diff --git a/common/python/cctrusted_base/imr.py b/common/python/cctrusted_base/imr.py index c0a327b5..a71941d3 100644 --- a/common/python/cctrusted_base/imr.py +++ b/common/python/cctrusted_base/imr.py @@ -1,8 +1,9 @@ """ Integrated Measurement Register packages. """ + from abc import ABC, abstractmethod -from cctrusted_base.tcg import TcgDigest +from cctrusted_base.tcg import TcgDigest, TcgAlgorithmRegistry class TcgIMR(ABC): """ @@ -11,9 +12,10 @@ class TcgIMR(ABC): _INVALID_IMR_INDEX = -1 - def __init__(self): - self._index = -1 - self._digests:dict[int, TcgDigest] = {} + def __init__(self, index, default_alg_id, default_digest_hash): + self._index = index + self._digests:dict[int, TcgDigest] = \ + {default_alg_id:TcgDigest(default_alg_id, default_digest_hash)} @property def index(self) -> int: @@ -22,6 +24,13 @@ def index(self) -> int: """ return self._index + @property + def digests(self) -> dict: + """ + Digests dict + """ + return self._digests + def digest(self, alg_id): """ The digest value of IMR @@ -54,6 +63,10 @@ class TdxRTMR(TcgIMR): def max_index(self): return 3 + def __init__(self, index, digest_hash): + super().__init__(index, TcgAlgorithmRegistry.TPM_ALG_SHA384, + digest_hash) + class TpmPCR(TcgIMR): """ PCR class defined for TPM diff --git a/common/python/cctrusted_base/tcg.py b/common/python/cctrusted_base/tcg.py index e6c6690d..dfdc42c2 100644 --- a/common/python/cctrusted_base/tcg.py +++ b/common/python/cctrusted_base/tcg.py @@ -56,8 +56,9 @@ class TcgDigest: TCG Digest """ - def __init__(self, alg_id=TcgAlgorithmRegistry.TPM_ALG_SHA384): - self._hash: list = [] + def __init__(self, alg_id=TcgAlgorithmRegistry.TPM_ALG_SHA384, + digest_hash=None): + self._hash: list = digest_hash self._alg_id = alg_id @property diff --git a/vmsdk/python/cc_imr_cli.py b/vmsdk/python/cc_imr_cli.py index 14b2e942..8af0d286 100644 --- a/vmsdk/python/cc_imr_cli.py +++ b/vmsdk/python/cc_imr_cli.py @@ -9,6 +9,14 @@ logging.basicConfig(level=logging.NOTSET, format='%(name)s %(levelname)-8s %(message)s') -imr_inst = cctrusted.get_measurement([2, None]) +count = cctrusted.get_measurement_count() +for index in range(cctrusted.get_measurement_count()): + alg = cctrusted.get_default_algorithms() + digest_obj = cctrusted.get_measurement([index, alg.alg_id]) -# TODO: print IMR + hash_str = "" + for hash_item in digest_obj.hash: + hash_str += "".join([f"{hash_item:02x}", " "]) + + LOG.info("Algorithms: %s", str(alg)) + LOG.info("HASH: %s", hash_str) diff --git a/vmsdk/python/cctrusted/api.py b/vmsdk/python/cctrusted/api.py index 1fc6ec96..102e4d87 100644 --- a/vmsdk/python/cctrusted/api.py +++ b/vmsdk/python/cctrusted/api.py @@ -11,6 +11,20 @@ LOG = logging.getLogger(__name__) +def get_default_algorithms() -> TcgAlgorithmRegistry: + """ + Get default algorithms ID supported by platform + """ + cvm_inst = ConfidentialVM.inst() + return TcgAlgorithmRegistry(cvm_inst.default_algo_id) + +def get_measurement_count() -> int: + """ + Get IMR register value according to given index + """ + cvm_inst = ConfidentialVM.inst() + return len(cvm_inst.imrs) + def get_measurement(imr_select:[int, int]) -> TcgIMR: """ Get IMR register value according to given index diff --git a/vmsdk/python/cctrusted/cvm.py b/vmsdk/python/cctrusted/cvm.py index dabf0feb..f9046461 100644 --- a/vmsdk/python/cctrusted/cvm.py +++ b/vmsdk/python/cctrusted/cvm.py @@ -11,7 +11,7 @@ import struct import fcntl from abc import ABC, abstractmethod -from cctrusted_base.imr import TcgIMR +from cctrusted_base.imr import TdxRTMR,TcgIMR from cctrusted_base.tcg import TcgAlgorithmRegistry from cctrusted_base.tdx.common import TDX_VERSION_1_0, TDX_VERSION_1_5 from cctrusted_base.tdx.report import TdxReportReq10, TdxReportReq15 @@ -233,6 +233,11 @@ def process_cc_report(self) -> bool: # process IMR self._tdreport = tdreport + self._imrs[0] = TdxRTMR(0, tdreport.td_info.rtmr_0) + self._imrs[1] = TdxRTMR(1, tdreport.td_info.rtmr_1) + self._imrs[2] = TdxRTMR(2, tdreport.td_info.rtmr_2) + self._imrs[3] = TdxRTMR(3, tdreport.td_info.rtmr_3) + return True def process_eventlog(self) -> bool: