[device_id] complete DeviceID proto cleanup

src/ate/ate_api.h

@@ -51,8 +51,6 @@ enum DeviceLifeCycle : uint32_t {
   DEVICE_LIFE_CYCLE_PROD_END = 6,
   DEVICE_LIFE_CYCLE_RMA = 7,
   DEVICE_LIFE_CYCLE_SCRAP = 8,
-  DEVICE_LIFE_CYCLE_INVALID = 9,
-  DEVICE_LIFE_CYCLE_EOL = 10,
 };
 
 enum ProvState : uint32_t {
@@ -183,47 +181,14 @@ DLLEXPORT int CreateKeyAndCertificate(ate_client_ptr client, const char* sku,
                                       void* data, size_t* max_data_size,
                                       const void* serial_number,
                                       const size_t serial_number_size);
-/**
- * Registers a BMC's device record.
- *
- * @param client A client instance.
- * @param device_id_number Identifies the specific device.
- * @param dme_pub_key The DME key.
- * @param dme_pub_key_size The DME key size.
- * @param data The data blob.
- * @param data_size (input) The data size
- * @return The result of the operation.
- */
-DLLEXPORT int RegisterDeviceBMC(
-    ate_client_ptr client, const device_id_t* device_id,
-    const void* dme_pub_key, const size_t dme_pub_key_size,
-    const DeviceLifeCycle life_cycle, const uint8_t year, const uint8_t week,
-    const uint16_t lot_num, const uint8_t wafer_id, const uint8_t x,
-    const uint8_t y, const void* data, const size_t data_size);
 
 /**
- * Registers a TPM's device record.
+ * Registers an OpenTitan device record.
  *
- * @param client A client instance.
- * @param device_id_number Identifies the specific device.
- * @param certs The certificaes blob.
- * @param certsSize The certificaes blob size.
- * @param pSN The serial number.
- * @param snSize (input) The serial number size
- * @param year The manufacture year number
- * @param week The manufacture week number
- * @param lot_num The lot number
- * @param wafer_id The wafer ID number
- * @param y The y location
- * @param x The x location
- * @return The result of the operation.
+ * TODO(#16): implement device registration function.
  */
-DLLEXPORT int RegisterDeviceTPM(
-    ate_client_ptr client, const device_id_t* deviceID, const void* certs,
-    const size_t certsSize, const void* pSN, const size_t snSize,
-    const DeviceLifeCycle life_cycle, const uint8_t year, const uint8_t week,
-    const uint16_t lot_num, const uint8_t wafer_id, const uint8_t x,
-    const uint8_t y, const char* FT_lot);
+// DLLEXPORT int RegisterDevice(...);
+
 #ifdef __cplusplus
 }
 #endif

src/ate/ate_dll.cc

@@ -22,8 +22,6 @@ using provisioning::ate::AteClient;
 using namespace provisioning::ate;
 }  // namespace
 
-#define ASCII(val) (((val) > 9) ? (((val)-0xA) + 'A') : ((val) + '0'))
-
 std::string extractDNSNameFromCert(const char *certPath) {
   LOG(INFO) << "debug info: In call extractDNSNameFromCert";
   FILE *certFile = fopen(certPath, "r");
@@ -366,226 +364,3 @@ DLLEXPORT int CreateKeyAndCertificate(
 
   return ConvertResponse(response, data, max_data_size);
 }
-
-// Get the time in milliseconds
-uint64_t getMilliseconds() {
-  return std::chrono::duration_cast<std::chrono::milliseconds>(
-             std::chrono::high_resolution_clock::now().time_since_epoch())
-      .count();
-}
-
-DLLEXPORT int RegisterDeviceBMC(
-    ate_client_ptr client,          // In:      pointer to the client
-    const device_id_t *deviceID,    // In:      Identifies the specific device
-    const void *dme_pub_key,        // In:      sec public key
-    const size_t dme_pub_key_size,  // In:      sec public key size
-    const DeviceLifeCycle life_cycle,  // In:      life_cycle
-    const uint8_t year,                // In:      year
-    const uint8_t week,                // In:      week
-    const uint16_t lot_num,            // In:      lot number
-    const uint8_t wafer_id,            // In:      wafer id
-    const uint8_t x,                   // In:      x
-    const uint8_t y,                   // In:      y
-    const void *data,                  // In:      data buffer
-    const size_t data_size             // In:      data buffer size
-) {
-  LOG(INFO) << "debug info: In ate dll RegisterDeviceBMC";
-
-  // Get the time in milliseconds
-  auto milliseconds = getMilliseconds();
-
-  AteClient *ate = reinterpret_cast<AteClient *>(client);
-
-  pa::RegistrationRequest request;
-  pa::RegistrationResponse response;
-
-  device_id::DeviceRecord *device_record = request.mutable_device_record();
-  // Initialize the device_record message
-  device_record->set_sku(ate->Sku);
-  //  Initialize the id message
-  device_id::DeviceId *id = device_record->mutable_id();
-  id->mutable_hardware_origin()->set_silicon_creator_id(
-      (device_id::SiliconCreatorId)
-          deviceID->hardware_origin.silicon_creator_id);
-  id->mutable_hardware_origin()->set_product_id(
-      (device_id::ProductId)deviceID->hardware_origin.product_id);
-
-  LOG(INFO) << "id->mutable_hardware_origin()->product_id():"
-            << id->mutable_hardware_origin()->product_id();
-
-  id->mutable_hardware_origin()->set_device_identification_number(
-      deviceID->hardware_origin.device_identification_number);
-
-  LOG(INFO) << "id->mutable_hardware_origin()->device_identification_number(): "
-            << id->mutable_hardware_origin()->device_identification_number();
-
-  id->set_sku_specific(
-      std::string((uint8_t *)deviceID->sku_specific,
-                  (uint8_t *)deviceID->sku_specific + SKU_SPECIFIC_SIZE));
-  id->set_crc32(deviceID->crc32);
-
-  // Initialize the data message
-  device_record->mutable_data()->set_device_life_cycle(
-      (device_id::DeviceLifeCycle)life_cycle);
-
-  device_id::DeviceIdPub *device_id_pub =
-      device_record->mutable_data()->add_device_id_pubs();
-  device_id_pub->set_format(
-      device_id::DeviceIdPubFormat::DEVICE_ID_PUB_FORMAT_RAW_ECDSA);
-  device_id_pub->set_blob(std::string(
-      (uint8_t *)dme_pub_key, (uint8_t *)dme_pub_key + dme_pub_key_size));
-
-  device_record->mutable_data()->set_payload(
-      (std::string((uint8_t *)data, (uint8_t *)data + data_size)));
-
-  device_record->mutable_data()->mutable_metadata()->set_state(
-      device_id::DeviceState::DEVICE_STATE_PROVISIONED);
-  device_record->mutable_data()->mutable_metadata()->set_create_time_ms(
-      milliseconds);
-  device_record->mutable_data()->mutable_metadata()->set_update_time_ms(
-      milliseconds);
-
-  device_record->mutable_data()->mutable_metadata()->set_ate_id(ate->ate_id);
-  device_record->mutable_data()->mutable_metadata()->set_ate_raw("");
-  device_record->mutable_data()->mutable_metadata()->set_year(year);
-  device_record->mutable_data()->mutable_metadata()->set_week(week);
-  device_record->mutable_data()->mutable_metadata()->set_lot_num(lot_num);
-  device_record->mutable_data()->mutable_metadata()->set_wafer_id(wafer_id);
-  device_record->mutable_data()->mutable_metadata()->set_y(y);
-  device_record->mutable_data()->mutable_metadata()->set_x(x);
-
-  auto status = ate->SendDeviceRegistrationPayload(request, &response);
-  if (!status.ok()) {
-    LOG(ERROR) << "RegisterDeviceBMC failed with " << status.error_code()
-               << ": " << status.error_message();
-    return static_cast<int>(status.error_code());
-  }
-  LOG(INFO) << "return from ATE RegisterDeviceBMC";
-  return 0;
-}
-
-std::string bytesToStr(uint8_t *byteArray, size_t byteArraySize) {
-  std::string str;
-
-  for (size_t i = 0; i < byteArraySize; i++) {
-    str += ASCII(((byteArray[i]) >> 4) & 0x0F);
-    str += ASCII((byteArray[i]) & 0x0F);
-  }
-  return str;
-}
-
-#define IS_BLOB_CERT_TAG(tag)                                  \
-  ((tag == RSA_2048_KEY_CERT) || (tag == RSA_3072_KEY_CERT) || \
-   (tag == RSA_4096_KEY_CERT) || (tag == ECC_256_KEY_CERT) ||  \
-   (tag == ECC_384_KEY_CERT))
-
-DLLEXPORT int RegisterDeviceTPM(
-    ate_client_ptr client,        // In:      pointer to the client
-    const device_id_t *deviceID,  // In:      Identifies the specific device
-    const void *certs,            // In:      certs
-    const size_t certsSize,       // In:      certs size
-    const void *pSN,              // In:      serial numbre
-    const size_t snSize,          // In:      serial numbre size
-    const DeviceLifeCycle life_cycle,  // In:      life_cycle
-    const uint8_t year,                // In:      year
-    const uint8_t week,                // In:      week
-    const uint16_t lot_num,            // In:      lot numbrt
-    const uint8_t wafer_id,            // In:      wafer id
-    const uint8_t x,                   // In:      x
-    const uint8_t y,                   // In:      y
-    const char *FT_lot                 // In:      taken from the FT job QR scan
-) {
-  LOG(INFO) << "debug info: In ate dll RegisterDeviceTPM";
-
-  size_t index = 0;
-
-  // Get the time in milliseconds
-  auto milliseconds = getMilliseconds();
-  AteClient *ate = reinterpret_cast<AteClient *>(client);
-
-  pa::RegistrationRequest request;
-  pa::RegistrationResponse response;
-
-  device_id::DeviceRecord *device_record = request.mutable_device_record();
-  // Initialize the device_record message
-  device_record->set_sku(ate->Sku);
-
-  //  Initialize the id message
-  device_id::DeviceId *id = device_record->mutable_id();
-  id->mutable_hardware_origin()->set_silicon_creator_id(
-      (device_id::SiliconCreatorId)
-          deviceID->hardware_origin.silicon_creator_id);
-  id->mutable_hardware_origin()->set_product_id(
-      (device_id::ProductId)deviceID->hardware_origin.product_id);
-
-  id->mutable_hardware_origin()->set_device_identification_number(
-      deviceID->hardware_origin.device_identification_number);
-  id->set_sku_specific(
-      std::string((uint8_t *)deviceID->sku_specific,
-                  (uint8_t *)deviceID->sku_specific + SKU_SPECIFIC_SIZE));
-  id->set_crc32(deviceID->crc32);
-
-  LOG(INFO) << "id->mutable_hardware_origin()->mutable_device_type()->product_"
-               "identifier(): "
-            << id->mutable_hardware_origin()->product_id();
-  LOG(INFO) << "id->mutable_hardware_origin()->device_identification_number(): "
-            << id->mutable_hardware_origin()->device_identification_number();
-  LOG(INFO) << "id->crc32(): " << id->crc32();
-
-  // Initialize the data message
-  device_record->mutable_data()->set_device_life_cycle(
-      (device_id::DeviceLifeCycle)life_cycle);
-
-  blob_t *pBlob = (blob_t *)((uint8_t *)certs);
-  device_id::DeviceIdPub *device_id_pub = NULL;
-
-  for (index = 0; index < certsSize;) {
-    // check that the tag is type is correct
-    if (!IS_BLOB_CERT_TAG(pBlob->type)) {
-      LOG(ERROR) << "RegisterDeviceTPM failed with wrong/unsupported blob type";
-      return static_cast<int>(absl::StatusCode::kInvalidArgument);
-    }
-    device_id_pub = device_record->mutable_data()->add_device_id_pubs();
-    device_id_pub->set_format(
-        device_id::DeviceIdPubFormat::DEVICE_ID_PUB_FORMAT_DER);
-    device_id_pub->set_blob(std::string((uint8_t *)pBlob->value,
-                                        (uint8_t *)pBlob->value + pBlob->len));
-
-    uint32_t blob_alinment = (4 - (pBlob->len % 4)) % 4;
-    index = index + sizeof(pBlob->len) + sizeof(pBlob->type) +
-            ((pBlob->len + blob_alinment) & ~blob_alinment);
-
-    if (index > certsSize) {
-      LOG(ERROR) << "RegisterDeviceTPM failed with cert blob overflow";
-      return static_cast<int>(absl::StatusCode::kInvalidArgument);
-    }
-
-    pBlob = (blob_t *)(pBlob->value +
-                       ((pBlob->len + blob_alinment) & ~blob_alinment));
-  }
-
-  device_record->mutable_data()->mutable_metadata()->set_state(
-      device_id::DeviceState::DEVICE_STATE_PROVISIONED);
-  device_record->mutable_data()->mutable_metadata()->set_create_time_ms(
-      milliseconds);
-  device_record->mutable_data()->mutable_metadata()->set_update_time_ms(
-      milliseconds);
-  device_record->mutable_data()->mutable_metadata()->set_ate_raw(
-      bytesToStr((uint8_t *)pSN, snSize));
-  device_record->mutable_data()->mutable_metadata()->set_ate_id(ate->ate_id);
-  device_record->mutable_data()->mutable_metadata()->set_year(year);
-  device_record->mutable_data()->mutable_metadata()->set_week(week);
-  device_record->mutable_data()->mutable_metadata()->set_lot_num(lot_num);
-  device_record->mutable_data()->mutable_metadata()->set_wafer_id(wafer_id);
-  device_record->mutable_data()->mutable_metadata()->set_y(y);
-  device_record->mutable_data()->mutable_metadata()->set_x(x);
-
-  auto status = ate->SendDeviceRegistrationPayload(request, &response);
-  if (!status.ok()) {
-    LOG(ERROR) << "RegisterDeviceTPM failed with " << status.error_code()
-               << ": " << status.error_message();
-    return static_cast<int>(status.error_code());
-  }
-  LOG(INFO) << "return from ATE RegisterDeviceTPM";
-  return 0;
-}

src/pa/proto/BUILD.bazel

@@ -14,6 +14,7 @@ proto_library(
     srcs = ["pa.proto"],
     deps = [
         "//src/proto:device_id_proto",
+        "//src/proto/crypto:cert_proto",
         "//src/proto/crypto:wrap_proto",
     ],
 )
@@ -25,6 +26,7 @@ go_proto_library(
     proto = ":pa_proto",
     deps = [
         "//src/proto:device_id_go_pb",
+        "//src/proto/crypto:cert_go_pb",
         "//src/proto/crypto:wrap_go_pb",
     ],
 )

src/pa/proto/pa.proto

@@ -7,6 +7,7 @@ syntax = "proto3";
 
 package pa;
 
+import "src/proto/crypto/cert.proto";
 import "src/proto/crypto/wrap.proto";
 import "src/proto/device_id.proto";
 
@@ -42,7 +43,7 @@ message EndorsedKey {
   // Certificate endorsing the public portion of the private key encapsulated
   // inside `wrapped_key`. This field is not set if `wrapped_key` encapsulates
   // a symmetric key.
-  device_id.Certificate cert = 1;
+  crypto.cert.Certificate cert = 1;
   // Wrapped key object.
   crypto.wrap.WrappedKey wrapped_key = 2;
 }

src/proto/crypto/cert.proto

@@ -24,3 +24,13 @@ message CertParams {
   // Certificate not after timestamp in UNIX epoch time format. Optional.
   int64 not_after_timestamp_usec = 4;
 }
+
+// A Certificate.
+message Certificate {
+  // Opaque bytes.
+  //
+  // Protobuf knows nothing about internal structure of this blob;
+  // that's handled at a higher level, not by protobuf.
+  // See https://pkg.go.dev/crypto/x509#CreateCertificate for details.
+  bytes blob = 1;
+}