Skip to content

Commit

Permalink
Merge pull request parallaxsecond#543 from Superhepper/fixing-features
Browse files Browse the repository at this point in the history
Fixes problem with running tests needing features to be specified.
  • Loading branch information
Superhepper authored Sep 3, 2024
2 parents 938247b + 884f024 commit 8ec8381
Show file tree
Hide file tree
Showing 8 changed files with 87 additions and 120 deletions.
3 changes: 2 additions & 1 deletion Cargo.toml
Original file line number Diff line number Diff line change
@@ -1,2 +1,3 @@
[workspace]
members = ["tss-esapi", "tss-esapi-sys"]
members = ["tss-esapi", "tss-esapi-sys"]
resolver = "2"
14 changes: 13 additions & 1 deletion tss-esapi/Cargo.toml
Original file line number Diff line number Diff line change
Expand Up @@ -15,9 +15,15 @@ rust-version = "1.66.0"
[[example]]
name = "hmac"

[[example]]
name = "certify"
required-features = ["abstraction"]

[dependencies]
bitfield = "0.14"
serde = { version = "1.0.115", features = ["derive"], optional = true, default-features = false }
serde = { version = "1.0.115", features = [
"derive",
], optional = true, default-features = false }
malloced = "1.3.1"
log = "0.4.11"
enumflags2 = "0.7.7"
Expand All @@ -40,6 +46,12 @@ getrandom = "0.2.11"
env_logger = "0.9.0"
sha2 = "0.10.1"
serde_json = "^1.0.108"
tss-esapi = { path = ".", features = [
"integration-tests",
"serde",
"abstraction",
] }


[build-dependencies]
semver = "1.0.7"
Expand Down
1 change: 1 addition & 0 deletions tss-esapi/README.md
Original file line number Diff line number Diff line change
Expand Up @@ -27,6 +27,7 @@ The crate currently offers the following features:
* `abstraction` (enabled by default) - provides a set of abstracted primitives
on top of the basic Rust-native ESAPI API provided by the crate. This feature
can be turned off to reduce the number of dependencies built.
* `serde` - enable serde `Serialize`/`Deserialize` traits for types.

## Cross compiling

Expand Down
2 changes: 1 addition & 1 deletion tss-esapi/src/lib.rs
Original file line number Diff line number Diff line change
Expand Up @@ -109,7 +109,7 @@ pub mod structures;
pub mod tcti_ldr;
pub mod traits;
pub mod utils;

#[cfg(feature = "abstraction")]
pub use abstraction::transient::TransientKeyContext;
pub use context::Context;
pub use error::{Error, Result, ReturnCode, WrapperErrorKind};
Expand Down
37 changes: 8 additions & 29 deletions tss-esapi/tests/integration_tests/common/mod.rs
Original file line number Diff line number Diff line change
Expand Up @@ -8,7 +8,6 @@ use std::{
};

use tss_esapi::{
abstraction::{cipher::Cipher, pcr::PcrData},
attributes::ObjectAttributes,
attributes::{NvIndexAttributesBuilder, ObjectAttributesBuilder, SessionAttributesBuilder},
constants::SessionType,
Expand Down Expand Up @@ -234,9 +233,7 @@ pub fn create_ctx_with_session() -> Context {
#[allow(dead_code)]
pub fn decryption_key_pub() -> Public {
utils::create_restricted_decryption_rsa_public(
Cipher::aes_256_cfb()
.try_into()
.expect("Failed to create symmetric object"),
SymmetricDefinitionObject::AES_256_CFB,
RsaKeyBits::Rsa2048,
RsaExponent::default(),
)
Expand Down Expand Up @@ -278,16 +275,8 @@ pub fn get_pcr_policy_digest(
.build()
.expect("Failed to create PcrSelectionList");

let (_update_counter, pcr_selection_list_out, pcr_data) = context
let (_update_counter, pcr_selection_list_out, read_pcr_digests) = context
.pcr_read(pcr_selection_list.clone())
.map(|(update_counter, read_pcr_selections, read_pcr_digests)| {
(
update_counter,
read_pcr_selections.clone(),
PcrData::create(&read_pcr_selections, &read_pcr_digests)
.expect("Failed to create PcrData"),
)
})
.expect("Failed to call pcr_read");

assert_eq!(pcr_selection_list, pcr_selection_list_out);
Expand All @@ -298,22 +287,12 @@ pub fn get_pcr_policy_digest(
// values from the command rather than the values from a digest of the TPM PCR."
//
// "TPM2_Quote() and TPM2_PolicyPCR() digest the concatenation of PCR."
let mut concatenated_pcr_values = [
pcr_data
.pcr_bank(HashingAlgorithm::Sha256)
.unwrap()
.get_digest(PcrSlot::Slot0)
.unwrap()
.as_bytes(),
pcr_data
.pcr_bank(HashingAlgorithm::Sha256)
.unwrap()
.get_digest(PcrSlot::Slot1)
.unwrap()
.as_bytes(),
]
.concat();

let mut concatenated_pcr_values = read_pcr_digests
.value()
.iter()
.map(|v| v.as_bytes())
.collect::<Vec<&[u8]>>()
.concat();
if mangle {
concatenated_pcr_values[0] = 0x00;
}
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -194,7 +194,6 @@ mod test_policy_pcr {
use crate::common::create_ctx_without_session;
use std::convert::TryFrom;
use tss_esapi::{
abstraction::pcr::PcrData,
attributes::SessionAttributesBuilder,
constants::SessionType,
interface_types::{
Expand Down Expand Up @@ -237,16 +236,8 @@ mod test_policy_pcr {
.build()
.expect("Failed to create PcrSelectionList");

let (_update_counter, pcr_selection_list_out, pcr_data) = context
let (_update_counter, pcr_selection_list_out, read_pcr_digests) = context
.pcr_read(pcr_selection_list.clone())
.map(|(update_counter, read_pcr_selections, read_pcr_digests)| {
(
update_counter,
read_pcr_selections.clone(),
PcrData::create(&read_pcr_selections, &read_pcr_digests)
.expect("Failed to create PcrData"),
)
})
.expect("Failed to call pcr_read");

assert_eq!(pcr_selection_list, pcr_selection_list_out);
Expand All @@ -258,22 +249,12 @@ mod test_policy_pcr {
//
// "TPM2_Quote() and TPM2_PolicyPCR() digest the concatenation of PCR."
let concatenated_pcr_values = MaxBuffer::try_from(
[
pcr_data
.pcr_bank(HashingAlgorithm::Sha256)
.unwrap()
.get_digest(PcrSlot::Slot0)
.unwrap()
.as_bytes(),
pcr_data
.pcr_bank(HashingAlgorithm::Sha256)
.unwrap()
.get_digest(PcrSlot::Slot1)
.unwrap()
.as_bytes(),
]
.concat()
.to_vec(),
read_pcr_digests
.value()
.iter()
.map(|v| v.as_bytes())
.collect::<Vec<&[u8]>>()
.concat(),
)
.unwrap();

Expand Down Expand Up @@ -679,7 +660,6 @@ mod test_policy_get_digest {
use crate::common::create_ctx_without_session;
use std::convert::TryFrom;
use tss_esapi::{
abstraction::pcr::PcrData,
attributes::SessionAttributesBuilder,
constants::SessionType,
interface_types::{
Expand Down Expand Up @@ -723,16 +703,8 @@ mod test_policy_get_digest {

let trial_policy_session = PolicySession::try_from(trial_policy_auth_session)
.expect("Failed to convert auth session into policy session");
let (_update_counter, pcr_selection_list_out, pcr_data) = context
let (_update_counter, pcr_selection_list_out, read_pcr_digests) = context
.pcr_read(pcr_selection_list.clone())
.map(|(update_counter, read_pcr_selections, read_pcr_digests)| {
(
update_counter,
read_pcr_selections.clone(),
PcrData::create(&read_pcr_selections, &read_pcr_digests)
.expect("Failed to create PcrData"),
)
})
.expect("Failed to call pcr_read");

assert_eq!(pcr_selection_list, pcr_selection_list_out);
Expand All @@ -744,22 +716,12 @@ mod test_policy_get_digest {
//
// "TPM2_Quote() and TPM2_PolicyPCR() digest the concatenation of PCR."
let concatenated_pcr_values = MaxBuffer::try_from(
[
pcr_data
.pcr_bank(HashingAlgorithm::Sha256)
.unwrap()
.get_digest(PcrSlot::Slot0)
.unwrap()
.as_bytes(),
pcr_data
.pcr_bank(HashingAlgorithm::Sha256)
.unwrap()
.get_digest(PcrSlot::Slot1)
.unwrap()
.as_bytes(),
]
.concat()
.to_vec(),
read_pcr_digests
.value()
.iter()
.map(|v| v.as_bytes())
.collect::<Vec<&[u8]>>()
.concat(),
)
.unwrap();

Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,6 @@ mod test_pcr_extend_reset {
use crate::common::create_ctx_with_session;
use std::convert::TryFrom;
use tss_esapi::{
abstraction::pcr::PcrData,
handles::PcrHandle,
interface_types::algorithm::HashingAlgorithm,
structures::{Digest, DigestValues, PcrSelectionListBuilder, PcrSlot},
Expand Down Expand Up @@ -34,6 +33,12 @@ mod test_pcr_extend_reset {
});

// Needs to have the length of associated with the hashing algorithm
assert_eq!(read_pcr_selections.get_selections().len(), 2);
assert_eq!(
pcr_selection_list.get_selections(),
read_pcr_selections.get_selections()
);
assert_eq!(read_pcr_digests.value().len(), 2);
read_pcr_selections
.get_selections()
.iter()
Expand Down Expand Up @@ -73,8 +78,8 @@ mod test_pcr_extend_reset {
});

// Read PCR contents
let (_, read_pcr_selections_2, read_pcr_digests_2) =
context.execute_without_session(|ctx| ctx.pcr_read(pcr_selection_list).unwrap());
let (_, after_extend_read_pcr_selections, after_extend_read_pcr_digests) = context
.execute_without_session(|ctx| ctx.pcr_read(pcr_selection_list.clone()).unwrap());
// Needs to have the length of associated with the hashing algorithm
/*
Right Hand Side determined by:
Expand All @@ -87,11 +92,16 @@ mod test_pcr_extend_reset {
>>> res = ["0x"+a+b for a,b in zip(it, it)]
>>> ", ".join(res)
*/

read_pcr_selections_2
assert_eq!(after_extend_read_pcr_selections.get_selections().len(), 2);
assert_eq!(
pcr_selection_list.get_selections(),
after_extend_read_pcr_selections.get_selections()
);
assert_eq!(after_extend_read_pcr_digests.value().len(), 2);
after_extend_read_pcr_selections
.get_selections()
.iter()
.zip(read_pcr_digests_2.value().iter())
.zip(after_extend_read_pcr_digests.value().iter())
.for_each(|(pcr_selection, digest)| {
if pcr_selection.hashing_algorithm() == HashingAlgorithm::Sha1 {
assert_eq!(digest.len(), 20);
Expand Down Expand Up @@ -121,28 +131,35 @@ mod test_pcr_extend_reset {
context.execute_with_session(pcr_ses, |ctx| ctx.pcr_reset(PcrHandle::Pcr16).unwrap());

// Read PCR contents
let pcr_selection_list = PcrSelectionListBuilder::new()
.with_selection(HashingAlgorithm::Sha1, &[PcrSlot::Slot16])
.with_selection(HashingAlgorithm::Sha256, &[PcrSlot::Slot16])
.build()
.expect("Failed to create PcrSelectionList for pcr_read call after pcr_reset");
let pcr_data = context
let (_, after_reset_read_pcr_selections_out, after_reset_read_pcr_digests) = context
.execute_without_session(|ctx| {
ctx.pcr_read(pcr_selection_list).map(
|(_, read_pcr_selections, read_pcr_digests)| {
PcrData::create(&read_pcr_selections, &read_pcr_digests)
.expect("Failed to create PcrData")
},
)
})
.expect("Failed to call pcr_read");
let pcr_sha1_bank = pcr_data.pcr_bank(HashingAlgorithm::Sha1).unwrap();
let pcr_sha256_bank = pcr_data.pcr_bank(HashingAlgorithm::Sha256).unwrap();
let pcr_sha1_value = pcr_sha1_bank.get_digest(PcrSlot::Slot16).unwrap();
let pcr_sha256_value = pcr_sha256_bank.get_digest(PcrSlot::Slot16).unwrap();
// Needs to have the length of associated with the hashing algorithm
assert_eq!(pcr_sha1_value.as_bytes(), [0; 20]);
assert_eq!(pcr_sha256_value.as_bytes(), [0; 32]);
ctx.pcr_read(pcr_selection_list.clone())
.expect("Failed to call pcr_read")
});
assert_eq!(
after_reset_read_pcr_selections_out.get_selections().len(),
2
);
assert_eq!(
pcr_selection_list.get_selections(),
after_reset_read_pcr_selections_out.get_selections()
);
assert_eq!(after_reset_read_pcr_digests.value().len(), 2);
after_reset_read_pcr_selections_out
.get_selections()
.iter()
.zip(after_reset_read_pcr_digests.value().iter())
.for_each(|(pcr_selection, digest)| {
if pcr_selection.hashing_algorithm() == HashingAlgorithm::Sha1 {
assert_eq!(digest.len(), 20);
assert_eq!(digest.as_bytes(), [0; 20]);
} else if pcr_selection.hashing_algorithm() == HashingAlgorithm::Sha256 {
assert_eq!(digest.len(), 32);
assert_eq!(digest.as_bytes(), [0; 32]);
} else {
panic!("Read pcr selections contained unexpected HashingAlgorithm");
}
});
}
}

Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -2,9 +2,8 @@
// SPDX-License-Identifier: Apache-2.0
mod test_encrypt_decrypt_2 {
use crate::common::create_ctx_without_session;
use std::convert::{TryFrom, TryInto};
use std::convert::TryFrom;
use tss_esapi::{
abstraction::cipher::Cipher,
attributes::ObjectAttributesBuilder,
interface_types::{
algorithm::{HashingAlgorithm, PublicAlgorithm, SymmetricMode},
Expand All @@ -14,7 +13,7 @@ mod test_encrypt_decrypt_2 {
},
structures::{
Auth, InitialValue, MaxBuffer, PublicBuilder, RsaExponent, SensitiveData,
SymmetricCipherParameters,
SymmetricCipherParameters, SymmetricDefinitionObject,
},
};
#[test]
Expand All @@ -34,9 +33,7 @@ mod test_encrypt_decrypt_2 {
ctx.create_primary(
Hierarchy::Owner,
tss_esapi::utils::create_restricted_decryption_rsa_public(
Cipher::aes_128_cfb()
.try_into()
.expect("Failed to convert from Cipher"),
SymmetricDefinitionObject::AES_128_CFB,
RsaKeyBits::Rsa2048,
RsaExponent::default(),
)
Expand Down Expand Up @@ -66,9 +63,7 @@ mod test_encrypt_decrypt_2 {
.with_name_hashing_algorithm(HashingAlgorithm::Sha256)
.with_object_attributes(symmetric_key_object_attributes)
.with_symmetric_cipher_parameters(SymmetricCipherParameters::new(
Cipher::aes_128_cfb()
.try_into()
.expect("Failed to create symmteric cipher parameters from cipher"),
SymmetricDefinitionObject::AES_128_CFB,
))
.with_symmetric_cipher_unique_identifier(Default::default())
.build()
Expand Down

0 comments on commit 8ec8381

Please sign in to comment.