From 222715571c97cc730519a994733a31903a8afb9e Mon Sep 17 00:00:00 2001 From: Suraj Deshmukh Date: Fri, 26 Jan 2024 01:12:26 +0000 Subject: [PATCH] fixup! verifier-az-cvm-vtpm: Fix tests to updated library --- .../verifier/src/az_snp_vtpm/mod.rs | 19 +++++++++--------- .../verifier/src/az_tdx_vtpm/mod.rs | 12 +++++------ .../test_data/az-snp-vtpm/hcl-report.bin | Bin 3848 -> 2600 bytes .../test_data/az-tdx-vtpm/hcl-report.bin | Bin 3848 -> 2600 bytes 4 files changed, 15 insertions(+), 16 deletions(-) diff --git a/attestation-service/verifier/src/az_snp_vtpm/mod.rs b/attestation-service/verifier/src/az_snp_vtpm/mod.rs index b219cc59ff..015b488187 100644 --- a/attestation-service/verifier/src/az_snp_vtpm/mod.rs +++ b/attestation-service/verifier/src/az_snp_vtpm/mod.rs @@ -135,13 +135,13 @@ mod tests { use super::*; use az_snp_vtpm::vtpm::VerifyError; - const REPORT: &[u8; 3848] = include_bytes!("../../test_data/az-snp-vtpm/hcl-report.bin"); + const REPORT: &[u8; 2600] = include_bytes!("../../test_data/az-snp-vtpm/hcl-report.bin"); const QUOTE: &[u8; 1362] = include_bytes!("../../test_data/az-snp-vtpm/quote.bin"); const REPORT_DATA: &[u8] = "challenge".as_bytes(); #[test] fn test_verify_snp_report() { - let hcl_report = HclReport::new(bincode::deserialize(REPORT).unwrap()).unwrap(); + let hcl_report = HclReport::new(REPORT.to_vec()).unwrap(); let snp_report = hcl_report.try_into().unwrap(); let vcek = Vcek::from_pem(include_str!("../../test_data/az-snp-vtpm/vcek.pem")).unwrap(); let vendor_certs = load_milan_cert_chain().as_ref().unwrap(); @@ -152,8 +152,8 @@ mod tests { fn test_verify_snp_report_failure() { let mut wrong_report = REPORT.clone(); // messing with snp report - wrong_report[0x01ae] = 0; - let hcl_report = HclReport::new(bincode::deserialize(&wrong_report).unwrap()).unwrap(); + wrong_report[0x01a6] = 0; + let hcl_report = HclReport::new(wrong_report.to_vec()).unwrap(); let snp_report = hcl_report.try_into().unwrap(); let vcek = Vcek::from_pem(include_str!("../../test_data/az-snp-vtpm/vcek.pem")).unwrap(); let vendor_certs = load_milan_cert_chain().as_ref().unwrap(); @@ -168,7 +168,7 @@ mod tests { #[test] fn test_verify_report_data() { - let hcl_report = HclReport::new(bincode::deserialize(REPORT).unwrap()).unwrap(); + let hcl_report = HclReport::new(REPORT.to_vec()).unwrap(); let var_data_hash = hcl_report.var_data_sha256(); let snp_report = hcl_report.try_into().unwrap(); verify_report_data(&var_data_hash, &snp_report).unwrap(); @@ -178,7 +178,7 @@ mod tests { fn test_verify_report_data_failure() { let mut wrong_report = REPORT.clone(); wrong_report[0x06e0] += 1; - let hcl_report = HclReport::new(bincode::deserialize(&wrong_report).unwrap()).unwrap(); + let hcl_report = HclReport::new(wrong_report.to_vec()).unwrap(); let var_data_hash = hcl_report.var_data_sha256(); let snp_report = hcl_report.try_into().unwrap(); assert_eq!( @@ -192,7 +192,7 @@ mod tests { #[test] fn test_verify_signature() { let quote: Quote = bincode::deserialize(QUOTE).unwrap(); - let hcl_report = HclReport::new(bincode::deserialize(REPORT).unwrap()).unwrap(); + let hcl_report = HclReport::new(REPORT.to_vec()).unwrap(); verify_signature("e, &hcl_report).unwrap(); } @@ -202,7 +202,7 @@ mod tests { quote[0x030] = 0; let wrong_quote: Quote = bincode::deserialize("e).unwrap(); - let hcl_report = HclReport::new(bincode::deserialize(REPORT).unwrap()).unwrap(); + let hcl_report = HclReport::new(REPORT.to_vec()).unwrap(); assert_eq!( verify_signature(&wrong_quote, &hcl_report) .unwrap_err() @@ -219,8 +219,7 @@ mod tests { let mut wrong_report = REPORT.clone(); // messing with AKpub in var data wrong_report[0x0540] = 0; - let wrong_hcl_report = - HclReport::new(bincode::deserialize(&wrong_report).unwrap()).unwrap(); + let wrong_hcl_report = HclReport::new(wrong_report.to_vec()).unwrap(); assert_eq!( verify_signature("e, &wrong_hcl_report) .unwrap_err() diff --git a/attestation-service/verifier/src/az_tdx_vtpm/mod.rs b/attestation-service/verifier/src/az_tdx_vtpm/mod.rs index c749ade975..a1e367ae8e 100644 --- a/attestation-service/verifier/src/az_tdx_vtpm/mod.rs +++ b/attestation-service/verifier/src/az_tdx_vtpm/mod.rs @@ -99,13 +99,13 @@ mod tests { use az_tdx_vtpm::vtpm::Quote; use az_tdx_vtpm::vtpm::VerifyError; - const REPORT: &[u8; 3848] = include_bytes!("../../test_data/az-tdx-vtpm/hcl-report.bin"); + const REPORT: &[u8; 2600] = include_bytes!("../../test_data/az-tdx-vtpm/hcl-report.bin"); const QUOTE: &[u8; 1362] = include_bytes!("../../test_data/az-tdx-vtpm/quote.bin"); const TD_QUOTE: &[u8; 5006] = include_bytes!("../../test_data/az-tdx-vtpm/td-quote.bin"); #[test] fn test_verify_hcl_var_data() { - let hcl_report = HclReport::new(bincode::deserialize(REPORT).unwrap()).unwrap(); + let hcl_report = HclReport::new(REPORT.to_vec()).unwrap(); let td_quote = parse_tdx_quote(TD_QUOTE).unwrap(); verify_hcl_var_data(&hcl_report, &td_quote).unwrap(); } @@ -114,20 +114,20 @@ mod tests { fn test_verify_hcl_var_data_failure() { let mut wrong_report = REPORT.clone(); wrong_report[0x0880] += 1; - let hcl_report = HclReport::new(bincode::deserialize(&wrong_report).unwrap()).unwrap(); + let hcl_report = HclReport::new(wrong_report.to_vec()).unwrap(); let td_quote = parse_tdx_quote(TD_QUOTE).unwrap(); assert_eq!( verify_hcl_var_data(&hcl_report, &td_quote) .unwrap_err() .to_string(), - "TDX Quote report data mismatch1" + "TDX Quote report data mismatch" ); } #[test] fn test_verify_tpm_signature() { let quote: Quote = bincode::deserialize(QUOTE).unwrap(); - let hcl_report = HclReport::new(bincode::deserialize(REPORT).unwrap()).unwrap(); + let hcl_report = HclReport::new(REPORT.to_vec()).unwrap(); verify_tpm_signature("e, &hcl_report).unwrap(); } @@ -137,7 +137,7 @@ mod tests { quote[0x020] = 0; let wrong_quote: Quote = bincode::deserialize("e).unwrap(); - let hcl_report = HclReport::new(bincode::deserialize(REPORT).unwrap()).unwrap(); + let hcl_report = HclReport::new(REPORT.to_vec()).unwrap(); assert_eq!( verify_tpm_signature(&wrong_quote, &hcl_report) .unwrap_err() diff --git a/attestation-service/verifier/test_data/az-snp-vtpm/hcl-report.bin b/attestation-service/verifier/test_data/az-snp-vtpm/hcl-report.bin index f1d6bf7e467d57d32ba33bdfbbba7e97181962bd..5c58c8dbf99e5ac575621b0994f17a8c70658316 100644 GIT binary patch delta 167 zcmV;Y09gNs9;g(vFbZG+AR4Np8_T4B$-E+Q#4|z(^z3knWTd=KENt+rKs+rsa+9$O zAG6O3AptPOO`KrUywQ*opp0`aAv;#XM7s?#hBXysIe?sGxo0;_*Fzw)!XgEtU7*&t zw#v4XK>-*r>=ajNVt6r5);o_#ME@tm0Le;dCVzAU&4D&-L)qDQR{~xdJNI{;>!zgd VoF#xsvq1xg0h8|z6|>v~R0U{$N5}vG delta 335 zcmZ1>(jmv8!NmXu8xj~5mO84||Lkj(UAfEW!91Rpf2}W_@;o}U0v4=NYz>v1+Bdn8 zQGWA$Mny)0#&d7u^V>H4k-oiwJCtGa{k7G$rC(QC)$<5XQ2ZYy>=7C$s(G(GKkIUW zq@3aU)`=4*N*LHya{qbK+WDfqiBq!Z=lgdHBWD#vsjamYa!C8?_hx_QpQCOm3)km9 m*y%a#mXo=`iOr78^^6l2aBe=plEFH7oj3UaiwFxNFbn~2VUlM6 diff --git a/attestation-service/verifier/test_data/az-tdx-vtpm/hcl-report.bin b/attestation-service/verifier/test_data/az-tdx-vtpm/hcl-report.bin index d50ad822a62bf92c834c48eee51058e1b7474613..daca213c6d61393cbeb75e3a7767c275d68d8f67 100644 GIT binary patch delta 51 zcmV-30L=f09;g(fFbV-6_$+gs4w?q6Q7TMXQf`pAh--KPU`Mf8q~gl(S=)|Tvrr4P J1GC%&R0RjO6+r+1 delta 98 zcmZ1>(jmv8!NmXu3m6sVrkZPgVA`W}DC_;dCc{N%EjX8lZq(2qY~4