add seperator extend support for tee info hash tool.

fix #621

Signed-off-by: Yang, Longlong <longlong.yang@intel.com>

td-shim-tools/src/bin/td-shim-tee-info-hash/main.rs

@@ -28,6 +28,8 @@ struct Config {
     pub output: PathBuf,
     // Log level
     pub log_level: String,
+    // Seperator for populating rtmr
+    pub seperator: u32,
 }
 
 #[derive(Debug)]
@@ -61,6 +63,12 @@ impl Config {
                     .default_value("info")
                     .action(ArgAction::Set),
             )
+            .arg(
+                arg!(-s --seperator "seperator format should be u32 type, like: 0")
+                    .required(true)
+                    .value_parser(value_parser!(u32))
+                    .action(ArgAction::Set),
+            )
             .get_matches();
 
         // Safe to unwrap() because they are mandatory or have default values.
@@ -76,12 +84,14 @@ impl Config {
         };
         let manifest = matches.get_one::<String>("manifest").unwrap().clone();
         let log_level = matches.get_one::<String>("log-level").unwrap().clone();
+        let seperator = matches.get_one::<u32>("seperator").unwrap().clone();
 
         Ok(Self {
             manifest,
             image,
             output,
             log_level,
+            seperator,
         })
     }
 }
@@ -124,6 +134,7 @@ fn main() -> io::Result<()> {
     };
 
     tee_info.build_mrtd(&mut image, image_size);
+    tee_info.build_rtmr_with_seperator(config.seperator);
     log::info!("{}", &tee_info);
 
     log::info!(

td-shim-tools/src/bin/td-shim-tee-info-hash/readme.md

@@ -8,7 +8,7 @@ A json format td manifest file is required and includes informations: attributes
 
 ```
 USAGE:
-    td-shim-tee-info-hash [OPTIONS] --image <image> --manifest <manifest>
+    td-shim-tee-info-hash [OPTIONS] --image <image> --manifest <manifest> --seperator 0
 
 OPTIONS:
     -h, --help                     Print help information
@@ -18,9 +18,10 @@ OPTIONS:
     -m, --manifest <manifest>      td manifest
     -o, --out_bin <output>          output tee info hash binary
     -V, --version                  Print version information
+    -s, --seperator <u32>          The seperator to be extended into rtmr
 ```
 
 example:<br>
 ```
-cargo run -p td-shim-tools --bin td-shim-tee-info-hash --features tee -- --manifest <td_manifest> --image <td_shim_binary> --out_bin <tee_info_hash_bin>
+cargo run -p td-shim-tools --bin td-shim-tee-info-hash --features tee -- --manifest <td_manifest> --image <td_shim_binary> --out_bin <tee_info_hash_bin> --seperator 0
 ```

td-shim-tools/src/tee_info_hash.rs

@@ -328,6 +328,24 @@ impl TdInfoStruct {
         let hash = sha384hasher.finalize();
         self.mrtd.copy_from_slice(hash.as_slice());
     }
+
+    pub fn build_rtmr_with_seperator(&mut self, seperator: u32) {
+        let seperator = u32::to_le_bytes(seperator);
+
+        let mut sha384hasher = Sha384::new();
+        sha384hasher.update(seperator);
+        let hash = sha384hasher.finalize();
+
+        let mut concat_input = [0u8; SHA384_DIGEST_SIZE * 2];
+        concat_input[SHA384_DIGEST_SIZE..].copy_from_slice(hash.as_slice());
+
+        let mut sha384hasher = Sha384::new();
+        sha384hasher.update(concat_input);
+        let hash = sha384hasher.finalize();
+
+        self.rtmr0.copy_from_slice(hash.as_slice());
+        self.rtmr1.copy_from_slice(hash.as_slice());
+    }
 }
 
 fn fill_buffer128_with_mem_page_add(buf: &mut [u8; MRTD_EXTENSION_BUFFER_SIZE], gpa: u64) {