tem_ruby 0.15.2 → 0.16.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- data/CHANGELOG +2 -0
- data/lib/tem/admin/emit.rb +1 -1
- data/lib/tem/admin/migrate.rb +64 -7
- data/lib/tem/apdus/keys.rb +8 -5
- data/lib/tem/benchmarks/blank_bound_secpack.rb +1 -1
- data/lib/tem/benchmarks/devchip_decrypt.rb +2 -2
- data/lib/tem/benchmarks/vm_perf_bound.rb +1 -1
- data/lib/tem/definitions/isa.rb +2 -1
- data/lib/tem/firmware/tc.cap +0 -0
- data/lib/tem/toolkit.rb +0 -18
- data/tem_ruby.gemspec +1 -1
- data/test/firmware/test_uploader.rb +1 -1
- data/test/tem_unit/test_tem_migrate.rb +1 -1
- data/test/test_crypto_engine.rb +2 -2
- metadata +1 -1
data/CHANGELOG
CHANGED
data/lib/tem/admin/emit.rb
CHANGED
data/lib/tem/admin/migrate.rb
CHANGED
@@ -12,6 +12,42 @@ module Tem::Admin
|
|
12
12
|
|
13
13
|
# Logic for migrating SECpacks.
|
14
14
|
module Migrate
|
15
|
+
# SEClosure that loads a symmetric key exclusively for SECpack execution.
|
16
|
+
#
|
17
|
+
# Args:
|
18
|
+
# key_bytes:: the key to be loaded in the TEM, serialized in TEM format
|
19
|
+
def self.skey_load_seclosure(key_bytes)
|
20
|
+
Tem::Assembler.assemble { |s|
|
21
|
+
s.ldwc :const => :key
|
22
|
+
s.rdk
|
23
|
+
s.ldwc :const => Tem::Abi.tem_hash_length
|
24
|
+
s.ldwc :const => :authz
|
25
|
+
s.rnd
|
26
|
+
s.authk :auth => :authz
|
27
|
+
s.ldbc :const => 1
|
28
|
+
s.outnew
|
29
|
+
s.outb
|
30
|
+
s.halt
|
31
|
+
|
32
|
+
s.label :secret
|
33
|
+
s.label :key
|
34
|
+
s.data :tem_ubyte, key_bytes
|
35
|
+
s.label :plain
|
36
|
+
s.label :authz
|
37
|
+
s.zeros :tem_hash, 1
|
38
|
+
s.stack 8
|
39
|
+
}
|
40
|
+
end
|
41
|
+
|
42
|
+
# Blank version of the SEClosure that loads a symmetric key for execution.
|
43
|
+
#
|
44
|
+
# The returned SEClosure is not suitable for execution. Its encrypted bytes
|
45
|
+
# should be replaced with the bytes from a SECpack generated with live data.
|
46
|
+
def self.blank_skey_load_seclosure
|
47
|
+
skey_load_seclosure [0] * (Tem::Abi.tem_3des_key_string_length + 1)
|
48
|
+
end
|
49
|
+
|
50
|
+
|
15
51
|
# SEClosure that verifies the destination TEM's ECert.
|
16
52
|
#
|
17
53
|
# Args:
|
@@ -146,13 +182,19 @@ module Migrate
|
|
146
182
|
|
147
183
|
# The key storing the encrypted bytes of the ecert_verify SECpack in the
|
148
184
|
# TEM's tag.
|
149
|
-
def self.
|
185
|
+
def self.skey_load_tag_key
|
150
186
|
0x11
|
151
187
|
end
|
188
|
+
|
189
|
+
# The key storing the encrypted bytes of the ecert_verify SECpack in the
|
190
|
+
# TEM's tag.
|
191
|
+
def self.ecert_verify_bytes_tag_key
|
192
|
+
0x12
|
193
|
+
end
|
152
194
|
|
153
195
|
# The key storing the encrypted bytes of the migrate SECpack in the TEM's tag.
|
154
196
|
def self.migrate_bytes_tag_key
|
155
|
-
|
197
|
+
0x13
|
156
198
|
end
|
157
199
|
|
158
200
|
# Data to be included in a TEM's tag to support migration.
|
@@ -160,15 +202,20 @@ module Migrate
|
|
160
202
|
# Returns a hash of tag key-values to be included in the TEM's tag during
|
161
203
|
# emission.
|
162
204
|
def self.tag_data(pubek, privek_authz)
|
205
|
+
skey = Tem::Keys::Symmetric.generate
|
206
|
+
ld_sec = skey_load_seclosure skey.to_tem_key
|
207
|
+
ld_sec.bind pubek
|
208
|
+
|
163
209
|
ps_addr = OpenSSL::Random.random_bytes(Tem::Abi.tem_ps_addr_length).
|
164
210
|
unpack('C*')
|
165
211
|
ev_sec = ecert_verify_seclosure ps_addr, privek_authz
|
166
|
-
ev_sec.bind
|
212
|
+
ev_sec.bind skey
|
167
213
|
|
168
214
|
m_sec = migrate_seclosure ps_addr, privek_authz
|
169
|
-
m_sec.bind
|
215
|
+
m_sec.bind skey
|
170
216
|
|
171
217
|
{
|
218
|
+
skey_load_tag_key => ld_sec.encrypted_data,
|
172
219
|
ecert_verify_bytes_tag_key => ev_sec.encrypted_data,
|
173
220
|
migrate_bytes_tag_key => m_sec.encrypted_data
|
174
221
|
}
|
@@ -178,6 +225,10 @@ module Migrate
|
|
178
225
|
def self.seclosures_from_tag_data(tem)
|
179
226
|
tag_data = tem.tag
|
180
227
|
|
228
|
+
skey_load = blank_skey_load_seclosure
|
229
|
+
skey_load.fake_bind
|
230
|
+
skey_load.encrypted_data = tag_data[skey_load_tag_key]
|
231
|
+
|
181
232
|
ecert_verify = blank_ecert_verify_seclosure
|
182
233
|
ecert_verify.fake_bind
|
183
234
|
ecert_verify.encrypted_data = tag_data[ecert_verify_bytes_tag_key]
|
@@ -186,7 +237,8 @@ module Migrate
|
|
186
237
|
migrate.fake_bind
|
187
238
|
migrate.encrypted_data = tag_data[migrate_bytes_tag_key]
|
188
239
|
|
189
|
-
{ :
|
240
|
+
{ :skey_load => skey_load, :ecert_verify => ecert_verify,
|
241
|
+
:migrate => migrate }
|
190
242
|
end
|
191
243
|
|
192
244
|
# Migrates a SECpack to another TEM.
|
@@ -200,18 +252,23 @@ module Migrate
|
|
200
252
|
def migrate(secpack, ecert)
|
201
253
|
migrated = secpack.copy
|
202
254
|
secpacks = Tem::Admin::Migrate.seclosures_from_tag_data self
|
255
|
+
|
256
|
+
skey_ld = secpacks[:skey_load]
|
257
|
+
skey_id = Tem::Abi.read_tem_ubyte execute(skey_ld), 0
|
203
258
|
|
204
259
|
verify = secpacks[:ecert_verify]
|
205
260
|
verify.set_bytes :pubek,
|
206
261
|
Tem::Key.new_from_ssl_key(ecert.public_key).to_tem_key
|
207
|
-
return nil if execute(verify) != [1]
|
262
|
+
return nil if execute(verify, skey_id) != [1]
|
208
263
|
|
209
264
|
migrate = secpacks[:migrate]
|
210
265
|
migrate.set_value :secpack_secret_size, :tem_short, secpack.secret_bytes +
|
211
266
|
Tem::Abi.tem_hash_length
|
212
267
|
migrate.set_bytes :secpack_encrypted, migrated.encrypted_data
|
213
|
-
return nil unless new_encrypted_data = execute(migrate)
|
268
|
+
return nil unless new_encrypted_data = execute(migrate, skey_id)
|
214
269
|
migrated.encrypted_data = new_encrypted_data
|
270
|
+
|
271
|
+
release_key skey_id
|
215
272
|
migrated
|
216
273
|
end
|
217
274
|
end # module Tem::Admin::Migrate
|
data/lib/tem/apdus/keys.rb
CHANGED
@@ -15,13 +15,16 @@ module Keys
|
|
15
15
|
:pubkey_id => read_tem_byte(response, 1) }
|
16
16
|
end
|
17
17
|
|
18
|
-
|
19
|
-
|
18
|
+
# NOTE: this is the only method that is not devchip-only. It needs to be in
|
19
|
+
# the production driver to prevent from DOSing the TEM by filling its
|
20
|
+
# key store.
|
21
|
+
def release_key(key_id)
|
22
|
+
@transport.iso_apdu! :ins => 0x28, :p1 => key_id
|
20
23
|
return true
|
21
24
|
end
|
22
25
|
|
23
26
|
def devchip_save_key(key_id)
|
24
|
-
response = @transport.iso_apdu! :ins =>
|
27
|
+
response = @transport.iso_apdu! :ins => 0x42, :p1 => key_id
|
25
28
|
buffer_id = read_tem_byte response, 0
|
26
29
|
buffer_length = read_tem_short response, 1
|
27
30
|
key_buffer = read_buffer buffer_id
|
@@ -47,10 +50,10 @@ module Keys
|
|
47
50
|
return data_buffer[0, buffer_length]
|
48
51
|
end
|
49
52
|
def devchip_encrypt(data, key_id)
|
50
|
-
devchip_encrypt_decrypt data, key_id,
|
53
|
+
devchip_encrypt_decrypt data, key_id, 0x43
|
51
54
|
end
|
52
55
|
def devchip_decrypt(data, key_id)
|
53
|
-
devchip_encrypt_decrypt data, key_id,
|
56
|
+
devchip_encrypt_decrypt data, key_id, 0x44
|
54
57
|
end
|
55
58
|
|
56
59
|
def stat_keys
|
@@ -27,7 +27,7 @@ class Tem::Benchmarks
|
|
27
27
|
encrypted_data = key.encrypt data
|
28
28
|
print "3DES-encrypted blob has #{encrypted_data.length} bytes\n"
|
29
29
|
do_timing { @tem.devchip_decrypt encrypted_data, key_id }
|
30
|
-
@tem.
|
30
|
+
@tem.release_key key_id
|
31
31
|
end
|
32
32
|
|
33
33
|
def time_devchip_decrypt_3des_long
|
@@ -38,6 +38,6 @@ class Tem::Benchmarks
|
|
38
38
|
encrypted_data = key.encrypt data
|
39
39
|
print "3DES-encrypted blob has #{encrypted_data.length} bytes\n"
|
40
40
|
do_timing { @tem.devchip_decrypt encrypted_data, key_id }
|
41
|
-
@tem.
|
41
|
+
@tem.release_key key_id
|
42
42
|
end
|
43
43
|
end
|
data/lib/tem/definitions/isa.rb
CHANGED
data/lib/tem/firmware/tc.cap
CHANGED
Binary file
|
data/lib/tem/toolkit.rb
CHANGED
@@ -59,24 +59,6 @@ module Tem::Toolkit
|
|
59
59
|
return read_tem_key(key_string, 0)
|
60
60
|
end
|
61
61
|
|
62
|
-
def tk_delete_key(key_id, authz)
|
63
|
-
del_sec = assemble do |s|
|
64
|
-
s.ldbc :const => key_id
|
65
|
-
s.authk :auth => :key_auth
|
66
|
-
s.relk
|
67
|
-
s.ldbc :const => 1
|
68
|
-
s.outnew
|
69
|
-
s.ldbc :const => key_id
|
70
|
-
s.outb
|
71
|
-
s.halt
|
72
|
-
s.label :key_auth
|
73
|
-
s.data :tem_ubyte, authz
|
74
|
-
s.stack 4
|
75
|
-
end
|
76
|
-
|
77
|
-
execute del_sec
|
78
|
-
end
|
79
|
-
|
80
62
|
def tk_post_key(key, authz)
|
81
63
|
post_sec = assemble do |s|
|
82
64
|
s.ldbc :const => 1
|
data/tem_ruby.gemspec
CHANGED
@@ -38,7 +38,7 @@ class TemMigrateTest < TemTestCase
|
|
38
38
|
privk_id = @tem.tk_post_key privk, authz
|
39
39
|
assert_equal _migrate_test_secret, @tem.execute(migrated, privk_id),
|
40
40
|
'Migrated SECpack executed incorrectly'
|
41
|
-
@tem.
|
41
|
+
@tem.release_key privk_id
|
42
42
|
|
43
43
|
assert_equal _migrate_test_secret, @tem.execute(sec),
|
44
44
|
'Migration blew up original SECpack'
|
data/test/test_crypto_engine.rb
CHANGED
@@ -30,7 +30,7 @@ class CryptoEngineTest < TemTestCase
|
|
30
30
|
'Key stat reports wrong size for private key.'
|
31
31
|
|
32
32
|
[:pubkey_id, :privkey_id].each do |key|
|
33
|
-
@tem.
|
33
|
+
@tem.release_key key_pair[key]
|
34
34
|
end
|
35
35
|
end
|
36
36
|
|
@@ -59,7 +59,7 @@ class CryptoEngineTest < TemTestCase
|
|
59
59
|
assert_equal 128, key_stat[:keys][key_pair[:privkey_id]][:bits],
|
60
60
|
'Key stat reports wrong size for symmetric key.'
|
61
61
|
|
62
|
-
@tem.
|
62
|
+
@tem.release_key key_pair[:privkey_id]
|
63
63
|
end
|
64
64
|
|
65
65
|
def test_crypto_abi
|