Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

build(deps): bump kvm-bindings from 0.10.0 to 0.11.1 #286

Open
wants to merge 2 commits into
base: main
Choose a base branch
from
Open

build(deps): bump kvm-bindings from 0.10.0 to 0.11.1 #286

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
ec4c8d6
Switching to custom parser for binary.
larrydewey Feb 3, 2025
75804ee
build(deps): bump kvm-bindings from 0.10.0 to 0.11.1
dependabot[bot] Mar 10, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
355 changes: 195 additions & 160 deletions Cargo.lock
View file
Open in desktop

Large diffs are not rendered by default.

8 changes: 4 additions & 4 deletions Cargo.toml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -45,7 +45,7 @@ snp = []
crypto_nossl = ["dep:p384", "dep:rsa", "dep:sha2", "dep:x509-cert"]

[target.'cfg(target_os = "linux")'.dependencies]
iocuddle = "0.1"
iocuddle = "^0.1"

[dependencies]
openssl = { version = "0.10", optional = true }
Expand All @@ -69,12 +69,12 @@ x509-cert = { version = "0.2.5", optional = true }
byteorder = "1.4.3"
base64 = "0.22.1"
rdrand = { version = "^0.8", optional = true }
reqwest = { version="0.11.10", features = ["blocking"], optional = true }
tokio = {version = "1.29.1", features =["rt-multi-thread"], optional = true }
reqwest = { version = "0.11.10", features = ["blocking"], optional = true }
tokio = { version = "1.29.1", features = ["rt-multi-thread"], optional = true }

[target.'cfg(target_os = "linux")'.dev-dependencies]
kvm-ioctls = ">=0.16"
kvm-bindings = ">=0.9.1"

[dev-dependencies]
kvm-bindings = ">=0.9.1"
serial_test = "3.0"
2 changes: 1 addition & 1 deletion src/certs/sev/sev/cert/v1/body/mod.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -7,7 +7,7 @@ use super::*;
#[repr(C, packed)]
#[derive(Copy, Clone, Debug, PartialEq, Eq)]
pub struct Data {
pub firmware: crate::Version,
pub firmware: crate::firmware::host::Version,
pub reserved: u16,
pub key: key::PubKey,
}
Expand Down
40 changes: 13 additions & 27 deletions src/certs/sev/sev/cert/v1/sig/ecdsa.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3,23 +3,21 @@
#[cfg(feature = "openssl")]
use {super::*, openssl::ecdsa};

use crate::util::hexdump;
use crate::util::array::Array;

use serde::{Deserialize, Serialize};
use serde_big_array::BigArray;

const SIG_PIECE_SIZE: usize = std::mem::size_of::<[u8; 72]>();

/// An ECDSA Signature.
#[repr(C)]
#[derive(Copy, Clone, Deserialize, Serialize)]
#[derive(Default, Copy, Clone, Deserialize, Serialize)]
pub struct Signature {
#[serde(with = "BigArray")]
r: [u8; 72],
#[serde(with = "BigArray")]
s: [u8; 72],
#[serde(with = "BigArray")]
_reserved: [u8; 512 - (SIG_PIECE_SIZE * 2)],
r: Array<u8, 72>,

s: Array<u8, 72>,

_reserved: Array<u8, { 512 - (SIG_PIECE_SIZE * 2) }>,
}

impl std::fmt::Debug for Signature {
Expand All @@ -40,17 +38,6 @@ impl PartialEq for Signature {
}
}

#[allow(clippy::derivable_impls)]
impl Default for Signature {
fn default() -> Self {
Signature {
r: [0u8; 72],
s: [0u8; 72],
_reserved: [0u8; (512 - (SIG_PIECE_SIZE * 2))],
}
}
}

impl std::fmt::Display for Signature {
fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result {
write!(
Expand All @@ -60,8 +47,7 @@ Signature:
R: {}
S: {}
"#,
hexdump(&self.r),
hexdump(&self.s)
self.r, self.s
)
}
}
Expand All @@ -71,9 +57,9 @@ impl From<ecdsa::EcdsaSig> for Signature {
#[inline]
fn from(value: ecdsa::EcdsaSig) -> Self {
Signature {
r: value.r().as_le_bytes(),
s: value.s().as_le_bytes(),
_reserved: [0; 512 - (SIG_PIECE_SIZE * 2)],
r: Array(value.r().as_le_bytes()),
s: Array(value.s().as_le_bytes()),
_reserved: Array([0; 512 - (SIG_PIECE_SIZE * 2)]),
}
}
}
Expand All @@ -94,8 +80,8 @@ impl TryFrom<&Signature> for ecdsa::EcdsaSig {

#[inline]
fn try_from(value: &Signature) -> Result<Self> {
let r = bn::BigNum::from_le(&value.r)?;
let s = bn::BigNum::from_le(&value.s)?;
let r = bn::BigNum::from_le(&*value.r)?;
let s = bn::BigNum::from_le(&*value.s)?;
Ok(ecdsa::EcdsaSig::from_private_components(r, s)?)
}
}
Expand Down
2 changes: 1 addition & 1 deletion src/certs/snp/builtin/mod.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
// SPDX-License-Identifier: Apache-2.0

/// Interfaces for retrieving builtin ARKs and ASKs for their respective generations.
//! Interfaces for retrieving builtin ARKs and ASKs for their respective generations.

/// Genoa generation.
pub mod genoa;
Expand Down
4 changes: 2 additions & 2 deletions src/certs/snp/ca/mod.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,11 +1,11 @@
// SPDX-License-Identifier: Apache-2.0
//! Operations for a Certificate Authority (CA) chain.

#[cfg(feature = "openssl")]
use openssl::x509::X509;

use super::*;

/// Operations for a Certificate Authority (CA) chain.

/// A Certificate Authority (CA) chain.
#[derive(Clone, Debug)]
pub struct Chain {
Expand Down
118 changes: 60 additions & 58 deletions src/certs/snp/ecdsa/mod.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@
#[cfg(any(feature = "openssl", feature = "crypto_nossl"))]
use super::*;

use crate::util::hexdump;
use crate::{firmware::parser::ByteParser, util::array::Array};

#[cfg(feature = "openssl")]
use crate::certs::snp::{AsLeBytes, FromLe};
Expand All @@ -12,27 +12,24 @@ use crate::certs::snp::{AsLeBytes, FromLe};
use std::convert::TryFrom;

use serde::{Deserialize, Serialize};
use serde_big_array::BigArray;

#[cfg(feature = "openssl")]
use openssl::{bn, ecdsa};

const SIG_PIECE_SIZE: usize = std::mem::size_of::<[u8; 72]>();
const R_S_SIZE: usize = SIG_PIECE_SIZE * 2usize;

#[repr(C)]
#[derive(Copy, Clone, Deserialize, Serialize, PartialOrd, Ord)]
#[derive(Default, Copy, Clone, Deserialize, Serialize, PartialOrd, Ord)]
/// ECDSA signature.
pub struct Signature {
#[serde(with = "BigArray")]
r: [u8; 72],
#[serde(with = "BigArray")]
s: [u8; 72],
#[serde(with = "BigArray")]
_reserved: [u8; 512 - R_S_SIZE],
r: Array<u8, 72>,

s: Array<u8, 72>,
}

impl Signature {
/// Creates a new signature from the values specified
pub fn new(r: Array<u8, 72>, s: Array<u8, 72>) -> Self {
Self { r, s }
}
/// Returns the signatures `r` component
pub fn r(&self) -> &[u8; 72] {
&self.r
Expand All @@ -55,34 +52,45 @@ impl std::fmt::Debug for Signature {
}
}

impl ByteParser for Signature {
type Bytes = [u8; 512];
#[inline(always)]
fn from_bytes(bytes: Self::Bytes) -> Self {
let mut r = [0; 72];
let mut s = [0; 72];
r.copy_from_slice(&bytes[0..72]);
s.copy_from_slice(&bytes[72..144]);

Self::new(Array(r), Array(s))
}
#[inline(always)]
fn to_bytes(&self) -> Self::Bytes {
let mut bytes = [0u8; 512];
bytes[0..72].copy_from_slice(&*self.r);
bytes[72..144].copy_from_slice(&*self.s);
bytes
}
#[inline(always)]
fn default() -> Self {
Default::default()
}
}

impl Eq for Signature {}
impl PartialEq for Signature {
fn eq(&self, other: &Signature) -> bool {
self.r[..] == other.r[..] && self.s[..] == other.s[..]
}
}

impl Default for Signature {
fn default() -> Self {
Signature {
r: [0u8; 72],
s: [0u8; 72],
_reserved: [0u8; (512 - (SIG_PIECE_SIZE * 2))],
}
}
}

impl std::fmt::Display for Signature {
fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result {
write!(
f,
r#"
Signature:
r#"Signature:
R: {}
S: {}
"#,
hexdump(&self.r),
hexdump(&self.s)
S: {}"#,
self.r, self.s
)
}
}
Expand All @@ -92,9 +100,8 @@ impl From<ecdsa::EcdsaSig> for Signature {
#[inline]
fn from(value: ecdsa::EcdsaSig) -> Self {
Signature {
r: value.r().as_le_bytes(),
s: value.s().as_le_bytes(),
_reserved: [0; 512 - (SIG_PIECE_SIZE * 2)],
r: Array(value.r().as_le_bytes()),
s: Array(value.s().as_le_bytes()),
}
}
}
Expand All @@ -115,8 +122,8 @@ impl TryFrom<&Signature> for ecdsa::EcdsaSig {

#[inline]
fn try_from(value: &Signature) -> Result<Self> {
let r = bn::BigNum::from_le(&value.r)?;
let s = bn::BigNum::from_le(&value.s)?;
let r = bn::BigNum::from_le(&*value.r)?;
let s = bn::BigNum::from_le(&*value.s)?;
Ok(ecdsa::EcdsaSig::from_private_components(r, s)?)
}
}
Expand Down Expand Up @@ -159,30 +166,28 @@ mod tests {

#[test]
fn test_signature_default() {
let sig: Signature = Signature::default();
let sig: Signature = Default::default();
assert_eq!(sig.r(), &[0u8; 72]);
assert_eq!(sig.s(), &[0u8; 72]);
}

#[test]
fn test_signature_getters() {
let sig: Signature = Signature {
r: [1u8; 72],
s: [2u8; 72],
_reserved: [0u8; 512 - (SIG_PIECE_SIZE * 2)],
r: Array([1u8; 72]),
s: Array([2u8; 72]),
};
assert_eq!(sig.r(), &[1u8; 72]);
assert_eq!(sig.s(), &[2u8; 72]);
}

#[test]
fn test_signature_eq() {
let sig1: Signature = Signature::default();
let sig2: Signature = Signature::default();
let sig1: Signature = Default::default();
let sig2: Signature = Default::default();
let sig3: Signature = Signature {
r: [1u8; 72],
s: [0u8; 72],
_reserved: [0u8; 512 - (SIG_PIECE_SIZE * 2)],
r: Array([1u8; 72]),
s: Array([0u8; 72]),
};

assert_eq!(sig1, sig2);
Expand All @@ -191,27 +196,26 @@ mod tests {

#[test]
fn test_signature_ord() {
let sig1: Signature = Signature::default();
let sig1: Signature = Default::default();
let sig2: Signature = Signature {
r: [1u8; 72],
s: [0u8; 72],
_reserved: [0u8; 512 - (SIG_PIECE_SIZE * 2)],
r: Array([1u8; 72]),
s: Array([0u8; 72]),
};

assert!(sig1 < sig2);
}

#[test]
fn test_signature_debug() {
let sig: Signature = Signature::default();
let sig: Signature = Default::default();
let debug_str: String = format!("{:?}", sig);
assert!(debug_str.starts_with("Signature { r: "));
assert!(debug_str.contains(", s: "));
}

#[test]
fn test_signature_display() {
let sig: Signature = Signature::default();
let sig: Signature = Default::default();
let display_str: String = format!("{}", sig);
assert!(display_str.contains("Signature:"));
assert!(display_str.contains("R:"));
Expand Down Expand Up @@ -247,15 +251,15 @@ mod tests {

#[test]
fn test_try_into_ecdsa_sig() {
let sig = Signature::default();
let sig: Signature = Default::default();
let ecdsa_sig: ecdsa::EcdsaSig = (&sig).try_into().unwrap();
assert_eq!(ecdsa_sig.r().to_vec(), vec![]);
assert_eq!(ecdsa_sig.s().to_vec(), vec![]);
}

#[test]
fn test_try_into_vec() {
let sig = Signature::default();
let sig: Signature = Default::default();
let der: Vec<u8> = (&sig).try_into().unwrap();
assert!(!der.is_empty());
}
Expand All @@ -269,7 +273,7 @@ mod tests {
#[test]
#[should_panic]
fn test_try_into_p384_signature_failure() {
let signature: Signature = Signature::default();
let signature: Signature = Default::default();

let _p384_sig: p384::ecdsa::Signature = (&signature).try_into().unwrap();
}
Expand All @@ -278,9 +282,8 @@ mod tests {
fn test_try_into_p384_signature() {
// Test with non-zero values
let sig = Signature {
r: [1u8; 72],
s: [2u8; 72],
_reserved: [0u8; 512 - (SIG_PIECE_SIZE * 2)],
r: Array([1u8; 72]),
s: Array([2u8; 72]),
};
let p384_sig: p384::ecdsa::Signature = (&sig).try_into().unwrap();
assert_eq!(p384_sig.r().to_bytes().as_slice(), &[1u8; 48]);
Expand All @@ -290,7 +293,7 @@ mod tests {

#[test]
fn test_signature_serde() {
let sig: Signature = Signature::default();
let sig: Signature = Default::default();
let serialized: Vec<u8> = bincode::serialize(&sig).unwrap();
let deserialized: Signature = bincode::deserialize(&serialized).unwrap();
assert_eq!(sig, deserialized);
Expand All @@ -299,9 +302,8 @@ mod tests {
#[test]
fn test_signature_max_values() {
let sig: Signature = Signature {
r: [0xFF; 72],
s: [0xFF; 72],
_reserved: [0u8; 512 - (SIG_PIECE_SIZE * 2)],
r: Array([0xFF; 72]),
s: Array([0xFF; 72]),
};
assert_eq!(sig.r(), &[0xFF; 72]);
assert_eq!(sig.s(), &[0xFF; 72]);
Expand Down
Loading