Skip to content

Commit

Permalink
Merge pull request #4 from cc-api/cvm
Browse files Browse the repository at this point in the history 
vmsdk: refactory code
  • Loading branch information
@kenplusplus
kenplusplus authored Dec 7, 2023
2 parents 88e689a + 183f57d commit c2620aa
Show file tree
Hide file tree
Showing 6 changed files with 245 additions and 160 deletions.
75 changes: 13 additions & 62 deletions common/python/cctrusted_base/imr.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,57 +2,7 @@
Integrated Measurement Register packages.
"""
from abc import ABC, abstractmethod

class TcgAlgorithmRegistry:
"""
From TCG specification
https://trustedcomputinggroup.org/wp-content/uploads/TCG-_Algorithm_Registry_r1p32_pub.pdf
"""

TPM_ALG_ERROR = 0x0
TPM_ALG_RSA = 0x1
TPM_ALG_TDES = 0x3
TPM_ALG_SHA256 = 0xB
TPM_ALG_SHA384 = 0xC
TPM_ALG_SHA512 = 0xD

TPM_ALG_TABLE = {
TPM_ALG_RSA: "TPM_ALG_RSA",
TPM_ALG_TDES: "TPM_ALG_TDES",
TPM_ALG_SHA256: "TPM_ALG_SHA256",
TPM_ALG_SHA384: "TPM_ALG_SHA384",
TPM_ALG_SHA512: "TPM_ALG_SHA512"
}

@staticmethod
def get_algorithm_string(alg_id: int) -> str:
"""
Return algorithms name from ID
"""
if alg_id in TcgAlgorithmRegistry.TPM_ALG_TABLE:
return TcgAlgorithmRegistry.TPM_ALG_TABLE[alg_id]
return "UNKNOWN"

def __init__(self, alg_id: int) -> None:
assert alg_id in TcgAlgorithmRegistry.TPM_ALG_TABLE, \
"invalid parameter alg_id"
self._alg_id = alg_id

class TcgDigest:
"""
TCG Digest
"""

def __init__(self, alg_id=TcgAlgorithmRegistry.TPM_ALG_SHA384):
self._algorithms = TcgAlgorithmRegistry(alg_id)
self._hash = []

@property
def algorithms(self) -> TcgAlgorithmRegistry:
"""
Algorithms for the hash of digest
"""
return self._algorithms
from cctrusted_base.tcg import TcgDigest

class TcgIMR(ABC):
"""
Expand All @@ -63,7 +13,7 @@ class TcgIMR(ABC):

def __init__(self):
self._index = -1
self._digest = []
self._digests:dict[int, TcgDigest] = {}

@property
def index(self) -> int:
Expand All @@ -72,18 +22,19 @@ def index(self) -> int:
"""
return self._index

@property
def digest(self):
def digest(self, alg_id):
"""
The digest value of IMR
"""
return self._digest
if alg_id not in self._digests:
return None
return self._digests[alg_id]

@property
@abstractmethod
def count(self):
def max_index(self):
"""
The total account of IMR
The max index value of IMR
"""
raise NotImplementedError("Need implemented in different arch")

Expand All @@ -92,22 +43,22 @@ def is_valid(self):
Check whether IMR is valid or not
"""
return self._index != TcgIMR._INVALID_IMR_INDEX and \
self._index < self.count
self._index <= self.max_index

class TdxRTMR(TcgIMR):
"""
RTMR class defined for Intel TDX
"""

@property
def count(self):
return 4
def max_index(self):
return 3

class TpmPCR(TcgIMR):
"""
PCR class defined for TPM
"""

@property
def count(self):
return 24
def max_index(self):
return 23
75 changes: 75 additions & 0 deletions common/python/cctrusted_base/tcg.py
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,75 @@

"""
TCG common definitions
"""

class TcgAlgorithmRegistry:
"""
From TCG specification
https://trustedcomputinggroup.org/wp-content/uploads/TCG-_Algorithm_Registry_r1p32_pub.pdf
"""

TPM_ALG_ERROR = 0x0
TPM_ALG_RSA = 0x1
TPM_ALG_TDES = 0x3
TPM_ALG_SHA256 = 0xB
TPM_ALG_SHA384 = 0xC
TPM_ALG_SHA512 = 0xD

TPM_ALG_TABLE = {
TPM_ALG_RSA: "TPM_ALG_RSA",
TPM_ALG_TDES: "TPM_ALG_TDES",
TPM_ALG_SHA256: "TPM_ALG_SHA256",
TPM_ALG_SHA384: "TPM_ALG_SHA384",
TPM_ALG_SHA512: "TPM_ALG_SHA512"
}

@staticmethod
def get_algorithm_string(alg_id: int) -> str:
"""
Return algorithms name from ID
"""
if alg_id in TcgAlgorithmRegistry.TPM_ALG_TABLE:
return TcgAlgorithmRegistry.TPM_ALG_TABLE[alg_id]
return "UNKNOWN"

def __init__(self, alg_id: int) -> None:
assert alg_id in TcgAlgorithmRegistry.TPM_ALG_TABLE, \
"invalid parameter alg_id"
self._alg_id = alg_id

@property
def alg_id(self):
"""
Property for algorithms ID
"""
return self._alg_id

def __str__(self):
"""
Name string
"""
return TcgAlgorithmRegistry.get_algorithm_string(self.alg_id)

class TcgDigest:
"""
TCG Digest
"""

def __init__(self, alg_id=TcgAlgorithmRegistry.TPM_ALG_SHA384):
self._hash: list = []
self._alg_id = alg_id

@property
def alg(self) -> TcgAlgorithmRegistry:
"""
Algorithms for the hash of digest
"""
return TcgAlgorithmRegistry(self._alg_id)

@property
def hash(self) -> list:
"""
Return the hash of digest
"""
return self._hash
2 changes: 1 addition & 1 deletion vmsdk/python/cc_imr_cli.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -9,6 +9,6 @@

logging.basicConfig(level=logging.NOTSET)

imr_inst = cctrusted.get_measurement(2)
imr_inst = cctrusted.get_measurement([2, None])

# TODO: print IMR
18 changes: 13 additions & 5 deletions vmsdk/python/cctrusted/api.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,17 +5,25 @@

# pylint: disable=unused-import
from cctrusted_base.imr import TcgIMR
from .cc_linux import CcLinuxStub
from cctrusted_base.tcg import TcgAlgorithmRegistry

from .cvm import ConfidentialVM

LOG = logging.getLogger(__name__)

def get_measurement(imr_select_index:int) -> TcgIMR:
def get_measurement(imr_select:[int, int]) -> TcgIMR:
"""
Get IMR register value according to given index
"""
cc_linux_inst = CcLinuxStub.inst()
if imr_select_index > len(cc_linux_inst.imrs):
cvm_inst = ConfidentialVM.inst()
imr_index = imr_select[0]
algo_id = imr_select[1]

if imr_index not in cvm_inst.imrs:
LOG.error("Invalid select index for IMR.")
return None

return cc_linux_inst.imrs[imr_select_index]
if algo_id is None or algo_id is TcgAlgorithmRegistry.TPM_ALG_ERROR:
algo_id = cvm_inst.default_algo_id

return cvm_inst.imrs[imr_index].digest(algo_id)
92 changes: 0 additions & 92 deletions vmsdk/python/cctrusted/cc_linux.py
View file

This file was deleted.

Loading

0 comments on commit c2620aa

Please sign in to comment.