tem_ruby 0.15.2 → 0.16.0

Sign up to get free protection for your applications and to get access to all the features.
data/CHANGELOG CHANGED
@@ -1,3 +1,5 @@
1
+ v0.16.0. Faster migration by binding the migration SECpacks to a symmetric key (fw 1.16).
2
+
1
3
  v0.15.2. Bugfix: migrating a SECpack blew up the original.
2
4
 
3
5
  v0.15.1. SECpack migrations.
@@ -69,7 +69,7 @@ module Emit
69
69
  privek_auth = r[0...20]
70
70
  pubek_auth = (0...20).map {|i| 0}
71
71
  pubek = tem.tk_read_key 1, pubek_auth
72
- tem.tk_delete_key 1, pubek_auth
72
+ tem.release_key 1
73
73
  { :privek_auth => privek_auth, :pubek => pubek }
74
74
  end
75
75
 
@@ -12,6 +12,42 @@ module Tem::Admin
12
12
 
13
13
  # Logic for migrating SECpacks.
14
14
  module Migrate
15
+ # SEClosure that loads a symmetric key exclusively for SECpack execution.
16
+ #
17
+ # Args:
18
+ # key_bytes:: the key to be loaded in the TEM, serialized in TEM format
19
+ def self.skey_load_seclosure(key_bytes)
20
+ Tem::Assembler.assemble { |s|
21
+ s.ldwc :const => :key
22
+ s.rdk
23
+ s.ldwc :const => Tem::Abi.tem_hash_length
24
+ s.ldwc :const => :authz
25
+ s.rnd
26
+ s.authk :auth => :authz
27
+ s.ldbc :const => 1
28
+ s.outnew
29
+ s.outb
30
+ s.halt
31
+
32
+ s.label :secret
33
+ s.label :key
34
+ s.data :tem_ubyte, key_bytes
35
+ s.label :plain
36
+ s.label :authz
37
+ s.zeros :tem_hash, 1
38
+ s.stack 8
39
+ }
40
+ end
41
+
42
+ # Blank version of the SEClosure that loads a symmetric key for execution.
43
+ #
44
+ # The returned SEClosure is not suitable for execution. Its encrypted bytes
45
+ # should be replaced with the bytes from a SECpack generated with live data.
46
+ def self.blank_skey_load_seclosure
47
+ skey_load_seclosure [0] * (Tem::Abi.tem_3des_key_string_length + 1)
48
+ end
49
+
50
+
15
51
  # SEClosure that verifies the destination TEM's ECert.
16
52
  #
17
53
  # Args:
@@ -146,13 +182,19 @@ module Migrate
146
182
 
147
183
  # The key storing the encrypted bytes of the ecert_verify SECpack in the
148
184
  # TEM's tag.
149
- def self.ecert_verify_bytes_tag_key
185
+ def self.skey_load_tag_key
150
186
  0x11
151
187
  end
188
+
189
+ # The key storing the encrypted bytes of the ecert_verify SECpack in the
190
+ # TEM's tag.
191
+ def self.ecert_verify_bytes_tag_key
192
+ 0x12
193
+ end
152
194
 
153
195
  # The key storing the encrypted bytes of the migrate SECpack in the TEM's tag.
154
196
  def self.migrate_bytes_tag_key
155
- 0x12
197
+ 0x13
156
198
  end
157
199
 
158
200
  # Data to be included in a TEM's tag to support migration.
@@ -160,15 +202,20 @@ module Migrate
160
202
  # Returns a hash of tag key-values to be included in the TEM's tag during
161
203
  # emission.
162
204
  def self.tag_data(pubek, privek_authz)
205
+ skey = Tem::Keys::Symmetric.generate
206
+ ld_sec = skey_load_seclosure skey.to_tem_key
207
+ ld_sec.bind pubek
208
+
163
209
  ps_addr = OpenSSL::Random.random_bytes(Tem::Abi.tem_ps_addr_length).
164
210
  unpack('C*')
165
211
  ev_sec = ecert_verify_seclosure ps_addr, privek_authz
166
- ev_sec.bind pubek
212
+ ev_sec.bind skey
167
213
 
168
214
  m_sec = migrate_seclosure ps_addr, privek_authz
169
- m_sec.bind pubek
215
+ m_sec.bind skey
170
216
 
171
217
  {
218
+ skey_load_tag_key => ld_sec.encrypted_data,
172
219
  ecert_verify_bytes_tag_key => ev_sec.encrypted_data,
173
220
  migrate_bytes_tag_key => m_sec.encrypted_data
174
221
  }
@@ -178,6 +225,10 @@ module Migrate
178
225
  def self.seclosures_from_tag_data(tem)
179
226
  tag_data = tem.tag
180
227
 
228
+ skey_load = blank_skey_load_seclosure
229
+ skey_load.fake_bind
230
+ skey_load.encrypted_data = tag_data[skey_load_tag_key]
231
+
181
232
  ecert_verify = blank_ecert_verify_seclosure
182
233
  ecert_verify.fake_bind
183
234
  ecert_verify.encrypted_data = tag_data[ecert_verify_bytes_tag_key]
@@ -186,7 +237,8 @@ module Migrate
186
237
  migrate.fake_bind
187
238
  migrate.encrypted_data = tag_data[migrate_bytes_tag_key]
188
239
 
189
- { :ecert_verify => ecert_verify, :migrate => migrate }
240
+ { :skey_load => skey_load, :ecert_verify => ecert_verify,
241
+ :migrate => migrate }
190
242
  end
191
243
 
192
244
  # Migrates a SECpack to another TEM.
@@ -200,18 +252,23 @@ module Migrate
200
252
  def migrate(secpack, ecert)
201
253
  migrated = secpack.copy
202
254
  secpacks = Tem::Admin::Migrate.seclosures_from_tag_data self
255
+
256
+ skey_ld = secpacks[:skey_load]
257
+ skey_id = Tem::Abi.read_tem_ubyte execute(skey_ld), 0
203
258
 
204
259
  verify = secpacks[:ecert_verify]
205
260
  verify.set_bytes :pubek,
206
261
  Tem::Key.new_from_ssl_key(ecert.public_key).to_tem_key
207
- return nil if execute(verify) != [1]
262
+ return nil if execute(verify, skey_id) != [1]
208
263
 
209
264
  migrate = secpacks[:migrate]
210
265
  migrate.set_value :secpack_secret_size, :tem_short, secpack.secret_bytes +
211
266
  Tem::Abi.tem_hash_length
212
267
  migrate.set_bytes :secpack_encrypted, migrated.encrypted_data
213
- return nil unless new_encrypted_data = execute(migrate)
268
+ return nil unless new_encrypted_data = execute(migrate, skey_id)
214
269
  migrated.encrypted_data = new_encrypted_data
270
+
271
+ release_key skey_id
215
272
  migrated
216
273
  end
217
274
  end # module Tem::Admin::Migrate
@@ -15,13 +15,16 @@ module Keys
15
15
  :pubkey_id => read_tem_byte(response, 1) }
16
16
  end
17
17
 
18
- def devchip_release_key(key_id)
19
- @transport.iso_apdu! :ins => 0x41, :p1 => key_id
18
+ # NOTE: this is the only method that is not devchip-only. It needs to be in
19
+ # the production driver to prevent from DOSing the TEM by filling its
20
+ # key store.
21
+ def release_key(key_id)
22
+ @transport.iso_apdu! :ins => 0x28, :p1 => key_id
20
23
  return true
21
24
  end
22
25
 
23
26
  def devchip_save_key(key_id)
24
- response = @transport.iso_apdu! :ins => 0x43, :p1 => key_id
27
+ response = @transport.iso_apdu! :ins => 0x42, :p1 => key_id
25
28
  buffer_id = read_tem_byte response, 0
26
29
  buffer_length = read_tem_short response, 1
27
30
  key_buffer = read_buffer buffer_id
@@ -47,10 +50,10 @@ module Keys
47
50
  return data_buffer[0, buffer_length]
48
51
  end
49
52
  def devchip_encrypt(data, key_id)
50
- devchip_encrypt_decrypt data, key_id, 0x44
53
+ devchip_encrypt_decrypt data, key_id, 0x43
51
54
  end
52
55
  def devchip_decrypt(data, key_id)
53
- devchip_encrypt_decrypt data, key_id, 0x45
56
+ devchip_encrypt_decrypt data, key_id, 0x44
54
57
  end
55
58
 
56
59
  def stat_keys
@@ -30,6 +30,6 @@ class Tem::Benchmarks
30
30
  "#{blank_seclosure_outcount} bytes\n"
31
31
  do_timing { @tem.execute secpack, key_id }
32
32
 
33
- @tem.tk_delete_key key_id, authz
33
+ @tem.release_key key_id
34
34
  end
35
35
  end
@@ -27,7 +27,7 @@ class Tem::Benchmarks
27
27
  encrypted_data = key.encrypt data
28
28
  print "3DES-encrypted blob has #{encrypted_data.length} bytes\n"
29
29
  do_timing { @tem.devchip_decrypt encrypted_data, key_id }
30
- @tem.tk_delete_key key_id, authz
30
+ @tem.release_key key_id
31
31
  end
32
32
 
33
33
  def time_devchip_decrypt_3des_long
@@ -38,6 +38,6 @@ class Tem::Benchmarks
38
38
  encrypted_data = key.encrypt data
39
39
  print "3DES-encrypted blob has #{encrypted_data.length} bytes\n"
40
40
  do_timing { @tem.devchip_decrypt encrypted_data, key_id }
41
- @tem.tk_delete_key key_id, authz
41
+ @tem.release_key key_id
42
42
  end
43
43
  end
@@ -32,6 +32,6 @@ class Tem::Benchmarks
32
32
  "#{vm_perf_seclosure_outcount} bytes\n"
33
33
  do_timing { @tem.execute secpack, key_id }
34
34
 
35
- @tem.tk_delete_key key_id, authz
35
+ @tem.release_key key_id
36
36
  end
37
37
  end
@@ -22,7 +22,8 @@ module Tem::Isa
22
22
  isa.instruction 0x13, :div
23
23
  # 2 ST -> 1 ST
24
24
  isa.instruction 0x14, :mod
25
- # 2 ST -> 1 ST
25
+
26
+ # 2 ST -> 0 ST
26
27
  isa.instruction 0x1E, :rnd
27
28
 
28
29
 
Binary file
@@ -59,24 +59,6 @@ module Tem::Toolkit
59
59
  return read_tem_key(key_string, 0)
60
60
  end
61
61
 
62
- def tk_delete_key(key_id, authz)
63
- del_sec = assemble do |s|
64
- s.ldbc :const => key_id
65
- s.authk :auth => :key_auth
66
- s.relk
67
- s.ldbc :const => 1
68
- s.outnew
69
- s.ldbc :const => key_id
70
- s.outb
71
- s.halt
72
- s.label :key_auth
73
- s.data :tem_ubyte, authz
74
- s.stack 4
75
- end
76
-
77
- execute del_sec
78
- end
79
-
80
62
  def tk_post_key(key, authz)
81
63
  post_sec = assemble do |s|
82
64
  s.ldbc :const => 1
@@ -2,7 +2,7 @@
2
2
 
3
3
  Gem::Specification.new do |s|
4
4
  s.name = %q{tem_ruby}
5
- s.version = "0.15.2"
5
+ s.version = "0.16.0"
6
6
 
7
7
  s.required_rubygems_version = Gem::Requirement.new(">= 1.2") if s.respond_to? :required_rubygems_version=
8
8
  s.authors = ["Victor Costan"]
@@ -18,7 +18,7 @@ class UploaderTest < Test::Unit::TestCase
18
18
  end
19
19
 
20
20
  def test_fw_version
21
- assert_equal({:major => 1, :minor => 15}, Uploader.fw_version)
21
+ assert_equal({:major => 1, :minor => 16}, Uploader.fw_version)
22
22
  end
23
23
 
24
24
  def test_upload
@@ -38,7 +38,7 @@ class TemMigrateTest < TemTestCase
38
38
  privk_id = @tem.tk_post_key privk, authz
39
39
  assert_equal _migrate_test_secret, @tem.execute(migrated, privk_id),
40
40
  'Migrated SECpack executed incorrectly'
41
- @tem.tk_delete_key privk_id, authz
41
+ @tem.release_key privk_id
42
42
 
43
43
  assert_equal _migrate_test_secret, @tem.execute(sec),
44
44
  'Migration blew up original SECpack'
@@ -30,7 +30,7 @@ class CryptoEngineTest < TemTestCase
30
30
  'Key stat reports wrong size for private key.'
31
31
 
32
32
  [:pubkey_id, :privkey_id].each do |key|
33
- @tem.devchip_release_key key_pair[key]
33
+ @tem.release_key key_pair[key]
34
34
  end
35
35
  end
36
36
 
@@ -59,7 +59,7 @@ class CryptoEngineTest < TemTestCase
59
59
  assert_equal 128, key_stat[:keys][key_pair[:privkey_id]][:bits],
60
60
  'Key stat reports wrong size for symmetric key.'
61
61
 
62
- @tem.devchip_release_key key_pair[:privkey_id]
62
+ @tem.release_key key_pair[:privkey_id]
63
63
  end
64
64
 
65
65
  def test_crypto_abi
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: tem_ruby
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.15.2
4
+ version: 0.16.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Victor Costan