Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Improves tests for tagged schemes. #425

Merged
merged 1 commit into from
Sep 16, 2023
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
5 changes: 5 additions & 0 deletions tss-esapi/src/structures/schemes.rs
Original file line number Diff line number Diff line change
Expand Up @@ -52,6 +52,11 @@ impl HmacScheme {
pub const fn new(hashing_algorithm: HashingAlgorithm) -> HmacScheme {
HmacScheme { hashing_algorithm }
}

/// Returns the hashing algorithm
pub const fn hashing_algorithm(&self) -> HashingAlgorithm {
self.hashing_algorithm
}
}

impl From<HashScheme> for HmacScheme {
Expand Down
285 changes: 186 additions & 99 deletions tss-esapi/src/structures/tagged/schemes.rs

Large diffs are not rendered by default.

Original file line number Diff line number Diff line change
Expand Up @@ -58,5 +58,5 @@ pub fn ensure_tpm2b_sensitive_create_equality(
expected.size, actual.size,
"'size' value in TPM2B_SENSITIVE_CREATE, mismatch between actual and expected",
);
crate::common::ensure_tpms_sensitive_create(&expected.sensitive, &actual.sensitive);
crate::common::ensure_tpms_sensitive_create_equality(&expected.sensitive, &actual.sensitive);
}
Original file line number Diff line number Diff line change
Expand Up @@ -7,9 +7,9 @@ use tss_esapi::{
},
tss2_esys::{
TPMS_ALG_PROPERTY, TPMS_ATTEST, TPMS_CERTIFY_INFO, TPMS_CLOCK_INFO,
TPMS_COMMAND_AUDIT_INFO, TPMS_CREATION_INFO, TPMS_ECC_PARMS, TPMS_KEYEDHASH_PARMS,
TPMS_NV_CERTIFY_INFO, TPMS_PCR_SELECTION, TPMS_QUOTE_INFO, TPMS_RSA_PARMS,
TPMS_SCHEME_ECDAA, TPMS_SCHEME_HASH, TPMS_SCHEME_HMAC, TPMS_SCHEME_XOR,
TPMS_COMMAND_AUDIT_INFO, TPMS_CREATION_INFO, TPMS_ECC_PARMS, TPMS_EMPTY,
TPMS_KEYEDHASH_PARMS, TPMS_NV_CERTIFY_INFO, TPMS_PCR_SELECTION, TPMS_QUOTE_INFO,
TPMS_RSA_PARMS, TPMS_SCHEME_ECDAA, TPMS_SCHEME_HASH, TPMS_SCHEME_HMAC, TPMS_SCHEME_XOR,
TPMS_SENSITIVE_CREATE, TPMS_SESSION_AUDIT_INFO, TPMS_SYMCIPHER_PARMS,
TPMS_TAGGED_PCR_SELECT, TPMS_TAGGED_PROPERTY, TPMS_TIME_ATTEST_INFO, TPMS_TIME_INFO,
},
Expand Down Expand Up @@ -302,10 +302,17 @@ pub fn ensure_tpms_symcipher_parms_equality(
crate::common::ensure_tpmt_sym_def_object_equality(&expected.sym, &actual.sym)
}

pub fn ensure_tpms_sensitive_create(
pub fn ensure_tpms_sensitive_create_equality(
expected: &TPMS_SENSITIVE_CREATE,
actual: &TPMS_SENSITIVE_CREATE,
) {
crate::common::ensure_tpm2b_auth_equality(&expected.userAuth, &actual.userAuth);
crate::common::ensure_tpm2b_sensitive_data(&expected.data, &actual.data);
}

pub fn ensure_tpms_empty_equality(expected: &TPMS_EMPTY, actual: &TPMS_EMPTY) {
assert_eq!(
expected.empty, actual.empty,
"'empty' value TPMS_EMPTY, mismatch between actual and expected."
);
}
Original file line number Diff line number Diff line change
Expand Up @@ -10,7 +10,7 @@ use tss_esapi::{
},
tss2_esys::{
TPMT_ECC_SCHEME, TPMT_KDF_SCHEME, TPMT_KEYEDHASH_SCHEME, TPMT_PUBLIC_PARMS,
TPMT_RSA_SCHEME, TPMT_SYM_DEF, TPMT_SYM_DEF_OBJECT,
TPMT_RSA_DECRYPT, TPMT_RSA_SCHEME, TPMT_SIG_SCHEME, TPMT_SYM_DEF, TPMT_SYM_DEF_OBJECT,
},
};

Expand Down Expand Up @@ -336,3 +336,72 @@ pub fn ensure_tpmt_kdf_scheme_equality(expected: &TPMT_KDF_SCHEME, actual: &TPMT
_ => panic!("Invalid algorithm in TPMT_KDF_SCHEME"),
}
}

pub fn ensure_tpmt_rsa_decrypt_equality(expected: &TPMT_RSA_DECRYPT, actual: &TPMT_RSA_DECRYPT) {
assert_eq!(
expected.scheme, actual.scheme,
"'scheme' value in TPMT_RSA_DECRYPT, mismatch between actual and expected",
);

match expected.scheme {
TPM2_ALG_RSAES => {
let expected_scheme = unsafe { &expected.details.rsaes };
let actual_scheme = unsafe { &actual.details.rsaes };
crate::common::ensure_tpms_empty_equality(expected_scheme, actual_scheme);
}
TPM2_ALG_OAEP => {
let expected_scheme = unsafe { &expected.details.oaep };
let actual_scheme = unsafe { &actual.details.oaep };
crate::common::ensure_tpms_scheme_hash_equality(expected_scheme, actual_scheme);
}
TPM2_ALG_NULL => {}
_ => panic!("Invalid algorithm in TPMT_RSA_DECRYPT"),
}
}

pub fn ensure_tpmt_sig_scheme_equality(expected: &TPMT_SIG_SCHEME, actual: &TPMT_SIG_SCHEME) {
assert_eq!(
expected.scheme, actual.scheme,
"'scheme' value in TPMT_SIG_SCHEME, mismatch between actual and expected",
);

match expected.scheme {
TPM2_ALG_RSASSA => {
let expected_scheme = unsafe { &expected.details.rsassa };
let actual_scheme = unsafe { &actual.details.rsassa };
crate::common::ensure_tpms_scheme_hash_equality(expected_scheme, actual_scheme);
}
TPM2_ALG_RSAPSS => {
let expected_scheme = unsafe { &expected.details.rsapss };
let actual_scheme = unsafe { &actual.details.rsapss };
crate::common::ensure_tpms_scheme_hash_equality(expected_scheme, actual_scheme);
}
TPM2_ALG_ECDSA => {
let expected_scheme = unsafe { &expected.details.ecdsa };
let actual_scheme = unsafe { &actual.details.ecdsa };
crate::common::ensure_tpms_scheme_hash_equality(expected_scheme, actual_scheme);
}
TPM2_ALG_SM2 => {
let expected_scheme = unsafe { &expected.details.sm2 };
let actual_scheme = unsafe { &actual.details.sm2 };
crate::common::ensure_tpms_scheme_hash_equality(expected_scheme, actual_scheme);
}
TPM2_ALG_ECSCHNORR => {
let expected_scheme = unsafe { &expected.details.ecschnorr };
let actual_scheme = unsafe { &actual.details.ecschnorr };
crate::common::ensure_tpms_scheme_hash_equality(expected_scheme, actual_scheme);
}
TPM2_ALG_ECDAA => {
let expected_scheme = unsafe { &expected.details.ecdaa };
let actual_scheme = unsafe { &actual.details.ecdaa };
crate::common::ensure_tpms_scheme_ecdaa_equality(expected_scheme, actual_scheme);
}
TPM2_ALG_HMAC => {
let expected_scheme = unsafe { &expected.details.hmac };
let actual_scheme = unsafe { &actual.details.hmac };
crate::common::ensure_tpms_scheme_hmac_equality(expected_scheme, actual_scheme);
}
TPM2_ALG_NULL => {}
_ => panic!("Invalid algorithm in TPMT_SIG_SCHEME"),
}
}
Original file line number Diff line number Diff line change
Expand Up @@ -131,7 +131,7 @@ mod test_quote {
let mut context = create_ctx_with_session();
let qualifying_data = vec![0xff; 16];
let sign_scheme = SignatureScheme::RsaPss {
hash_scheme: HashScheme::new(HashingAlgorithm::Sha256),
scheme: HashScheme::new(HashingAlgorithm::Sha256),
};

let obj_key_handle = context
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -51,7 +51,7 @@ fn test_tpms_sensitive_create_conversions() {
"data() did not return expected value"
);
let actual_tpms_sensitive_create: TPMS_SENSITIVE_CREATE = sensitive_create.into();
crate::common::ensure_tpms_sensitive_create(
crate::common::ensure_tpms_sensitive_create_equality(
&expected_tpms_sensitive_create,
&actual_tpms_sensitive_create,
);
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -9,4 +9,9 @@ mod sensitive;
mod signature;
mod symmetric_definition_object_tests;
mod symmetric_definition_tests;
mod tagged_ecc_scheme_tests;
mod tagged_key_derivation_function_scheme_tests;
mod tagged_keyed_hash_scheme_tests;
mod tagged_rsa_decryption_scheme_tests;
mod tagged_rsa_scheme_tests;
mod tagged_signature_scheme_tests;
Loading