Add PCE CBOR Tests

Signed-off-by: Yogesh Deshpande <[email protected]>
veraison · Jan 23, 2025 · 2271f38 · 2271f38
1 parent 0713455
commit 2271f38
Show file tree

Hide file tree

Showing 4 changed files with 95 additions and 1 deletion.
diff --git a/comid/tdx-profile/example_pce_refval_test.go b/comid/tdx-profile/example_pce_refval_test.go
@@ -4,6 +4,7 @@
 package tdx
 
 import (
+	_ "embed"
 	"fmt"
 
 	"github.com/veraison/corim/comid"
@@ -194,3 +195,63 @@ func extractSVN(s *teeTcbCompSvn) error {
 
 	return nil
 }
+
+var (
+	// test cases are based on diag files here:
+	// https://github.com/ietf-rats-wg/draft-ietf-rats-corim/tree/main/cddl/examples
+
+	//go:embed testcases/comid_pce_refval.cbor
+	testComid3 []byte
+)
+
+func Example_decode_PCE_CBOR() {
+	profileID, err := eat.NewProfile("http://intel.com/tdx-profile")
+	if err != nil {
+		panic(err) // will not error, as the hard-coded string above is valid
+	}
+	profile, found := corim.GetProfile(profileID)
+	if !found {
+		fmt.Printf("CoRIM Profile NOT FOUND")
+		return
+	}
+
+	coMID := profile.GetComid()
+
+	if err := coMID.FromCBOR(testComid3); err != nil {
+		panic(err)
+	}
+	if err := coMID.Valid(); err != nil {
+		panic(err)
+	}
+
+	if err := extractPCERefVals(coMID); err != nil {
+		panic(err)
+	}
+
+	// Output:
+	// OID: 2.16.840.1.113741.1.2.3.4.5
+	// Vendor: Intel Corporation
+	// Model: TDX PCE TCB
+	// InstanceID: 00112233445566778899aabbccddeeff
+	// pceID: 0000
+	// SVN[0]: 10
+	// SVN[1]: 10
+	// SVN[2]: 2
+	// SVN[3]: 2
+	// SVN[4]: 2
+	// SVN[5]: 1
+	// SVN[6]: 4
+	// SVN[7]: 0
+	// SVN[8]: 0
+	// SVN[9]: 0
+	// SVN[10]: 0
+	// SVN[11]: 0
+	// SVN[12]: 0
+	// SVN[13]: 0
+	// SVN[14]: 0
+	// SVN[15]: 0
+	// CryptoKey Type: pkix-base64-key
+	// CryptoKey Value: -----BEGIN PUBLIC KEY-----
+	// MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEFn0taoAwR3PmrKkYLtAsD9o05KSM6mbgfNCgpuL0g6VpTHkZl73wk5BDxoV7n+Oeee0iIqkW3HMZT3ETiniJdg==
+	// -----END PUBLIC KEY-----
+}
diff --git a/comid/tdx-profile/example_seam_refval_test.go b/comid/tdx-profile/example_seam_refval_test.go
@@ -400,7 +400,6 @@ func extractRefVals(c *comid.Comid) error {
 			return fmt.Errorf("bad PSA reference value at index %d: %w", i, err)
 		}
 	}
-
 	return nil
 }
 

diff --git a/comid/tdx-profile/testcases/comid_pce_refval.cbor b/comid/tdx-profile/testcases/comid_pce_refval.cbor
diff --git a/comid/tdx-profile/testcases/src/comid_pce_refval.diag b/comid/tdx-profile/testcases/src/comid_pce_refval.diag
@@ -0,0 +1,34 @@
+/ concise-mid-tag / {
+  / comid.tag-identity / 1 : {
+    / comid.tag-id / 0 : "Sample Provisioning Certification Enclave reference tag"
+  },
+  / comid.entity / 2 : [ {
+    / comid.entity-name / 0 : "INTEL",
+    / comid.reg-id / 1 : 32("https://intel.com"),
+    / comid.role / 2 : [ 0 ] / tag-creator /
+  } ],
+  / comid.triples / 4 : {
+    / comid.reference-triples / 0 : [ [
+      / environment-map / {
+        / comid.class / 0 : {
+          / comid.class-id / 0 :
+            / tagged-oid-type / 111(
+              h'6086480186F84D0102030405' /  2.16.840.1.113741.1.2.3.4.5 - <OID-for-TDX-PCE-TCB>/
+            ),
+          / comid.vendor / 1 : "Intel Corporation",
+          / comid.model / 2 : "TDX PCE TCB"
+        }
+      },
+      [
+        / measurement-map / {
+          / comid.mval / 1 : {
+              / comid.instanceid / -77 : h'00112233445566778899aabbccddeeff',
+              / tcb-comp-svn / -125 : [ 10, 10, 2, 2, 2, 1, 4, 0, 0, 0, 0, 0, 0, 0, 0, 0 ],
+              / pceid / -80 : "0000"
+          },
+          / authorized-by / 2: 554("-----BEGIN PUBLIC KEY-----\nMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEFn0taoAwR3PmrKkYLtAsD9o05KSM6mbgfNCgpuL0g6VpTHkZl73wk5BDxoV7n+Oeee0iIqkW3HMZT3ETiniJdg==\n-----END PUBLIC KEY-----")
+        }
+      ]
+    ] ]
+  }
+}
-Original file line number
+Diff line change
@@ Expand Up / @@ -400,7 +400,6 @@ func extractRefVals(c *comid.Comid) error { @@
     			return fmt.Errorf("bad PSA reference value at index %d: %w", i, err)
     		}
     	}
     	return nil
     }
@@ Expand Down @@