Git-Mirrors/constellation
1
0
Fork 0
mirror of https://github.com/edgelesssys/constellation.git synced 2025-05-02 14:26:23 -04:00
Code Issues Projects Releases Packages Wiki Activity

measurements: Add length field for WithAllBytes

Browse source
This commit is contained in:
Nils Hanke 2023-03-10 11:33:06 +01:00 committed by Malte Poll
parent fe3622d982
commit 9e987778e0
16 changed files with 227 additions and 221 deletions
Download patch file Download diff file Expand all files Collapse all files

12
cli/internal/helm/loader_test.go
View file

@ -64,7 +64,7 @@ func TestConstellationServices(t *testing.T) {
config: &config.Config{
Provider: config.ProviderConfig{AWS: &config.AWSConfig{}},
Attestation: config.AttestationConfig{AWSNitroTPM: &config.AWSNitroTPM{
Measurements: measurements.M{1: measurements.WithAllBytes(0xAA, measurements.Enforce)},
Measurements: measurements.M{1: measurements.WithAllBytes(0xAA, measurements.Enforce, measurements.PCRMeasurementLength)},
}},
},
valuesModifier: prepareAWSValues,
@ -76,7 +76,7 @@ func TestConstellationServices(t *testing.T) {
DeployCSIDriver: toPtr(true),
}},
Attestation: config.AttestationConfig{AzureSEVSNP: &config.AzureSEVSNP{
Measurements: measurements.M{1: measurements.WithAllBytes(0xAA, measurements.Enforce)},
Measurements: measurements.M{1: measurements.WithAllBytes(0xAA, measurements.Enforce, measurements.PCRMeasurementLength)},
FirmwareSignerConfig: config.SNPFirmwareSignerConfig{
AcceptedKeyDigests: idkeydigest.List{bytes.Repeat([]byte{0xAA}, 32)},
EnforcementPolicy: idkeydigest.MAAFallback,
@ -95,7 +95,7 @@ func TestConstellationServices(t *testing.T) {
DeployCSIDriver: toPtr(true),
}},
Attestation: config.AttestationConfig{GCPSEVES: &config.GCPSEVES{
Measurements: measurements.M{1: measurements.WithAllBytes(0xAA, measurements.Enforce)},
Measurements: measurements.M{1: measurements.WithAllBytes(0xAA, measurements.Enforce, measurements.PCRMeasurementLength)},
}},
},
valuesModifier: prepareGCPValues,
@ -105,7 +105,7 @@ func TestConstellationServices(t *testing.T) {
config: &config.Config{
Provider: config.ProviderConfig{OpenStack: &config.OpenStackConfig{}},
Attestation: config.AttestationConfig{QEMUVTPM: &config.QEMUVTPM{
Measurements: measurements.M{1: measurements.WithAllBytes(0xAA, measurements.Enforce)},
Measurements: measurements.M{1: measurements.WithAllBytes(0xAA, measurements.Enforce, measurements.PCRMeasurementLength)},
}},
},
valuesModifier: prepareOpenStackValues,
@ -115,7 +115,7 @@ func TestConstellationServices(t *testing.T) {
config: &config.Config{
Provider: config.ProviderConfig{QEMU: &config.QEMUConfig{}},
Attestation: config.AttestationConfig{QEMUVTPM: &config.QEMUVTPM{
Measurements: measurements.M{1: measurements.WithAllBytes(0xAA, measurements.Enforce)},
Measurements: measurements.M{1: measurements.WithAllBytes(0xAA, measurements.Enforce, measurements.PCRMeasurementLength)},
}},
},
valuesModifier: prepareQEMUValues,
@ -525,7 +525,6 @@ func prepareOpenStackValues(values map[string]any) error {
if !ok {
return errors.New("missing 'join-service' key")
}
joinVals["measurementSalt"] = "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA"
ccmVals, ok := values["ccm"].(map[string]any)
@ -555,7 +554,6 @@ func prepareQEMUValues(values map[string]any) error {
if !ok {
return errors.New("missing 'join-service' key")
}
joinVals["measurementSalt"] = "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA"
verificationVals, ok := values["verification-service"].(map[string]any)