net v0.6.0/go.mod h1:2Tu9+aMcznHK/AK1HMvgo6xiTLG5rD5rZLDS+rp2Bjs=
golang.org/x/net v0.8.0/go.mod h1:QVkue5JL9kW//ek3r6jTKnTFis1tRmNAW2P1shuFdJc=
golang.org/x/net v0.10.0/go.mod h1:0qNGK6F8kojg2nk9dLZ2mShWaEBan6FAoqfSigmmuDg=
golang.org/x/net v0.12.0/go.mod h1:zEVYFnQC7m/vmpQFELhcD1EWkZlX69l4oqgmer6hfKA=
golang.org/x/net v0.20.0 h1:aCL9BSgETF1k+blQaYUBx9hJ9LOGP3gAVemcZlf1Kpo=
golang.org/x/net v0.20.0/go.mod h1:z8BVo6PvndSri0LbOE3hAn0apkU+1YvI6E70E9jsnvY=
golang.org/x/net v0.21.0 h1:AQyQV4dYCvJ7vGmJyKki9+PBdyvhkSd8EIx/qb0AYv4=
golang.org/x/net v0.21.0/go.mod h1:bIjVDfnllIU7BJ2DNgfnXvpSvtn8VRwhlsaeUTyUS44=
golang.org/x/oauth2 v0.6.0/go.mod h1:ycmewcwgD4Rpr3eZJLSB4Kyyljb3qDh40vJ8STE5HKw=
golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
golang.org/x/sync v0.0.0-20220722155255-886fb9371eb4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
Expand All @@ -135,8 +135,8 @@ golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.8.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.10.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.15.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
golang.org/x/sys v0.16.0 h1:xWw16ngr6ZMtmxDyKyIgsE93KNKz5HKmMa3b8ALHidU=
golang.org/x/sys v0.16.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
golang.org/x/sys v0.17.0 h1:25cE3gD+tdBA7lp7QfhuV+rJiE9YXTcS3VG1SqssI/Y=
golang.org/x/sys v0.17.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
golang.org/x/term v0.0.0-20201117132131-f5c789dd3221/go.mod h1:Nr5EML6q2oocZ2LXRh80K7BxOlk5/8JxuGnuhpl+muw=
golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8=
Expand Down
2 changes: 1 addition & 1 deletion test/dpe_verification/transport.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -232,7 +232,7 @@ func (s *CptraModel) GetProfileMajorVersion() uint16 {
}

func (s *CptraModel) GetProfileMinorVersion() uint16 {
return 9
return 10
}

func (s *CptraModel) GetProfileVendorID() uint32 {
Expand Down

0 comments on commit f1875cb

Please sign in to comment.