From bf3b9755959a95cf7889fdcc7ae9ee44a05f1849 Mon Sep 17 00:00:00 2001 From: "Yang, Longlong" Date: Mon, 9 Oct 2023 21:26:36 -0400 Subject: [PATCH] add support to export the full transcript (VCA + message_m) for GET_MEASUREMENT. fix #29 Signed-off-by: Yang, Longlong --- fuzz-target/random_requester/src/main.rs | 5 ++++ .../requester/measurement_req/src/main.rs | 25 +++++++++++++++++ spdmlib/src/requester/get_measurements_req.rs | 28 +++++++++++++++++++ test/spdm-requester-emu/src/main.rs | 18 ++++++++++++ .../src/requester_tests/get_digests_req.rs | 5 ++++ .../requester_tests/get_measurements_req.rs | 22 +++++++++++++++ 6 files changed, 103 insertions(+) diff --git a/fuzz-target/random_requester/src/main.rs b/fuzz-target/random_requester/src/main.rs index ace3de2f..b55126bf 100644 --- a/fuzz-target/random_requester/src/main.rs +++ b/fuzz-target/random_requester/src/main.rs @@ -99,6 +99,9 @@ async fn run_spdm(spdm: Vec) { let mut total_number = 0; let mut spdm_measurement_record_structure = SpdmMeasurementRecordStructure::default(); + let mut transcript_vca = None; + let mut transcript_meas = None; + if requester .send_receive_spdm_measurement( None, @@ -107,6 +110,8 @@ async fn run_spdm(spdm: Vec) { SpdmMeasurementOperation::SpdmMeasurementRequestAll, &mut total_number, &mut spdm_measurement_record_structure, + &mut transcript_vca, + &mut transcript_meas, ) .await .is_err() diff --git a/fuzz-target/requester/measurement_req/src/main.rs b/fuzz-target/requester/measurement_req/src/main.rs index c9b25e4c..2b297b92 100644 --- a/fuzz-target/requester/measurement_req/src/main.rs +++ b/fuzz-target/requester/measurement_req/src/main.rs @@ -67,6 +67,9 @@ async fn fuzz_send_receive_spdm_measurement(fuzzdata: Arc>) { let mut total_number = 0; let mut spdm_measurement_record_structure = SpdmMeasurementRecordStructure::default(); + let mut transcript_vca = None; + let mut transcript_meas = None; + let _ = requester .send_receive_spdm_measurement( None, @@ -75,6 +78,8 @@ async fn fuzz_send_receive_spdm_measurement(fuzzdata: Arc>) { SpdmMeasurementOperation::SpdmMeasurementRequestAll, &mut total_number, &mut spdm_measurement_record_structure, + &mut transcript_vca, + &mut transcript_meas, ) .await; } @@ -120,6 +125,9 @@ async fn fuzz_send_receive_spdm_measurement(fuzzdata: Arc>) { let mut total_number = 0; let mut spdm_measurement_record_structure = SpdmMeasurementRecordStructure::default(); + let mut transcript_vca = None; + let mut transcript_meas = None; + let _ = requester .send_receive_spdm_measurement( None, @@ -128,6 +136,8 @@ async fn fuzz_send_receive_spdm_measurement(fuzzdata: Arc>) { SpdmMeasurementOperation::SpdmMeasurementQueryTotalNumber, &mut total_number, &mut spdm_measurement_record_structure, + &mut transcript_vca, + &mut transcript_meas, ) .await; } @@ -174,6 +184,9 @@ async fn fuzz_send_receive_spdm_measurement(fuzzdata: Arc>) { let mut total_number = 0; let mut spdm_measurement_record_structure = SpdmMeasurementRecordStructure::default(); + let mut transcript_vca = None; + let mut transcript_meas = None; + let _ = requester .send_receive_spdm_measurement( None, @@ -182,6 +195,8 @@ async fn fuzz_send_receive_spdm_measurement(fuzzdata: Arc>) { SpdmMeasurementOperation::SpdmMeasurementQueryTotalNumber, &mut total_number, &mut spdm_measurement_record_structure, + &mut transcript_vca, + &mut transcript_meas, ) .await; } @@ -228,6 +243,9 @@ async fn fuzz_send_receive_spdm_measurement(fuzzdata: Arc>) { let mut total_number = 0; let mut spdm_measurement_record_structure = SpdmMeasurementRecordStructure::default(); + let mut transcript_vca = None; + let mut transcript_meas = None; + let _ = requester .send_receive_spdm_measurement( None, @@ -236,6 +254,8 @@ async fn fuzz_send_receive_spdm_measurement(fuzzdata: Arc>) { SpdmMeasurementOperation::Unknown(4), &mut total_number, &mut spdm_measurement_record_structure, + &mut transcript_vca, + &mut transcript_meas, ) .await; } @@ -310,6 +330,9 @@ async fn fuzz_send_receive_spdm_measurement(fuzzdata: Arc>) { requester.common.reset_runtime_info(); let mut total_number = 0; let mut spdm_measurement_record_structure = SpdmMeasurementRecordStructure::default(); + let mut transcript_vca = None; + let mut transcript_meas = None; + let _ = requester .send_receive_spdm_measurement( Some(4294836221), @@ -318,6 +341,8 @@ async fn fuzz_send_receive_spdm_measurement(fuzzdata: Arc>) { SpdmMeasurementOperation::SpdmMeasurementRequestAll, &mut total_number, &mut spdm_measurement_record_structure, + &mut transcript_vca, + &mut transcript_meas, ) .await; } diff --git a/spdmlib/src/requester/get_measurements_req.rs b/spdmlib/src/requester/get_measurements_req.rs index 990b1516..5a9e211b 100644 --- a/spdmlib/src/requester/get_measurements_req.rs +++ b/spdmlib/src/requester/get_measurements_req.rs @@ -15,20 +15,28 @@ use crate::protocol::*; use crate::requester::*; impl RequesterContext { + #[allow(clippy::too_many_arguments)] async fn send_receive_spdm_measurement_record( &mut self, session_id: Option, measurement_attributes: SpdmMeasurementAttributes, measurement_operation: SpdmMeasurementOperation, spdm_measurement_record_structure: &mut SpdmMeasurementRecordStructure, + transcript_vca: &mut Option, + transcript_meas: &mut Option, slot_id: u8, ) -> SpdmResult { + if transcript_meas.is_none() { + *transcript_meas = Some(ManagedBufferM::default()); + } + let result = self .delegate_send_receive_spdm_measurement_record( session_id, measurement_attributes, measurement_operation, spdm_measurement_record_structure, + transcript_meas, slot_id, ) .await; @@ -36,7 +44,11 @@ impl RequesterContext { if let Err(e) = result { if e != SPDM_STATUS_NOT_READY_PEER { self.common.reset_message_m(session_id); + *transcript_vca = None; + *transcript_meas = None; } + } else { + *transcript_vca = Some(self.common.runtime_info.message_a.clone()); } result @@ -48,6 +60,7 @@ impl RequesterContext { measurement_attributes: SpdmMeasurementAttributes, measurement_operation: SpdmMeasurementOperation, spdm_measurement_record_structure: &mut SpdmMeasurementRecordStructure, + transcript_meas: &mut Option, slot_id: u8, ) -> SpdmResult { info!("send spdm measurement\n"); @@ -85,6 +98,7 @@ impl RequesterContext { spdm_measurement_record_structure, &send_buffer[..send_used], &receive_buffer[..used], + transcript_meas, ) } @@ -126,6 +140,7 @@ impl RequesterContext { spdm_measurement_record_structure: &mut SpdmMeasurementRecordStructure, send_buffer: &[u8], receive_buffer: &[u8], + transcript_meas: &mut Option, ) -> SpdmResult { self.common.runtime_info.need_measurement_signature = measurement_attributes.contains(SpdmMeasurementAttributes::SIGNATURE_REQUESTED); @@ -173,6 +188,14 @@ impl RequesterContext { self.common.append_message_m(session_id, send_buffer)?; self.common .append_message_m(session_id, &receive_buffer[..temp_used])?; + if let Some(ret_message_m) = transcript_meas { + ret_message_m + .append_message(send_buffer) + .ok_or(SPDM_STATUS_BUFFER_FULL)?; + ret_message_m + .append_message(&receive_buffer[..temp_used]) + .ok_or(SPDM_STATUS_BUFFER_FULL)?; + } // verify signature if measurement_attributes @@ -228,6 +251,7 @@ impl RequesterContext { } } + #[allow(clippy::too_many_arguments)] pub async fn send_receive_spdm_measurement( &mut self, session_id: Option, @@ -237,6 +261,8 @@ impl RequesterContext { out_total_number: &mut u8, // out, total number when measurement_operation = SpdmMeasurementQueryTotalNumber // number of blocks got measured. spdm_measurement_record_structure: &mut SpdmMeasurementRecordStructure, // out + transcript_vca: &mut Option, // out + transcript_meas: &mut Option, // out ) -> SpdmResult { *out_total_number = self .send_receive_spdm_measurement_record( @@ -244,6 +270,8 @@ impl RequesterContext { spdm_measuremente_attributes, measurement_operation, spdm_measurement_record_structure, + transcript_vca, + transcript_meas, slot_id, ) .await?; diff --git a/test/spdm-requester-emu/src/main.rs b/test/spdm-requester-emu/src/main.rs index ce4ddb9e..2f66987b 100644 --- a/test/spdm-requester-emu/src/main.rs +++ b/test/spdm-requester-emu/src/main.rs @@ -257,6 +257,9 @@ async fn test_spdm( let mut total_number: u8 = 0; let mut spdm_measurement_record_structure = SpdmMeasurementRecordStructure::default(); + let mut transcript_vca = None; + let mut transcript_meas = None; + if context .send_receive_spdm_measurement( None, @@ -265,6 +268,8 @@ async fn test_spdm( SpdmMeasurementOperation::SpdmMeasurementRequestAll, &mut total_number, &mut spdm_measurement_record_structure, + &mut transcript_vca, + &mut transcript_meas, ) .await .is_err() @@ -272,6 +277,10 @@ async fn test_spdm( panic!("send_receive_spdm_measurement failed!"); } + if transcript_vca.is_none() || transcript_meas.is_none() { + panic!("get VCA + message_m from send_receive_spdm_measurement failed!"); + } + let result = context .start_session( false, @@ -318,6 +327,9 @@ async fn test_spdm( panic!("send_receive_spdm_key_update failed"); } + let mut transcript_vca = None; + let mut transcript_meas = None; + if context .send_receive_spdm_measurement( Some(session_id), @@ -326,6 +338,8 @@ async fn test_spdm( SpdmMeasurementOperation::SpdmMeasurementQueryTotalNumber, &mut total_number, &mut spdm_measurement_record_structure, + &mut transcript_vca, + &mut transcript_meas, ) .await .is_err() @@ -333,6 +347,10 @@ async fn test_spdm( panic!("send_receive_spdm_measurement failed"); } + if transcript_vca.is_none() || transcript_meas.is_none() { + panic!("get VCA + message_m from send_receive_spdm_measurement failed!"); + } + if context .send_receive_spdm_digest(Some(session_id)) .await diff --git a/test/spdmlib-test/src/requester_tests/get_digests_req.rs b/test/spdmlib-test/src/requester_tests/get_digests_req.rs index 0ddaeab3..40420b87 100644 --- a/test/spdmlib-test/src/requester_tests/get_digests_req.rs +++ b/test/spdmlib-test/src/requester_tests/get_digests_req.rs @@ -287,6 +287,9 @@ fn issue_other_request_before_vca_negotiated() { let measurement_operation = SpdmMeasurementOperation::SpdmMeasurementQueryTotalNumber; let mut total_number: u8 = 0; let mut spdm_measurement_record_structure = SpdmMeasurementRecordStructure::default(); + let mut transcript_vca = None; + let mut transcript_meas = None; + let result = requester .send_receive_spdm_measurement( None, @@ -295,6 +298,8 @@ fn issue_other_request_before_vca_negotiated() { measurement_operation, &mut total_number, &mut spdm_measurement_record_structure, + &mut transcript_vca, + &mut transcript_meas, ) .await; assert!( diff --git a/test/spdmlib-test/src/requester_tests/get_measurements_req.rs b/test/spdmlib-test/src/requester_tests/get_measurements_req.rs index 87a7f2b9..96a45386 100644 --- a/test/spdmlib-test/src/requester_tests/get_measurements_req.rs +++ b/test/spdmlib-test/src/requester_tests/get_measurements_req.rs @@ -120,6 +120,9 @@ fn test_case0_send_receive_spdm_measurement() { let measurement_operation = SpdmMeasurementOperation::SpdmMeasurementQueryTotalNumber; let mut total_number: u8 = 0; let mut spdm_measurement_record_structure = SpdmMeasurementRecordStructure::default(); + let mut transcript_vca = None; + let mut transcript_meas = None; + let status = requester .send_receive_spdm_measurement( None, @@ -128,12 +131,17 @@ fn test_case0_send_receive_spdm_measurement() { measurement_operation, &mut total_number, &mut spdm_measurement_record_structure, + &mut transcript_vca, + &mut transcript_meas, ) .await .is_ok(); assert!(status); let measurement_operation = SpdmMeasurementOperation::SpdmMeasurementRequestAll; + let mut transcript_vca = None; + let mut transcript_meas = None; + let status = requester .send_receive_spdm_measurement( None, @@ -142,12 +150,17 @@ fn test_case0_send_receive_spdm_measurement() { measurement_operation, &mut total_number, &mut spdm_measurement_record_structure, + &mut transcript_vca, + &mut transcript_meas, ) .await .is_ok(); assert!(status); let measurement_operation = SpdmMeasurementOperation::Unknown(1); + let mut transcript_vca = None; + let mut transcript_meas = None; + let status = requester .send_receive_spdm_measurement( None, @@ -156,12 +169,17 @@ fn test_case0_send_receive_spdm_measurement() { measurement_operation, &mut total_number, &mut spdm_measurement_record_structure, + &mut transcript_vca, + &mut transcript_meas, ) .await .is_ok(); assert!(status); let measurement_operation = SpdmMeasurementOperation::Unknown(5); + let mut transcript_vca = None; + let mut transcript_meas = None; + let status = requester .send_receive_spdm_measurement( None, @@ -170,6 +188,8 @@ fn test_case0_send_receive_spdm_measurement() { measurement_operation, &mut total_number, &mut spdm_measurement_record_structure, + &mut transcript_vca, + &mut transcript_meas, ) .await .is_err(); @@ -352,6 +372,7 @@ fn test_handle_spdm_measurement_record_response() { let session_id = None; let mut spdm_measurement_record_structure = SpdmMeasurementRecordStructure::default(); let send_buffer = [0u8; MAX_SPDM_MSG_SIZE]; + let mut transcript_meas = None; let result = requester.handle_spdm_measurement_record_response( session_id, tc.request_slot_id, @@ -360,6 +381,7 @@ fn test_handle_spdm_measurement_record_response() { &mut spdm_measurement_record_structure, &send_buffer, &*tc.receive_buffer, + &mut transcript_meas, ); assert!( result == tc.expected_result,