Add fdo-sim support for Client-SDK (fido-device-onboard#268)

* Add fdo-sim support for Client-SDK Implement fdo.download and fdo.command fsim modules. * FSIM regression fixes * Remove unused code * Fix Hash calculation when using ECDSA256 * Fix multiple script execution in FSIM --------- Signed-off-by: Shrikant Temburwar <[email protected]> Co-authored-by: KiranSukhavasi <[email protected]>
shrikant1407 · Feb 1, 2024 · da90947 · da90947
1 parent 9a3024e
commit da90947
Show file tree

Hide file tree

Showing 13 changed files with 1,571 additions and 27 deletions.
diff --git a/app/main.c b/app/main.c
@@ -128,6 +128,24 @@ static fdo_sdk_service_info_module *fdo_sv_info_modules_init(void)
 	}
 	module_info[0].service_info_callback = fdo_sys;
 
+	/* module#2: fdo.download */
+	if (strncpy_s(module_info[1].module_name, FDO_MODULE_NAME_LEN,
+		      "fdo.download", FDO_MODULE_NAME_LEN) != 0) {
+		LOG(LOG_ERROR, "Strcpy failed");
+		fdo_free(module_info);
+		return NULL;
+	}
+	module_info[1].service_info_callback = fdo_sim_download;
+
+	/* module#3: fdo.command */
+	if (strncpy_s(module_info[2].module_name, FDO_MODULE_NAME_LEN,
+		      "fdo.command", FDO_MODULE_NAME_LEN) != 0) {
+		LOG(LOG_ERROR, "Strcpy failed");
+		fdo_free(module_info);
+		return NULL;
+	}
+	module_info[2].service_info_callback = fdo_sim_command;
+
 	return module_info;
 }
 

diff --git a/crypto/include/fdo_crypto_hal.h b/crypto/include/fdo_crypto_hal.h
@@ -54,7 +54,7 @@ int32_t crypto_close(void);
 /* Calculate hash of "buffer" and place the result in "output". "output" must
  * be allocated already.
  */
-int32_t crypto_hal_hash(uint8_t hash_type, const uint8_t *buffer,
+int32_t crypto_hal_hash(int hash_type, const uint8_t *buffer,
 			size_t buffer_length, uint8_t *output,
 			size_t output_length);
 

diff --git a/crypto/openssl/openssl_crypto_support.c b/crypto/openssl/openssl_crypto_support.c
@@ -244,20 +244,16 @@ int32_t crypto_close(void)
  *        return 0 on success. -ve value on failure.
  */
 
-int32_t crypto_hal_hash(uint8_t _hash_type, const uint8_t *buffer,
+int32_t crypto_hal_hash(int _hash_type, const uint8_t *buffer,
 			size_t buffer_length, uint8_t *output,
 			size_t output_length)
 {
-	int hash_type = FDO_CRYPTO_HASH_TYPE_USED;
-
-	(void)_hash_type; /* Unused parameter */
-
 	if (NULL == output || 0 == output_length || NULL == buffer ||
 	    0 == buffer_length) {
 		return -1;
 	}
 
-	switch (hash_type) {
+	switch (_hash_type) {
 	case FDO_CRYPTO_HASH_TYPE_SHA_256:
 		if (output_length < SHA256_DIGEST_SIZE) {
 			return -1;

diff --git a/device_modules/CMakeLists.txt b/device_modules/CMakeLists.txt
@@ -6,11 +6,16 @@
 
 client_sdk_include_directories(
   fdo_sys
+  fdo_sim
   )
 
 client_sdk_sources(
   fdo_sys/fdo_sys.c
   fdo_sys/sys_utils_linux.c
+  fdo_sim/fdo_sim.c
+  fdo_sim/fdo_sim_download.c
+  fdo_sim/fdo_sim_command.c
+  fdo_sim/sim_utils_linux.c
   )
 
 

diff --git a/device_modules/fdo_sim/fdo_sim.c b/device_modules/fdo_sim/fdo_sim.c
@@ -0,0 +1,213 @@
+/*
+ * Copyright 2023 Intel Corporation
+ * SPDX-License-Identifier: Apache 2.0
+ */
+
+#include "util.h"
+#include "fdo_sim.h"
+#include "safe_lib.h"
+#include <stdio.h>
+#include <stdlib.h>
+#include <unistd.h>
+#include "fdo_sim_utils.h"
+
+// position/offset on the file from which data will be read
+static size_t file_seek_pos = 0;
+// size of the file from which data will be read
+static size_t file_sz = 0;
+// EOT value whose value is 0 for 'fetch-data'success, and 1 for failure
+static int fetch_data_status = 1;
+// local isMore flag that represents whether the module has data/response to
+// send in the NEXT messege SHOULD be 'true' if there is data to send, 'false'
+// otherwise For simplicity, it is 'false' always (also a valid value)
+static bool ismore = false;
+
+/**
+ * List of helper functions used in switch case
+ *
+ * fdo_si_start
+ * fdo_si_failure
+ * fdo_si_has_more_dsi
+ * fdo_si_is_more_dsi
+ * fdo_si_get_dsi_count
+ * fdo_si_get_dsi
+ * fdo_end
+ */
+
+int fdo_si_start(fdor_t **fdor, fdow_t **fdow)
+{
+	int result = FDO_SI_INTERNAL_ERROR;
+
+	// Initialize module's CBOR Reader/Writer objects.
+	*fdow = FSIMModuleAlloc(sizeof(fdow_t));
+	if (!fdow_init(*fdow) ||
+	    !fdo_block_alloc_with_size(&(*fdow)->b, 8192)) {
+		LOG(LOG_ERROR, "Module fdo_sim - FDOW "
+			       "Initialization/Allocation failed!\n");
+		result = FDO_SI_CONTENT_ERROR;
+		goto end;
+	}
+
+	*fdor = FSIMModuleAlloc(sizeof(fdor_t));
+	if (!fdor_init(*fdor) ||
+	    !fdo_block_alloc_with_size(&(*fdor)->b, 8192)) {
+		LOG(LOG_ERROR, "Module fdo_sim - FDOR "
+			       "Initialization/Allocation failed!\n");
+		goto end;
+	}
+	result = FDO_SI_SUCCESS;
+end:
+	return result;
+}
+
+int fdo_si_failure(fdor_t **fdor, fdow_t **fdow)
+{
+	// perform clean-ups as needed
+	if (!fsim_process_data(FDO_SIM_MOD_MSG_EXIT, NULL, 0, NULL, NULL)) {
+		LOG(LOG_ERROR, "Module fdo_sim - Failed to perform "
+			       "clean-up operations\n");
+		return FDO_SI_INTERNAL_ERROR;
+	}
+
+	if (*fdow) {
+		fdow_flush(*fdow);
+		FSIMModuleFree(*fdow);
+	}
+	if (*fdor) {
+		fdor_flush(*fdor);
+		FSIMModuleFree(*fdor);
+	}
+	return FDO_SI_SUCCESS;
+}
+
+int fdo_si_has_more_dsi(bool *has_more, bool hasmore)
+{
+	// calculate whether there is ServiceInfo to send NOW and update
+	// 'has_more'. For testing purposes, set this to true here, and
+	// false once first write is done.
+	if (!has_more) {
+		return FDO_SI_CONTENT_ERROR;
+	}
+
+	*has_more = hasmore;
+	if (*has_more) {
+		LOG(LOG_INFO,
+		    "Module fdo_sim - There is ServiceInfo to send\n");
+	}
+	return FDO_SI_SUCCESS;
+}
+
+int fdo_si_is_more_dsi(bool *is_more)
+{
+	// calculate whether there is ServiceInfo to send in the NEXT
+	// iteration and update 'is_more'.
+	if (!is_more) {
+		LOG(LOG_ERROR, "is_more is NULL\n");
+		return FDO_SI_CONTENT_ERROR;
+	}
+
+	// sending either true or false is valid
+	// for simplicity, setting this to 'false' always,
+	// since managing 'ismore' by looking-ahead can be error-prone
+	*is_more = ismore;
+	return FDO_SI_SUCCESS;
+}
+
+int fdo_si_get_dsi_count(uint16_t *num_module_messages)
+{
+	// calculate the number of ServiceInfo items to send NOW and update
+	// 'num_module_messages'. For testing purposes, set this to 1 here, and
+	// 0 once first write is done.
+	if (!num_module_messages) {
+		return FDO_SI_CONTENT_ERROR;
+	}
+	*num_module_messages = 1;
+	return FDO_SI_SUCCESS;
+}
+
+int fdo_si_get_dsi(fdow_t **fdow, size_t mtu, char *module_message,
+		   uint8_t *module_val, size_t *module_val_sz, size_t bin_len,
+		   uint8_t *bin_data, size_t temp_module_val_sz, bool *hasmore,
+		   fdoSimModMsg *write_type, char *filename)
+{
+	// write Device ServiceInfo using 'fdow' by partitioning the
+	// messages as per MTU, here.
+	if (mtu == 0 || !module_message || !module_val || !module_val_sz) {
+		return FDO_SI_CONTENT_ERROR;
+	}
+
+	int result = FDO_SI_INTERNAL_ERROR;
+
+	(void)bin_len;
+	(void)filename;
+
+	// reset and initialize FDOW's encoder for usage
+	fdo_block_reset(&(*fdow)->b);
+	if (!fdow_encoder_init(*fdow)) {
+		LOG(LOG_ERROR, "Module fdo_sim - Failed to initialize "
+			       "FDOW encoder\n");
+		goto end;
+	}
+
+	if (!*hasmore || *write_type == FDO_SIM_MOD_MSG_EXIT) {
+		LOG(LOG_ERROR, "Module fdo_sim - Invalid state\n");
+		goto end;
+	}
+
+	// TO-DO: Imlement functionality
+
+	if (!fdow_encoded_length(*fdow, &temp_module_val_sz)) {
+		LOG(LOG_ERROR,
+		    "Module fdo_sim - Failed to get encoded length\n");
+		goto end;
+	}
+	*module_val_sz = temp_module_val_sz;
+	if (memcpy_s(module_val, *module_val_sz, (*fdow)->b.block,
+		     *module_val_sz) != 0) {
+		LOG(LOG_ERROR, "Module fdo_sim - Failed to copy "
+			       "CBOR-encoded module value\n");
+		goto end;
+	}
+	result = FDO_SI_SUCCESS;
+end:
+	result =
+	    fdo_end(NULL, fdow, result, bin_data, NULL, 0, hasmore, write_type);
+	return result;
+}
+
+int fdo_end(fdor_t **fdor, fdow_t **fdow, int result, uint8_t *bin_data,
+	    uint8_t **exec_instr, size_t total_exec_array_length, bool *hasmore,
+	    fdoSimModMsg *write_type)
+{
+	// End of function, clean-up state variables/objects
+	if (bin_data) {
+		FSIMModuleFree(bin_data);
+	}
+	if (exec_instr && total_exec_array_length > 0) {
+		int exec_counter = total_exec_array_length - 1;
+		while (exec_counter >= 0) {
+			FSIMModuleFree(exec_instr[exec_counter]);
+			--exec_counter;
+		}
+		FSIMModuleFree(exec_instr);
+		total_exec_array_length = 0;
+	}
+	if (result != FDO_SI_SUCCESS) {
+		// clean-up state variables/objects
+		*hasmore = false;
+		file_sz = 0;
+		file_seek_pos = 0;
+		fetch_data_status = 1;
+		*write_type = FDO_SIM_MOD_MSG_EXIT;
+
+		if (*fdow) {
+			fdow_flush(*fdow);
+			FSIMModuleFree(*fdow);
+		}
+		if (*fdor) {
+			fdor_flush(*fdor);
+			FSIMModuleFree(*fdor);
+		}
+	}
+	return result;
+}