TQ opertaions #225
TQ opertaions #225
Conversation
attest-data/src/messages.rs
Outdated
| @@ -49,13 +52,17 @@ impl HostRotHeader { | |||
| )] | |||
| #[repr(u32)] | |||
| pub enum HostToRotCommand { | |||
| /// Returns the certificate chain associated with the RoT | |||
| /// Returns the certificate chain associated with the RoT-M | |||
There was a problem hiding this comment.
not sure adding the -M is relevant here
There was a problem hiding this comment.
Was trying to differentiate between the chain returned via GetCertificates vs GetTqCertificates but I'll drop it
attest-data/src/messages.rs
Outdated
| GetCertificates, | ||
| /// Returns the measurement log | ||
| GetMeasurementLog, | ||
| /// Calculates sign(sha3_256(hubpack(measurement_log) | nonce)) | ||
| /// and returns the result. | ||
| Attest, | ||
| /// Returns the certificate chain associated with TQ | ||
| GetTqCertificates, | ||
| /// Signs a sha3_256 message with the TQ key |
There was a problem hiding this comment.
TqSign looks like it will sign any 32 byte value. I understand that we only send it sha3_256 hashes but we may not want to give folks the impression that there is some magic happening that prevents this function from signing something that isn't a digest.
verifier/src/lib.rs
Outdated
| @@ -229,6 +229,26 @@ impl PkiPathSignatureVerifier { | |||
| } | |||
| } | |||
|
|
|||
| pub fn verify_signature( | |||
| alias: &Certificate, | |||
There was a problem hiding this comment.
alias here is misleading since this could be any certificate. Probably got refactored from code that was checking the signature on an attestation?
attest-data/src/messages.rs
Outdated
| pub const MAX_DATA_LEN: usize = NONCE_SIZE; | ||
|
|
||
| static_assertions::const_assert!(SHA3_256_DIGEST_SIZE == 32); |
There was a problem hiding this comment.
This feels weird. Isn't this a tautology?
There was a problem hiding this comment.
I had some massive brain farts while working on the code and intended this to be related to the size of the hash passed to TqSign (I wasted several hours thinking the size of sha256 was 64 bytes..). You're right this is not actually useful so I'll remove it.
labbott
force-pushed
the
attest_messages_tq
branch
from
22c9c8a
to
4e44683
Compare
attest-data/src/messages.rs
Outdated
| /// Right now `Attest` is the only command that takes data (nonce) | ||
| /// Right now `Attest` and `TqSign` are the only commands that take data | ||
| /// argumenets. They happen to be the same length but to be extra cautious | ||
| /// add a static assertion. |
There was a problem hiding this comment.
We've removed the assertion so we should probably remove the comment about it. That said we may be able to do more here to ensure we set MAX_DATA_LEN appropriately w/ the two possible message sizes. cmp::max can't be used to create a const value but there are some weird tricks like:
const fn const_max(a: usize, b: usize) -> usize {
[a, b][(a < b) as usize]
}
I think that may make something like const MAX_DATA_LEN: usize = const_max(NONCE_SIZE, SHA3_256_DIGEST_SIZE) possible? Casting a bool as usize is a bit hacky but it gets us the right array index. Hacked an example up in the playground
This lets the upper layers perform signing operations
labbott
force-pushed
the
attest_messages_tq
branch
from
4e44683
to
41e9e2a
Compare
No description provided.