Add verify cert callback function for DiceTcbInfo.

Refer the spec https://trustedcomputinggroup.org/resource/dice-attestation-architecture/ add verify cert callback function for Cert extentison DiceTcbInfo check. Signed-off-by: Wenxing Hou <[email protected]>
DMTF · Apr 30, 2024 · c1c1faa · c1c1faa
1 parent 828ef62
commit c1c1faa
Show file tree

Hide file tree

Showing 6 changed files with 552 additions and 0 deletions.
diff --git a/CMakeLists.txt b/CMakeLists.txt
@@ -940,6 +940,7 @@ else()
             ADD_SUBDIRECTORY(unit_test/test_spdm_fips)
             ADD_SUBDIRECTORY(unit_test/test_spdm_secured_message)
             ADD_SUBDIRECTORY(unit_test/test_spdm_vendor_cmds)
+            ADD_SUBDIRECTORY(unit_test/test_spdm_callback)
             endif()
 
             if((NOT TOOLCHAIN STREQUAL "ARM_DS2022") AND (NOT TOOLCHAIN STREQUAL "RISCV_XPACK"))

diff --git a/unit_test/spdm_unit_test_common/spdm_unit_test.h b/unit_test/spdm_unit_test_common/spdm_unit_test.h
@@ -161,4 +161,39 @@ typedef enum
 void libspdm_force_error (libspdm_error_target_t target);
 void libspdm_release_error (libspdm_error_target_t target);
 
+/**
+ * The callback function for verifying cert_chain DiceTcbInfo extension.
+ *
+ * @param  spdm_context            A pointer to the SPDM context.
+ * @param  slot_id                 The number of slot for the certificate chain.
+ *                                 This params is not uesed, just for compatible in this function.
+ * @param  cert_chain_size         size in bytes of the certificate chain buffer.
+ * @param  cert_chain              Certificate chain buffer including spdm_cert_chain_t header.
+ * @param  trust_anchor            A buffer to hold the trust_anchor which is used to validate the peer certificate, if not NULL.
+ * @param  trust_anchor_size       A buffer to hold the trust_anchor_size, if not NULL.
+ *
+ * @retval true  The certificate chain buffer DiceTcbInfo extension verification passed.
+ * @retval false The certificate chain buffer DiceTcbInfo extension verification failed.
+ **/
+bool libspdm_verify_spdm_cert_chain_with_dice(void *spdm_context, uint8_t slot_id,
+                                              size_t cert_chain_size, const void *cert_chain,
+                                              const void **trust_anchor,
+                                              size_t *trust_anchor_size);
+
+/**
+ * verify cert DiceTcbInfo extension.
+ *
+ * @param[in]      cert                         Pointer to the DER-encoded X509 certificate.
+ * @param[in]      cert_size                    Size of the X509 certificate in bytes.
+ * @param[in, out] spdm_get_dice_tcb_info_size  DiceTcbInfo Extension bytes size.
+ *
+ * @retval true   If the returned spdm_get_dice_tcb_info_size == 0, it means that cert is valid, but cert doesn't have DiceTcbInfo extension;
+ *                If the returned spdm_get_dice_tcb_info_size != 0, it means that cert is valid, and the DiceTcbInfo extension is found;
+ *                                                                  And the cert DiceTcbInfo extension includes all fields in the reference TcbInfo.
+ * @retval false  If the returned spdm_get_dice_tcb_info_size == 0, it means that cert are invalid;
+ *                If the returned spdm_get_dice_tcb_info_size != 0, it means that cert is valid, and the DiceTcbInfo extension is found;
+ *                                                                  But the cert DiceTcbInfo extension doesn't include all fields in the reference TcbInfo.
+ **/
+bool libspdm_verify_cert_dicetcbinfo(const void *cert, size_t cert_size,
+                                     size_t *spdm_get_dice_tcb_info_size);
 #endif
diff --git a/unit_test/test_spdm_callback/CMakeLists.txt b/unit_test/test_spdm_callback/CMakeLists.txt
@@ -0,0 +1,59 @@
+cmake_minimum_required(VERSION 2.8.12)
+
+INCLUDE_DIRECTORIES(${LIBSPDM_DIR}/include
+                    ${LIBSPDM_DIR}/unit_test/include
+                    ${LIBSPDM_DIR}/os_stub/spdm_device_secret_lib_sample
+                    ${LIBSPDM_DIR}/unit_test/cmockalib/cmocka/include
+                    ${LIBSPDM_DIR}/unit_test/cmockalib/cmocka/include/cmockery
+                    ${LIBSPDM_DIR}/unit_test/spdm_unit_test_common
+                    ${LIBSPDM_DIR}/os_stub/include
+                    ${LIBSPDM_DIR}/os_stub
+)
+
+if(CMAKE_SYSTEM_NAME MATCHES "Windows")
+    if((TOOLCHAIN STREQUAL "VS2015") OR (TOOLCHAIN STREQUAL "VS2019") OR (TOOLCHAIN STREQUAL "VS2022"))
+        ADD_COMPILE_OPTIONS(/wd4819)
+    endif()
+endif()
+
+SET(src_test_spdm_callback
+    test_spdm_callback.c
+    spdm_cert_verify_callback.c
+    ${LIBSPDM_DIR}/unit_test/spdm_unit_test_common/support.c
+    ${LIBSPDM_DIR}/unit_test/spdm_unit_test_common/algo.c
+)
+
+SET(test_spdm_callback_LIBRARY
+    memlib
+    debuglib
+    spdm_crypt_lib
+    ${CRYPTO_LIB_PATHS}
+    cryptlib_${CRYPTO}
+    rnglib
+    malloclib
+    cmockalib
+    spdm_device_secret_lib_sample
+    spdm_crypt_ext_lib
+    spdm_common_lib
+    spdm_secured_message_lib
+)
+
+if(TOOLCHAIN STREQUAL "ARM_DS2022")
+    SET(test_spdm_callback_LIBRARY ${test_spdm_callback_LIBRARY} armbuild_lib)
+endif()
+
+if((TOOLCHAIN STREQUAL "KLEE") OR (TOOLCHAIN STREQUAL "CBMC"))
+    ADD_EXECUTABLE(test_spdm_callback
+                   ${src_test_spdm_callback}
+                   $<TARGET_OBJECTS:memlib>
+                   $<TARGET_OBJECTS:debuglib>
+                   $<TARGET_OBJECTS:spdm_crypt_lib>
+                   $<TARGET_OBJECTS:${CRYPTO_LIB_PATHS}>
+                   $<TARGET_OBJECTS:rnglib>
+                   $<TARGET_OBJECTS:cryptlib_${CRYPTO}>
+                   $<TARGET_OBJECTS:malloclib>
+    )
+else()
+    ADD_EXECUTABLE(test_spdm_callback ${src_test_spdm_callback})
+    TARGET_LINK_LIBRARIES(test_spdm_callback ${test_spdm_callback_LIBRARY})
+endif()
diff --git a/unit_test/test_spdm_callback/README.md b/unit_test/test_spdm_callback/README.md
@@ -0,0 +1,34 @@
+## This is reference implementation to verify CertChain DiceTcbInfo extension.
+
+### DiceTcbInfo extension Spec
+[DICE Attestation Architecture](https://trustedcomputinggroup.org/wp-content/uploads/DICE-Attestation-Architecture-Version-1.1-Revision-18_pub.pdf)
+
+### Implementation Assumption
+   1) **Reference TcbInfo.**
+
+      - Only one reference TcbInfo entry is provided by the integrator. (Multiple reference TcbInfo is NOT supported in this Implementation.)
+   2) **Reported TcbInfo**
+
+      - Reported TcbInfo must be in at least one certificate.
+      - If none of the certificates includes TcbInfo, the verification must fail.
+   3) **TcbInfo Matching**
+
+      - At least one reported TcbInfo must fully match the reference TcbInfo.
+      - If none of the reported TcbInfos matches all fields in the reference TcbInfo, the verification must fail.
+      - Once one of the reported TcbInfo fully matches, the verification must pass and the rests of reported TcbInfo must be ignored.
+   4) **TcbInfo Field**
+
+      - The reported TcbInfo must include all fields in the reference TcbInfo. If a field in the reference TcbInfo does not exist in the reported  TcbInfo, the verification must fail.
+      - The reported TcbInfo could include more fields which do not exist in the reference TcbInfo. The extra fields in the reported TcbInfo must be ignored and NOT validated, and they must not impact the final result.
+
+
+### Note
+   1) The implementaion is just for Openssl Crypto Library.
+   2) To verify the CertChain DiceTcbInfo extension, please use the following command to build.
+   ```
+   cmake -G"NMake Makefiles" -DARCH=x64 -DTOOLCHAIN=VS2019 -DTARGET=Debug -DCRYPTO=openssl -DX509_IGNORE_CRITICAL=ON ..
+   ```
+
+   ```
+   cmake -G"NMake Makefiles" -DARCH=x64 -DTOOLCHAIN=VS2019 -DTARGET=Release -DCRYPTO=openssl -DX509_IGNORE_CRITICAL=ON ..
+   ```