search

microsoft / mu_feature_mm_supv

Project Mu - Feature Repo - MM Supervisor
https://microsoft.github.io/mu
Other
46 stars 28 forks source link

gen_rim: add signature structure generation capability #332

Closed Javagedes closed 3 weeks ago

Javagedes commented 3 weeks ago

Description

Updates the gen_rim command line tool to now have two subcommands -Generate and Signing.

Generate is the same tool as before, providing the ability to generate a RIM for a STM binary. It adds new functionality to also be able to update an existing RIM's signature value.

Signing provides new functionality that can generate Sig_structure<payload> cbor binary. This binary is the portion of RIM that is actually used as the digest when signing the RIM as a part of the CoseSign1 structure. The Sig_structure<payload> is defined in rfc9052. This command can either take the same arguments as the Generate function or consume an existing RIM.

Expected Flows

Flow 1

  1. Generate the RIM with rim generate $(STM_PATH) -o $(RIM_PATH) ...
  2. Generate the Sig Structure with rim signing $(RIM_PATH) --from-rim ...
  3. Produce the signature
  4. Update the RIM with rim generate $(RIM_PATH) --update-signature --signature $(SIGNATURE)

Flow 2

  1. Generate the Sig Structure with rim signing $(STM_PATH) ...
  2. Produce the signature
  3. Generate the RIM with rim generate $(STM_PATH) -o $(RIM_PATH) --signature $(SIGNATURE) ...

How This Was Tested

Tested RIM generation still works as expected. Tested Sig Structure is successfully generated.

Integration Instructions

N/A

codecov-commenter commented 3 weeks ago

Codecov Report

All modified and coverable lines are covered by tests :white_check_mark:

Please upload report for BASE (feature/sea@32c6ba4). Learn more about missing BASE report.

Additional details and impacted files ```diff @@ Coverage Diff @@ ## feature/sea #332 +/- ## ============================================= Coverage ? 0.47% ============================================= Files ? 144 Lines ? 22111 Branches ? 60 ============================================= Hits ? 105 Misses ? 22001 Partials ? 5 ``` | [Flag](https://app.codecov.io/gh/microsoft/mu_feature_mm_supv/pull/332/flags?src=pr&el=flags&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=microsoft) | Coverage Δ | | |---|---|---| | [MmSupervisorPkg](https://app.codecov.io/gh/microsoft/mu_feature_mm_supv/pull/332/flags?src=pr&el=flag&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=microsoft) | `0.47% <ø> (?)` | | Flags with carried forward coverage won't be shown. [Click here](https://docs.codecov.io/docs/carryforward-flags?utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=microsoft#carryforward-flags-in-the-pull-request-comment) to find out more.

:umbrella: View full report in Codecov by Sentry.
:loudspeaker: Have feedback on the report? Share it here.