[CON-1245] Add support for Intel reference PCCS

# Changes
- Fix bug that caused corrupted binary encoded CRLs/Certs.
- Refactor quote JSON parsing so that it supports multiple versions.
- Add checks to `QuoteVerifier.kt` to exclude TDX.

Author: ac101m

conclave-common/src/main/kotlin/com/r3/conclave/common/internal/attestation/AttestationJsonTypes.kt

@@ -27,11 +27,15 @@ data class QuoteCollateral(
 
     val tcbInfoIssuerChain: CertPath by lazy { parseCertPath(rawTcbInfoIssuerChain) }
 
-    val signedTcbInfo: SignedTcbInfo by lazy { parseJson(rawSignedTcbInfo) }
+    val signedTcbInfo: SignedTcbInfo by lazy {
+        SignedTcbInfo.fromJson(attestationObjectMapper.readTree(rawSignedTcbInfo.inputStream()))
+    }
 
     val qeIdentityIssuerChain: CertPath by lazy { parseCertPath(rawQeIdentityIssuerChain) }
 
-    val signedQeIdentity: SignedEnclaveIdentity by lazy { parseJson(rawSignedQeIdentity) }
+    val signedQeIdentity: SignedEnclaveIdentity by lazy {
+        SignedEnclaveIdentity.fromJson(attestationObjectMapper.readTree(rawSignedQeIdentity.inputStream()))
+    }
 
     private fun parseCertPath(bytes: OpaqueBytes): CertPath {
         return AttestationUtils.parsePemCertPath(bytes.inputStream())
@@ -41,10 +45,6 @@ data class QuoteCollateral(
         return CertificateFactory.getInstance("X.509").generateCRL(bytes.inputStream()) as X509CRL
     }
 
-    private inline fun <reified T> parseJson(bytes: OpaqueBytes): T {
-        return attestationObjectMapper.readValue(bytes.inputStream(), T::class.java)
-    }
-
     fun serialiseTo(dos: DataOutputStream) {
         // We need to serialise the version as a length prefixed string to maintain backwards compatibility.
         dos.writeIntLengthPrefixBytes(version.toString().toByteArray())

conclave-common/src/main/kotlin/com/r3/conclave/common/internal/attestation/QuoteCollateral.kt

@@ -445,13 +445,21 @@ object QuoteVerifier {
         return EnclaveTcbStatus.Revoked
     }
 
-    private fun getMatchingTcbLevel(pckExtensions: SGXExtensionASN1Parser, tcbInfo: TcbInfo): TcbStatus {
+    private fun getMatchingTcbLevel(pckExtensions: SGXExtensionASN1Parser, tcbInfo: TcbInfo): TcbLevel {
         val pckTcbs = IntArray(16) { pckExtensions.getInt("${SGX_TCB_OID}.${it + 1}") }
         val pckPceSvn = pckExtensions.getInt(SGX_PCESVN_OID)
 
-        for (lvl in tcbInfo.tcbLevels) {
-            if (isCpuSvnHigherOrEqual(pckTcbs, lvl.tcb) && pckPceSvn >= lvl.tcb.pcesvn) {
-                return lvl.tcbStatus
+        /**
+         * Ignore TDX quotes for now
+         * TODO: CON-1273, Audit changes to the intel QVL
+         */
+        require(tcbInfo.id != TypeID.TDX) {
+            "TDX quotes are not supported."
+        }
+
+        for (tcbLevel in tcbInfo.tcbLevels) {
+            if (isCpuSvnHigherOrEqual(pckTcbs, tcbLevel.tcb) && pckPceSvn >= tcbLevel.tcb.pcesvn) {
+                return tcbLevel
             }
         }
 
@@ -461,41 +469,25 @@ object QuoteVerifier {
     private fun isCpuSvnHigherOrEqual(pckTcb: IntArray, jsonTcb: Tcb): Boolean {
         for (j in pckTcb.indices) {
             // If *ANY* CPUSVN component is lower then CPUSVN is considered lower
-            if (pckTcb[j] < getSgxTcbComponentSvn(jsonTcb, j)) return false
+            if (pckTcb[j] < jsonTcb.sgxtcbcompsvn[j]) return false
         }
         // but for CPUSVN to be considered higher it requires that *EVERY* CPUSVN component to be higher or equal
         return true
     }
 
     private fun checkTcbLevel(pckExtensions: SGXExtensionASN1Parser, tcbInfo: TcbInfo): TcbStatus {
-        val tcbLevelStatus = getMatchingTcbLevel(pckExtensions, tcbInfo)
-        check(tcbInfo.version == 2 || tcbLevelStatus != TcbStatus.OutOfDateConfigurationNeeded) {
-            "TCB_UNRECOGNIZED_STATUS"
+        val tcbLevel = getMatchingTcbLevel(pckExtensions, tcbInfo)
+
+        /**
+         * This check will currently always pass, but is added for safety in case of future modifications.
+         * Logic comes from the Intel QVL
+         * TODO: CON-1273, Audit changes to the intel QVL
+         */
+        check (!(tcbLevel.tcbStatus == TcbStatus.OutOfDateConfigurationNeeded && tcbInfo.version.id < 2)) {
+            "TCB_UNRCOGNISED_STATUS"
         }
-        return tcbLevelStatus
-    }
 
-    private fun getSgxTcbComponentSvn(tcb: Tcb, index: Int): Int {
-        // 0 base index
-        return when (index) {
-            0 -> tcb.sgxtcbcomp01svn
-            1 -> tcb.sgxtcbcomp02svn
-            2 -> tcb.sgxtcbcomp03svn
-            3 -> tcb.sgxtcbcomp04svn
-            4 -> tcb.sgxtcbcomp05svn
-            5 -> tcb.sgxtcbcomp06svn
-            6 -> tcb.sgxtcbcomp07svn
-            7 -> tcb.sgxtcbcomp08svn
-            8 -> tcb.sgxtcbcomp09svn
-            9 -> tcb.sgxtcbcomp10svn
-            10 -> tcb.sgxtcbcomp11svn
-            11 -> tcb.sgxtcbcomp12svn
-            12 -> tcb.sgxtcbcomp13svn
-            13 -> tcb.sgxtcbcomp14svn
-            14 -> tcb.sgxtcbcomp15svn
-            15 -> tcb.sgxtcbcomp16svn
-            else -> throw GeneralSecurityException("Invalid sgxtcbcompsvn index $index")
-        }
+        return tcbLevel.tcbStatus
     }
 
     private fun verify(check: Boolean, status: ErrorStatus) {

conclave-common/src/main/kotlin/com/r3/conclave/common/internal/attestation/QuoteVerifier.kt

@@ -1,18 +1,32 @@
 package com.r3.conclave.common.internal.attestation
 
+import com.fasterxml.jackson.databind.JsonNode
 import com.fasterxml.jackson.databind.ObjectMapper
 import com.r3.conclave.common.OpaqueBytes
 import com.r3.conclave.common.SHA256Hash
 import com.r3.conclave.common.internal.Cursor
 import com.r3.conclave.common.internal.SgxQuote
 import org.assertj.core.api.Assertions.assertThat
 import org.junit.jupiter.api.Test
+import org.junit.jupiter.params.ParameterizedTest
+import org.junit.jupiter.params.provider.EnumSource
+import org.junit.jupiter.params.provider.MethodSource
+import java.io.IOException
 import java.time.Instant
 import java.time.ZoneOffset.UTC
 import java.time.ZonedDateTime
 import java.util.*
 import kotlin.random.Random
 
+
+private val mapper = ObjectMapper()
+
+/** Load a resource as text, throw if the resource is missing. */
+fun loadResourceAsJson(path: String): JsonNode {
+    val text = SignedTcbInfoTest::class.java.getResource(path)?.readText() ?: throw IOException("Missing resource: $path")
+    return mapper.readTree(text)
+}
+
 class EpidVerificationReportTest {
     @Test
     fun `serialise minimum fields`() {
@@ -144,101 +158,45 @@ class EpidVerificationReportTest {
 
 
 class SignedTcbInfoTest {
-    @Test
-    fun `deserialise tcb`() {
-        val json = """
-{
-  "sgxtcbcomp01svn":1,
-  "sgxtcbcomp02svn":2,
-  "sgxtcbcomp03svn":3,
-  "sgxtcbcomp04svn":4,
-  "sgxtcbcomp05svn":5,
-  "sgxtcbcomp06svn":6,
-  "sgxtcbcomp07svn":7,
-  "sgxtcbcomp08svn":8,
-  "sgxtcbcomp09svn":9,
-  "sgxtcbcomp10svn":10,
-  "sgxtcbcomp11svn":11,
-  "sgxtcbcomp12svn":12,
-  "sgxtcbcomp13svn":13,
-  "sgxtcbcomp14svn":14,
-  "sgxtcbcomp15svn":15,
-  "sgxtcbcomp16svn":16,
-  "pcesvn":9
-}
-            """.trimIndent()
-        val result = attestationObjectMapper.readValue(json, Tcb::class.java)
-        assertThat(1).isEqualTo(result.sgxtcbcomp01svn)
+    @ParameterizedTest
+    @EnumSource(TcbInfo.Version::class)
+    fun `tcb deserialization test`(version: TcbInfo.Version) {
+        val json = loadResourceAsJson("test_tcb_${version}.json")
+        val result = Tcb.fromJson(json, version)
+
+        for (i in 0 until 16) {
+            assertThat(result.sgxtcbcompsvn[i]).isEqualTo(i + 1)
+        }
+
+        assertThat(result.pcesvn).isEqualTo(9)
     }
 
-    @Test
-    fun `deserialise signature`() {
-        val signature = "01020304"
-        val json = """
-            {
-              "tcbInfo":{"version":2,"issueDate":"2020-01-02T03:04:05Z","nextUpdate":"2021-02-03T04:05:06Z","fmspc":"00906ed50000","pceId":"0000","tcbType":0,"tcbEvaluationDataNumber":7,
-                "tcbLevels":[]
-              },
-              "signature":"$signature"
-            }
-            """.trimIndent()
-        val result = attestationObjectMapper.readValue(json, SignedTcbInfo::class.java)
-        assertThat(result.signature).isEqualTo(OpaqueBytes.parse(signature))
+    @ParameterizedTest
+    @EnumSource(TcbInfo.Version::class)
+    fun `signature deserialization test`(version: TcbInfo.Version) {
+        val json = loadResourceAsJson("test_tcbinfo_${version}.json")
+        val result = SignedTcbInfo.fromJson(json)
+        assertThat(result.signature).isEqualTo(OpaqueBytes.parse("01020304"))   // Matches resource content
     }
 
-    @Test
-    fun `deserialise tcb info`() {
-        val signature =
-            "2fcfea244996d64794c3729acff632887de67722cfca7b0458464a74d4101d01879fe28fa01594f28c6e0e97e9558ff0a45898bd6af275e8edffc2364780fe06"
-        val json = """
-{
-"tcbInfo":{
-    "version":2,"issueDate":"2020-01-02T03:04:05Z","nextUpdate":"2021-02-03T04:05:06Z","fmspc":"00906ed50000","pceId":"0000","tcbType":0,"tcbEvaluationDataNumber":7,
-    "tcbLevels":[
-        {"tcb":{"sgxtcbcomp01svn":1,"sgxtcbcomp02svn":2,"sgxtcbcomp03svn":3,"sgxtcbcomp04svn":4,"sgxtcbcomp05svn":5,"sgxtcbcomp06svn":6,"sgxtcbcomp07svn":7,"sgxtcbcomp08svn":8,"sgxtcbcomp09svn":9,"sgxtcbcomp10svn":10,"sgxtcbcomp11svn":11,"sgxtcbcomp12svn":12,"sgxtcbcomp13svn":13,"sgxtcbcomp14svn":14,"sgxtcbcomp15svn":15,"sgxtcbcomp16svn":16,"pcesvn":9},"tcbDate":"2019-11-13T00:00:00Z","tcbStatus":"UpToDate"},
-        {"tcb":{"sgxtcbcomp01svn":13,"sgxtcbcomp02svn":13,"sgxtcbcomp03svn":2,"sgxtcbcomp04svn":4,"sgxtcbcomp05svn":1,"sgxtcbcomp06svn":128,"sgxtcbcomp07svn":0,"sgxtcbcomp08svn":0,"sgxtcbcomp09svn":0,"sgxtcbcomp10svn":0,"sgxtcbcomp11svn":0,"sgxtcbcomp12svn":0,"sgxtcbcomp13svn":0,"sgxtcbcomp14svn":0,"sgxtcbcomp15svn":0,"sgxtcbcomp16svn":0,"pcesvn":9},"tcbDate":"2019-11-13T00:00:00Z","tcbStatus":"ConfigurationNeeded"},
-        {"tcb":{"sgxtcbcomp01svn":2,"sgxtcbcomp02svn":2,"sgxtcbcomp03svn":2,"sgxtcbcomp04svn":4,"sgxtcbcomp05svn":1,"sgxtcbcomp06svn":128,"sgxtcbcomp07svn":0,"sgxtcbcomp08svn":0,"sgxtcbcomp09svn":0,"sgxtcbcomp10svn":0,"sgxtcbcomp11svn":0,"sgxtcbcomp12svn":0,"sgxtcbcomp13svn":0,"sgxtcbcomp14svn":0,"sgxtcbcomp15svn":0,"sgxtcbcomp16svn":0,"pcesvn":7},"tcbDate":"2019-05-15T00:00:00Z","tcbStatus":"OutOfDate"},
-        {"tcb":{"sgxtcbcomp01svn":1,"sgxtcbcomp02svn":1,"sgxtcbcomp03svn":2,"sgxtcbcomp04svn":4,"sgxtcbcomp05svn":1,"sgxtcbcomp06svn":128,"sgxtcbcomp07svn":0,"sgxtcbcomp08svn":0,"sgxtcbcomp09svn":0,"sgxtcbcomp10svn":0,"sgxtcbcomp11svn":0,"sgxtcbcomp12svn":0,"sgxtcbcomp13svn":0,"sgxtcbcomp14svn":0,"sgxtcbcomp15svn":0,"sgxtcbcomp16svn":0,"pcesvn":7},"tcbDate":"2019-01-09T00:00:00Z","tcbStatus":"OutOfDate"},
-        {"tcb":{"sgxtcbcomp01svn":1,"sgxtcbcomp02svn":1,"sgxtcbcomp03svn":2,"sgxtcbcomp04svn":4,"sgxtcbcomp05svn":1,"sgxtcbcomp06svn":128,"sgxtcbcomp07svn":0,"sgxtcbcomp08svn":0,"sgxtcbcomp09svn":0,"sgxtcbcomp10svn":0,"sgxtcbcomp11svn":0,"sgxtcbcomp12svn":0,"sgxtcbcomp13svn":0,"sgxtcbcomp14svn":0,"sgxtcbcomp15svn":0,"sgxtcbcomp16svn":0,"pcesvn":6},"tcbDate":"2018-08-15T00:00:00Z","tcbStatus":"OutOfDate"}
-    ]
-    },
-"signature":"$signature"
-}
-        """.trimIndent()
-        val result = attestationObjectMapper.readValue(json, SignedTcbInfo::class.java)
-        assertThat(result.signature).isEqualTo(OpaqueBytes.parse(signature))
-        assertThat(result.tcbInfo.version).isEqualTo(2)
+    @ParameterizedTest
+    @EnumSource(TcbInfo.Version::class)
+    fun `tcb info deserialization test`(version: TcbInfo.Version) {
+        val json = loadResourceAsJson("test_tcbinfo_$version.json")
+        val result = SignedTcbInfo.fromJson(json)
+        assertThat(result.signature).isEqualTo(OpaqueBytes.parse("01020304"))
+        assertThat(result.tcbInfo.version).isEqualTo(version)
         assertThat(result.tcbInfo.issueDate).isEqualTo(Instant.parse("2020-01-02T03:04:05Z"))
         assertThat(result.tcbInfo.nextUpdate).isEqualTo(Instant.parse("2021-02-03T04:05:06Z"))
     }
 }
 
 class SignedEnclaveIdentityTest {
-    @Test
-    fun `deserialise signature`() {
-        val signature = "01020304"
-        val json = """
-{
-    "enclaveIdentity":{
-        "id":"QE",
-        "version":2,
-        "issueDate":"2019-09-05T07:47:08Z",
-        "nextUpdate":"2029-09-05T07:47:08Z",
-        "tcbEvaluationDataNumber":0,
-        "miscselect":"D182B18C",
-        "miscselectMask":"FFFFFFFF",
-        "attributes":"70C8CBF48BD76EAB9C8126CE95E96C90",
-        "attributesMask":"FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF",
-        "mrsigner":"8C4F5775D796503E96137F77C68A829A0056AC8DED70140B081B094490C57BFF",
-        "isvprodid":1,
-        "tcbLevels":[
-            {"tcb":{"isvsvn":1},"tcbDate":"2019-09-01T00:00:00Z","tcbStatus":"UpToDate"}
-            ]
-        },
-    "signature":"$signature"
-}
-        """.trimIndent()
-        val result = attestationObjectMapper.readValue(json, SignedEnclaveIdentity::class.java)
-        assertThat(result.signature).isEqualTo(OpaqueBytes.parse(signature))
+    @ParameterizedTest
+    @EnumSource(EnclaveIdentity.Version::class)
+    fun `signature deserializes correctly`(version: EnclaveIdentity.Version) {
+        val json = loadResourceAsJson("test_signed_enclave_identity_$version.json")
+        val result = SignedEnclaveIdentity.fromJson(json)
+        assertThat(result.signature).isEqualTo(OpaqueBytes.parse("01020304"))
     }
-}
+}