Fetch: Adding Bergamo and Siena Support

Adding support for the Bergamo and Siena based systems. EDITS: - Fixed Linting issues Signed-off-by: Larry Dewey <[email protected]>
virtee · Feb 7, 2024 · f5ae455 · f5ae455
1 parent 3402914
commit f5ae455
Show file tree

Hide file tree

Showing 6 changed files with 170 additions and 35 deletions.
diff --git a/Cargo.lock b/Cargo.lock
diff --git a/src/cert/export.rs b/src/cert/export.rs
@@ -89,6 +89,7 @@ pub fn cmd(export: Export) -> Result<()> {
         let mut file = std::fs::OpenOptions::new()
             .write(true)
             .create(true)
+            .truncate(true)
             .open(name.clone())?;
 
         // Write out the contents of the certificate to the file.

diff --git a/src/cert/fetch/ca.rs b/src/cert/fetch/ca.rs
@@ -23,7 +23,11 @@ pub struct Ca {
 }
 
 fn write_cert(path: &PathBuf, bytes: &[u8]) -> Result<()> {
-    let mut file = OpenOptions::new().create(true).write(true).open(path)?;
+    let mut file = OpenOptions::new()
+        .create(true)
+        .truncate(true)
+        .write(true)
+        .open(path)?;
     file.write_all(bytes)
         .context("Failed to write certificate!")
 }
@@ -79,6 +83,6 @@ pub fn fetch(url: &str) -> Result<Chain> {
 fn ca_chain_url() -> Result<String> {
     Ok(format!(
         "https://kdsintf.amd.com/vcek/v1/{}/cert_chain",
-        ProcessorGeneration::current()?.to_string()
+        ProcessorGeneration::current()?.to_kds_url()
     ))
 }
diff --git a/src/cert/fetch/crl.rs b/src/cert/fetch/crl.rs
@@ -13,7 +13,7 @@ use structopt::StructOpt;
 fn crl_url() -> Result<String> {
     Ok(format!(
         "https://kdsintf.amd.com/vcek/v1/{}/crl",
-        ProcessorGeneration::current()?.to_string()
+        ProcessorGeneration::current()?.to_kds_url()
     ))
 }
 
@@ -34,10 +34,11 @@ pub fn cmd(crl: Crl) -> Result<()> {
 
     let mut file = OpenOptions::new()
         .create(true)
+        .truncate(true)
         .write(true)
         .open(crl.dir_path.join(format!(
             "{}.crl",
-            ProcessorGeneration::current()?.to_string()
+            ProcessorGeneration::current()?.to_kds_url()
         )))?;
 
     file.write_all(&bytes)

diff --git a/src/cert/fetch/vcek.rs b/src/cert/fetch/vcek.rs
@@ -40,6 +40,7 @@ pub fn cmd(vcek: Vcek) -> Result<()> {
 
     let mut file = OpenOptions::new()
         .create(true)
+        .truncate(true)
         .write(true)
         .open(vcek.path.join(vcek_name))?;
 
@@ -73,10 +74,10 @@ pub fn vcek_url() -> Result<String> {
         .map_err(|e| anyhow::anyhow!(format!("{:?}", e)))
         .context("error fetching identifier")?;
     let status = platform_status()?;
-    let gen = ProcessorGeneration::current()?;
+    let gen = ProcessorGeneration::current()?.to_kds_url();
 
     Ok(format!("https://kdsintf.amd.com/vcek/v1/{}/{}?blSPL={:02}&teeSPL={:02}&snpSPL={:02}&ucodeSPL={:02}",
-                         gen.to_string(), id, status.reported_tcb_version.bootloader,
+                         gen, id, status.reported_tcb_version.bootloader,
                          status.reported_tcb_version.tee,
                          status.reported_tcb_version.snp,
                          status.reported_tcb_version.microcode))