From 0ebbb334992fc40862f75db27eb0b457b37797a1 Mon Sep 17 00:00:00 2001 From: Yogesh Deshpande Date: Fri, 26 Jan 2024 14:45:04 -0500 Subject: [PATCH] [WIP] Add Integrity Registers Signed-off-by: Yogesh Deshpande --- comid/integregisters.go | 47 +++++++++++++++++++++++++++++++++++ comid/integregisters_test.go | 48 ++++++++++++++++++++++++++++++++++++ comid/measurement.go | 2 +- 3 files changed, 96 insertions(+), 1 deletion(-) create mode 100644 comid/integregisters.go create mode 100644 comid/integregisters_test.go diff --git a/comid/integregisters.go b/comid/integregisters.go new file mode 100644 index 00000000..7181e3ed --- /dev/null +++ b/comid/integregisters.go @@ -0,0 +1,47 @@ +// Copyright 2024 Contributors to the Veraison project. +// SPDX-License-Identifier: Apache-2.0 +package comid + +import ( + "fmt" + + "github.com/veraison/swid" +) + +// IRegisterIndex is the interface that must be implemented by a;; RegisterValues. +type IRegisterIndex interface{} + +type IntegReg struct { + register map[IRegisterIndex]Digests +} + +func NewIntegRegister() (*IntegReg, error) { + reg := make(map[IRegisterIndex]Digests) + return &IntegReg{register: reg}, nil +} + +func (i *IntegReg) AddDigest(index IRegisterIndex, digest swid.HashEntry) error { + switch t := index.(type) { + case string, uint, int, uint64: + digests, _ := i.register[t] + digests = append(digests, digest) + i.register[t] = digests + + default: + return fmt.Errorf("unexpected type for int: %T", t) + } + return nil +} + +func (i *IntegReg) RemoveDigest(index IRegisterIndex, digest swid.HashEntry) error { + + return nil +} + +func (o IntegReg) MarshalCBOR() ([]byte, error) { + return em.Marshal(o.register) +} + +func (o *IntegReg) UnMarshalCBOR(data []byte) error { + return dm.Unmarshal(data, &o.register) +} diff --git a/comid/integregisters_test.go b/comid/integregisters_test.go new file mode 100644 index 00000000..23ec2ff6 --- /dev/null +++ b/comid/integregisters_test.go @@ -0,0 +1,48 @@ +// Copyright 2024 Contributors to the Veraison project. +// SPDX-License-Identifier: Apache-2.0 + +package comid + +import ( + "fmt" + "testing" + + "github.com/stretchr/testify/require" + "github.com/veraison/swid" +) + +func TestIntegRegister_MarshalCBOR_OK(t *testing.T) { + bank, err := NewIntegRegister() + require.NoError(t, err) + + entry := &swid.HashEntry{} + + hash := []byte("124354658697908012435465869790801243546586979080") + err = entry.Set(swid.Sha384, hash) + require.NoError(t, err) + err = bank.AddDigest(0, *entry) + + require.NoError(t, err) + err = bank.AddDigest(1, *entry) + require.NoError(t, err) + err = bank.AddDigest(2, *entry) + require.NoError(t, err) + hash1 := []byte("124354658697908012435465869790801243546586979090") + err = entry.Set(swid.Sha384, hash1) + require.NoError(t, err) + err = bank.AddDigest(0, *entry) + require.NoError(t, err) + bytes, err := bank.MarshalCBOR() + require.NoError(t, err) + fmt.Printf("CBOR Payload = %x", bytes) + +} + +func TestINtegRegister_UnMarshalCBOR_OK(t *testing.T) { + bstr := MustHexDecode(nil, `a302818207583031323433353436353836393739303830313234333534363538363937393038303132343335343635383639373930383000828207583031323433353436353836393739303830313234333534363538363937393038303132343335343635383639373930383082075830313234333534363538363937393038303132343335343635383639373930383031323433353436353836393739303930018182075830313234333534363538363937393038303132343335343635383639373930383031323433353436353836393739303830`) + bank, err := NewIntegRegister() + require.NoError(t, err) + err = bank.UnMarshalCBOR(bstr) + require.NoError(t, err) + +} diff --git a/comid/measurement.go b/comid/measurement.go index f942855a..af224d16 100644 --- a/comid/measurement.go +++ b/comid/measurement.go @@ -310,7 +310,7 @@ type Mval struct { SerialNumber *string `cbor:"8,keyasint,omitempty" json:"serial-number,omitempty"` UEID *eat.UEID `cbor:"9,keyasint,omitempty" json:"ueid,omitempty"` UUID *UUID `cbor:"10,keyasint,omitempty" json:"uuid,omitempty"` - + IntegReg *IntegReg `cbor:"14,keyasint,omitempty" json:"integ-reg,omitempty"` Extensions }