diff --git a/Cargo.lock b/Cargo.lock index cbb03b2c..b0321c43 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -852,7 +852,7 @@ dependencies = [ [[package]] name = "sev" -version = "1.2.1" +version = "2.0.0" dependencies = [ "bincode", "bitfield", diff --git a/Cargo.toml b/Cargo.toml index 0bbb8eac..3631d2ce 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "sev" -version = "1.2.1" +version = "2.0.1" authors = [ "Nathaniel McCallum ", "The VirTee Project Developers", diff --git a/src/firmware/guest/types/mod.rs b/src/firmware/guest/types/mod.rs index da31051c..dd6af2df 100644 --- a/src/firmware/guest/types/mod.rs +++ b/src/firmware/guest/types/mod.rs @@ -1,13 +1,7 @@ // SPDX-License-Identifier: Apache-2.0 -#[cfg(feature = "sev")] -mod sev; - #[cfg(feature = "snp")] mod snp; -#[cfg(feature = "sev")] -pub use self::sev::*; - #[cfg(feature = "snp")] pub use self::snp::*; diff --git a/src/firmware/guest/types/sev.rs b/src/firmware/guest/types/sev.rs deleted file mode 100644 index c1a7d3a7..00000000 --- a/src/firmware/guest/types/sev.rs +++ /dev/null @@ -1,71 +0,0 @@ -// SPDX-License-Identifier: Apache-2.0 - -#[cfg(feature = "openssl")] -use std::convert::TryInto; - -use crate::certs::snp::ecdsa::Signature; - -#[cfg(feature = "openssl")] -use crate::certs::sev::{ - sev::{Certificate, Usage}, - PublicKey, Verifiable, -}; - -#[cfg(feature = "openssl")] -use openssl::{ec::EcKey, ecdsa::EcdsaSig, pkey::Public}; -use serde::{Deserialize, Serialize}; - -const MNONCE_SIZE: usize = 128 / 8; -const DIGEST_SIZE: usize = 256 / 8; -const POLICY_SIZE: usize = 32 / 8; -const POLICY_OFFSET: usize = MNONCE_SIZE + DIGEST_SIZE; -const MEASURABLE_BYTES: usize = MNONCE_SIZE + DIGEST_SIZE + POLICY_SIZE; - -/// An attestation report structure. -#[derive(Default, Serialize, Deserialize)] -#[repr(C)] -pub struct LegacyAttestationReport { - /// 128-bit Nonce from the Command Buffer. - pub mnonce: [u8; MNONCE_SIZE], // 0x00 - /// SHA-256 digest of launched guest. - pub launch_digest: [u8; POLICY_SIZE], // 0x10 - /// Policy guest was launched with. - pub policy: u32, // 0x30 - /// Key usage of SIG1 signing key. - pub sig_usage: u32, // 0x34 - /// Signature Algorithm - pub sig_algo: u32, // 0x38 - /// Reserved - _reserved_0: u32, // 0x3C - /// Signature of the report. - // #[serde(with = "BigArray")] - // pub signature: [u8; 144], // 0x40 - 0xCF - pub signature: Signature, -} - -impl LegacyAttestationReport { - /// Provides the measured bytes of the report. This should include bits 0x0 - 0x34 inclusively. - pub fn measurable_bytes(&self) -> [u8; MEASURABLE_BYTES] { - let mut bytes: [u8; MEASURABLE_BYTES] = [0; 52]; - bytes[0..MNONCE_SIZE].copy_from_slice(&self.mnonce); - bytes[MNONCE_SIZE..POLICY_OFFSET].copy_from_slice(&self.launch_digest); - bytes[POLICY_OFFSET..].copy_from_slice(&self.policy.to_ne_bytes()); - bytes - } -} - -#[cfg(all(feature = "sev", feature = "openssl"))] -impl Verifiable for (&Certificate, &LegacyAttestationReport) { - type Output = (); - - fn verify(self) -> std::io::Result { - let sev_pub_key: PublicKey = self.0.try_into()?; - let pub_key: &EcKey = &sev_pub_key.ec_key()?; - - let sig: EcdsaSig = (&self.1.signature).try_into()?; - - sig.verify(&self.1.measurable_bytes(), pub_key)?; - - Ok(()) - } -} diff --git a/src/firmware/host/types/sev.rs b/src/firmware/host/types/sev.rs index 1c0c72ad..e0add3be 100644 --- a/src/firmware/host/types/sev.rs +++ b/src/firmware/host/types/sev.rs @@ -6,8 +6,29 @@ pub use crate::firmware::linux::host::types::PlatformStatusFlags; use crate::{firmware::host::State, Build}; +#[cfg(feature = "openssl")] +use std::convert::TryInto; + +#[cfg(feature = "openssl")] +use crate::certs::sev::{ + sev::{Certificate, Usage}, + PublicKey, Verifiable, +}; + +#[cfg(feature = "openssl")] +use openssl::{ec::EcKey, ecdsa::EcdsaSig, pkey::Public}; + +use crate::certs::snp::ecdsa::Signature; +use serde::{Deserialize, Serialize}; + use std::fmt::Debug; +const MNONCE_SIZE: usize = 128 / 8; +const DIGEST_SIZE: usize = 256 / 8; +const POLICY_SIZE: usize = 32 / 8; +const POLICY_OFFSET: usize = MNONCE_SIZE + DIGEST_SIZE; +const MEASURABLE_BYTES: usize = MNONCE_SIZE + DIGEST_SIZE + POLICY_SIZE; + /// Information regarding the SEV platform's current status. #[derive(Clone, Debug, PartialEq, Eq)] pub struct Status { @@ -26,3 +47,52 @@ pub struct Status { /// The number of valid guests supervised by this platform. pub guests: u32, } + +/// An attestation report structure. +#[derive(Default, Serialize, Deserialize)] +#[repr(C)] +pub struct LegacyAttestationReport { + /// 128-bit Nonce from the Command Buffer. + pub mnonce: [u8; MNONCE_SIZE], // 0x00 + /// SHA-256 digest of launched guest. + pub launch_digest: [u8; POLICY_SIZE], // 0x10 + /// Policy guest was launched with. + pub policy: u32, // 0x30 + /// Key usage of SIG1 signing key. + pub sig_usage: u32, // 0x34 + /// Signature Algorithm + pub sig_algo: u32, // 0x38 + /// Reserved + _reserved_0: u32, // 0x3C + /// Signature of the report. + // #[serde(with = "BigArray")] + // pub signature: [u8; 144], // 0x40 - 0xCF + pub signature: Signature, +} + +impl LegacyAttestationReport { + /// Provides the measured bytes of the report. This should include bits 0x0 - 0x34 inclusively. + pub fn measurable_bytes(&self) -> [u8; MEASURABLE_BYTES] { + let mut bytes: [u8; MEASURABLE_BYTES] = [0; 52]; + bytes[0..MNONCE_SIZE].copy_from_slice(&self.mnonce); + bytes[MNONCE_SIZE..POLICY_OFFSET].copy_from_slice(&self.launch_digest); + bytes[POLICY_OFFSET..].copy_from_slice(&self.policy.to_ne_bytes()); + bytes + } +} + +#[cfg(feature = "openssl")] +impl Verifiable for (&Certificate, &LegacyAttestationReport) { + type Output = (); + + fn verify(self) -> std::io::Result { + let sev_pub_key: PublicKey = self.0.try_into()?; + let pub_key: &EcKey = &sev_pub_key.ec_key()?; + + let sig: EcdsaSig = (&self.1.signature).try_into()?; + + sig.verify(&self.1.measurable_bytes(), pub_key)?; + + Ok(()) + } +}