• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 // Copyright 2023, The Android Open Source Project
2 //
3 // Licensed under the Apache License, Version 2.0 (the "License");
4 // you may not use this file except in compliance with the License.
5 // You may obtain a copy of the License at
6 //
7 //     http://www.apache.org/licenses/LICENSE-2.0
8 //
9 // Unless required by applicable law or agreed to in writing, software
10 // distributed under the License is distributed on an "AS IS" BASIS,
11 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 // See the License for the specific language governing permissions and
13 // limitations under the License.
14 
15 //! This module implements a retry version for multiple DICE functions that
16 //! require preallocated output buffer. As the retry functions require
17 //! memory allocation on heap, currently we only expose these functions in
18 //! std environment.
19 
20 use crate::bcc::{bcc_format_config_descriptor, bcc_main_flow};
21 use crate::dice::{
22     dice_main_flow, Cdi, CdiValues, DiceArtifacts, InputValues, CDI_SIZE, PRIVATE_KEY_SEED_SIZE,
23 };
24 use crate::error::{DiceError, Result};
25 use crate::ops::generate_certificate;
26 use std::ffi::CStr;
27 
28 /// Artifacts stores a set of dice artifacts comprising CDI_ATTEST, CDI_SEAL,
29 /// and the BCC formatted attestation certificate chain.
30 /// As we align with the DICE standards today, this is the certificate chain
31 /// is also called DICE certificate chain.
32 #[derive(Debug)]
33 pub struct OwnedDiceArtifacts {
34     /// CDI Values.
35     cdi_values: CdiValues,
36     /// Boot Certificate Chain.
37     bcc: Vec<u8>,
38 }
39 
40 impl DiceArtifacts for OwnedDiceArtifacts {
cdi_attest(&self) -> &[u8; CDI_SIZE]41     fn cdi_attest(&self) -> &[u8; CDI_SIZE] {
42         &self.cdi_values.cdi_attest
43     }
44 
cdi_seal(&self) -> &[u8; CDI_SIZE]45     fn cdi_seal(&self) -> &[u8; CDI_SIZE] {
46         &self.cdi_values.cdi_seal
47     }
48 
bcc(&self) -> Option<&[u8]>49     fn bcc(&self) -> Option<&[u8]> {
50         Some(&self.bcc)
51     }
52 }
53 
54 /// Retries the given function with bigger output buffer size.
retry_with_bigger_buffer<F>(mut f: F) -> Result<Vec<u8>> where F: FnMut(&mut Vec<u8>) -> Result<usize>,55 fn retry_with_bigger_buffer<F>(mut f: F) -> Result<Vec<u8>>
56 where
57     F: FnMut(&mut Vec<u8>) -> Result<usize>,
58 {
59     const INITIAL_BUFFER_SIZE: usize = 256;
60     const MAX_BUFFER_SIZE: usize = 64 * 1024 * 1024;
61 
62     let mut buffer = vec![0u8; INITIAL_BUFFER_SIZE];
63     while buffer.len() <= MAX_BUFFER_SIZE {
64         match f(&mut buffer) {
65             Err(DiceError::BufferTooSmall) => {
66                 let new_size = buffer.len() * 2;
67                 buffer.resize(new_size, 0);
68             }
69             Err(e) => return Err(e),
70             Ok(actual_size) => {
71                 if actual_size > buffer.len() {
72                     panic!(
73                         "actual_size larger than buffer size: open-dice function
74                          may have written past the end of the buffer."
75                     );
76                 }
77                 buffer.truncate(actual_size);
78                 return Ok(buffer);
79             }
80         }
81     }
82     Err(DiceError::PlatformError)
83 }
84 
85 /// Formats a configuration descriptor following the BCC's specification.
retry_bcc_format_config_descriptor( name: Option<&CStr>, version: Option<u64>, resettable: bool, ) -> Result<Vec<u8>>86 pub fn retry_bcc_format_config_descriptor(
87     name: Option<&CStr>,
88     version: Option<u64>,
89     resettable: bool,
90 ) -> Result<Vec<u8>> {
91     retry_with_bigger_buffer(|buffer| {
92         bcc_format_config_descriptor(name, version, resettable, buffer)
93     })
94 }
95 
96 /// Executes the main BCC flow.
97 ///
98 /// Given a full set of input values along with the current BCC and CDI values,
99 /// computes the next CDI values and matching updated BCC.
retry_bcc_main_flow( current_cdi_attest: &Cdi, current_cdi_seal: &Cdi, bcc: &[u8], input_values: &InputValues, ) -> Result<OwnedDiceArtifacts>100 pub fn retry_bcc_main_flow(
101     current_cdi_attest: &Cdi,
102     current_cdi_seal: &Cdi,
103     bcc: &[u8],
104     input_values: &InputValues,
105 ) -> Result<OwnedDiceArtifacts> {
106     let mut next_cdi_values = CdiValues::default();
107     let next_bcc = retry_with_bigger_buffer(|next_bcc| {
108         bcc_main_flow(
109             current_cdi_attest,
110             current_cdi_seal,
111             bcc,
112             input_values,
113             &mut next_cdi_values,
114             next_bcc,
115         )
116     })?;
117     Ok(OwnedDiceArtifacts { cdi_values: next_cdi_values, bcc: next_bcc })
118 }
119 
120 /// Executes the main DICE flow.
121 ///
122 /// Given a full set of input values and the current CDI values, computes the
123 /// next CDI values and a matching certificate.
retry_dice_main_flow( current_cdi_attest: &Cdi, current_cdi_seal: &Cdi, input_values: &InputValues, ) -> Result<(CdiValues, Vec<u8>)>124 pub fn retry_dice_main_flow(
125     current_cdi_attest: &Cdi,
126     current_cdi_seal: &Cdi,
127     input_values: &InputValues,
128 ) -> Result<(CdiValues, Vec<u8>)> {
129     let mut next_cdi_values = CdiValues::default();
130     let next_cdi_certificate = retry_with_bigger_buffer(|next_cdi_certificate| {
131         dice_main_flow(
132             current_cdi_attest,
133             current_cdi_seal,
134             input_values,
135             next_cdi_certificate,
136             &mut next_cdi_values,
137         )
138     })?;
139     Ok((next_cdi_values, next_cdi_certificate))
140 }
141 
142 /// Generates an X.509 certificate from the given `subject_private_key_seed` and
143 /// `input_values`, and signed by `authority_private_key_seed`.
144 /// The subject private key seed is supplied here so the implementation can choose
145 /// between asymmetric mechanisms, for example ECDSA vs Ed25519.
146 /// Returns the generated certificate.
retry_generate_certificate( subject_private_key_seed: &[u8; PRIVATE_KEY_SEED_SIZE], authority_private_key_seed: &[u8; PRIVATE_KEY_SEED_SIZE], input_values: &InputValues, ) -> Result<Vec<u8>>147 pub fn retry_generate_certificate(
148     subject_private_key_seed: &[u8; PRIVATE_KEY_SEED_SIZE],
149     authority_private_key_seed: &[u8; PRIVATE_KEY_SEED_SIZE],
150     input_values: &InputValues,
151 ) -> Result<Vec<u8>> {
152     retry_with_bigger_buffer(|certificate| {
153         generate_certificate(
154             subject_private_key_seed,
155             authority_private_key_seed,
156             input_values,
157             certificate,
158         )
159     })
160 }
161