Skip to content

Commit ffe3973

Browse files
wojciechozgawojciechozga
committed
improved parsing of TAP
1 parent 6fa7bdd commit ffe3973

5 files changed

Lines changed: 156 additions & 58 deletions

File tree

security-monitor/Makefile

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -31,7 +31,7 @@ build: opensbi_bindings fmt
3131
echo "Generating OpenSBI bindings" ;\
3232
mkdir -p $(SM_WORK_DIR) ; \
3333
rm -f $(SM_WORK_DIR)/$(CHAIN)/release/$(EXEC_NAME); \
34-
RUSTFLAGS='$(RUSTFLAGS)' CARGO_TARGET_DIR=$(SM_WORK_DIR) INSTALL_DIR=$(ACE_DIR) $(CARGO) build $(RELEASE) $(TARGET) ; \
34+
RUSTFLAGS='$(RUSTFLAGS)' CARGO_TARGET_DIR=$(SM_WORK_DIR) INSTALL_DIR=$(ACE_DIR) $(CARGO) build $(RELEASE) $(TARGET) --features verbose ; \
3535
cp $(SM_WORK_DIR)/$(CHAIN)/release/$(EXEC_NAME) $(SM_WORK_DIR)/ ; \
3636
rm -rf $(OPENSBI_WORK_DIR)/
3737

security-monitor/rust-crates/riscv_cove_tap/src/lib.rs

Lines changed: 11 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -17,6 +17,17 @@ pub use parser::AttestationPayloadParser;
1717
#[cfg(feature = "serializer")]
1818
pub use serializer::AttestationPayloadSerializer;
1919

20+
#[macro_export]
21+
macro_rules! ensure {
22+
($cond:expr, $error:expr) => {
23+
if !$cond {
24+
Err($error)
25+
} else {
26+
Ok(())
27+
}
28+
};
29+
}
30+
2031
pub use spec::*;
2132
pub use error::*;
2233
pub mod spec;

security-monitor/rust-crates/riscv_cove_tap/src/parser.rs

Lines changed: 26 additions & 43 deletions
Original file line numberDiff line numberDiff line change
@@ -5,6 +5,7 @@ pub use crate::error::TapError;
55
use alloc::vec::Vec;
66
use crate::spec::*;
77
use alloc::vec;
8+
use crate::ensure;
89

910
pub struct AttestationPayloadParser {
1011
pub pointer: *const u8,
@@ -13,23 +14,17 @@ pub struct AttestationPayloadParser {
1314

1415
impl AttestationPayloadParser {
1516
pub fn from_raw_pointer(pointer: *const u8, size: usize) -> Result<Self, TapError> {
16-
Ok(Self {
17-
pointer, size
18-
})
17+
Ok(Self { pointer, size })
1918
}
2019

21-
pub fn parse_and_verify(&mut self, decapsulation_key: &Vec<u8>) -> Result<AttestationPayload, TapError> {
22-
if self.read_u32()? != ACE_MAGIC_TAP_START {
23-
return Err(TapError::InvalidMagicStart());
24-
}
20+
pub fn parse_and_verify(&mut self, decapsulation_key: &[u8]) -> Result<AttestationPayload, TapError> {
21+
ensure!(self.read_u32()? == ACE_MAGIC_TAP_START, TapError::InvalidMagicStart())?;
2522
self.read_u16()?;
2623
// if self.read_u16()? as usize != self.size {
2724
// return Err(TapError::InvalidSize());
2825
// }
2926
let number_of_lockboxes = self.read_u16()?;
30-
if usize::from(number_of_lockboxes) > MAX_NUMBER_OF_LOCKBOXES {
31-
return Err(TapError::InvalidSize());
32-
}
27+
ensure!(usize::from(number_of_lockboxes) <= MAX_NUMBER_OF_LOCKBOXES, TapError::InvalidSize())?;
3328

3429
let mut symmetric_key = vec![];
3530
for _ in 0..number_of_lockboxes {
@@ -38,26 +33,20 @@ impl AttestationPayloadParser {
3833
let _name = self.read_u64()?;
3934
let algorithm = LockboxAlgorithm::from_u16(self.read_u16()?)?;
4035
let esk_size = self.read_u16()? as usize;
36+
ensure!(esk_size < 100_000, TapError::InvalidSize())?;
4137
let esk = self.read_exact(esk_size)?;
4238
let nonce_size = self.read_u16()? as usize;
39+
ensure!(nonce_size < 100_000, TapError::InvalidSize())?;
4340
let nonce = self.read_exact(nonce_size)?;
4441
let tag_size = self.read_u16()? as usize;
42+
ensure!(tag_size < 100_000, TapError::InvalidSize())?;
4543
let tag = self.read_exact(tag_size)?;
4644
let tsk_size = self.read_u16()? as usize;
47-
let tsk = self.read_exact(tsk_size)?;
48-
match algorithm.decode(decapsulation_key, esk, nonce, tag, tsk) {
49-
Ok(mut tsk) => {
50-
symmetric_key.append(&mut tsk);
51-
break;
52-
}
53-
Err(e) => {
54-
return Err(e)
55-
}
56-
};
57-
}
58-
if symmetric_key.is_empty() {
59-
return Err(TapError::NoLockboxFound());
45+
ensure!(tsk_size < 100_000, TapError::InvalidSize())?;
46+
symmetric_key = self.read_exact(tsk_size)?;
47+
algorithm.decode(decapsulation_key, &esk, &nonce, &tag, &mut symmetric_key)?;
6048
}
49+
ensure!(!symmetric_key.is_empty(), TapError::NoLockboxFound())?;
6150

6251
let payload_encryption_algorithm = PayloadEncryptionAlgorithm::from_u16(self.read_u16()?)?;
6352
match payload_encryption_algorithm {
@@ -66,9 +55,10 @@ impl AttestationPayloadParser {
6655
}
6756

6857
let number_of_digests = self.read_u16()?;
69-
let mut digests = vec![];
58+
let mut digests = Vec::with_capacity(number_of_digests.into());
7059
for _ in 0..number_of_digests {
7160
let size = self.read_u16()? as usize;
61+
ensure!(4 <= size && size < 100_000, TapError::InvalidSize())?;
7262
let pcr_id = self.read_u16()?;
7363
let algorithm = DigestAlgorithm::from_u16(self.read_u16()?)?;
7464
let value = self.read_exact(size-4)?;
@@ -83,30 +73,29 @@ impl AttestationPayloadParser {
8373
let mut secrets = vec![];
8474
for _ in 0..number_of_secrets {
8575
let size = self.read_u16()? as usize;
76+
ensure!(10 <= size && size < 100_000, TapError::InvalidSize())?;
8677
let name = self.read_u64()? as u64;
8778
let value = self.read_exact(size-10)?;
8879
secrets.push(Secret { name, value });
8980
}
9081

91-
Ok(AttestationPayload {
92-
digests,
93-
secrets,
94-
})
82+
Ok(AttestationPayload { digests, secrets })
9583
}
9684

97-
fn decrypt_aes_gcm_256(&mut self, symmetric_key: &Vec<u8>) -> Result<(), TapError> {
85+
fn decrypt_aes_gcm_256(&mut self, symmetric_key: &[u8]) -> Result<(), TapError> {
9886
use aes_gcm::{AeadInPlace, Aes256Gcm, Key, KeyInit, Tag, Nonce};
9987

10088
let nonce_size = self.read_u16()? as usize;
89+
ensure!(nonce_size < 100_000, TapError::InvalidSize())?;
10190
let nonce = self.read_exact(nonce_size)?;
10291
let tag_size = self.read_u16()? as usize;
92+
ensure!(tag_size < 100_000, TapError::InvalidSize())?;
10393
let tag = self.read_exact(tag_size)?;
10494
let payload_size = self.read_u16()? as usize;
95+
ensure!(payload_size < 100_000, TapError::InvalidSize())?;
10596

106-
if symmetric_key.len() != 32 {
107-
return Err(TapError::InvalidTskSize());
108-
}
109-
let cipher = Aes256Gcm::new(Key::<Aes256Gcm>::from_slice(symmetric_key.as_slice()));
97+
ensure!(symmetric_key.len() == 32, TapError::InvalidTskSize())?;
98+
let cipher = Aes256Gcm::new(Key::<Aes256Gcm>::from_slice(symmetric_key));
11099
let nonce = Nonce::from_slice(&nonce);
111100
let tag = Tag::from_slice(&tag);
112101
let mut data_slice = unsafe{ core::slice::from_raw_parts_mut(self.pointer as *mut u8, payload_size) };
@@ -115,25 +104,19 @@ impl AttestationPayloadParser {
115104
}
116105

117106
fn read_u16(&mut self) -> Result<u16, TapError> {
118-
let value = unsafe { (self.pointer as *const u16).read_volatile() };
119-
self.pointer = self.pointer.wrapping_add(2);
120-
Ok(value)
107+
Ok(u16::from_le_bytes(self.read_exact(2)?.try_into().map_err(|_| TapError::InvalidSize())?))
121108
}
122109

123110
fn read_u32(&mut self) -> Result<u32, TapError> {
124-
let value = unsafe { (self.pointer as *const u32).read_volatile() };
125-
self.pointer = self.pointer.wrapping_add(4);
126-
Ok(value)
111+
Ok(u32::from_le_bytes(self.read_exact(4)?.try_into().map_err(|_| TapError::InvalidSize())?))
127112
}
128113

129114
fn read_u64(&mut self) -> Result<u64, TapError> {
130-
let value = unsafe { (self.pointer as *const u64).read_volatile() };
131-
self.pointer = self.pointer.wrapping_add(8);
132-
Ok(value)
115+
Ok(u64::from_le_bytes(self.read_exact(8)?.try_into().map_err(|_| TapError::InvalidSize())?))
133116
}
134117

135118
fn read_exact(&mut self, size: usize) -> Result<Vec<u8>, TapError> {
136-
let mut result = vec![];
119+
let mut result = Vec::with_capacity(size);
137120
for _ in 0..size {
138121
let value = unsafe { self.pointer.read_volatile() };
139122
self.pointer = self.pointer.wrapping_add(1);

security-monitor/rust-crates/riscv_cove_tap/src/spec.rs

Lines changed: 6 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -88,29 +88,27 @@ impl LockboxAlgorithm {
8888
}
8989

9090
#[cfg(feature = "parser")]
91-
pub fn decode(&self, decapsulation_key: &Vec<u8>, esk: Vec<u8>, nonce: Vec<u8>, tag: Vec<u8>, mut tsk: Vec<u8>) -> Result<Vec<u8>, TapError> {
91+
pub fn decode(&self, decapsulation_key: &[u8], esk: &[u8], nonce: &[u8], tag: &[u8], tsk: &mut Vec<u8>) -> Result<(), TapError> {
9292
match self {
9393
LockboxAlgorithm::Debug => {
94-
Ok(tsk)
94+
Ok(())
9595
},
9696
LockboxAlgorithm::MlKem1024Aes256 => {
9797
use aes_gcm::{AeadInPlace, Aes256Gcm, Key, KeyInit, Tag, Nonce};
9898
use hybrid_array::Array;
9999
use ml_kem::{MlKem1024, KemCore, MlKem1024Params, Encoded, EncodedSizeUser,kem::{Decapsulate, DecapsulationKey}};
100100

101-
let m = Array::try_from(esk.as_slice())?;
102-
let dk_bytes = Encoded::<DecapsulationKey::<MlKem1024Params>>::try_from(decapsulation_key.as_slice())?;
101+
let m = Array::try_from(esk)?;
102+
let dk_bytes = Encoded::<DecapsulationKey::<MlKem1024Params>>::try_from(decapsulation_key)?;
103103
let dk = <MlKem1024 as KemCore>::DecapsulationKey::from_bytes(&dk_bytes);
104104
let sk = match dk.decapsulate(&m) {
105105
Ok(v) => v,
106106
Err(_) => return Err(TapError::KemError())
107107
};
108108

109109
let cipher = Aes256Gcm::new(Key::<Aes256Gcm>::from_slice(sk.as_slice()));
110-
let nonce = Nonce::from_slice(&nonce);
111-
let tag = Tag::from_slice(&tag);
112-
cipher.decrypt_in_place_detached(nonce, b"", &mut tsk, &tag).unwrap();
113-
Ok(tsk)
110+
cipher.decrypt_in_place_detached(Nonce::from_slice(nonce), b"", tsk, &Tag::from_slice(tag)).unwrap();
111+
Ok(())
114112
}
115113
}
116114
}

0 commit comments

Comments
 (0)