Add tests for CB policies

Bug: 388251723
Change-Id: Ibea122b207cd73701fcca423060eca3c08afb937

Author: ipetr0v

oak_attestation_verification/BUILD

@@ -88,6 +88,7 @@ rust_test_suite(
         "//oak_attestation_verification/data:amd_ask_certs",
         "//oak_attestation_verification/testdata:cb_attestation",
         "//oak_attestation_verification/testdata:certs",
+        "//oak_attestation_verification/testdata:deprecated_cb_attestation",
         "//oak_attestation_verification/testdata:endorsement",
         "//oak_attestation_verification/testdata:fake_attestation",
         "//oak_attestation_verification/testdata:genoa_oc_attestation",
@@ -178,6 +179,7 @@ rust_test_suite(
         "//oak_attestation_verification/data:amd_ask_certs",
         "//oak_attestation_verification/testdata:cb_attestation",
         "//oak_attestation_verification/testdata:certs",
+        "//oak_attestation_verification/testdata:deprecated_cb_attestation",
         "//oak_attestation_verification/testdata:endorsement",
         "//oak_attestation_verification/testdata:fake_attestation",
         "//oak_attestation_verification/testdata:genoa_oc_attestation",

oak_attestation_verification/testdata/BUILD

@@ -20,14 +20,23 @@ package(
 )
 
 filegroup(
-    name = "cb_attestation",
+    name = "deprecated_cb_attestation",
     srcs = [
         "cb_endorsement.binarypb",
         "cb_evidence.binarypb",
         "cb_reference_values.binarypb",
     ],
 )
 
+filegroup(
+    name = "cb_attestation",
+    srcs = [
+        "cb_endorsements_20250124.binarypb",
+        "cb_evidence_20250124.binarypb",
+        "cb_reference_values_20250124.binarypb",
+    ],
+)
+
 filegroup(
     name = "certs",
     srcs = [

oak_attestation_verification/testdata/cb_endorsements_20250124.binarypb

@@ -0,0 +1,12 @@
+# proto-file: proto/attestation/endorsement.proto
+# proto-message: oak.attestaton.v1.Endorsements
+#
+# Valid real-world endorsements for the CB chain, used for testing.
+# Created on 2025-01-24, last updated on 2025-01-24.
+# `cb_endorsements_{DATE}.binarypb` is the same instance in serialized binary
+# format.
+cb {
+  root_layer {
+    tee_certificate: "0\202\005C0\202\002\367\240\003\002\001\002\002\001\0000A\006\t*\206H\206\367\r\001\001\n04\240\0170\r\006\t`\206H\001e\003\004\002\002\005\000\241\0340\032\006\t*\206H\206\367\r\001\001\0100\r\006\t`\206H\001e\003\004\002\002\005\000\242\003\002\00100{1\0240\022\006\003U\004\013\014\013Engineering1\0130\t\006\003U\004\006\023\002US1\0240\022\006\003U\004\007\014\013Santa Clara1\0130\t\006\003U\004\010\014\002CA1\0370\035\006\003U\004\n\014\026Advanced Micro Devices1\0220\020\006\003U\004\003\014\tSEV-Milan0\036\027\r240917221233Z\027\r310917221233Z0z1\0240\022\006\003U\004\013\014\013Engineering1\0130\t\006\003U\004\006\023\002US1\0240\022\006\003U\004\007\014\013Santa Clara1\0130\t\006\003U\004\010\014\002CA1\0370\035\006\003U\004\n\014\026Advanced Micro Devices1\0210\017\006\003U\004\003\014\010SEV-VCEK0v0\020\006\007*\206H\316=\002\001\006\005+\201\004\000\"\003b\000\004\345\343\250I\265\366\350\031tT\227\t\245\303ES7\000l\024\241\257b\001\3712\037%z\225\266\254\265\0363\010}\314\272CxO\250\226\300\0173 \261\221W;\010\326\235\206\362\254\344\016t\331:c\245\247}\310r\037\364\304\352(os\307\370A\356\347cu\361\033\373\312\341\021~c\234gr\215\005\243\202\001\0270\202\001\0230\020\006\t+\006\001\004\001\234x\001\001\004\003\002\001\0000\027\006\t+\006\001\004\001\234x\001\002\004\n\026\010Milan-B00\021\006\n+\006\001\004\001\234x\001\003\001\004\003\002\001\0030\021\006\n+\006\001\004\001\234x\001\003\002\004\003\002\001\0000\021\006\n+\006\001\004\001\234x\001\003\004\004\003\002\001\0000\021\006\n+\006\001\004\001\234x\001\003\005\004\003\002\001\0000\021\006\n+\006\001\004\001\234x\001\003\006\004\003\002\001\0000\021\006\n+\006\001\004\001\234x\001\003\007\004\003\002\001\0000\021\006\n+\006\001\004\001\234x\001\003\003\004\003\002\001\0260\022\006\n+\006\001\004\001\234x\001\003\010\004\004\002\002\000\3210M\006\t+\006\001\004\001\234x\001\004\004@\205\274\333*\265q\340YRQ\257E\2106\002\344\304s\226\036\351\372Uk\375(\300\231\312\270\201\222/\006{\206\357\025\tm\202\343\206\224\226\327\204\344=\016G\t\252\313\'\350\304g\325\367\360U\025\3700A\006\t*\206H\206\367\r\001\001\n04\240\0170\r\006\t`\206H\001e\003\004\002\002\005\000\241\0340\032\006\t*\206H\206\367\r\001\001\0100\r\006\t`\206H\001e\003\004\002\002\005\000\242\003\002\0010\003\202\002\001\000\004\335\'\230tp\231\031\344`FV\326y\307\322\320\003\347\376Q\005\013\254U\232\332+0\360)\220\2125\035\'\360$4\224\313\036\300r\026)P\314\335\376\364?t[\n\227f\307\332\334\275\342jq\327\267\020.p\327\355\031\326\232=~\006NR[\353\310\023!\252\352\267{Wu\020\210\005@\315\212\204\004\003Z\250g\3177\337\363%|j\356LK\210u\314\037\006>\024\237\341J\363n\347(\376j\214Nx\254\355M\241]0\366\217It\035A:CR\361\313do6Q\277\345q0m\244>\2105M\265 c\033mmd\0162\005\006Pu\254\223AR\226D\326\231h\017J\n\376\324\361\234\277\311\342hdt\016X\274\322\035\200\365b\316\023\226\355\014d{%#t\307k\331nf\304\251\323\377P\006 :\210\034\031\2720\004\304\276\301\317L\022\330\334K\252/\363\006W6@\207\"\177\332\201\"\t\tv\006\341\305Wl\266:\233I\206\031<\367\\x|\303\027q\301\300\334\355\026\025\256\255\355\376\246\202L\252\213 \271+T\214\330k\014}\213F\330\262\360\2514\225>\334\364\206>\222~\025\212T\341\247w\345\264\311J\330+\0246V^\227\254L\256\243\023g\335\013}\3260Qs\214\267\3722\322\362\255<\270\003\003$`!\016\252(\373-.\2152\212\225&\314\330W \263\217:\023\263\330\230\373~f\253\315\317\334\262=\205A|\020E\235\0054\312H(h[\337B\232\307\241\203p\025\025q\257\n\264_M-\357\026\2541\233X\311\254\003\340{\336\225\014\343w\245\000C\227Pw\3657b\010Y\'\207\362\330UM|=\210\266\352\357F\237\026\247\032\375\205\"\254\017\245 <R\235x!\334\243i\220\020\242\370\017\241\006~\373Kh$UI\361\023)\211\330\034\371\027_\325\272\212\'\037\353p\307\356"
+  }
+}

oak_attestation_verification/testdata/cb_endorsements_20250124.textproto

@@ -0,0 +1,49 @@
+# proto-file: third_party/oak/proto/attestation/reference_value.proto
+# proto-message: oak.attestation.v1.ReferenceValues
+#
+# Valid real-world reference values for the CB chain, used for testing.
+# Created on 2025-01-24, last updated on 2025-01-24.
+# `cb_reference_values_{DATE}.binarypb` is the same instance in serialized
+# binary format.
+cb {
+  root_layer {
+    amd_sev {
+      stage0 {
+        skip {
+        }
+      }
+      min_tcb_version {
+        boot_loader: 3
+        snp: 20
+        microcode: 209
+      }
+    }
+  }
+  kernel_layer {
+    event {
+      digests {
+        digests {
+          sha2_256: "\345\024\226\337\001\277\224X\245\n\217\001\375\245\344\021Fj\303\355a\202\006%\253\033\030Y\242\272\315\004"
+        }
+      }
+    }
+  }
+  system_layer {
+    event {
+      digests {
+        digests {
+          sha2_256: "\244\312\024ck\310\266(\025|\332\203+\332\206\242\361\327\352Ws\212|\237\307\233\n|p\201\005\264"
+        }
+      }
+    }
+  }
+  application_layer {
+    event {
+      digests {
+        digests {
+          sha2_256: "\035\3773\222\262[}\332\237QZ\030\242\205\2751\332\376\tz\nK\334\363\337jH\202?\270^%"
+        }
+      }
+    }
+  }
+}

oak_attestation_verification/testdata/cb_evidence_20250124.binarypb

@@ -23,10 +23,15 @@ use oak_attestation_verification::policy::{
 };
 use oak_attestation_verification_types::policy::Policy;
 use oak_file_utils::data_path;
-use oak_proto_rust::oak::attestation::v1::{
-    binary_reference_value, endorsements, reference_values, AmdSevSnpEndorsement, Endorsements,
-    Evidence, FirmwareEndorsement, OakContainersReferenceValues,
-    OakRestrictedKernelReferenceValues, ReferenceValues, SkipVerification,
+use oak_proto_rust::oak::{
+    attestation::v1::{
+        binary_reference_value, endorsements, kernel_binary_reference_value, reference_values,
+        text_reference_value, AmdSevSnpEndorsement, BinaryReferenceValue, CbReferenceValues,
+        Endorsements, Evidence, FirmwareEndorsement, KernelBinaryReferenceValue,
+        KernelLayerReferenceValues, OakContainersReferenceValues,
+        OakRestrictedKernelReferenceValues, ReferenceValues, SkipVerification, TextReferenceValue,
+    },
+    Variant,
 };
 use oak_sev_snp_attestation_report::AttestationReport;
 use prost::Message;
@@ -46,6 +51,13 @@ const RK_ENDORSEMENTS_PATH: &str =
 const RK_REFERENCE_VALUES_PATH: &str =
     "oak_attestation_verification/testdata/rk_reference_values_20241205.binarypb";
 
+const CB_EVIDENCE_PATH: &str =
+    "oak_attestation_verification/testdata/cb_evidence_20250124.binarypb";
+const CB_ENDORSEMENTS_PATH: &str =
+    "oak_attestation_verification/testdata/cb_endorsements_20250124.binarypb";
+const CB_REFERENCE_VALUES_PATH: &str =
+    "oak_attestation_verification/testdata/cb_reference_values_20250124.binarypb";
+
 const KERNEL_EVENT_INDEX: usize = 0;
 const RK_APPLICATION_EVENT_INDEX: usize = 1;
 const SYSTEM_EVENT_INDEX: usize = 1;
@@ -125,6 +137,36 @@ fn load_rk_reference_values() -> OakRestrictedKernelReferenceValues {
     rk_reference_values
 }
 
+fn load_cb_evidence() -> Evidence {
+    let serialized = fs::read(data_path(CB_EVIDENCE_PATH)).expect("could not read evidence");
+    Evidence::decode(serialized.as_slice()).expect("could not decode evidence")
+}
+
+fn load_cb_endorsements() -> Endorsements {
+    let serialized =
+        fs::read(data_path(CB_ENDORSEMENTS_PATH)).expect("could not read endorsements");
+    Endorsements::decode(serialized.as_slice()).expect("could not decode endorsements")
+}
+
+fn load_cb_reference_values() -> CbReferenceValues {
+    let serialized =
+        fs::read(data_path(CB_REFERENCE_VALUES_PATH)).expect("could not read reference values");
+    let reference_values =
+        ReferenceValues::decode(serialized.as_slice()).expect("could not decode reference values");
+    let containers_reference_values = match reference_values.r#type.as_ref() {
+        Some(reference_values::Type::Cb(containers_reference_values)) => {
+            containers_reference_values.clone()
+        }
+        _ => panic!("couldn't find CB reference values"),
+    };
+    assert!(containers_reference_values.root_layer.is_some());
+    assert!(containers_reference_values.root_layer.as_ref().unwrap().amd_sev.is_some());
+    assert!(containers_reference_values.kernel_layer.is_some());
+    assert!(containers_reference_values.system_layer.is_some());
+    assert!(containers_reference_values.application_layer.is_some());
+    containers_reference_values
+}
+
 lazy_static::lazy_static! {
     static ref OC_EVIDENCE: Evidence = load_oc_evidence();
     static ref OC_ENDORSEMENTS: Endorsements = load_oc_endorsements();
@@ -133,6 +175,10 @@ lazy_static::lazy_static! {
     static ref RK_EVIDENCE: Evidence = load_rk_evidence();
     static ref RK_ENDORSEMENTS: Endorsements = load_rk_endorsements();
     static ref RK_REFERENCE_VALUES: OakRestrictedKernelReferenceValues = load_rk_reference_values();
+
+    static ref CB_EVIDENCE: Evidence = load_cb_evidence();
+    static ref CB_ENDORSEMENTS: Endorsements = load_cb_endorsements();
+    static ref CB_REFERENCE_VALUES: CbReferenceValues = load_cb_reference_values();
 }
 
 #[test]
@@ -251,3 +297,33 @@ fn rk_application_policy_verify_succeeds() {
     // TODO: b/356631062 - Verify detailed attestation results.
     assert!(result.is_ok(), "Failed: {:?}", result.err().unwrap());
 }
+
+#[test]
+fn cb_kernel_policy_verify_succeeds() {
+    // TODO: b/388251723 - Use real CB reference values instead of [`Skip`].
+    let _reference_values = CB_REFERENCE_VALUES.kernel_layer.as_ref().unwrap();
+    let kernel_skip = KernelBinaryReferenceValue {
+        r#type: Some(kernel_binary_reference_value::Type::Skip(SkipVerification {})),
+    };
+    let text_skip =
+        TextReferenceValue { r#type: Some(text_reference_value::Type::Skip(SkipVerification {})) };
+    let binary_skip = BinaryReferenceValue {
+        r#type: Some(binary_reference_value::Type::Skip(SkipVerification {})),
+    };
+    let skip_reference_values = KernelLayerReferenceValues {
+        kernel: Some(kernel_skip),
+        kernel_cmd_line_text: Some(text_skip),
+        init_ram_fs: Some(binary_skip.clone()),
+        memory_map: Some(binary_skip.clone()),
+        acpi: Some(binary_skip),
+    };
+
+    let policy = KernelPolicy::new(&skip_reference_values);
+    let event = &CB_EVIDENCE.event_log.as_ref().unwrap().encoded_events[KERNEL_EVENT_INDEX];
+    let endorsement = Variant::default();
+
+    let result = policy.verify(event, &endorsement, MILLISECONDS_SINCE_EPOCH);
+
+    // TODO: b/356631062 - Verify detailed attestation results.
+    assert!(result.is_ok(), "Failed: {:?}", result.err().unwrap());
+}