Addressing PR feedback: Iteration 1

chipsalliance · Nov 13, 2024 · 5ecfafc · 5ecfafc
1 parent 0ba7364
commit 5ecfafc
Show file tree

Hide file tree

Showing 2 changed files with 14 additions and 26 deletions.
diff --git a/runtime/tests/runtime_integration_tests/test_authorize_and_stash.rs b/runtime/tests/runtime_integration_tests/test_authorize_and_stash.rs
@@ -18,6 +18,12 @@ use sha2::{Digest, Sha384};
 use zerocopy::AsBytes;
 use zerocopy::FromBytes;
 
+pub const IMAGE_DIGEST1: [u8; 48] = [
+    0x38, 0xB0, 0x60, 0xA7, 0x51, 0xAC, 0x96, 0x38, 0x4C, 0xD9, 0x32, 0x7E, 0xB1, 0xB1, 0xE3, 0x6A,
+    0x21, 0xFD, 0xB7, 0x11, 0x14, 0xBE, 0x07, 0x43, 0x4C, 0x0C, 0xC7, 0xBF, 0x63, 0xF6, 0xE1, 0xDA,
+    0x27, 0x4E, 0xDE, 0xBF, 0xE7, 0x6F, 0x65, 0xFB, 0xD5, 0x1A, 0xD2, 0xF1, 0x48, 0x98, 0xB9, 0x5B,
+];
+
 #[test]
 fn test_authorize_and_stash_cmd_deny_authorization() {
     let mut model = run_rt_test(RuntimeTestArgs::default());
@@ -26,16 +32,9 @@ fn test_authorize_and_stash_cmd_deny_authorization() {
         m.soc_ifc().cptra_boot_status().read() == u32::from(RtBootStatus::RtReadyForCommands)
     });
 
-    let image_digest1: [u8; 48] = [
-        0x38, 0xB0, 0x60, 0xA7, 0x51, 0xAC, 0x96, 0x38, 0x4C, 0xD9, 0x32, 0x7E, 0xB1, 0xB1, 0xE3,
-        0x6A, 0x21, 0xFD, 0xB7, 0x11, 0x14, 0xBE, 0x07, 0x43, 0x4C, 0x0C, 0xC7, 0xBF, 0x63, 0xF6,
-        0xE1, 0xDA, 0x27, 0x4E, 0xDE, 0xBF, 0xE7, 0x6F, 0x65, 0xFB, 0xD5, 0x1A, 0xD2, 0xF1, 0x48,
-        0x98, 0xB9, 0x5B,
-    ];
-
     let mut authorize_and_stash_cmd = MailboxReq::AuthorizeAndStash(AuthorizeAndStashReq {
         hdr: MailboxReqHeader { chksum: 0 },
-        measurement: image_digest1,
+        measurement: IMAGE_DIGEST1,
         source: ImageHashSource::InRequest as u32,
         flags: 0, // Don't skip stash
         ..Default::default()
@@ -115,16 +114,9 @@ fn test_authorize_and_stash_cmd_succes() {
         .unwrap()
         .expect("We should have received a response");
 
-    let image_digest1: [u8; 48] = [
-        0x38, 0xB0, 0x60, 0xA7, 0x51, 0xAC, 0x96, 0x38, 0x4C, 0xD9, 0x32, 0x7E, 0xB1, 0xB1, 0xE3,
-        0x6A, 0x21, 0xFD, 0xB7, 0x11, 0x14, 0xBE, 0x07, 0x43, 0x4C, 0x0C, 0xC7, 0xBF, 0x63, 0xF6,
-        0xE1, 0xDA, 0x27, 0x4E, 0xDE, 0xBF, 0xE7, 0x6F, 0x65, 0xFB, 0xD5, 0x1A, 0xD2, 0xF1, 0x48,
-        0x98, 0xB9, 0x5B,
-    ];
-
     let mut authorize_and_stash_cmd = MailboxReq::AuthorizeAndStash(AuthorizeAndStashReq {
         hdr: MailboxReqHeader { chksum: 0 },
-        measurement: image_digest1,
+        measurement: IMAGE_DIGEST1,
         source: ImageHashSource::InRequest as u32,
         flags: 0, // Don't skip stash
         ..Default::default()
@@ -167,7 +159,7 @@ fn test_authorize_and_stash_cmd_succes() {
     let mut hasher = Sha384::new();
     hasher.update(rt_journey_pcr);
     hasher.update(valid_pauser_hash);
-    hasher.update(image_digest1);
+    hasher.update(IMAGE_DIGEST1);
     let expected_measurement_hash = hasher.finalize();
 
     let dpe_measurement_hash = model.mailbox_execute(0x3000_0000, &[]).unwrap().unwrap();

diff --git a/runtime/tests/runtime_integration_tests/test_set_auth_manifest.rs b/runtime/tests/runtime_integration_tests/test_set_auth_manifest.rs
@@ -1,6 +1,9 @@
 // Licensed under the Apache-2.0 license
 
-use crate::common::{assert_error, run_rt_test_lms, RuntimeTestArgs};
+use crate::{
+    common::{assert_error, run_rt_test_lms, RuntimeTestArgs},
+    test_authorize_and_stash::IMAGE_DIGEST1,
+};
 use caliptra_api::SocManager;
 use caliptra_auth_man_gen::{
     AuthManifestGenerator, AuthManifestGeneratorConfig, AuthManifestGeneratorKeyConfig,
@@ -64,13 +67,6 @@ pub fn test_auth_manifest() -> AuthorizationManifest {
             }),
         });
 
-    let image_digest1: [u8; 48] = [
-        0x38, 0xB0, 0x60, 0xA7, 0x51, 0xAC, 0x96, 0x38, 0x4C, 0xD9, 0x32, 0x7E, 0xB1, 0xB1, 0xE3,
-        0x6A, 0x21, 0xFD, 0xB7, 0x11, 0x14, 0xBE, 0x07, 0x43, 0x4C, 0x0C, 0xC7, 0xBF, 0x63, 0xF6,
-        0xE1, 0xDA, 0x27, 0x4E, 0xDE, 0xBF, 0xE7, 0x6F, 0x65, 0xFB, 0xD5, 0x1A, 0xD2, 0xF1, 0x48,
-        0x98, 0xB9, 0x5B,
-    ];
-
     let image_digest2: [u8; 48] = [
         0xCB, 0x00, 0x75, 0x3F, 0x45, 0xA3, 0x5E, 0x8B, 0xB5, 0xA0, 0x3D, 0x69, 0x9A, 0xC6, 0x50,
         0x07, 0x27, 0x2C, 0x32, 0xAB, 0x0E, 0xDE, 0xD1, 0x63, 0x1A, 0x8B, 0x60, 0x5A, 0x43, 0xFF,
@@ -82,7 +78,7 @@ pub fn test_auth_manifest() -> AuthorizationManifest {
     let image_metadata_list: Vec<AuthManifestImageMetadata> = vec![
         AuthManifestImageMetadata {
             image_source: 0,
-            digest: image_digest1,
+            digest: IMAGE_DIGEST1,
         },
         AuthManifestImageMetadata {
             image_source: 1,