tem_ruby 0.15.2 → 0.16.0

data/CHANGELOG

@@ -1,3 +1,5 @@
+v0.16.0. Faster migration by binding the migration SECpacks to a symmetric key (fw 1.16).
+
 v0.15.2. Bugfix: migrating a SECpack blew up the original.
 
 v0.15.1. SECpack migrations.

data/lib/tem/admin/emit.rb

@@ -69,7 +69,7 @@ module Emit
     privek_auth = r[0...20]
     pubek_auth = (0...20).map {|i| 0}
     pubek = tem.tk_read_key 1, pubek_auth
-    tem.tk_delete_key 1, pubek_auth
+    tem.release_key 1
     { :privek_auth => privek_auth, :pubek => pubek }
   end
   

data/lib/tem/admin/migrate.rb

@@ -12,6 +12,42 @@ module Tem::Admin
 
 # Logic for migrating SECpacks.
 module Migrate
+  # SEClosure that loads a symmetric key exclusively for SECpack execution.
+  #
+  # Args:
+  #   key_bytes:: the key to be loaded in the TEM, serialized in TEM format
+  def self.skey_load_seclosure(key_bytes)
+    Tem::Assembler.assemble { |s|      
+      s.ldwc :const => :key
+      s.rdk
+      s.ldwc :const => Tem::Abi.tem_hash_length
+      s.ldwc :const => :authz
+      s.rnd
+      s.authk :auth => :authz
+      s.ldbc :const => 1
+      s.outnew
+      s.outb
+      s.halt
+      
+      s.label :secret
+      s.label :key
+      s.data :tem_ubyte, key_bytes
+      s.label :plain
+      s.label :authz
+      s.zeros :tem_hash, 1
+      s.stack 8
+    }
+  end
+  
+  # Blank version of the SEClosure that loads a symmetric key for execution.
+  #
+  # The returned SEClosure is not suitable for execution. Its encrypted bytes
+  # should be replaced with the bytes from a SECpack generated with live data.
+  def self.blank_skey_load_seclosure
+    skey_load_seclosure [0] * (Tem::Abi.tem_3des_key_string_length + 1)
+  end  
+  
+  
   # SEClosure that verifies the destination TEM's ECert.
   #
   # Args:
@@ -146,13 +182,19 @@ module Migrate
   
   # The key storing the encrypted bytes of the ecert_verify SECpack in the
   # TEM's tag.
-  def self.ecert_verify_bytes_tag_key
+  def self.skey_load_tag_key
     0x11
   end
+
+  # The key storing the encrypted bytes of the ecert_verify SECpack in the
+  # TEM's tag.
+  def self.ecert_verify_bytes_tag_key
+    0x12
+  end
   
   # The key storing the encrypted bytes of the migrate SECpack in the TEM's tag.
   def self.migrate_bytes_tag_key
-    0x12
+    0x13
   end
   
   # Data to be included in a TEM's tag to support migration.
@@ -160,15 +202,20 @@ module Migrate
   # Returns a hash of tag key-values to be included in the TEM's tag during
   # emission.
   def self.tag_data(pubek, privek_authz)
+    skey = Tem::Keys::Symmetric.generate
+    ld_sec = skey_load_seclosure skey.to_tem_key
+    ld_sec.bind pubek
+    
     ps_addr = OpenSSL::Random.random_bytes(Tem::Abi.tem_ps_addr_length).
         unpack('C*')
     ev_sec = ecert_verify_seclosure ps_addr, privek_authz
-    ev_sec.bind pubek
+    ev_sec.bind skey
     
     m_sec = migrate_seclosure ps_addr, privek_authz
-    m_sec.bind pubek
+    m_sec.bind skey
     
     {
+      skey_load_tag_key => ld_sec.encrypted_data,
       ecert_verify_bytes_tag_key => ev_sec.encrypted_data,
       migrate_bytes_tag_key => m_sec.encrypted_data
     }
@@ -178,6 +225,10 @@ module Migrate
   def self.seclosures_from_tag_data(tem)
     tag_data = tem.tag
     
+    skey_load = blank_skey_load_seclosure
+    skey_load.fake_bind
+    skey_load.encrypted_data = tag_data[skey_load_tag_key]
+    
     ecert_verify = blank_ecert_verify_seclosure
     ecert_verify.fake_bind
     ecert_verify.encrypted_data = tag_data[ecert_verify_bytes_tag_key]
@@ -186,7 +237,8 @@ module Migrate
     migrate.fake_bind
     migrate.encrypted_data = tag_data[migrate_bytes_tag_key]
     
-    { :ecert_verify => ecert_verify, :migrate => migrate }
+    { :skey_load => skey_load, :ecert_verify => ecert_verify,
+      :migrate => migrate }
   end
   
   # Migrates a SECpack to another TEM.
@@ -200,18 +252,23 @@ module Migrate
   def migrate(secpack, ecert)
     migrated = secpack.copy
     secpacks = Tem::Admin::Migrate.seclosures_from_tag_data self
+
+    skey_ld = secpacks[:skey_load]
+    skey_id = Tem::Abi.read_tem_ubyte execute(skey_ld), 0
     
     verify = secpacks[:ecert_verify]
     verify.set_bytes :pubek,
                      Tem::Key.new_from_ssl_key(ecert.public_key).to_tem_key
-    return nil if execute(verify) != [1]
+    return nil if execute(verify, skey_id) != [1]
     
     migrate = secpacks[:migrate]
     migrate.set_value :secpack_secret_size, :tem_short, secpack.secret_bytes +
                       Tem::Abi.tem_hash_length
     migrate.set_bytes :secpack_encrypted, migrated.encrypted_data
-    return nil unless new_encrypted_data = execute(migrate)
+    return nil unless new_encrypted_data = execute(migrate, skey_id)
     migrated.encrypted_data = new_encrypted_data
+    
+    release_key skey_id    
     migrated
   end
 end  # module Tem::Admin::Migrate

data/lib/tem/apdus/keys.rb

@@ -15,13 +15,16 @@ module Keys
              :pubkey_id => read_tem_byte(response, 1) }    
   end
   
-  def devchip_release_key(key_id)
-    @transport.iso_apdu! :ins => 0x41, :p1 => key_id
+  # NOTE: this is the only method that is not devchip-only. It needs to be in
+  #       the production driver to prevent from DOSing the TEM by filling its
+  #       key store.
+  def release_key(key_id)
+    @transport.iso_apdu! :ins => 0x28, :p1 => key_id
     return true
   end
   
   def devchip_save_key(key_id)
-    response = @transport.iso_apdu! :ins => 0x43, :p1 => key_id
+    response = @transport.iso_apdu! :ins => 0x42, :p1 => key_id
     buffer_id = read_tem_byte response, 0 
     buffer_length = read_tem_short response, 1
     key_buffer = read_buffer buffer_id
@@ -47,10 +50,10 @@ module Keys
     return data_buffer[0, buffer_length]
   end
   def devchip_encrypt(data, key_id)
-    devchip_encrypt_decrypt data, key_id, 0x44
+    devchip_encrypt_decrypt data, key_id, 0x43
   end
   def devchip_decrypt(data, key_id)
-    devchip_encrypt_decrypt data, key_id, 0x45
+    devchip_encrypt_decrypt data, key_id, 0x44
   end
   
   def stat_keys

data/lib/tem/benchmarks/blank_bound_secpack.rb

@@ -30,6 +30,6 @@ class Tem::Benchmarks
           "#{blank_seclosure_outcount} bytes\n"
     do_timing { @tem.execute secpack, key_id }
 
-    @tem.tk_delete_key key_id, authz
+    @tem.release_key key_id
   end  
 end

data/lib/tem/benchmarks/devchip_decrypt.rb

@@ -27,7 +27,7 @@ class Tem::Benchmarks
     encrypted_data = key.encrypt data
     print "3DES-encrypted blob has #{encrypted_data.length} bytes\n"
     do_timing { @tem.devchip_decrypt encrypted_data, key_id }
-    @tem.tk_delete_key key_id, authz
+    @tem.release_key key_id
   end
 
   def time_devchip_decrypt_3des_long
@@ -38,6 +38,6 @@ class Tem::Benchmarks
     encrypted_data = key.encrypt data
     print "3DES-encrypted blob has #{encrypted_data.length} bytes\n"
     do_timing { @tem.devchip_decrypt encrypted_data, key_id }
-    @tem.tk_delete_key key_id, authz
+    @tem.release_key key_id
   end
 end

data/lib/tem/benchmarks/vm_perf_bound.rb

@@ -32,6 +32,6 @@ class Tem::Benchmarks
           "#{vm_perf_seclosure_outcount} bytes\n"
     do_timing { @tem.execute secpack, key_id }
 
-    @tem.tk_delete_key key_id, authz    
+    @tem.release_key key_id    
   end
 end

data/lib/tem/definitions/isa.rb

@@ -22,7 +22,8 @@ module Tem::Isa
     isa.instruction 0x13, :div
     # 2 ST -> 1 ST
     isa.instruction 0x14, :mod
-    # 2 ST -> 1 ST 
+    
+    # 2 ST -> 0 ST 
     isa.instruction 0x1E, :rnd
     
   

data/lib/tem/toolkit.rb

@@ -59,24 +59,6 @@ module Tem::Toolkit
     return read_tem_key(key_string, 0)
   end
   
-  def tk_delete_key(key_id, authz)
-    del_sec = assemble do |s|
-      s.ldbc :const => key_id
-      s.authk :auth => :key_auth
-      s.relk
-      s.ldbc :const => 1
-      s.outnew
-      s.ldbc :const => key_id
-      s.outb
-      s.halt
-      s.label :key_auth
-      s.data :tem_ubyte, authz
-      s.stack 4
-    end
-    
-    execute del_sec
-  end
-  
   def tk_post_key(key, authz)
     post_sec = assemble do |s|
       s.ldbc :const => 1

data/tem_ruby.gemspec

@@ -2,7 +2,7 @@
 
 Gem::Specification.new do |s|
   s.name = %q{tem_ruby}
-  s.version = "0.15.2"
+  s.version = "0.16.0"
 
   s.required_rubygems_version = Gem::Requirement.new(">= 1.2") if s.respond_to? :required_rubygems_version=
   s.authors = ["Victor Costan"]

data/test/firmware/test_uploader.rb

@@ -18,7 +18,7 @@ class UploaderTest < Test::Unit::TestCase
   end
   
   def test_fw_version
-    assert_equal({:major => 1, :minor => 15}, Uploader.fw_version)
+    assert_equal({:major => 1, :minor => 16}, Uploader.fw_version)
   end
   
   def test_upload

data/test/tem_unit/test_tem_migrate.rb

@@ -38,7 +38,7 @@ class TemMigrateTest < TemTestCase
     privk_id = @tem.tk_post_key privk, authz
     assert_equal _migrate_test_secret, @tem.execute(migrated, privk_id),
                  'Migrated SECpack executed incorrectly'
-    @tem.tk_delete_key privk_id, authz
+    @tem.release_key privk_id
 
     assert_equal _migrate_test_secret, @tem.execute(sec),
                  'Migration blew up original SECpack'

data/test/test_crypto_engine.rb

@@ -30,7 +30,7 @@ class CryptoEngineTest < TemTestCase
                     'Key stat reports wrong size for private key.'
     
     [:pubkey_id, :privkey_id].each do |key|
-      @tem.devchip_release_key key_pair[key]
+      @tem.release_key key_pair[key]
     end
   end
   
@@ -59,7 +59,7 @@ class CryptoEngineTest < TemTestCase
     assert_equal 128, key_stat[:keys][key_pair[:privkey_id]][:bits],
                  'Key stat reports wrong size for symmetric key.'
     
-    @tem.devchip_release_key key_pair[:privkey_id]
+    @tem.release_key key_pair[:privkey_id]
   end
   
   def test_crypto_abi

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification 
 name: tem_ruby
 version: !ruby/object:Gem::Version 
-  version: 0.15.2
+  version: 0.16.0
 platform: ruby
 authors: 
 - Victor Costan