tem_ruby 0.9.0 → 0.9.2

data/CHANGELOG

@@ -1,3 +1,7 @@
+v0.9.2. Changed exec-SECpack calling sequence for fw 1.9.1(fire, the released version).
+
+v0.9.1. Cleaner names for the pstore data types and opcode arguments. "Bound" instead of "sealed" SECpack. 
+
 v0.9.0. Updated tests and re-implemented buffer stat-ing for fw 1.9(fire).
 
 v0.8.0. Implemented buffer flushing (fw 1.8) and more timing tests.

data/README

@@ -1,5 +1,7 @@
-This is the ruby driver for the Trusted Execution Module prototype produced at MIT. The best feature of the
-ruby driver is the very powerful DSL (domain-specific language) that TEM procedures are compiled from.
+This is the ruby driver for the Trusted Execution Module prototype produced at
+MIT. The best features of the ruby driver are the very powerful DSL
+(domain-specific language) that TEM SECpacks are compiled from, and the
+usage of debugging line info to translate exception IPs to stack traces.
 
 Running coverage tests:
 gem install rcov

data/lib/tem/abi.rb

@@ -6,7 +6,7 @@ module Tem::Abi
     klass.tem_value_type :ubyte, 1, :signed => false, :endian => :big
     klass.tem_value_type :short, 2, :signed => true, :endian => :big
     klass.tem_value_type :ushort, 2, :signed => false, :endian => :big    
-    klass.tem_value_type :ps_key, 20, :signed => false, :endian => :big
+    klass.tem_value_type :ps_addr, 20, :signed => false, :endian => :big
     klass.tem_value_type :ps_value, 20, :signed => false, :endian => :big
   end
   

data/lib/tem/ecert.rb

@@ -23,46 +23,46 @@ module Tem::ECert
   
   # emits a TEM
   def emit
-    emit_proc = assemble do |p|
+    emit_sec = assemble do |s|
       # generate EK, compare with (0, 1)
-      p.genkp :type => 0
-      p.ldbc 1
-      p.sub
-      p.jne :to => :not_ok
-      p.ldbc 0
-      p.sub
-      p.jne :to => :not_ok
+      s.genkp :type => 0
+      s.ldbc 1
+      s.sub
+      s.jne :to => :not_ok
+      s.ldbc 0
+      s.sub
+      s.jne :to => :not_ok
       
       # generate and output random authorization for PrivEK
-      p.ldbc 20
-      p.dupn :n => 1
-      p.outnew
-      p.ldwc :privek_auth
-      p.dupn :n => 2
-      p.rnd
-      p.outvb
+      s.ldbc 20
+      s.dupn :n => 1
+      s.outnew
+      s.ldwc :privek_auth
+      s.dupn :n => 2
+      s.rnd
+      s.outvb
       # set authorizations for PrivEK and PubkEK
-      p.ldbc 0
-      p.authk :auth => :privek_auth
-      p.ldbc 1 # PubEK always has its initial authorization be all zeroes
-      p.authk :auth => :pubek_auth
-      p.halt
+      s.ldbc 0
+      s.authk :auth => :privek_auth
+      s.ldbc 1 # PubEK always has its initial authorization be all zeroes
+      s.authk :auth => :pubek_auth
+      s.halt
       
       # emitting didn't go well, return nothing and leave
-      p.label :not_ok
-      p.ldbc 0
-      p.outnew
-      p.halt
+      s.label :not_ok
+      s.ldbc 0
+      s.outnew
+      s.halt
       
-      p.label :privek_auth
-      p.filler :ubyte, 20
-      p.label :pubek_auth
-      p.filler :ubyte, 20
-      p.stack
-      p.extra 8
+      s.label :privek_auth
+      s.filler :ubyte, 20
+      s.label :pubek_auth
+      s.filler :ubyte, 20
+      s.stack
+      s.extra 8
     end
     
-    r = execute emit_proc
+    r = execute emit_sec
     if r.length == 0
       return nil
     else

data/lib/tem/sec_assembler.rb

@@ -47,8 +47,8 @@ class Tem::SecAssembler
     end
   end
   
-  def assemble(&proc_block)
-    # call the block to build the proc
+  def assemble(&sec_block)
+    # call the block to build the SECpack
     yield self
     
     # link in label addresses

data/lib/tem/sec_opcodes.rb

@@ -29,19 +29,19 @@ class Tem::SecAssembler
   
 
   # 2 IM -> 1 ST
-  opcode(:psupfxb, 0x48, {:name => :key, :type => :ushort}, {:name => :from, :type => :ushort})
+  opcode(:psupfxb, 0x48, {:name => :addr, :type => :ushort}, {:name => :from, :type => :ushort})
   # 2 ST -> 1 ST
   opcode :psupvb,  0x49
   # 2 IM -> 1 ST
-  opcode(:pswrfxb, 0x4A, {:name => :key, :type => :ushort}, {:name => :from, :type => :ushort})
+  opcode(:pswrfxb, 0x4A, {:name => :addr, :type => :ushort}, {:name => :from, :type => :ushort})
   # 2 ST -> 1 ST
   opcode :pswrvb,  0x4B
   # 2 IM -> 1 ST
-  opcode(:psrdfxb, 0x4C, {:name => :key, :type => :ushort}, {:name => :to, :type => :ushort})
+  opcode(:psrdfxb, 0x4C, {:name => :addr, :type => :ushort}, {:name => :to, :type => :ushort})
   # 2 ST -> 1 ST
   opcode :psrdvb,  0x4D
   # 2 IM -> 1 ST
-  opcode :pshkfxb, 0x4E, {:name => :key, :type => :ushort}
+  opcode :pshkfxb, 0x4E, {:name => :addr, :type => :ushort}
   # 2 ST -> 1 ST
   opcode :pshkvb,  0x4F
   

data/lib/tem/seclosures.rb

@@ -2,8 +2,8 @@ require 'yaml'
 
 module Tem::SeClosures
   module MixedMethods
-    def assemble(&proc_block)
-      return Tem::SecAssembler.new(self).assemble(&proc_block)
+    def assemble(&sec_block)
+      return Tem::SecAssembler.new(self).assemble(&sec_block)
     end
   end
   
@@ -36,11 +36,10 @@ module Tem::SeClosures
     tem_error(response) if failure_code(response)    
   end
   
-  def execute(compiled_proc, key_id = 0)
+  def execute(secpack, key_id = 0)
     # load SECpack
-    buffer_id = post_buffer(compiled_proc.tem_formatted_body)
+    buffer_id = post_buffer(secpack.tem_formatted_body)
     response = issue_apdu [0x00, 0x50, to_tem_byte(buffer_id), to_tem_byte(key_id), 0x00].flatten
-    release_buffer(buffer_id)
     tem_error(response) if failure_code(response)
     tem_secpack_error(response) if read_tem_byte(response, 0) != 1
     
@@ -58,7 +57,7 @@ module Tem::SeClosures
         b_stat = stat_buffers() rescue nil
         k_stat = stat_keys() rescue nil
         trace = sec_trace()        
-        backtrace = (trace && trace[:ip]) ? compiled_proc.stack_for_ip(trace[:ip]) : Kernel.caller
+        backtrace = (trace && trace[:ip]) ? secpack.stack_for_ip(trace[:ip]) : Kernel.caller
         sec_exception = Tem::SecExecError.new backtrace, trace, b_stat, k_stat
         break
       when 4 # persistent store fault

data/lib/tem/secpack.rb

@@ -1,7 +1,7 @@
 require 'yaml'
 
 class Tem::SecPack
-  @@serialized_members = [:body, :labels, :ep, :sp, :extra_bytes, :signed_bytes, :encrypted_bytes, :sealed, :lines]
+  @@serialized_members = [:body, :labels, :ep, :sp, :extra_bytes, :signed_bytes, :encrypted_bytes, :bound, :lines]
   
   def self.new_from_array(array)
     arg_hash = { :tem_class => Tem::Session }
@@ -22,13 +22,13 @@ class Tem::SecPack
     self.to_array.to_yaml.to_s
   end
   
-  attr_reader :body, :sealed
+  attr_reader :body, :bound
   attr_reader :lines
   
   def initialize(args)
     @tem_klass = args[:tem_class]
     @@serialized_members.map { |m| self.instance_variable_set('@' + m.to_s, args[m]) }
-    @sealed ||= false
+    @bound ||= false
   end
   
   def label_address(label_name)
@@ -42,15 +42,15 @@ class Tem::SecPack
     return hh
   end
   
-  def seal(public_key, encrypt_from = 0, plaintext_from = 0)
+  def bind(public_key, encrypt_from = 0, plaintext_from = 0)
     encrypt_from = @labels[encrypt_from.to_sym] unless encrypt_from.instance_of? Numeric
     plaintext_from = @labels[plaintext_from.to_sym] unless plaintext_from.instance_of? Numeric
     
     @signed_bytes = encrypt_from
     @encrypted_bytes = plaintext_from - encrypt_from
     
-    proc_sig = @tem_klass.hash_for_tem [tem_header, @body[0...plaintext_from]].flatten
-    crypt = public_key.encrypt [@body[encrypt_from...plaintext_from], proc_sig].flatten
+    secpack_sig = @tem_klass.hash_for_tem [tem_header, @body[0...plaintext_from]].flatten
+    crypt = public_key.encrypt [@body[encrypt_from...plaintext_from], secpack_sig].flatten
     @body = [@body[0...encrypt_from], crypt, @body[plaintext_from..-1]].flatten
       
     label_delta = crypt.length - @encrypted_bytes         
@@ -64,7 +64,7 @@ class Tem::SecPack
       end
     }.flatten)]
     
-    @sealed = true
+    @bound = true
   end
   
   def tem_formatted_body()

data/tem_ruby.gemspec

@@ -1,16 +1,16 @@
 
-# Gem::Specification for Tem_ruby-0.9.0
+# Gem::Specification for Tem_ruby-0.9.2
 # Originally generated by Echoe
 
 Gem::Specification.new do |s|
   s.name = %q{tem_ruby}
-  s.version = "0.9.0"
+  s.version = "0.9.2"
 
   s.specification_version = 2 if s.respond_to? :specification_version=
 
   s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
   s.authors = ["Victor Costan"]
-  s.date = %q{2008-06-11}
+  s.date = %q{2008-06-13}
   s.description = %q{TEM (Trusted Execution Module) driver, written in and for ruby.}
   s.email = %q{victor@costan.us}
   s.executables = ["tem_stat", "tem_ca", "tem_irb", "tem_bench"]
@@ -24,7 +24,7 @@ Gem::Specification.new do |s|
   s.summary = %q{TEM (Trusted Execution Module) driver, written in and for ruby.}
   s.test_files = ["test/test_driver.rb", "test/test_tem.rb", "test/test_exceptions.rb"]
 
-  s.add_dependency(%q<smartcard>, [">= 0.2.2"])
+  s.add_dependency(%q<smartcard>, [">= 0.3.0"])
 end
 
 
@@ -36,14 +36,16 @@ end
 # 
 # Echoe.new('tem_ruby') do |p|
 #   p.project = 'tem' # rubyforge project
+#   p.docs_host = "costan@rubyforge.org:/var/www/gforge-projects/tem/rdoc/"
 #   
 #   p.author = 'Victor Costan'
 #   p.email = 'victor@costan.us'
 #   p.summary = 'TEM (Trusted Execution Module) driver, written in and for ruby.'
 #   p.url = 'http://tem.rubyforge.org'
-#   p.dependencies = ['smartcard >=0.2.2']
+#   p.dependencies = ['smartcard >=0.3.0']
 #   
-#   p.need_tar_gz = false
+#   p.need_tar_gz = true
+#   p.need_zip = true
 #   p.rdoc_pattern = /^(lib|bin|tasks|ext)|^BUILD|^README|^CHANGELOG|^TODO|^LICENSE|^COPYING$/  
 # end
 # 

data/test/test_tem.rb

@@ -21,7 +21,7 @@ class TemTest < Test::Unit::TestCase
   end
   
   def test_alu
-    proc = @tem.assemble { |s|
+    sec = @tem.assemble { |s|
       s.ldbc 10
       s.outnew
       s.ldwc 0x1234
@@ -45,13 +45,13 @@ class TemTest < Test::Unit::TestCase
       s.halt
       s.extra 10
     }
-    result = @tem.execute proc
+    result = @tem.execute sec
     assert_equal [0x68, 0xAC, 0xBB, 0xBC, 0x8C, 0x72, 0x00, 0x55, 0x00, 0x9A],
                   result, 'the ALU isn\'t working well'
   end
   
   def test_memory
-    proc = @tem.assemble { |s|
+    sec = @tem.assemble { |s|
       s.label :clobber
       s.ldbc 32
       s.label :clobber2
@@ -88,13 +88,13 @@ class TemTest < Test::Unit::TestCase
       s.stack
       s.extra 10
     }
-    result = @tem.execute proc
+    result = @tem.execute sec
     assert_equal [0x00, 0x55, 0x55, 0xAA, 0xA5, 0xAA, 0xFF, 0x99, 0x98, 0x66, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66],
                   result, 'the memory unit isn\'t working well'    
   end
   
   def test_output
-    proc = @tem.assemble { |s|
+    sec = @tem.assemble { |s|
       s.ldbc 32
       s.outnew
       s.outfxb :size => 3, :from => :area1
@@ -117,7 +117,7 @@ class TemTest < Test::Unit::TestCase
       s.stack
       s.extra 10
     }
-    result = @tem.execute proc
+    result = @tem.execute sec
     assert_equal [0xFE, 0xCD, 0x9A, 0xAB, 0x95, 0xCE, 0xFD, 0x81, 0xEC, 0xDE, 0xAD, 0xCF, 0x55, 0x99, 0xAA],
                   result, 'the output unit isn\'t working well'    
   end
@@ -232,7 +232,7 @@ class TemTest < Test::Unit::TestCase
     garbage2 = (0...11).map { |x| (69 * x * x + 62 * x + 10) % 256 }
     hash_size = 20
     
-    proc = @tem.assemble { |s|
+    sec = @tem.assemble { |s|
       s.ldwc hash_size * 3
       s.outnew
       s.mdfxb :size => garbage1.length, :from => :garbage1, :to => :hash_area
@@ -254,14 +254,14 @@ class TemTest < Test::Unit::TestCase
       s.extra 10
     }
     
-    result = @tem.execute proc
+    result = @tem.execute sec
     assert_equal [garbage1, garbage2, garbage2].map { |d| @tem.hash_for_tem d}.flatten,
                   result, 'cryptographic hashing isn\'t working well'
   end
   
   def test_crypto_pstore
-    key1 = (0...(@tem.tem_ps_key_length)).map { |x| (61 * x * x + 62 * x + 10) % 256 }
-    key2 = key1.dup; key2[key2.length - 1] += 1
+    addr1 = (0...(@tem.tem_ps_addr_length)).map { |x| (61 * x * x + 62 * x + 10) % 256 }
+    addr2 = addr1.dup; addr2[addr2.length - 1] += 1
     random_value = (0...(@tem.tem_ps_value_length)).map { |x| (69 * x * x + 62 * x + 10) % 256 }
     
     sec = @tem.assemble { |s|
@@ -269,24 +269,24 @@ class TemTest < Test::Unit::TestCase
       s.outnew
       
       # check that the location is blank
-      s.ldwc :pstore_key
+      s.ldwc :pstore_addr
       s.pshkvb
       s.outw
           
       # write to create the location
-      s.pswrfxb :key => :pstore_key, :from => :s_value
+      s.pswrfxb :addr => :pstore_addr, :from => :s_value
       # check that the location isn't blank anymore
-      s.pshkfxb :key => :pstore_key
+      s.pshkfxb :addr => :pstore_addr
       s.outw
       # re-read (should get what was written)
-      s.ldwc :pstore_key
+      s.ldwc :pstore_addr
       s.ldwc :s_value2
       s.psrdvb
       s.ldwc :s_value2
       s.outvb
       
       # drop the location
-      s.ldwc :pstore_key
+      s.ldwc :pstore_addr
       s.dupn :n => 1
       s.psrm
       # check that the location is blank again
@@ -295,8 +295,8 @@ class TemTest < Test::Unit::TestCase
             
       s.halt
     
-      s.label :pstore_key
-      s.immed :ubyte, key1
+      s.label :pstore_addr
+      s.immed :ubyte, addr1
       s.label :s_value
       s.immed :ubyte, random_value
       s.label :s_value2
@@ -444,12 +444,12 @@ class TemTest < Test::Unit::TestCase
     i_test_crypto_pki_ops(pubk_id, privk_id, pubk, privk, keyd[:authz])    
   end
     
-  def test_crypted_secpack(yaml_roundtrip = false)
+  def test_bound_secpack(yaml_roundtrip = false)
     keyd = @tem.tk_gen_key
     pubk = @tem.tk_read_key keyd[:pubk_id], keyd[:authz]
     
     secret = (0...16).map { |i| (99 * i * i + 51 * i + 33) % 256 }
-    sealed_sec = @tem.assemble { |s|
+    bound_sec = @tem.assemble { |s|
         s.ldbc secret.length
         s.outnew
         s.label :mess_place
@@ -462,25 +462,25 @@ class TemTest < Test::Unit::TestCase
         s.extra 8
     }
 
-    sb = sealed_sec.body
+    sb = bound_sec.body
     secret_found = false
     0.upto(sb.length - 1) { |i| if secret == sb[i, secret.length] then secret_found = true; break; end }
-    assert secret_found, 'test_crypted_secpack needs rethinking: the raw sec does not contain the secret'
+    assert secret_found, 'test_bound_secpack needs rethinking: the unbound secpack does not contain the secret'
 
-    sealed_sec.seal pubk, :secret, :plain
+    bound_sec.bind pubk, :secret, :plain
     if yaml_roundtrip
       # same test, except the SECpack is serialized/deserialized
-      yaml_sealed_sec = sealed_sec.to_yaml_str
-      sealed_sec = Tem::SecPack.new_from_yaml_str(yaml_sealed_sec)
+      yaml_bound_sec = bound_sec.to_yaml_str
+      bound_sec = Tem::SecPack.new_from_yaml_str(yaml_bound_sec)
     end    
-    result = @tem.execute sealed_sec, keyd[:privk_id]
+    result = @tem.execute bound_sec, keyd[:privk_id]
     assert_equal secret, result, 'TEM failed to decrypt secpack'
 
-    sb = sealed_sec.body
-    0.upto(sb.length - 1) { |i| assert_not_equal secret, sb[i, secret.length], 'secret found unencrypted in sealed sec' }
+    sb = bound_sec.body
+    0.upto(sb.length - 1) { |i| assert_not_equal secret, sb[i, secret.length], 'secret found unencrypted in bound secpack' }
 
-    sealed_sec.body[sealed_sec.label_address(:mess_place)] += 1
-    assert_raise(RuntimeError, 'secpack validation isn\'t working') { @tem.execute sealed_sec }
+    bound_sec.body[bound_sec.label_address(:mess_place)] += 1
+    assert_raise(RuntimeError, 'secpack validation isn\'t working') { @tem.execute bound_sec }
   end
   
   def test_yaml_secpack
@@ -516,8 +516,8 @@ class TemTest < Test::Unit::TestCase
     
     # re-run the memory test (reasonably large SECpack) to ensure that de-serialized SECpacks are equivalent to the originals
     test_memory_copy_compare(true)
-    # re-run the memory test (reasonably large SECpack) to ensure that serialization works on sealed SECpacks
-    test_crypted_secpack(true)
+    # re-run the memory test (reasonably large SECpack) to ensure that serialization works on bound SECpacks
+    test_bound_secpack(true)
   end
   
   def test_emit

data/timings/blank_bound_secpack.rb

@@ -11,7 +11,7 @@ class TemTimings
       s.stack
       s.extra 2
     }
-    secpack.seal @tem.pubek, :secret, :plain
+    secpack.bind @tem.pubek, :secret, :plain
 
     print "SECpack has #{secpack.body.length} bytes, runs 3 instructions and produces 0 bytes\n"
     do_timing { @tem.execute secpack }

data/timings/vm_perf_bound.rb

@@ -135,7 +135,7 @@ class TemTimings
       s.stack      
       s.extra 24
     }
-    secpack.seal @tem.pubek, :done, :stack
+    secpack.bind @tem.pubek, :done, :stack
     print "SECpack has #{secpack.body.length} bytes, runs 1020 instructions and produces 470 bytes\n"
     do_timing { @tem.execute secpack }
   end  

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification 
 name: tem_ruby
 version: !ruby/object:Gem::Version 
-  version: 0.9.0
+  version: 0.9.2
 platform: ruby
 authors: 
 - Victor Costan
@@ -9,7 +9,7 @@ autorequire:
 bindir: bin
 cert_chain: []
 
-date: 2008-06-11 00:00:00 -04:00
+date: 2008-06-13 00:00:00 -04:00
 default_executable: 
 dependencies: 
 - !ruby/object:Gem::Dependency 
@@ -19,7 +19,7 @@ dependencies:
     requirements: 
     - - ">="
       - !ruby/object:Gem::Version 
-        version: 0.2.2
+        version: 0.3.0
     version: 
 description: TEM (Trusted Execution Module) driver, written in and for ruby.
 email: victor@costan.us