Refactor voucher persistent state; Store vouchers in single sqlite table

Signed-off-by: Ben Krieger <[email protected]>

Author: ben-krieger

di.go

@@ -326,7 +326,7 @@ func (s *DIServer[T]) diDone(ctx context.Context, msg io.Reader) (struct{}, erro
 			return struct{}{}, fmt.Errorf("error in callback before new voucher is persisted: %w", err)
 		}
 	}
-	if err := s.Vouchers.NewVoucher(ctx, ov); err != nil {
+	if err := s.Vouchers.AddVoucher(ctx, ov); err != nil {
 		return struct{}{}, fmt.Errorf("error storing voucher: %w", err)
 	}
 	if s.AfterVoucherPersist != nil {

examples/cmd/server.go

@@ -509,6 +509,7 @@ func resell(ctx context.Context, state *sqlite.DB) error {
 		OwnerKeys: state,
 	}).Resell(ctx, guid, nextOwner, nil)
 	if err != nil {
+		// TODO: If extended != nil, then call AddVoucher to restore state
 		return fmt.Errorf("resale protocol: %w", err)
 	}
 	ovBytes, err := cbor.Marshal(extended)

fdotest/client.go

@@ -222,8 +222,9 @@ func RunClientTestSuite(t *testing.T, conf Config) {
 				}
 			},
 		},
-		Vouchers:  conf.State,
-		OwnerKeys: conf.State,
+		Vouchers:             conf.State,
+		OwnerKeys:            conf.State,
+		VouchersForExtension: conf.State,
 		RvInfo: func(context.Context, fdo.Voucher) ([][]protocol.RvInstruction, error) {
 			return [][]protocol.RvInstruction{}, nil
 		},
@@ -453,10 +454,24 @@ func RunClientTestSuite(t *testing.T, conf Config) {
 				if cred == nil {
 					t.Fatal("cred not set due to previous failure")
 				}
+				rsaBits := 3072
+				if conf.UnsupportedRSA3072 {
+					rsaBits = 2048
+				}
+				nextOwner, _, err := to2Responder.OwnerKeys.OwnerKey(t.Context(), table.keyType, rsaBits)
+				if err != nil {
+					t.Fatalf("could not get owner key for voucher extension: %v", err)
+				}
+				ov, err := to2Responder.Resell(t.Context(), cred.GUID, nextOwner.Public(), nil)
+				if err != nil {
+					t.Fatalf("could not extend voucher from previous onboarding: %v", err)
+				}
+				if err := to2Responder.Vouchers.AddVoucher(t.Context(), ov); err != nil {
+					t.Fatalf("could not add voucher for TO2: %v", err)
+				}
 
 				ctx, cancel := context.WithTimeout(context.Background(), timeout)
 				defer cancel()
-				var err error
 				cred, err = fdo.TO2(ctx, transport, nil, fdo.TO2Config{
 					Cred:       *cred,
 					HmacSha256: hmacSha256,
@@ -485,6 +500,21 @@ func RunClientTestSuite(t *testing.T, conf Config) {
 				if cred == nil {
 					t.Fatal("cred not set due to previous failure")
 				}
+				rsaBits := 3072
+				if conf.UnsupportedRSA3072 {
+					rsaBits = 2048
+				}
+				nextOwner, _, err := to2Responder.OwnerKeys.OwnerKey(t.Context(), table.keyType, rsaBits)
+				if err != nil {
+					t.Fatalf("could not get owner key for voucher extension: %v", err)
+				}
+				ov, err := to2Responder.Resell(t.Context(), cred.GUID, nextOwner.Public(), nil)
+				if err != nil {
+					t.Fatalf("could not extend voucher from previous onboarding: %v", err)
+				}
+				if err := to2Responder.Vouchers.AddVoucher(t.Context(), ov); err != nil {
+					t.Fatalf("could not add voucher for TO2: %v", err)
+				}
 
 				ctx, cancel := context.WithTimeout(context.Background(), timeout)
 				defer cancel()
@@ -526,8 +556,11 @@ func RunClientTestSuite(t *testing.T, conf Config) {
 // relying on CleanupModules to be called to clear the state before the next
 // usage.
 type to2ModuleStateMachine struct {
-	Session      fdo.TO2SessionState
-	Vouchers     fdo.OwnerVoucherPersistentState
+	Session  fdo.TO2SessionState
+	Vouchers interface {
+		fdo.VoucherPersistentState
+		fdo.OwnerVoucherPersistentState
+	}
 	OwnerModules func(ctx context.Context, guid protocol.GUID, info string, chain []*x509.Certificate, devmod serviceinfo.Devmod, modules []string) iter.Seq2[string, serviceinfo.OwnerModule]
 
 	module *moduleStateMachineState

fdotest/internal/memory/memory.go

@@ -15,6 +15,7 @@ import (
 	"crypto/rsa"
 	"crypto/x509"
 	"crypto/x509/pkix"
+	"fmt"
 	"math/big"
 	"time"
 
@@ -41,8 +42,6 @@ type KeyTypeAndRsaBits struct {
 	RsaBits int
 }
 
-var _ fdo.RendezvousBlobPersistentState = (*State)(nil)
-var _ fdo.ManufacturerVoucherPersistentState = (*State)(nil)
 var _ fdo.OwnerVoucherPersistentState = (*State)(nil)
 var _ fdo.OwnerKeyPersistentState = (*State)(nil)
 
@@ -98,14 +97,6 @@ func NewState() (*State, error) {
 	}, nil
 }
 
-// NewVoucher creates and stores a voucher for a newly initialized device.
-// Note that the voucher may have entries if the server was configured for
-// auto voucher extension.
-func (s *State) NewVoucher(_ context.Context, ov *fdo.Voucher) error {
-	s.Vouchers[ov.Header.Val.GUID] = ov
-	return nil
-}
-
 // AddVoucher stores the voucher of a device owned by the service.
 func (s *State) AddVoucher(_ context.Context, ov *fdo.Voucher) error {
 	s.Vouchers[ov.Header.Val.GUID] = ov
@@ -115,6 +106,9 @@ func (s *State) AddVoucher(_ context.Context, ov *fdo.Voucher) error {
 // ReplaceVoucher stores a new voucher, possibly deleting or marking the
 // previous voucher as replaced.
 func (s *State) ReplaceVoucher(_ context.Context, oldGUID protocol.GUID, ov *fdo.Voucher) error {
+	if len(ov.Entries) > 0 {
+		return fmt.Errorf("ReplaceVoucher must be called with a voucher having zero extensions")
+	}
 	delete(s.Vouchers, oldGUID)
 	s.Vouchers[ov.Header.Val.GUID] = ov
 	return nil