Skip to content

Commit

Permalink
[WIP] Further work!
Browse files Browse the repository at this point in the history
Signed-off-by: Yogesh Deshpande <[email protected]>
  • Loading branch information
yogeshbdeshpande committed Dec 2, 2024
1 parent 078aa8b commit ad21e62
Show file tree
Hide file tree
Showing 6 changed files with 291 additions and 7 deletions.
16 changes: 16 additions & 0 deletions comid/tdx-profile/example_pce_refval_test.go
Original file line number Diff line number Diff line change
@@ -0,0 +1,16 @@
package tdx

import "github.com/veraison/corim/comid"

func Example_tdx_pce_refval() {
comid := comid.Comid{}

if err := comid.FromJSON([]byte(TDXPCERefValTemplate)); err != nil {
panic(err)
}

if err := comid.Valid(); err != nil {
panic(err)
}

}
16 changes: 16 additions & 0 deletions comid/tdx-profile/example_qe_refval_test.go
Original file line number Diff line number Diff line change
@@ -0,0 +1,16 @@
package tdx

import "github.com/veraison/corim/comid"

func Example_tdx_qe_refval() {
comid := comid.Comid{}

if err := comid.FromJSON([]byte(TDXQERefValTemplate)); err != nil {
panic(err)
}

if err := comid.Valid(); err != nil {
panic(err)
}

}
16 changes: 16 additions & 0 deletions comid/tdx-profile/example_seam_refval_test.go
Original file line number Diff line number Diff line change
@@ -0,0 +1,16 @@
package tdx

import "github.com/veraison/corim/comid"

func Example_tdx_seam_refval() {
comid := comid.Comid{}

if err := comid.FromJSON([]byte(TDXSeamRefValJSONTemplate)); err != nil {
panic(err)
}

if err := comid.Valid(); err != nil {
panic(err)
}

}
85 changes: 85 additions & 0 deletions comid/tdx-profile/mval_extensions.go
Original file line number Diff line number Diff line change
@@ -0,0 +1,85 @@
package tdx

import (
"encoding/hex"
"fmt"
"log"

"github.com/veraison/corim/comid"
"github.com/veraison/corim/corim"
"github.com/veraison/corim/extensions"
"github.com/veraison/eat"
)

// the struct containing the extensions
type MvalExtensions struct {
// a string field extension
TcbDate *tdate `cbor:"-72,keyasint,omitempty" json:"tcbdate,omitempty"`
IsvSVN *teeSVN `cbor:"-73,keyasint,omitempty" json:"isvsvn,omitempty"`
PCEID *pceID `cbor:"-80,keyasint,omitempty" json:"pceid,omitempty"`
MiscSelect *teeMiscSelect `cbor:"-81,keyasint,omitempty" json:"miscselect,omitempty"`
Attributes *teeAtttributes `cbor:"-82,keyasint,omitempty" json:"attributes,omitempty"`
MrSigner *teeDigest `cbor:"-84,keyasint,omitempty" json:"mrsigner,omitempty"`
IsvProdID *teeIsvProdID `cbor:"-85,keyasint,omitempty" json:"isvprodid,omitempty"`
TcbEvalNum *teeTcbEvalNum `cbor:"-86,keyasint,omitempty" json:"tcbevalnum,omitempty"`
TcbStatus *teeTcbStatus `cbor:"-88,keyasint,omitempty" json:"tcbstatus,omitempty"`
AdvisoryIDs *teeAdvisoryID `cbor:"-89,keyasint,omitempty" json:"advisoryids,omitempty"`
Epoch *epochSeconds `cbor:"-90, keyasint,omitempty" json:"epoch,omitempty"`

TeeCryptoKeys *[]teeCryptoKey `cbor:"-91, keyasint,omitempty" json:"teecryptokeys,omitempty"`
TeeTCBCompSvn *teeTcbCompSvn `cbor:"-125, keyasint,omitempty" json:"teetcbcompsvn,omitempty"`
}

// Registering the profile inside init() in the same file where it is defined
// ensures that the profile will always be available, and you don't need to
// remember to register it at the time you want to use it. The only potential
// danger with that is if the your profile ID clashes with another profile,
// which should not happen if it a registered PEN or a URL containing a domain
// that you own.
func init() {
profileID, err := eat.NewProfile("http://intel.com/tdx-profile")
if err != nil {
panic(err) // will not error, as the hard-coded string above is valid
}

// DO WE HAVE TO HAVE ALL EXTENSIONS UNDER ONE MAP OR I CAN REPEAT THE SAME STATEMENT
// UNDER TWo extMap statements and call RegisterProfile twice?
extMap := extensions.NewMap().
Add(comid.ExtReferenceValue, &MvalExtensions{}).
Add(comid.ExtEndorsedValue, &MvalExtensions{})

if err := corim.RegisterProfile(profileID, extMap); err != nil {
// will not error, assuming our profile ID is unique, and we've
// correctly set up the extensions Map above
panic(err)
}
}

// Now Create CoMID using extensions
func Example_profile_marshal() {

Check failure on line 59 in comid/tdx-profile/mval_extensions.go

View workflow job for this annotation

GitHub Actions / Lint

var-naming: don't use underscores in Go names; func Example_profile_marshal should be ExampleProfileMarshal (revive)
profileID, err := eat.NewProfile("http://intel.com/tdx-profile")
if err != nil {
panic(err)
}

profile, ok := corim.GetProfile(profileID)
if !ok {
log.Fatalf("profile %v not found", profileID)
}
myCorim := profile.GetUnsignedCorim()
myComid := profile.GetComid().SetLanguage("english")
var refVal comid.ValueTriple
refVal.Measurements.Values[0].Val.Extensions.Set("tcbdate", "123")

Check failure on line 72 in comid/tdx-profile/mval_extensions.go

View workflow job for this annotation

GitHub Actions / Lint

Error return value of `.Extensions.Set` is not checked (errcheck)

myComid.Triples.ReferenceValues.Add(&refVal)

myCorim.AddComid(*myComid)

buf, err := myCorim.ToCBOR()
if err != nil {
log.Fatalf("could not encode CoRIM: %v", err)
}

fmt.Printf("corim: %v", hex.EncodeToString(buf))

}
157 changes: 157 additions & 0 deletions comid/tdx-profile/test_vars.go
Original file line number Diff line number Diff line change
@@ -0,0 +1,157 @@
package tdx

var (
TDXPCERefValTemplate = `{
"lang": "en-GB",
"tag-identity": {
"id": "43BBE37F-2E61-4B33-AED3-53CFF1428B17",
"version": 0
},
"entities": [
{
"name": "INTEL",
"regid": "https://intel.com",
"roles": [
"tagCreator",
"creator",
"maintainer"
]
}
],
"triples": {
"reference-values": [
{
"environment": {
"class": {
"id": {
"type": "oid",
"value": "2.16.840.1.113741.1.2.3.4.4"
},
"vendor": "Intel Corporation",
"model": "0123456789ABCDEF"
}
},
"measurements": [
{
"value": {
"attributes": "AwM=",
"tcbevalnum": 5,
"pceid": "0000"
},
"authorized-by": {
"type": "pkix-base64-key",
"value": "-----BEGIN PUBLIC KEY-----\nMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEFn0taoAwR3PmrKkYLtAsD9o05KSM6mbgfNCgpuL0g6VpTHkZl73wk5BDxoV7n+Oeee0iIqkW3HMZT3ETiniJdg==\n-----END PUBLIC KEY-----"
}
}
]
}
]
}
}
`
TDXQERefValTemplate = `{
"lang": "en-GB",
"tag-identity": {
"id": "43BBE37F-2E61-4B33-AED3-53CFF1428B16",
"version": 0
},
"entities": [
{
"name": "INTEL",
"regid": "https://intel.com",
"roles": [
"tagCreator",
"creator",
"maintainer"
]
}
],
"triples": {
"reference-values": [
{
"environment": {
"class": {
"id": {
"type": "uuid",
"value": "DD6661F0-0928-4401-966B-589EA74E3272"
},
"vendor": "Intel Corporation",
"model": "TDX QE TCB"
}
},
"measurements": [
{
"value": {
"attributes": "AwM=",
"tcbevalnum": 11,
"mrsigner": [
"sha-256:h0KPxSKAPTEGXnvOPPA/5HUJZjHl4Hu9eg/eYMTPJcc=",
"sha-512:oxT8LcZjrnpra8Z4dZQFc5bms/VpzVD9XdtNG7r9K2qjFPwtxmOuemtrxnh1lAVzluaz9WnNUP1d200buv0rag=="
],
"isvprodid": 1
},
"authorized-by": {
"type": "pkix-base64-key",
"value": "-----BEGIN PUBLIC KEY-----\nMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEFn0taoAwR3PmrKkYLtAsD9o05KSM6mbgfNCgpuL0g6VpTHkZl73wk5BDxoV7n+Oeee0iIqkW3HMZT3ETiniJdg==\n-----END PUBLIC KEY-----"
}
}
]
}
]
}
}
`
TDXSeamRefValJSONTemplate = ` {
"lang": "en-GB",
"tag-identity": {
"id": "43BBE37F-2E61-4B33-AED3-53CFF1428B20",
"version": 0
},
"entities": [
{
"name": "INTEL",
"regid": "https://intel.com",
"roles": [
"tagCreator",
"creator",
"maintainer"
]
}
],
"triples": {
"reference-values": [
{
"environment": {
"class": {
"id": {
"type": "oid",
"value": "2.16.840.1.113741.1.2.3.4.5"
},
"vendor": "Intel Corporation",
"model": "TDX SEAM"
}
},
"measurements": [
{
"value": {
"isvprodid": 1,
"isvsvn": 10,
"attributes": "AwM=",
"tcbevalnum": 11,
"mrsigner": [
"sha-256:h0KPxSKAPTEGXnvOPPA/5HUJZjHl4Hu9eg/eYMTPJcc=",
"sha-512:oxT8LcZjrnpra8Z4dZQFc5bms/VpzVD9XdtNG7r9K2qjFPwtxmOuemtrxnh1lAVzluaz9WnNUP1d200buv0rag=="
]
},
"authorized-by": {
"type": "pkix-base64-key",
"value": "-----BEGIN PUBLIC KEY-----\nMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEFn0taoAwR3PmrKkYLtAsD9o05KSM6mbgfNCgpuL0g6VpTHkZl73wk5BDxoV7n+Oeee0iIqkW3HMZT3ETiniJdg==\n-----END PUBLIC KEY-----"
}
}
]
}
]
}
}
`
)
8 changes: 1 addition & 7 deletions comid/tdx-profile/types.go
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,6 @@ package tdx

import "github.com/veraison/corim/comid"

// TO DO, check change this later to more expandable type
type numericType uint

type teeModel string

Check failure on line 7 in comid/tdx-profile/types.go

View workflow job for this annotation

GitHub Actions / Lint

type `teeModel` is unused (unused)
Expand Down Expand Up @@ -37,8 +36,7 @@ type teeMiscSelect maskType

type teeAtttributes maskType

// TO DO Check with Ned, why it is NOT UUID but either an Integer or Bstr in the Profile Document
type teeIsvProdID comid.UUID
type teeIsvProdID []byte

// TO DO Change this Instance ID to be a type choice with expression for a []byte
type teeInstanceID uint

Check failure on line 42 in comid/tdx-profile/types.go

View workflow job for this annotation

GitHub Actions / Lint

type `teeInstanceID` is unused (unused)
Expand All @@ -48,7 +46,3 @@ type teeCryptoKey comid.CryptoKey
type teeAdvisoryID setType

type epochTimeStamp tdate

Check failure on line 48 in comid/tdx-profile/types.go

View workflow job for this annotation

GitHub Actions / Lint

type `epochTimeStamp` is unused (unused)

// TO DO Set of Set Type: Where it is used and is it needed, for this profile ...?

// TO DO Check with Ned, What is time? in the CDDL Document, not defined???

0 comments on commit ad21e62

Please sign in to comment.