usesuper::*; use ::test::{assert, assert_eq, assert_ne, assert_ok, skip}; use authgraph_boringssl::BoringEcDsa; use authgraph_core::key::{CertChain, EcVerifyKey}; use authgraph_core::traits::EcDsa; use ciborium::Value; use coset::CborSerializable; use diced_open_dice::{bcc_handover_parse, DiceArtifacts as DicedDiceArtifacts}; use system_state::{SystemState, SystemStateFlag};
let dice_artifacts_buf = &mut [0u8; HWBCC_MAX_RESP_PAYLOAD_LENGTH];
let DiceArtifacts { artifacts } = assert_ok!(get_dice_artifacts(0, dice_artifacts_buf)); let parsed_handover = assert_ok!(bcc_handover_parse(artifacts));
// We don't expect the DICE chain on the emulator build.
assert!(parsed_handover.bcc().is_none());
let system_state_session =
assert_ok!(SystemState::try_connect(), "could not connect to system state service"); if system_state_session.get_flag(SystemStateFlag::AppLoadingUnlocked).unwrap() != 0{
assert_eq!(EMULATOR_CDI_ATTEST, parsed_handover.cdi_attest());
assert_eq!(EMULATOR_CDI_SEAL, parsed_handover.cdi_seal());
}
}
#[test] fn test_ns_deprivilege() { if cfg!(feature = "trusty_vm_guest") {
skip!("trusty vm guests do not support ns_deprivilege");
}
ns_deprivilege().expect("could not execute ns deprivilege");
// ns_deprivilege should not block calls from secure world let dice_artifacts_buf = &mut [0u8; HWBCC_MAX_RESP_PAYLOAD_LENGTH];
assert_ok!(get_dice_artifacts(0, dice_artifacts_buf));
}
#[test] fn test_get_bcc_test_mode() { if cfg!(feature = "trusty_vm_guest") {
skip!("trusty vm guests do not support HwBccMode::Test");
}
// get a first set of keys let bcc = assert_ok!(get_bcc(HwBccMode::Test, &mut bcc_buf)); let explicit_key_chain = assert_ok!(CertChain::from_non_explicit_key_cert_chain(bcc)); let leaf_pub_key =
assert_ok!(explicit_key_chain.validate(&BoringEcDsa), "Cert chain is not valid"); let root_key = explicit_key_chain.root_key;
// get second set of keys
bcc_buf.fill(0); let bcc = assert_ok!(get_bcc(HwBccMode::Test, &mut bcc_buf)); let explicit_key_chain2 = assert_ok!(CertChain::from_non_explicit_key_cert_chain(bcc)); let leaf_pub_key2 =
assert_ok!(explicit_key_chain2.validate(&BoringEcDsa), "Cert chain is not valid"); let root_key2 = explicit_key_chain2.root_key;
// the two sets of keys must be different in test mode
assert_ne!(root_key, root_key2);
assert_ne!(leaf_pub_key, leaf_pub_key2);
}
#[test] fn test_get_emulator_bcc() { if !cfg!(feature = "generic-arm-unittest") {
skip!("not running on emulator");
}
letmut emulator_pub_key = assert_ok!(
EcVerifyKey::from_cose_key(
coset::CoseKeyBuilder::new_okp_key()
.param(
iana::OkpKeyParameter::Crv as i64,
Value::from(iana::EllipticCurve::Ed25519 as u64),
)
.param(iana::OkpKeyParameter::X as i64, Value::from(EMULATOR_PUB_KEY.as_slice()))
.algorithm(coset::iana::Algorithm::EdDSA)
.add_key_op(coset::iana::KeyOperation::Verify)
.build()
), "Failed to create an EcVerifyKey from the pub key array"
);
emulator_pub_key.canonicalize_cose_key();
let bcc = assert_ok!(get_bcc(HwBccMode::Release, &mut bcc_buf)); let explicit_key_cert_chain = assert_ok!(CertChain::from_non_explicit_key_cert_chain(bcc)); let leaf_public_key =
assert_ok!(explicit_key_cert_chain.validate(&BoringEcDsa), "Cert chain is not valid");
// The emulator uses a hard-coded key and creates a degenerate cert, so we expect the // root key and the subject_public_key of the first cert to be the same.
assert_eq!(emulator_pub_key, explicit_key_cert_chain.root_key);
assert_eq!(explicit_key_cert_chain.root_key, leaf_public_key);
}
#[test] fn test_sign_data_test_mode() { if cfg!(feature = "trusty_vm_guest") {
skip!("trusty vm guests do not support HwBccMode::Test");
}
let sig = assert_ok!(sign_data(
HwBccMode::Test,
SigningAlgorithm::ED25519,
TEST_MAC_KEY,
TEST_AAD,
&mut cose_sign1_buf,
));
// Note that the best we can do here is assert that we have successfully // obtained a signature. This is because the Rust API does not support // hwbcc sessions; it creates a new session with every API call. // HwBccMode::Test will result in a different key if we try and call // get_bcc to retrieve the public key use to sign data.
assert!(sig.len() > 0);
}
let sig_raw = assert_ok!(sign_data(
HwBccMode::Release,
SigningAlgorithm::ED25519,
TEST_MAC_KEY,
TEST_AAD,
&mut buff,
)); let sig = assert_ok!(coset::CoseSign1::from_slice(&sig_raw));
// We validate that the data (TEST_MAC_KEY) was signed by the private // key associated with the public key of the leaf cert of the DICE chain.
buff.fill(0); let bcc = assert_ok!(get_bcc(HwBccMode::Release, &mut buff)); let explicit_key_cert_chain = assert_ok!(CertChain::from_non_explicit_key_cert_chain(bcc)); let leaf_pub_key =
assert_ok!(explicit_key_cert_chain.validate(&BoringEcDsa), "Cert chain is not valid");
let bcc = assert_ok!(get_bcc(HwBccMode::Release, &mut bcc_buf)); let explicit_key_chain = assert_ok!(CertChain::from_non_explicit_key_cert_chain(bcc)); let _ = assert_ok!(explicit_key_chain.validate(&BoringEcDsa), "Cert chain is not valid");
}
/// When trusty is running within a VM, it uses PvmDice as its hwbcc server implementation. /// PvmDice derives a leaf cert for each call to get_bcc that is specific to the calling TA. /// It does so by including the UUID of the calling TA as the component_name of the cert. /// This test checks that the component_name is correctly set when this test app calls get_bcc. #[test] fn test_vm_get_bcc_leaf_is_ta_specific() { if !cfg!(feature = "trusty_vm_guest") {
skip!("not running in trusty vm guest");
}
let bcc = assert_ok!(get_bcc(HwBccMode::Release, &mut bcc_buf)); let explicit_key_cert_chain = assert_ok!(CertChain::from_non_explicit_key_cert_chain(bcc)); let _ = assert_ok!(explicit_key_cert_chain.validate(&BoringEcDsa), "Cert chain is not valid");
let leaf_cert_component_name =
assert_ok!(explicit_key_cert_chain.get_leaf_cert_component_name());
assert_eq!(Some(HWBCC_RUST_TEST_UUID.to_string()), leaf_cert_component_name);
}
Messung V0.5 in Prozent
¤ Dauer der Verarbeitung: 0.11 Sekunden
(vorverarbeitet am 2026-06-27)
¤
Die Informationen auf dieser Webseite wurden
nach bestem Wissen sorgfältig zusammengestellt. Es wird jedoch weder Vollständigkeit, noch Richtigkeit,
noch Qualität der bereit gestellten Informationen zugesichert.
Bemerkung:
Die farbliche Syntaxdarstellung und die Messung sind noch experimentell.