Changes in Plugin Handlers

Signed-off-by: Yogesh Deshpande <[email protected]>
veraison · Dec 5, 2023 · 43bbfde · 43bbfde
1 parent e425713
commit 43bbfde
Show file tree

Hide file tree

Showing 5 changed files with 61 additions and 1 deletion.
diff --git a/end-to-end/input/cca-claims-with-realm.json b/end-to-end/input/cca-claims-with-realm.json
@@ -0,0 +1,51 @@
+{
+  "cca-platform-token": {
+    "cca-platform-profile": "http://arm.com/CCA-SSD/1.0.0",
+    "cca-platform-implementation-id": "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=",
+    "cca-platform-instance-id": "AQICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIC",
+    "cca-platform-config": "AQID",
+    "cca-platform-lifecycle": 12288,
+    "cca-platform-sw-components": [
+      {
+          "measurement-type": "BL",
+          "measurement-value": "BwYFBAMCAQAPDg0MCwoJCBcWFRQTEhEQHx4dHBsaGRg=",
+          "signer-id": "BwYFBAMCAQAPDg0MCwoJCBcWFRQTEhEQHx4dHBsaGRg=",
+          "version": "3.4.2"
+        },
+        {
+          "measurement-type": "M1",
+          "measurement-value": "CwYFBAMCAQAPDg0MCwoJCBcWFRQTEhEQHx4dHBsaGRg=",
+          "signer-id": "BwYFBAMCAQAPDg0MCwoJCBcWFRQTEhEQHx4dHBsaGRg=",
+          "version": "1.2.0"
+        },
+        {
+          "measurement-type": "M2",
+          "measurement-value": "DwYFBAMCAQAPDg0MCwoJCBcWFRQTEhEQHx4dHBsaGRg=",
+          "signer-id": "BwYFBAMCAQAPDg0MCwoJCBcWFRQTEhEQHx4dHBsaGRg=",
+          "version": "1.2.3"
+        },
+        {
+          "measurement-type": "M3",
+          "measurement-value": "EwYFBAMCAQAPDg0MCwoJCBcWFRQTEhEQHx4dHBsaGRg=",
+          "signer-id": "BwYFBAMCAQAPDg0MCwoJCBcWFRQTEhEQHx4dHBsaGRg=",
+          "version": "1.0.0"
+      }
+  ],
+    "cca-platform-service-indicator": "https://veraison.example/v1/challenge-response",
+    "cca-platform-hash-algo-id": "sha-256"
+  },
+  "cca-realm-delegated-token": {
+    "cca-realm-challenge": "QUJBQkFCQUJBQkFCQUJBQkFCQUJBQkFCQUJBQkFCQUJBQkFCQUJBQkFCQUJBQkFCQUJBQkFCQUJBQkFCQUJBQg==",
+    "cca-realm-personalization-value": "QURBREFEQURBREFEQURBREFEQURBREFEQURBREFEQURBREFEQURBREFEQURBREFEQURBREFEQURBREFEQURBRA==",
+    "cca-realm-initial-measurement": "QoS1aUymwNLPR4mguVrIAlyBjeUjBDZL580pgbLS7caFsyInfsJYGZYkE9jJssH1",
+    "cca-realm-extensible-measurements": [
+      "IQe752H8pS2VE2oTVNt6TdV7Gya+DT2nHZ6yOYazS6YVq/ZRTPNeWp6lWgMtBop4",
+      "QQe752H8pS2VE2oTVNt6TdV7Gya+DT2nHZ6yOYazS6YVq/ZRTPNeWp6lWgMtBop4",
+      "JQe752H8pS2VE2oTVNt6TdV7Gya+DT2nHZ6yOYazS6YVq/ZRTPNeWp6lWgMtBop4",
+      "MQe752H8pS2VE2oTVNt6TdV7Gya+DT2nHZ6yOYazS6YVq/ZRTPNeWp6lWgMtBop4"
+    ],
+    "cca-realm-hash-algo-id": "sha-256",
+    "cca-realm-public-key": "BIL70TKptcOWh5+7FTQNkFCXjlXHnVJ5oroOlYVPN+IM0vZPO3K1cLvXc+7iznaEJe31Re2+if+v4OlrvUbicPIHlsRIuY2vRqdk0nRC5ubthPjOyBfm7ManHTo959Z+zQ==",
+    "cca-realm-public-key-hash-algo-id": "sha-512"
+  }
+}
diff --git a/end-to-end/input/cca-token-with-realm.cbor b/end-to-end/input/cca-token-with-realm.cbor
diff --git a/go.mod b/go.mod
@@ -32,7 +32,7 @@ require (
 	github.com/veraison/cmw v0.1.0
 	github.com/veraison/corim v1.1.2-0.20231201124143-c98741c914fc
 	github.com/veraison/dice v0.0.1
-	github.com/veraison/ear v1.1.3-0.20231130183426-c7759f6f0da6
+	github.com/veraison/ear v1.1.3-0.20231204194725-a67c9e0e4e9f
 	github.com/veraison/eat v0.0.0-20220117140849-ddaf59d69f53
 	github.com/veraison/parsec v0.1.1-0.20230915122508-f31e6c9be40e
 	github.com/veraison/psatoken v1.2.0

diff --git a/go.sum b/go.sum
@@ -1077,6 +1077,10 @@ github.com/veraison/ear v1.1.3-0.20231130164136-ea589b65f3bf h1:hZUe1o0rpGQz67rQ
 github.com/veraison/ear v1.1.3-0.20231130164136-ea589b65f3bf/go.mod h1:O3yKgZR04DWKHHiNxfXCMX9ky0cLVoC67TFks6JwEhI=
 github.com/veraison/ear v1.1.3-0.20231130183426-c7759f6f0da6 h1:GV2FS9DBAR6J+wi3OKGde+D6WuPUL+YKnoCIVpF1xu0=
 github.com/veraison/ear v1.1.3-0.20231130183426-c7759f6f0da6/go.mod h1:O3yKgZR04DWKHHiNxfXCMX9ky0cLVoC67TFks6JwEhI=
+github.com/veraison/ear v1.1.3-0.20231204172307-8fb13d568c56 h1:uaXax5ypkJ73ZvjomQoQzylGerLD1c53OgYNnuwLODA=
+github.com/veraison/ear v1.1.3-0.20231204172307-8fb13d568c56/go.mod h1:MRdm/SOzDKxu186VDGLcCg6Ux+y2sCCNkU5YlOEQlM8=
+github.com/veraison/ear v1.1.3-0.20231204194725-a67c9e0e4e9f h1:Ttk4GBcpzKJ6OSUeZdMAJ/ifyEFgEGanBlbGdJKQOTE=
+github.com/veraison/ear v1.1.3-0.20231204194725-a67c9e0e4e9f/go.mod h1:MRdm/SOzDKxu186VDGLcCg6Ux+y2sCCNkU5YlOEQlM8=
 github.com/veraison/eat v0.0.0-20210331113810-3da8a4dd42ff/go.mod h1:+kxt8iuFiVvKRs2VQ1Ho7bbAScXAB/kHFFuP5Biw19I=
 github.com/veraison/eat v0.0.0-20220117140849-ddaf59d69f53 h1:5gnX2TrGd/Xz8DOp2OaLtg/jLoIubSUTrgz6iZ58pJ4=
 github.com/veraison/eat v0.0.0-20220117140849-ddaf59d69f53/go.mod h1:+kxt8iuFiVvKRs2VQ1Ho7bbAScXAB/kHFFuP5Biw19I=

diff --git a/scheme/cca-realm/evidence_handler.go b/scheme/cca-realm/evidence_handler.go
@@ -222,6 +222,11 @@ func populateAttestationResult(
 				appraisal.TrustVector.Executables = ear.UnsafeRuntimeClaim
 				log.Debug("Boot claim succeedded but run time both  Failed")
 			}
+			if err := appraisal.SetRealmIdentity(realmEnd.RealmID); err != nil {
+				return fmt.Errorf("unable to set Realm Identity: %w", err)
+			} else {
+				log.Debugf("Realm Appraisal Extension set RealmID: = %s", realmEnd.RealmID)
+			}
 			break
 		}
 	}