From 584052c7f80b406666b9597447eeccef4d6deca4 Mon Sep 17 00:00:00 2001 From: Tamas Ban Date: Tue, 6 Jun 2023 13:14:45 +0200 Subject: [PATCH] feat(dice): add typedefs from the Open DICE repo The DPE implementation in RSS is aligned with the Open Profile for DICE specification: https://pigweed.googlesource.com/open-dice/ Type definitions are needed to specify the input values for the DPE service. Instead of mandating to clone the entire open-dice repo, the following file is copied from the repository: https://pigweed.googlesource.com/open-dice/+/refs/heads/main/include/dice/dice.h Git SHA of the source version: cf549422e39da872d64993be944099ac62ba22a9 This is external code, with Apache 2.0 license, therefore the license.rst is updated accordingly and a copy of this license is also added. Signed-off-by: Tamas Ban Signed-off-by: David Vincze Change-Id: Ie84b8483034819d1143fe0ec812e66514ac7d4cb --- docs/glossary.rst | 6 + docs/license.rst | 11 ++ include/lib/dice/dice.h | 166 ++++++++++++++++++++++++++ licenses/LICENSE-APACHE-2.0.txt | 202 ++++++++++++++++++++++++++++++++ 4 files changed, 385 insertions(+) create mode 100644 include/lib/dice/dice.h create mode 100644 licenses/LICENSE-APACHE-2.0.txt diff --git a/docs/glossary.rst b/docs/glossary.rst index 679de2bf1..c02e93808 100644 --- a/docs/glossary.rst +++ b/docs/glossary.rst @@ -40,6 +40,9 @@ You can find additional definitions in the `Arm Glossary`_. Common Vulnerabilities and Exposures. A CVE document is commonly used to describe a publicly-known security vulnerability. + DICE + Device Identifier Composition Engine + DCE DRTM Configuration Environment @@ -52,6 +55,9 @@ You can find additional definitions in the `Arm Glossary`_. DRTM Dynamic Root of Trust for Measurement + DPE + DICE Protection Environment + DS-5 Arm Development Studio 5 diff --git a/docs/license.rst b/docs/license.rst index 80f111860..89961059b 100644 --- a/docs/license.rst +++ b/docs/license.rst @@ -85,6 +85,17 @@ license text is included in those source files. See the original `Linux MIT license`_. +- Some source files originating from the `Open Profile for DICE`_ project. + These files are licensed under the Apache License, Version 2.0, which is a + permissive license compatible with BSD-3-Clause. Any contributions to this + code must also be made under the terms of `Apache License 2.0`_. + These files are: + + - ``include/lib/dice/dice.h`` + .. _FreeBSD: http://www.freebsd.org .. _Linux MIT license: https://raw.githubusercontent.com/torvalds/linux/master/LICENSES/preferred/MIT .. _SCC: http://www.simple-cc.org/ +.. _Open Profile for DICE: https://pigweed.googlesource.com/open-dice/ +.. _Apache License 2.0: https://www.apache.org/licenses/LICENSE-2.0.txt + diff --git a/include/lib/dice/dice.h b/include/lib/dice/dice.h new file mode 100644 index 000000000..cf549422e --- /dev/null +++ b/include/lib/dice/dice.h @@ -0,0 +1,166 @@ +// Copyright 2020 Google LLC +// +// Licensed under the Apache License, Version 2.0 (the "License"); you may not +// use this file except in compliance with the License. You may obtain a copy of +// the License at +// +// https://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +// WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +// License for the specific language governing permissions and limitations under +// the License. + +#ifndef DICE_DICE_H_ +#define DICE_DICE_H_ + +#include +#include + +#ifdef __cplusplus +extern "C" { +#endif + +#define DICE_CDI_SIZE 32 +#define DICE_HASH_SIZE 64 +#define DICE_HIDDEN_SIZE 64 +#define DICE_INLINE_CONFIG_SIZE 64 +#define DICE_PRIVATE_KEY_SEED_SIZE 32 +#define DICE_ID_SIZE 20 + +typedef enum { + kDiceResultOk, + kDiceResultInvalidInput, + kDiceResultBufferTooSmall, + kDiceResultPlatformError, +} DiceResult; + +typedef enum { + kDiceModeNotInitialized, + kDiceModeNormal, + kDiceModeDebug, + kDiceModeMaintenance, +} DiceMode; + +typedef enum { + kDiceConfigTypeInline, + kDiceConfigTypeDescriptor, +} DiceConfigType; + +// Contains a full set of input values describing the target program or system. +// See the Open Profile for DICE specification for a detailed explanation of +// these inputs. +// +// Fields: +// code_hash: A hash or similar representation of the target code. +// code_descriptor: An optional descriptor to be included in the certificate. +// This descriptor is opaque to the DICE flow and is included verbatim +// in the certificate with no validation. May be null. +// code_descriptor_size: The size in bytes of |code_descriptor|. +// config_type: Indicates how to interpret the remaining config-related +// fields. If the type is 'inline', then the 64 byte configuration input +// value must be provided in |config_value| and |config_descriptor| is +// ignored. If the type is 'descriptor', then |config_descriptor| is +// hashed to get the configuration input value and |config_value| is +// ignored. +// config_value: A 64-byte configuration input value when |config_type| is +// kDiceConfigTypeInline. Otherwise, this field is ignored. +// config_descriptor: A descriptor to be hashed for the configuration input +// value when |config_type| is kDiceConfigTypeDescriptor. Otherwise, +// this field is ignored and may be null. +// config_descriptor_size: The size in bytes of |config_descriptor|. +// authority_hash: A hash or similar representation of the authority used to +// verify the target code. If the code is not verified or the authority +// is implicit, for example hard coded as part of the code currently +// executing, then this value should be set to all zero bytes. +// authority_descriptor: An optional descriptor to be included in the +// certificate. This descriptor is opaque to the DICE flow and is +// included verbatim in the certificate with no validation. May be null. +// authority_descriptor_size: The size in bytes of |authority_descriptor|. +// mode: The current operating mode. +// hidden: Additional input which will not appear in certificates. If this is +// not used it should be set to all zero bytes. +typedef struct DiceInputValues_ { + uint8_t code_hash[DICE_HASH_SIZE]; + const uint8_t* code_descriptor; + size_t code_descriptor_size; + DiceConfigType config_type; + uint8_t config_value[DICE_INLINE_CONFIG_SIZE]; + const uint8_t* config_descriptor; + size_t config_descriptor_size; + uint8_t authority_hash[DICE_HASH_SIZE]; + const uint8_t* authority_descriptor; + size_t authority_descriptor_size; + DiceMode mode; + uint8_t hidden[DICE_HIDDEN_SIZE]; +} DiceInputValues; + +// Derives a |cdi_private_key_seed| from a |cdi_attest| value. On success +// populates |cdi_private_key_seed| and returns kDiceResultOk. +DiceResult DiceDeriveCdiPrivateKeySeed( + void* context, const uint8_t cdi_attest[DICE_CDI_SIZE], + uint8_t cdi_private_key_seed[DICE_PRIVATE_KEY_SEED_SIZE]); + +// Derives an |id| from a |cdi_public_key| value. Because public keys can vary +// in length depending on the algorithm, the |cdi_public_key_size| in bytes must +// be provided. When interpreted as an integer, |id| is big-endian. On success +// populates |id| and returns kDiceResultOk. +DiceResult DiceDeriveCdiCertificateId(void* context, + const uint8_t* cdi_public_key, + size_t cdi_public_key_size, + uint8_t id[DICE_ID_SIZE]); + +// Executes the main DICE flow. +// +// Given a full set of input values and the current CDI values, computes the +// next CDI values and a matching certificate. See the Open Profile for DICE +// specification for a detailed explanation of this flow. +// In certain cases, the caller may not need to generate the CDI certificate. +// The caller should signal this by setting the certificate parameters to +// null/zero values appropriately. +// +// Parameters: +// context: Context provided by the caller that is opaque to this library +// but is passed through to the integration-provided operations in +// dice/ops.h. The value is, therefore, integration-specific and may be +// null. +// current_cdi_attest, current_cdi_seal: The current CDI values as produced +// by a previous DICE flow. If this is the first DICE flow in a system, +// the Unique Device Secret (UDS) should be used for both of these +// arguments. +// input_values: A set of input values describing the target program or +// system. +// next_cdi_certificate_buffer_size: The size in bytes of the buffer pointed +// to by the |next_cdi_certificate| argument. This should be set to zero +// if next CDI certificate should not be computed. +// next_cdi_certificate: On success, will be populated with the generated +// certificate, up to |next_cdi_certificate_buffer_size| in size. If the +// certificate cannot fit in the buffer, |next_cdi_certificate_size| is +// populated with the required size and kDiceResultBufferTooSmall is +// returned. This should be set to NULL if next CDI certificate should +// not be computed. +// next_cdi_certificate_actual_size: On success, will be populated with the +// size, in bytes, of the certificate data written to +// |next_cdi_certificate|. If kDiceResultBufferTooSmall is returned, will +// be populated with the required buffer size. This should be set to NULL +// if next CDI certificate should not be computed. +// next_cdi_attest: On success, will be populated with the next CDI value for +// attestation. +// next_cdi_seal: On success, will be populated with the next CDI value for +// sealing. +DiceResult DiceMainFlow(void* context, + const uint8_t current_cdi_attest[DICE_CDI_SIZE], + const uint8_t current_cdi_seal[DICE_CDI_SIZE], + const DiceInputValues* input_values, + size_t next_cdi_certificate_buffer_size, + uint8_t* next_cdi_certificate, + size_t* next_cdi_certificate_actual_size, + uint8_t next_cdi_attest[DICE_CDI_SIZE], + uint8_t next_cdi_seal[DICE_CDI_SIZE]); + +#ifdef __cplusplus +} // extern "C" +#endif + +#endif // DICE_DICE_H_ diff --git a/licenses/LICENSE-APACHE-2.0.txt b/licenses/LICENSE-APACHE-2.0.txt new file mode 100644 index 000000000..d64569567 --- /dev/null +++ b/licenses/LICENSE-APACHE-2.0.txt @@ -0,0 +1,202 @@ + + Apache License + Version 2.0, January 2004 + http://www.apache.org/licenses/ + + TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION + + 1. Definitions. + + "License" shall mean the terms and conditions for use, reproduction, + and distribution as defined by Sections 1 through 9 of this document. + + "Licensor" shall mean the copyright owner or entity authorized by + the copyright owner that is granting the License. + + "Legal Entity" shall mean the union of the acting entity and all + other entities that control, are controlled by, or are under common + control with that entity. For the purposes of this definition, + "control" means (i) the power, direct or indirect, to cause the + direction or management of such entity, whether by contract or + otherwise, or (ii) ownership of fifty percent (50%) or more of the + outstanding shares, or (iii) beneficial ownership of such entity. + + "You" (or "Your") shall mean an individual or Legal Entity + exercising permissions granted by this License. + + "Source" form shall mean the preferred form for making modifications, + including but not limited to software source code, documentation + source, and configuration files. + + "Object" form shall mean any form resulting from mechanical + transformation or translation of a Source form, including but + not limited to compiled object code, generated documentation, + and conversions to other media types. + + "Work" shall mean the work of authorship, whether in Source or + Object form, made available under the License, as indicated by a + copyright notice that is included in or attached to the work + (an example is provided in the Appendix below). + + "Derivative Works" shall mean any work, whether in Source or Object + form, that is based on (or derived from) the Work and for which the + editorial revisions, annotations, elaborations, or other modifications + represent, as a whole, an original work of authorship. For the purposes + of this License, Derivative Works shall not include works that remain + separable from, or merely link (or bind by name) to the interfaces of, + the Work and Derivative Works thereof. + + "Contribution" shall mean any work of authorship, including + the original version of the Work and any modifications or additions + to that Work or Derivative Works thereof, that is intentionally + submitted to Licensor for inclusion in the Work by the copyright owner + or by an individual or Legal Entity authorized to submit on behalf of + the copyright owner. For the purposes of this definition, "submitted" + means any form of electronic, verbal, or written communication sent + to the Licensor or its representatives, including but not limited to + communication on electronic mailing lists, source code control systems, + and issue tracking systems that are managed by, or on behalf of, the + Licensor for the purpose of discussing and improving the Work, but + excluding communication that is conspicuously marked or otherwise + designated in writing by the copyright owner as "Not a Contribution." + + "Contributor" shall mean Licensor and any individual or Legal Entity + on behalf of whom a Contribution has been received by Licensor and + subsequently incorporated within the Work. + + 2. Grant of Copyright License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + copyright license to reproduce, prepare Derivative Works of, + publicly display, publicly perform, sublicense, and distribute the + Work and such Derivative Works in Source or Object form. + + 3. Grant of Patent License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + (except as stated in this section) patent license to make, have made, + use, offer to sell, sell, import, and otherwise transfer the Work, + where such license applies only to those patent claims licensable + by such Contributor that are necessarily infringed by their + Contribution(s) alone or by combination of their Contribution(s) + with the Work to which such Contribution(s) was submitted. If You + institute patent litigation against any entity (including a + cross-claim or counterclaim in a lawsuit) alleging that the Work + or a Contribution incorporated within the Work constitutes direct + or contributory patent infringement, then any patent licenses + granted to You under this License for that Work shall terminate + as of the date such litigation is filed. + + 4. Redistribution. You may reproduce and distribute copies of the + Work or Derivative Works thereof in any medium, with or without + modifications, and in Source or Object form, provided that You + meet the following conditions: + + (a) You must give any other recipients of the Work or + Derivative Works a copy of this License; and + + (b) You must cause any modified files to carry prominent notices + stating that You changed the files; and + + (c) You must retain, in the Source form of any Derivative Works + that You distribute, all copyright, patent, trademark, and + attribution notices from the Source form of the Work, + excluding those notices that do not pertain to any part of + the Derivative Works; and + + (d) If the Work includes a "NOTICE" text file as part of its + distribution, then any Derivative Works that You distribute must + include a readable copy of the attribution notices contained + within such NOTICE file, excluding those notices that do not + pertain to any part of the Derivative Works, in at least one + of the following places: within a NOTICE text file distributed + as part of the Derivative Works; within the Source form or + documentation, if provided along with the Derivative Works; or, + within a display generated by the Derivative Works, if and + wherever such third-party notices normally appear. The contents + of the NOTICE file are for informational purposes only and + do not modify the License. You may add Your own attribution + notices within Derivative Works that You distribute, alongside + or as an addendum to the NOTICE text from the Work, provided + that such additional attribution notices cannot be construed + as modifying the License. + + You may add Your own copyright statement to Your modifications and + may provide additional or different license terms and conditions + for use, reproduction, or distribution of Your modifications, or + for any such Derivative Works as a whole, provided Your use, + reproduction, and distribution of the Work otherwise complies with + the conditions stated in this License. + + 5. Submission of Contributions. Unless You explicitly state otherwise, + any Contribution intentionally submitted for inclusion in the Work + by You to the Licensor shall be under the terms and conditions of + this License, without any additional terms or conditions. + Notwithstanding the above, nothing herein shall supersede or modify + the terms of any separate license agreement you may have executed + with Licensor regarding such Contributions. + + 6. Trademarks. This License does not grant permission to use the trade + names, trademarks, service marks, or product names of the Licensor, + except as required for reasonable and customary use in describing the + origin of the Work and reproducing the content of the NOTICE file. + + 7. Disclaimer of Warranty. Unless required by applicable law or + agreed to in writing, Licensor provides the Work (and each + Contributor provides its Contributions) on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + implied, including, without limitation, any warranties or conditions + of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A + PARTICULAR PURPOSE. You are solely responsible for determining the + appropriateness of using or redistributing the Work and assume any + risks associated with Your exercise of permissions under this License. + + 8. Limitation of Liability. In no event and under no legal theory, + whether in tort (including negligence), contract, or otherwise, + unless required by applicable law (such as deliberate and grossly + negligent acts) or agreed to in writing, shall any Contributor be + liable to You for damages, including any direct, indirect, special, + incidental, or consequential damages of any character arising as a + result of this License or out of the use or inability to use the + Work (including but not limited to damages for loss of goodwill, + work stoppage, computer failure or malfunction, or any and all + other commercial damages or losses), even if such Contributor + has been advised of the possibility of such damages. + + 9. Accepting Warranty or Additional Liability. While redistributing + the Work or Derivative Works thereof, You may choose to offer, + and charge a fee for, acceptance of support, warranty, indemnity, + or other liability obligations and/or rights consistent with this + License. However, in accepting such obligations, You may act only + on Your own behalf and on Your sole responsibility, not on behalf + of any other Contributor, and only if You agree to indemnify, + defend, and hold each Contributor harmless for any liability + incurred by, or claims asserted against, such Contributor by reason + of your accepting any such warranty or additional liability. + + END OF TERMS AND CONDITIONS + + APPENDIX: How to apply the Apache License to your work. + + To apply the Apache License to your work, attach the following + boilerplate notice, with the fields enclosed by brackets "[]" + replaced with your own identifying information. (Don't include + the brackets!) The text should be enclosed in the appropriate + comment syntax for the file format. We also recommend that a + file or class name and description of purpose be included on the + same "printed page" as the copyright notice for easier + identification within third-party archives. + + Copyright [yyyy] [name of copyright owner] + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License.