From 8062d06fdf6daf8500c76ba83ba06ab57f8dc050 Mon Sep 17 00:00:00 2001 From: Xynnn007 Date: Tue, 23 Apr 2024 17:00:41 +0800 Subject: [PATCH 1/5] AA: deprecate unused proto Signed-off-by: Xynnn007 --- attestation-agent/protos/getresource.proto | 17 ----------------- 1 file changed, 17 deletions(-) delete mode 100644 attestation-agent/protos/getresource.proto diff --git a/attestation-agent/protos/getresource.proto b/attestation-agent/protos/getresource.proto deleted file mode 100644 index 8864e01b5..000000000 --- a/attestation-agent/protos/getresource.proto +++ /dev/null @@ -1,17 +0,0 @@ -syntax = "proto3"; - -package getresource; - -message GetResourceRequest { - string ResourcePath = 1; - string KbcName = 2; - string KbsUri = 3; -} - -message GetResourceResponse { - bytes Resource = 1; -} - -service GetResourceService { - rpc GetResource(GetResourceRequest) returns (GetResourceResponse) {}; -} From 8fd187a77868acb9ad8ce6571c0b75d432aae7a8 Mon Sep 17 00:00:00 2001 From: Magnus Kulke Date: Sat, 6 Jul 2024 11:50:59 +0200 Subject: [PATCH 2/5] attestation-agent: init attester in constructor Instead of running heuristics every time we invoke an AA function, the heuristics are invoked initially when the AA instance is created. This has the upside that we can define per-instance configuration that will be applied when AA interacts with the TEE. Signed-off-by: Magnus Kulke --- .../attestation-agent/src/lib.rs | 47 +++++++------------ 1 file changed, 16 insertions(+), 31 deletions(-) diff --git a/attestation-agent/attestation-agent/src/lib.rs b/attestation-agent/attestation-agent/src/lib.rs index d40311d99..9fbf3ee29 100644 --- a/attestation-agent/attestation-agent/src/lib.rs +++ b/attestation-agent/attestation-agent/src/lib.rs @@ -38,7 +38,8 @@ use crate::config::Config; /// use attestation_agent::AttestationAgent; /// use attestation_agent::AttestationAPIs; /// -/// let mut aa = AttestationAgent::default(); +/// // initialize with empty config +/// let mut aa = AttestationAgent::new(None).unwrap(); /// /// let _quote = aa.get_evidence(&[0;64]); /// ``` @@ -69,27 +70,14 @@ pub trait AttestationAPIs { /// Attestation agent to provide attestation service. pub struct AttestationAgent { - _config: Config, -} - -impl Default for AttestationAgent { - /// This function would panic if a malformed `aa_kbc_param` is given - /// either env or kernel cmdline - fn default() -> Self { - if let Ok(_config) = Config::try_from(config::DEFAULT_AA_CONFIG_PATH) { - return AttestationAgent { _config }; - } - - AttestationAgent { - _config: Config::new().expect("AA initialize"), - } - } + config: Config, + attester: BoxedAttester, } impl AttestationAgent { /// Create a new instance of [AttestationAgent]. pub fn new(config_path: Option<&str>) -> Result { - let _config = match config_path { + let config = match config_path { Some(config_path) => { info!("Using AA config file: {config_path}"); Config::try_from(config_path)? @@ -100,7 +88,10 @@ impl AttestationAgent { } }; - Ok(AttestationAgent { _config }) + let tee_type = detect_tee_type(); + let attester: BoxedAttester = tee_type.try_into()?; + + Ok(AttestationAgent { config, attester }) } /// This is a workaround API for initdata in CoCo. Once @@ -111,7 +102,7 @@ impl AttestationAgent { let _ = tmpfile.write(conf.as_bytes())?; tmpfile.flush()?; - let _config = Config::try_from( + let config = Config::try_from( tmpfile .path() .as_os_str() @@ -120,7 +111,7 @@ impl AttestationAgent { // Here we can use `expect()` because tempfile crate will generate file name // only including numbers and alphabet (0-9, a-z, A-Z) )?; - self._config = _config; + self.config = config; Ok(()) } } @@ -133,13 +124,13 @@ impl AttestationAPIs for AttestationAgent { match token_type { #[cfg(feature = "kbs")] token::TokenType::Kbs => { - token::kbs::KbsTokenGetter::new(&self._config.token_configs.kbs) + token::kbs::KbsTokenGetter::new(&self.config.token_configs.kbs) .get_token() .await } #[cfg(feature = "coco_as")] token::TokenType::CoCoAS => { - token::coco_as::CoCoASTokenGetter::new(&self._config.token_configs.coco_as) + token::coco_as::CoCoASTokenGetter::new(&self.config.token_configs.coco_as) .get_token() .await } @@ -148,9 +139,7 @@ impl AttestationAPIs for AttestationAgent { /// Get TEE hardware signed evidence that includes the runtime data. async fn get_evidence(&mut self, runtime_data: &[u8]) -> Result> { - let tee_type = detect_tee_type(); - let attester = TryInto::::try_into(tee_type)?; - let evidence = attester.get_evidence(runtime_data.to_vec()).await?; + let evidence = self.attester.get_evidence(runtime_data.to_vec()).await?; Ok(evidence.into_bytes()) } @@ -160,9 +149,7 @@ impl AttestationAPIs for AttestationAgent { events: Vec>, register_index: Option, ) -> Result<()> { - let tee_type = detect_tee_type(); - let attester = TryInto::::try_into(tee_type)?; - attester + self.attester .extend_runtime_measurement(events, register_index) .await?; Ok(()) @@ -171,8 +158,6 @@ impl AttestationAPIs for AttestationAgent { /// Check the initdata binding. If current platform does not support initdata /// injection, return `InitdataResult::Unsupported`. async fn check_init_data(&mut self, init_data: &[u8]) -> Result { - let tee_type = detect_tee_type(); - let attester = TryInto::::try_into(tee_type)?; - attester.check_init_data(init_data).await + self.attester.check_init_data(init_data).await } } From ade57efa896b66986573063fe02df56c4b4b26c3 Mon Sep 17 00:00:00 2001 From: Xynnn007 Date: Tue, 23 Apr 2024 17:06:34 +0800 Subject: [PATCH 3/5] AA: Update extend_runtime_measurement to align with NELR Signed-off-by: Xynnn007 --- Cargo.lock | 288 +++++++++--------- .../attestation-agent/Cargo.toml | 6 +- .../attestation-agent/config.example.json | 4 + .../attestation-agent/config.example.toml | 5 + .../attestation-agent/src/bin/grpc-aa/main.rs | 3 +- .../src/bin/grpc-aa/server.rs | 7 +- .../src/bin/ttrpc-aa/main.rs | 3 +- .../src/bin/ttrpc-aa/server.rs | 7 +- .../ttrpc_protocol/attestation_agent.rs | 112 ++++--- .../attestation-agent/src/config/mod.rs | 60 +++- .../attestation-agent/src/eventlog.rs | 97 ++++++ .../attestation-agent/src/lib.rs | 73 ++++- attestation-agent/attester/src/lib.rs | 4 +- .../token_provider/aa/attestation_agent.rs | 112 ++++--- .../protos/attestation-agent.proto | 15 +- 15 files changed, 555 insertions(+), 241 deletions(-) create mode 100644 attestation-agent/attestation-agent/src/eventlog.rs diff --git a/Cargo.lock b/Cargo.lock index 2ecc66d22..7fa016dad 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -24,7 +24,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "d122413f284cf2d62fb1b7db97e02edb8cda96d769b16e443a4f6195e35662b0" dependencies = [ "crypto-common", - "generic-array 0.14.7", + "generic-array", ] [[package]] @@ -195,9 +195,9 @@ dependencies = [ [[package]] name = "arc-swap" -version = "1.6.0" +version = "1.7.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "bddcadddf5e9015d310179a59bb28c4d4b9920ad0f11e8e14dbadf654890c9a6" +checksum = "69f7f8c3906b62b754cd5326047894316021dcfe5a194c8ea52bdd94934a3457" [[package]] name = "arrayref" @@ -256,8 +256,8 @@ dependencies = [ "memchr", "pin-project-lite", "tokio", - "zstd 0.13.0", - "zstd-safe 7.0.0", + "zstd 0.13.1", + "zstd-safe 7.1.0", ] [[package]] @@ -581,7 +581,7 @@ dependencies = [ "bitflags 2.4.2", "cexpr", "clang-sys", - "itertools", + "itertools 0.10.5", "lazy_static", "lazycell", "proc-macro2", @@ -650,9 +650,9 @@ dependencies = [ [[package]] name = "blake3" -version = "1.5.0" +version = "1.5.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "0231f06152bf547e9c2b5194f247cd97aacf6dcd8b15d8e5ec0663f64580da87" +checksum = "30cca6d3674597c30ddf2c587bf8d9d65c9a84d2326d941cc79c9842dfe0ef52" dependencies = [ "arrayref", "arrayvec", @@ -667,7 +667,7 @@ version = "0.9.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "4152116fd6e9dadb291ae18fc1ec3575ed6d84c29642d97890f4b4a3417297e4" dependencies = [ - "generic-array 0.14.7", + "generic-array", ] [[package]] @@ -676,7 +676,7 @@ version = "0.10.4" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "3078c7629b62d3f0439517fa394996acacc5cbc91c5a20d8c658e77abd503a71" dependencies = [ - "generic-array 0.14.7", + "generic-array", ] [[package]] @@ -685,7 +685,7 @@ version = "0.3.3" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "a8894febbff9f758034a5b8e12d87918f56dfc64a8e1fe757d65e29041538d93" dependencies = [ - "generic-array 0.14.7", + "generic-array", ] [[package]] @@ -731,9 +731,9 @@ dependencies = [ [[package]] name = "buffered-reader" -version = "1.3.0" +version = "1.3.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "2b9b0a25eb06e83579bc985d836e1e3b957a7201301b48538764d2b2e78090d4" +checksum = "cd098763fdb64579407a8c83cf0d751e6d4a7e161d0114c89cc181a2ca760ec8" dependencies = [ "bzip2", "flate2", @@ -743,9 +743,9 @@ dependencies = [ [[package]] name = "bumpalo" -version = "3.15.1" +version = "3.16.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c764d619ca78fccbf3069b37bd7af92577f044bb15236036662d79b6559f25b7" +checksum = "79296716171880943b8470b5f8d03aa55eb2e645a4874bdbb28adb49162e012c" [[package]] name = "byteorder" @@ -865,9 +865,9 @@ checksum = "fd16c4719339c4530435d38e511904438d07cce7950afa3718a84ac36c10e89e" [[package]] name = "chrono" -version = "0.4.34" +version = "0.4.38" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "5bc015644b92d5890fab7489e49d21f879d5c990186827d42ec511919404f38b" +checksum = "a21f936df1771bf62b77f047b726c4625ff2e8aa607c01ec06e5a05bd8463401" dependencies = [ "android-tzdata", "iana-time-zone", @@ -1030,9 +1030,9 @@ checksum = "acbf1af155f9b9ef647e42cdc158db4b64a1b61f743629225fde6f3e0be2a7c7" [[package]] name = "combine" -version = "4.6.6" +version = "4.6.7" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "35ed6e9d84f0b51a7f52daf1c7d71dd136fd7a3f41a8462b8cdb8c78d920fad4" +checksum = "ba5a308b75df32fe02788e748662718f03fde005016435c444eea572398219fd" dependencies = [ "bytes", "memchr", @@ -1277,7 +1277,7 @@ version = "0.5.5" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "0dc92fb57ca44df6db8059111ab3af99a63d5d0f8375d9972e319a379c6bab76" dependencies = [ - "generic-array 0.14.7", + "generic-array", "rand_core", "subtle", "zeroize", @@ -1289,7 +1289,7 @@ version = "0.1.6" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "1bfb12502f3fc46cca1bb51ac28df9d618d813cdc3d2f25b9fe775a34af26bb3" dependencies = [ - "generic-array 0.14.7", + "generic-array", "rand_core", "typenum", ] @@ -1300,7 +1300,7 @@ version = "0.9.1" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "58bcd97a54c7ca5ce2f6eb16f6bede5b0ab5f0055fedc17d2f0b4466e21671ca" dependencies = [ - "generic-array 0.14.7", + "generic-array", "subtle", ] @@ -1312,7 +1312,7 @@ checksum = "b9d6cf87adf719ddf43a805e92c6870a531aedda35ff640442cbaf8674e141e1" dependencies = [ "aead", "cipher", - "generic-array 0.14.7", + "generic-array", "poly1305", "salsa20", "subtle", @@ -1435,12 +1435,12 @@ dependencies = [ [[package]] name = "darling" -version = "0.20.6" +version = "0.20.8" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c376d08ea6aa96aafe61237c7200d1241cb177b7d3a542d791f2d118e9cbb955" +checksum = "54e36fcd13ed84ffdfda6f5be89b31287cbb80c439841fe69e04841435464391" dependencies = [ - "darling_core 0.20.6", - "darling_macro 0.20.6", + "darling_core 0.20.8", + "darling_macro 0.20.8", ] [[package]] @@ -1459,9 +1459,9 @@ dependencies = [ [[package]] name = "darling_core" -version = "0.20.6" +version = "0.20.8" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "33043dcd19068b8192064c704b3f83eb464f91f1ff527b44a4e2b08d9cdb8855" +checksum = "9c2cf1c23a687a1feeb728783b993c4e1ad83d99f351801977dd809b48d0a70f" dependencies = [ "fnv", "ident_case", @@ -1484,11 +1484,11 @@ dependencies = [ [[package]] name = "darling_macro" -version = "0.20.6" +version = "0.20.8" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c5a91391accf613803c2a9bf9abccdbaa07c54b4244a5b64883f9c3c137c86be" +checksum = "a668eda54683121533a393014d8692171709ff57a7d61f187b6e782719f8933f" dependencies = [ - "darling_core 0.20.6", + "darling_core 0.20.8", "quote", "syn 2.0.50", ] @@ -1512,7 +1512,7 @@ version = "0.3.2" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "bd2735a791158376708f9347fe8faba9667589d82427ef3aed6794a8981de3d9" dependencies = [ - "generic-array 0.14.7", + "generic-array", ] [[package]] @@ -1581,7 +1581,7 @@ version = "0.20.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "d48cda787f839151732d396ac69e3473923d54312c070ee21e9effcaa8ca0b1d" dependencies = [ - "darling 0.20.6", + "darling 0.20.8", "proc-macro2", "quote", "syn 2.0.50", @@ -1633,12 +1633,6 @@ dependencies = [ "bindgen 0.69.4", ] -[[package]] -name = "diff" -version = "0.1.13" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "56254986775e3233ffa9c4d7d3faaf6d36a2c09d30b20687e9f88bc8bafc16c8" - [[package]] name = "difflib" version = "0.4.0" @@ -1651,7 +1645,7 @@ version = "0.9.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "d3dd60d1080a57a05ab032377049e0591415d2b31afd7028356dbf3cc6dcb066" dependencies = [ - "generic-array 0.14.7", + "generic-array", ] [[package]] @@ -1749,9 +1743,9 @@ dependencies = [ [[package]] name = "dyn-clone" -version = "1.0.16" +version = "1.0.17" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "545b22097d44f8a9581187cdf93de7a71e4722bf51200cfaba810865b49a495d" +checksum = "0d6ef0072f8a535281e4876be788938b528e9a1d43900b82c2569af7da799125" [[package]] name = "eax" @@ -1861,7 +1855,7 @@ dependencies = [ "crypto-bigint", "digest 0.10.7", "ff", - "generic-array 0.14.7", + "generic-array", "group", "hkdf", "pem-rfc7468", @@ -1883,9 +1877,9 @@ dependencies = [ [[package]] name = "encoding_rs" -version = "0.8.33" +version = "0.8.34" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "7268b386296a025e474d5140678f75d6de9493ae55a5d709eeb9dd08149945e1" +checksum = "b45de904aa0b010bce2ab45264d0631681847fa7b6f2eaa7dab7619943bc4f59" dependencies = [ "cfg-if", ] @@ -2001,9 +1995,9 @@ dependencies = [ [[package]] name = "fiat-crypto" -version = "0.2.6" +version = "0.2.8" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "1676f435fc1dadde4d03e43f5d62b259e1ce5f40bd4ffb21db2b42ebe59c1382" +checksum = "38793c55593b33412e3ae40c2c9781ffaa6f438f6f8c10f24e71846fbd7ae01e" [[package]] name = "filetime" @@ -2031,9 +2025,9 @@ checksum = "0ce7134b9999ecaf8bcd65542e436736ef32ddca1b3e06094cb6ec5755203b80" [[package]] name = "flagset" -version = "0.4.4" +version = "0.4.5" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d52a7e408202050813e6f1d9addadcaafef3dca7530c7ddfb005d4081cce6779" +checksum = "cdeb3aa5e95cf9aabc17f060cfa0ced7b83f042390760ca53bf09df9968acaa1" [[package]] name = "flate2" @@ -2234,15 +2228,6 @@ dependencies = [ "zeroize", ] -[[package]] -name = "generic-array" -version = "1.0.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "fe739944a5406424e080edccb6add95685130b9f160d5407c639c7df0c5836b0" -dependencies = [ - "typenum", -] - [[package]] name = "getrandom" version = "0.2.12" @@ -2270,9 +2255,9 @@ dependencies = [ [[package]] name = "ghash" -version = "0.5.0" +version = "0.5.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d930750de5717d2dd0b8c0d42c076c0e884c81a73e6cab859bbd2339c71e3e40" +checksum = "f0d8a4362ccb29cb0b265253fb0a2728f592895ee6854fd9bc13f2ffda266ff1" dependencies = [ "opaque-debug", "polyval", @@ -2833,7 +2818,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "a0c10553d664a4d0bcff9f4215d0aac67a639cc68ef660840afe309b807bc9f5" dependencies = [ "block-padding", - "generic-array 0.14.7", + "generic-array", ] [[package]] @@ -2884,6 +2869,15 @@ dependencies = [ "either", ] +[[package]] +name = "itertools" +version = "0.11.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b1c173a5686ce8bfa551b3563d0c2170bf24ca44da99c7ca4bfdab5418c3fe57" +dependencies = [ + "either", +] + [[package]] name = "itoa" version = "1.0.10" @@ -2914,9 +2908,9 @@ checksum = "8eaf4bc02d17cbdd7ff4c7438cafcdf7fb9a4613313ad11b4f8fefe7d3fa0130" [[package]] name = "josekit" -version = "0.8.5" +version = "0.8.6" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "cd20997283339a19226445db97d632c8dc7adb6b8172537fe0e9e540fb141df2" +checksum = "0953340cf63354cec4a385f1fbcb3f409a5823778cae236078892f6030ed4565" dependencies = [ "anyhow", "base64 0.21.7", @@ -2932,9 +2926,9 @@ dependencies = [ [[package]] name = "js-sys" -version = "0.3.68" +version = "0.3.69" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "406cda4b368d531c842222cf9d2600a9a4acce8d29423695379c6868a143a9ee" +checksum = "29c15563dc2726973df627357ce0c9ddddbea194836909d655df6a75d2cf296d" dependencies = [ "wasm-bindgen", ] @@ -2953,9 +2947,9 @@ dependencies = [ [[package]] name = "json-syntax" -version = "0.12.2" +version = "0.12.3" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d735e0c2c8d15ba9501487f7ab6d65c7249ef12b7f1218b4c4cad6e21950a877" +checksum = "bbe45447363747ecc18deb478f945df8482edafbae21e51bdc73eab76883c6a5" dependencies = [ "decoded-char", "hashbrown 0.12.3", @@ -2989,7 +2983,7 @@ checksum = "c57c852b14147e2bd58c14fde40398864453403ef632b1101db130282ee6e2cc" dependencies = [ "base64 0.13.1", "bitflags 1.3.2", - "generic-array 0.14.7", + "generic-array", "num-bigint", "serde", "serde_json", @@ -3187,31 +3181,33 @@ dependencies = [ [[package]] name = "lalrpop" -version = "0.20.0" +version = "0.20.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "da4081d44f4611b66c6dd725e6de3169f9f63905421e8626fcb86b6a898998b8" +checksum = "55cb077ad656299f160924eb2912aa147d7339ea7d69e1b5517326fdcec3c1ca" dependencies = [ "ascii-canvas", "bit-set", - "diff", "ena", - "is-terminal", - "itertools", + "itertools 0.11.0", "lalrpop-util", "petgraph 0.6.4", "regex", - "regex-syntax 0.7.5", + "regex-syntax", "string_cache", "term", "tiny-keccak", "unicode-xid", + "walkdir", ] [[package]] name = "lalrpop-util" -version = "0.20.0" +version = "0.20.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "3f35c735096c0293d313e8f2a641627472b83d01b937177fe76e5e2708d31e0d" +checksum = "507460a910eb7b32ee961886ff48539633b788a36b65692b95f225b844c82553" +dependencies = [ + "regex-automata 0.4.6", +] [[package]] name = "lazy_static" @@ -3348,9 +3344,9 @@ dependencies = [ [[package]] name = "libz-sys" -version = "1.1.15" +version = "1.1.16" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "037731f5d3aaa87a5675e895b63ddff1a87624bc29f77004ea829809654e48f6" +checksum = "5e143b5e666b2695d28f6bca6497720813f699c9602dd7f5cac91008b8ada7f9" dependencies = [ "cc", "cmake", @@ -3566,9 +3562,9 @@ checksum = "27b02d87554356db9e9a873add8782d4ea6e3e58ea071a9adb9a2e8ddb884a8b" [[package]] name = "new_debug_unreachable" -version = "1.0.4" +version = "1.0.6" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "e4a24736216ec316047a1fc4252e27dabb04218aa4a3f37c6e7ddbf1f9782b54" +checksum = "650eef8c711430f1a879fdd01d4745a7deea475becfb90269c06775983bbf086" [[package]] name = "nix" @@ -3972,9 +3968,9 @@ checksum = "3fdb12b2476b595f9358c5161aa467c2438859caa136dec86c26fdd2efe17b92" [[package]] name = "opaque-debug" -version = "0.3.0" +version = "0.3.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "624a8340c38c1b80fd549087862da4ba43e08858af025b236e509b6649fc13d5" +checksum = "c08d65885ee38876c4f86fa503fb49d7b507c2b62552df7c70b2fce627e06381" [[package]] name = "openssl" @@ -4145,11 +4141,11 @@ checksum = "19b17cddbe7ec3f8bc800887bab5e717348c95ea2ca0b1bf0837fb964dc67099" [[package]] name = "pem" -version = "3.0.3" +version = "3.0.4" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "1b8fcc794035347fb64beda2d3b462595dd2753e3f268d89c5aae77e8cf2c310" +checksum = "8e459365e590736a54c3fa561947c84837534b8e9af6fc5bf781307e82658fae" dependencies = [ - "base64 0.21.7", + "base64 0.22.0", "serde", ] @@ -4355,9 +4351,9 @@ checksum = "d231b230927b5e4ad203db57bbcbee2802f6bce620b1e4a9024a07d94e2907ec" [[package]] name = "platforms" -version = "3.3.0" +version = "3.4.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "626dec3cac7cc0e1577a2ec3fc496277ec2baa084bebad95bb6fdbfae235f84c" +checksum = "db23d408679286588f4d4644f965003d056e3dd5abcaaa938116871d7ce2fee7" [[package]] name = "poly1305" @@ -4372,9 +4368,9 @@ dependencies = [ [[package]] name = "polyval" -version = "0.6.1" +version = "0.6.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d52cff9d1d4dee5fe6d03729099f4a310a41179e0a10dbf542039873f2e826fb" +checksum = "9d1fe60d06143b2430aa532c94cfe9e29783047f06c0d7fd359a9a51b729fa25" dependencies = [ "cfg-if", "cpufeatures", @@ -4407,7 +4403,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "59230a63c37f3e18569bdb90e4a89cbf5bf8b06fea0b84e65ea10cc4df47addd" dependencies = [ "difflib", - "itertools", + "itertools 0.10.5", "predicates-core", ] @@ -4507,7 +4503,7 @@ checksum = "355f634b43cdd80724ee7848f95770e7e70eefa6dcf14fea676216573b8fd603" dependencies = [ "bytes", "heck 0.3.3", - "itertools", + "itertools 0.10.5", "log", "multimap", "petgraph 0.5.1", @@ -4525,7 +4521,7 @@ checksum = "119533552c9a7ffacc21e099c24a0ac8bb19c2a2a3f363de84cd9b844feab270" dependencies = [ "bytes", "heck 0.4.1", - "itertools", + "itertools 0.10.5", "lazy_static", "log", "multimap", @@ -4546,7 +4542,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "600d2f334aa05acb02a755e217ef1ab6dea4d51b58b7846588b747edec04efba" dependencies = [ "anyhow", - "itertools", + "itertools 0.10.5", "proc-macro2", "quote", "syn 1.0.109", @@ -4559,7 +4555,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "e5d2d8d10f3c6ded6da8b05b5fb3b8a5082514344d56c9f871412d29b4e075b4" dependencies = [ "anyhow", - "itertools", + "itertools 0.10.5", "proc-macro2", "quote", "syn 1.0.109", @@ -4707,9 +4703,9 @@ dependencies = [ [[package]] name = "rayon" -version = "1.9.0" +version = "1.10.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "e4963ed1bc86e4f3ee217022bd855b297cef07fb9eac5dfa1f788b220b49b3bd" +checksum = "b418a60154510ca1a002a752ca9714984e21e4241e804d32555251faf8b78ffa" dependencies = [ "either", "rayon-core", @@ -4772,7 +4768,7 @@ dependencies = [ "aho-corasick", "memchr", "regex-automata 0.4.6", - "regex-syntax 0.8.3", + "regex-syntax", ] [[package]] @@ -4789,15 +4785,9 @@ checksum = "86b83b8b9847f9bf95ef68afb0b8e6cdb80f498442f5179a29fad448fcc1eaea" dependencies = [ "aho-corasick", "memchr", - "regex-syntax 0.8.3", + "regex-syntax", ] -[[package]] -name = "regex-syntax" -version = "0.7.5" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "dbb5fb1acd8a1a18b3dd5be62d25485eb770e05afb408a9627d14d451bae12da" - [[package]] name = "regex-syntax" version = "0.8.3" @@ -5116,9 +5106,9 @@ checksum = "048a63e5b3ac996d78d402940b5fa47973d2d080c6c6fffa1d0f19c4445310b7" [[package]] name = "rustls-webpki" -version = "0.102.2" +version = "0.102.3" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "faaa0a62740bedb9b2ef5afa303da42764c012f743917351dc9a237ea1663610" +checksum = "f3bce581c0dd41bce533ce695a1437fa16a7ab5ac3ccfa99fe1a620a7885eabf" dependencies = [ "ring", "rustls-pki-types", @@ -5254,7 +5244,7 @@ checksum = "d3e97a565f76233a6003f9f5c54be1d9c5bdfa3eccfb189469f11ec4901c47dc" dependencies = [ "base16ct", "der", - "generic-array 0.14.7", + "generic-array", "pkcs8", "subtle", "zeroize", @@ -5332,9 +5322,9 @@ dependencies = [ [[package]] name = "sequoia-openpgp" -version = "1.19.0" +version = "1.20.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "ebf154ce4af3d7983de8fded403f98ff9eb3ee38dffccea0472ac38aa4276df4" +checksum = "06f82708c8568218b8544b4abbba1f6483067dca0a946a54991c1d3f424dcade" dependencies = [ "aes", "aes-gcm", @@ -5374,7 +5364,7 @@ dependencies = [ "rand", "rand_core", "regex", - "regex-syntax 0.8.3", + "regex-syntax", "ripemd", "rsa", "sha1collisiondetection", @@ -5438,9 +5428,9 @@ dependencies = [ [[package]] name = "serde_repr" -version = "0.1.18" +version = "0.1.19" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "0b2e6b945e9d3df726b65d6ee24060aff8e3533d431f677a9695db04eff9dfdb" +checksum = "6c64451ba24fc7a6a2d60fc75dd9c83c90903b19028d4eff35e88fc1e86564e9" dependencies = [ "proc-macro2", "quote", @@ -5493,9 +5483,9 @@ dependencies = [ [[package]] name = "serde_yaml" -version = "0.9.32" +version = "0.9.34+deprecated" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "8fd075d994154d4a774f95b51fb96bdc2832b0ea48425c92546073816cda1f2f" +checksum = "6a8b1a1a2ebf674015cc02edccce75287f1a0130d394307b36743c2f5d504b47" dependencies = [ "indexmap 2.2.3", "itoa", @@ -5579,13 +5569,13 @@ dependencies = [ [[package]] name = "sha1collisiondetection" -version = "0.3.3" +version = "0.3.4" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f1d5c4be690002e8a5d7638b0b7323f03c268c7a919bd8af69ce963a4dc83220" +checksum = "1f606421e4a6012877e893c399822a4ed4b089164c5969424e1b9d1e66e6964b" dependencies = [ "const-oid", "digest 0.10.7", - "generic-array 1.0.0", + "generic-array", ] [[package]] @@ -6063,9 +6053,9 @@ dependencies = [ [[package]] name = "time" -version = "0.3.34" +version = "0.3.36" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c8248b6521bb14bc45b4067159b9b6ad792e2d6d754d6c41fb50e29fefe38749" +checksum = "5dfd88e563464686c916c7e46e623e520ddc6d79fa6641390f2e3fa86e83e885" dependencies = [ "deranged", "itoa", @@ -6086,9 +6076,9 @@ checksum = "ef927ca75afb808a4d64dd374f00a2adf8d0fcff8e7b184af886c3c87ec4a3f3" [[package]] name = "time-macros" -version = "0.2.17" +version = "0.2.18" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "7ba3a3ef41e6672a2f0f001392bb5dcd3ff0a9992d618ca761a11c3121547774" +checksum = "3f252a68540fde3a3877aeea552b832b40ab9a69e318efd078774a01ddee1ccf" dependencies = [ "num-conv", "time-core", @@ -6202,9 +6192,9 @@ dependencies = [ [[package]] name = "tokio-stream" -version = "0.1.14" +version = "0.1.15" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "397c988d37662c7dda6d2208364a706264bf3d6138b11d436cbac0ad38832842" +checksum = "267ac89e0bec6e691e5813911606935d77c476ff49024f98abcea3e7b15e37af" dependencies = [ "futures-core", "pin-project-lite", @@ -6607,9 +6597,9 @@ dependencies = [ [[package]] name = "unsafe-libyaml" -version = "0.2.10" +version = "0.2.11" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "ab4c90930b95a82d00dc9e9ac071b4991924390d46cbd0dfe566148667605e4b" +checksum = "673aac59facbab8a9007c7f6108d11f63b603f7cabff99fabf650fea5c32b861" [[package]] name = "untrusted" @@ -6748,9 +6738,9 @@ dependencies = [ [[package]] name = "walkdir" -version = "2.4.0" +version = "2.5.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d71d857dc86794ca4c280d616f7da00d2dbfd8cd788846559a6813e6aa4b54ee" +checksum = "29790946404f91d9c5d06f9874efddea1dc06c5efe94541a7d6863108e3a5e4b" dependencies = [ "same-file", "winapi-util", @@ -6782,9 +6772,9 @@ dependencies = [ [[package]] name = "wasm-bindgen" -version = "0.2.91" +version = "0.2.92" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c1e124130aee3fb58c5bdd6b639a0509486b0338acaaae0c84a5124b0f588b7f" +checksum = "4be2531df63900aeb2bca0daaaddec08491ee64ceecbee5076636a3b026795a8" dependencies = [ "cfg-if", "wasm-bindgen-macro", @@ -6792,9 +6782,9 @@ dependencies = [ [[package]] name = "wasm-bindgen-backend" -version = "0.2.91" +version = "0.2.92" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c9e7e1900c352b609c8488ad12639a311045f40a35491fb69ba8c12f758af70b" +checksum = "614d787b966d3989fa7bb98a654e369c762374fd3213d212cfc0251257e747da" dependencies = [ "bumpalo", "log", @@ -6807,9 +6797,9 @@ dependencies = [ [[package]] name = "wasm-bindgen-futures" -version = "0.4.41" +version = "0.4.42" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "877b9c3f61ceea0e56331985743b13f3d25c406a7098d45180fb5f09bc19ed97" +checksum = "76bc14366121efc8dbb487ab05bcc9d346b3b5ec0eaa76e46594cabbe51762c0" dependencies = [ "cfg-if", "js-sys", @@ -6819,9 +6809,9 @@ dependencies = [ [[package]] name = "wasm-bindgen-macro" -version = "0.2.91" +version = "0.2.92" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "b30af9e2d358182b5c7449424f017eba305ed32a7010509ede96cdc4696c46ed" +checksum = "a1f8823de937b71b9460c0c34e25f3da88250760bec0ebac694b49997550d726" dependencies = [ "quote", "wasm-bindgen-macro-support", @@ -6829,9 +6819,9 @@ dependencies = [ [[package]] name = "wasm-bindgen-macro-support" -version = "0.2.91" +version = "0.2.92" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "642f325be6301eb8107a83d12a8ac6c1e1c54345a7ef1a9261962dfefda09e66" +checksum = "e94f17b526d0a461a191c78ea52bbce64071ed5c04c9ffe424dcb38f74171bb7" dependencies = [ "proc-macro2", "quote", @@ -6842,9 +6832,9 @@ dependencies = [ [[package]] name = "wasm-bindgen-shared" -version = "0.2.91" +version = "0.2.92" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "4f186bd2dcf04330886ce82d6f33dd75a7bfcf69ecf5763b89fcde53b6ac9838" +checksum = "af190c94f2773fdb3729c55b007a722abb5384da03bc0986df4c289bf5567e96" [[package]] name = "wasm-streams" @@ -6861,9 +6851,9 @@ dependencies = [ [[package]] name = "web-sys" -version = "0.3.68" +version = "0.3.69" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "96565907687f7aceb35bc5fc03770a8a0471d82e479f25832f54a0e3f4b28446" +checksum = "77afa9a11836342370f4817622a2f0f418b134426d91a82dfb48f532d2ec13ef" dependencies = [ "js-sys", "wasm-bindgen", @@ -7302,11 +7292,11 @@ dependencies = [ [[package]] name = "zstd" -version = "0.13.0" +version = "0.13.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "bffb3309596d527cfcba7dfc6ed6052f1d39dfbd7c867aa2e865e4a449c10110" +checksum = "2d789b1514203a1120ad2429eae43a7bd32b90976a7bb8a05f7ec02fa88cc23a" dependencies = [ - "zstd-safe 7.0.0", + "zstd-safe 7.1.0", ] [[package]] @@ -7331,18 +7321,18 @@ dependencies = [ [[package]] name = "zstd-safe" -version = "7.0.0" +version = "7.1.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "43747c7422e2924c11144d5229878b98180ef8b06cca4ab5af37afc8a8d8ea3e" +checksum = "1cd99b45c6bc03a018c8b8a86025678c87e55526064e38f9df301989dce7ec0a" dependencies = [ "zstd-sys", ] [[package]] name = "zstd-sys" -version = "2.0.9+zstd.1.5.5" +version = "2.0.10+zstd.1.5.6" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "9e16efa8a874a0481a574084d34cc26fdb3b99627480f785888deb6386506656" +checksum = "c253a4914af5bafc8fa8c86ee400827e83cf6ec01195ec1f1ed8441bf00d65aa" dependencies = [ "cc", "pkg-config", diff --git a/attestation-agent/attestation-agent/Cargo.toml b/attestation-agent/attestation-agent/Cargo.toml index 3ab1be85f..563515f89 100644 --- a/attestation-agent/attestation-agent/Cargo.toml +++ b/attestation-agent/attestation-agent/Cargo.toml @@ -20,7 +20,7 @@ attester = { path = "../attester", default-features = false } base64.workspace = true clap = { workspace = true, features = ["derive"], optional = true } config.workspace = true -const_format = { workspace = true, optional = true } +const_format.workspace = true env_logger = { workspace = true, optional = true } kbs_protocol = { path = "../kbs_protocol", default-features = false, optional = true } log.workspace = true @@ -33,7 +33,7 @@ sha2.workspace = true strum.workspace = true tempfile.workspace = true thiserror.workspace = true -tokio = { workspace = true, features = ["fs"] } +tokio = { workspace = true, features = ["fs", "sync"] } toml.workspace = true tonic = { workspace = true, optional = true } ttrpc = { workspace = true, features = ["async"], optional = true } @@ -73,4 +73,4 @@ openssl = ["kbs_protocol?/openssl"] # Binary RPC type bin = ["clap", "env_logger", "tokio/rt-multi-thread"] grpc = ["prost", "tonic", "tonic-build", "tokio/signal"] -ttrpc = ["const_format", "dep:ttrpc", "ttrpc-codegen", "protobuf", "tokio/signal"] +ttrpc = ["dep:ttrpc", "ttrpc-codegen", "protobuf", "tokio/signal"] diff --git a/attestation-agent/attestation-agent/config.example.json b/attestation-agent/attestation-agent/config.example.json index 0dd6077ac..b706a403d 100644 --- a/attestation-agent/attestation-agent/config.example.json +++ b/attestation-agent/attestation-agent/config.example.json @@ -7,5 +7,9 @@ "url": "https://127.0.0.1:8080", "cert": "-----BEGIN CERTIFICATE-----\nMIIDljCCAn6gAwIBAgIUR/UNh13GFam4emgludtype/S9BIwDQYJKoZIhvcNAQEL\nBQAwdTELMAkGA1UEBhMCQ04xETAPBgNVBAgMCFpoZWppYW5nMREwDwYDVQQHDAhI\nYW5nemhvdTERMA8GA1UECgwIQUFTLVRFU1QxFDASBgNVBAsMC0RldmVsb3BtZW50\nMRcwFQYDVQQDDA5BQVMtVEVTVC1IVFRQUzAeFw0yNDAzMTgwNzAzNTNaFw0yNTAz\nMTgwNzAzNTNaMHUxCzAJBgNVBAYTAkNOMREwDwYDVQQIDAhaaGVqaWFuZzERMA8G\nA1UEBwwISGFuZ3pob3UxETAPBgNVBAoMCEFBUy1URVNUMRQwEgYDVQQLDAtEZXZl\nbG9wbWVudDEXMBUGA1UEAwwOQUFTLVRFU1QtSFRUUFMwggEiMA0GCSqGSIb3DQEB\nAQUAA4IBDwAwggEKAoIBAQDfp1aBr6LiNRBlJUcDGcAbcUCPG6UzywtVIc8+comS\nay//gwz2AkDmFVvqwI4bdp/NUCwSC6ShHzxsrCEiagRKtA3af/ckM7hOkb4S6u/5\newHHFcL6YOUp+NOH5/dSLrFHLjet0dt4LkyNBPe7mKAyCJXfiX3wb25wIBB0Tfa0\np5VoKzwWeDQBx7aX8TKbG6/FZIiOXGZdl24DGARiqE3XifX7DH9iVZ2V2RL9+3WY\n05GETNFPKtcrNwTy8St8/HsWVxjAzGFzf75Lbys9Ff3JMDsg9zQzgcJJzYWisxlY\ng3CmnbENP0eoHS4WjQlTUyY0mtnOwodo4Vdf8ZOkU4wJAgMBAAGjHjAcMBoGA1Ud\nEQQTMBGCCWxvY2FsaG9zdIcEfwAAATANBgkqhkiG9w0BAQsFAAOCAQEAKW32spii\nt2JB7C1IvYpJw5mQ5bhIlldE0iB5rwWvNbuDgPrgfTI4xiX5sumdHw+P2+GU9KXF\nnWkFRZ9W/26xFrVgGIS/a07aI7xrlp0Oj+1uO91UhCL3HhME/0tPC6z1iaFeZp8Y\nT1tLnafqiGiThFUgvg6PKt86enX60vGaTY7sslRlgbDr9sAi/NDSS7U1PviuC6yo\nyJi7BDiRSx7KrMGLscQ+AKKo2RF1MLzlJMa1kIZfvKDBXFzRd61K5IjDRQ4HQhwX\nDYEbQvoZIkUTc1gBUWDcAUS5ztbJg9LCb9WVtvUTqTP2lGuNymOvdsuXq+sAZh9b\nM9QaC1mzQ/OStg==\n-----END CERTIFICATE-----\n" } + }, + "eventlog_config": { + "eventlog_algorithm": "sha384", + "init_pcr": 17 } } diff --git a/attestation-agent/attestation-agent/config.example.toml b/attestation-agent/attestation-agent/config.example.toml index cc5f9826a..7a74ec04c 100644 --- a/attestation-agent/attestation-agent/config.example.toml +++ b/attestation-agent/attestation-agent/config.example.toml @@ -29,3 +29,8 @@ DYEbQvoZIkUTc1gBUWDcAUS5ztbJg9LCb9WVtvUTqTP2lGuNymOvdsuXq+sAZh9b M9QaC1mzQ/OStg== -----END CERTIFICATE----- ''' + +[eventlog_config] + +eventlog_algorithm = "sha384" +init_pcr = 17 \ No newline at end of file diff --git a/attestation-agent/attestation-agent/src/bin/grpc-aa/main.rs b/attestation-agent/attestation-agent/src/bin/grpc-aa/main.rs index 0e883d2c8..6dce99ab4 100644 --- a/attestation-agent/attestation-agent/src/bin/grpc-aa/main.rs +++ b/attestation-agent/attestation-agent/src/bin/grpc-aa/main.rs @@ -44,7 +44,8 @@ pub async fn main() -> Result<()> { let attestation_socket = cli.attestation_sock.parse::()?; - let aa = AttestationAgent::new(cli.config_file.as_deref()).context("start AA")?; + let mut aa = AttestationAgent::new(cli.config_file.as_deref()).context("start AA")?; + aa.init().await.context("init AA")?; debug!( "Attestation gRPC service listening on: {:?}", cli.attestation_sock diff --git a/attestation-agent/attestation-agent/src/bin/grpc-aa/server.rs b/attestation-agent/attestation-agent/src/bin/grpc-aa/server.rs index cbd5f775c..2335eb2f8 100644 --- a/attestation-agent/attestation-agent/src/bin/grpc-aa/server.rs +++ b/attestation-agent/attestation-agent/src/bin/grpc-aa/server.rs @@ -91,7 +91,12 @@ impl AttestationAgentService for AA { debug!("AA (grpc): extend runtime measurement ..."); attestation_agent - .extend_runtime_measurement(request.events, request.register_index) + .extend_runtime_measurement( + &request.domain, + &request.operation, + &request.content, + request.register_index, + ) .await .map_err(|e| { error!("AA (grpc): extend runtime measurement failed:\n{e:?}"); diff --git a/attestation-agent/attestation-agent/src/bin/ttrpc-aa/main.rs b/attestation-agent/attestation-agent/src/bin/ttrpc-aa/main.rs index 785058ab0..07aa7d5d5 100644 --- a/attestation-agent/attestation-agent/src/bin/ttrpc-aa/main.rs +++ b/attestation-agent/attestation-agent/src/bin/ttrpc-aa/main.rs @@ -57,7 +57,8 @@ pub async fn main() -> Result<()> { clean_previous_sock_file(&cli.attestation_sock) .context("clean previous attestation socket file")?; - let aa = AttestationAgent::new(cli.config_file.as_deref()).context("start AA")?; + let mut aa = AttestationAgent::new(cli.config_file.as_deref()).context("start AA")?; + aa.init().await.context("init AA")?; let att = server::start_ttrpc_service(aa)?; let mut atts = Server::new() diff --git a/attestation-agent/attestation-agent/src/bin/ttrpc-aa/server.rs b/attestation-agent/attestation-agent/src/bin/ttrpc-aa/server.rs index 833445725..95ba924a2 100644 --- a/attestation-agent/attestation-agent/src/bin/ttrpc-aa/server.rs +++ b/attestation-agent/attestation-agent/src/bin/ttrpc-aa/server.rs @@ -98,7 +98,12 @@ impl AttestationAgentService for AA { let mut attestation_agent = self.inner.lock().await; attestation_agent - .extend_runtime_measurement(req.Events, req.RegisterIndex) + .extend_runtime_measurement( + &req.Domain, + &req.Operation, + &req.Content, + req.RegisterIndex, + ) .await .map_err(|e| { error!("AA (ttrpc): extend runtime measurement failed:\n {e:?}"); diff --git a/attestation-agent/attestation-agent/src/bin/ttrpc-aa/ttrpc_protocol/attestation_agent.rs b/attestation-agent/attestation-agent/src/bin/ttrpc-aa/ttrpc_protocol/attestation_agent.rs index 3ae2ce75a..6a05d14ba 100644 --- a/attestation-agent/attestation-agent/src/bin/ttrpc-aa/ttrpc_protocol/attestation_agent.rs +++ b/attestation-agent/attestation-agent/src/bin/ttrpc-aa/ttrpc_protocol/attestation_agent.rs @@ -517,8 +517,12 @@ impl ::protobuf::reflect::ProtobufValue for GetTokenResponse { #[derive(PartialEq,Clone,Default,Debug)] pub struct ExtendRuntimeMeasurementRequest { // message fields - // @@protoc_insertion_point(field:attestation_agent.ExtendRuntimeMeasurementRequest.Events) - pub Events: ::std::vec::Vec<::std::vec::Vec>, + // @@protoc_insertion_point(field:attestation_agent.ExtendRuntimeMeasurementRequest.Domain) + pub Domain: ::std::string::String, + // @@protoc_insertion_point(field:attestation_agent.ExtendRuntimeMeasurementRequest.Operation) + pub Operation: ::std::string::String, + // @@protoc_insertion_point(field:attestation_agent.ExtendRuntimeMeasurementRequest.Content) + pub Content: ::std::string::String, // @@protoc_insertion_point(field:attestation_agent.ExtendRuntimeMeasurementRequest.RegisterIndex) pub RegisterIndex: ::std::option::Option, // special fields @@ -538,12 +542,22 @@ impl ExtendRuntimeMeasurementRequest { } fn generated_message_descriptor_data() -> ::protobuf::reflect::GeneratedMessageDescriptorData { - let mut fields = ::std::vec::Vec::with_capacity(2); + let mut fields = ::std::vec::Vec::with_capacity(4); let mut oneofs = ::std::vec::Vec::with_capacity(0); - fields.push(::protobuf::reflect::rt::v2::make_vec_simpler_accessor::<_, _>( - "Events", - |m: &ExtendRuntimeMeasurementRequest| { &m.Events }, - |m: &mut ExtendRuntimeMeasurementRequest| { &mut m.Events }, + fields.push(::protobuf::reflect::rt::v2::make_simpler_field_accessor::<_, _>( + "Domain", + |m: &ExtendRuntimeMeasurementRequest| { &m.Domain }, + |m: &mut ExtendRuntimeMeasurementRequest| { &mut m.Domain }, + )); + fields.push(::protobuf::reflect::rt::v2::make_simpler_field_accessor::<_, _>( + "Operation", + |m: &ExtendRuntimeMeasurementRequest| { &m.Operation }, + |m: &mut ExtendRuntimeMeasurementRequest| { &mut m.Operation }, + )); + fields.push(::protobuf::reflect::rt::v2::make_simpler_field_accessor::<_, _>( + "Content", + |m: &ExtendRuntimeMeasurementRequest| { &m.Content }, + |m: &mut ExtendRuntimeMeasurementRequest| { &mut m.Content }, )); fields.push(::protobuf::reflect::rt::v2::make_option_accessor::<_, _>( "RegisterIndex", @@ -569,9 +583,15 @@ impl ::protobuf::Message for ExtendRuntimeMeasurementRequest { while let Some(tag) = is.read_raw_tag_or_eof()? { match tag { 10 => { - self.Events.push(is.read_bytes()?); + self.Domain = is.read_string()?; + }, + 18 => { + self.Operation = is.read_string()?; }, - 16 => { + 26 => { + self.Content = is.read_string()?; + }, + 32 => { self.RegisterIndex = ::std::option::Option::Some(is.read_uint64()?); }, tag => { @@ -586,11 +606,17 @@ impl ::protobuf::Message for ExtendRuntimeMeasurementRequest { #[allow(unused_variables)] fn compute_size(&self) -> u64 { let mut my_size = 0; - for value in &self.Events { - my_size += ::protobuf::rt::bytes_size(1, &value); - }; + if !self.Domain.is_empty() { + my_size += ::protobuf::rt::string_size(1, &self.Domain); + } + if !self.Operation.is_empty() { + my_size += ::protobuf::rt::string_size(2, &self.Operation); + } + if !self.Content.is_empty() { + my_size += ::protobuf::rt::string_size(3, &self.Content); + } if let Some(v) = self.RegisterIndex { - my_size += ::protobuf::rt::uint64_size(2, v); + my_size += ::protobuf::rt::uint64_size(4, v); } my_size += ::protobuf::rt::unknown_fields_size(self.special_fields.unknown_fields()); self.special_fields.cached_size().set(my_size as u32); @@ -598,11 +624,17 @@ impl ::protobuf::Message for ExtendRuntimeMeasurementRequest { } fn write_to_with_cached_sizes(&self, os: &mut ::protobuf::CodedOutputStream<'_>) -> ::protobuf::Result<()> { - for v in &self.Events { - os.write_bytes(1, &v)?; - }; + if !self.Domain.is_empty() { + os.write_string(1, &self.Domain)?; + } + if !self.Operation.is_empty() { + os.write_string(2, &self.Operation)?; + } + if !self.Content.is_empty() { + os.write_string(3, &self.Content)?; + } if let Some(v) = self.RegisterIndex { - os.write_uint64(2, v)?; + os.write_uint64(4, v)?; } os.write_unknown_fields(self.special_fields.unknown_fields())?; ::std::result::Result::Ok(()) @@ -621,14 +653,18 @@ impl ::protobuf::Message for ExtendRuntimeMeasurementRequest { } fn clear(&mut self) { - self.Events.clear(); + self.Domain.clear(); + self.Operation.clear(); + self.Content.clear(); self.RegisterIndex = ::std::option::Option::None; self.special_fields.clear(); } fn default_instance() -> &'static ExtendRuntimeMeasurementRequest { static instance: ExtendRuntimeMeasurementRequest = ExtendRuntimeMeasurementRequest { - Events: ::std::vec::Vec::new(), + Domain: ::std::string::String::new(), + Operation: ::std::string::String::new(), + Content: ::std::string::String::new(), RegisterIndex: ::std::option::Option::None, special_fields: ::protobuf::SpecialFields::new(), }; @@ -1352,24 +1388,26 @@ static file_descriptor_proto_data: &'static [u8] = b"\ \"1\n\x13GetEvidenceResponse\x12\x1a\n\x08Evidence\x18\x01\x20\x01(\x0cR\ \x08Evidence\"/\n\x0fGetTokenRequest\x12\x1c\n\tTokenType\x18\x01\x20\ \x01(\tR\tTokenType\"(\n\x10GetTokenResponse\x12\x14\n\x05Token\x18\x01\ - \x20\x01(\x0cR\x05Token\"v\n\x1fExtendRuntimeMeasurementRequest\x12\x16\ - \n\x06Events\x18\x01\x20\x03(\x0cR\x06Events\x12)\n\rRegisterIndex\x18\ - \x02\x20\x01(\x04H\0R\rRegisterIndex\x88\x01\x01B\x10\n\x0e_RegisterInde\ - x\"\"\n\x20ExtendRuntimeMeasurementResponse\"K\n\x11InitDataPlaintext\ - \x12\x18\n\x07Content\x18\x01\x20\x01(\x0cR\x07Content\x12\x1c\n\tAlgori\ - thm\x18\x02\x20\x01(\tR\tAlgorithm\".\n\x14CheckInitDataRequest\x12\x16\ - \n\x06Digest\x18\x01\x20\x01(\x0cR\x06Digest\"\x17\n\x15CheckInitDataRes\ - ponse\"4\n\x1aUpdateConfigurationRequest\x12\x16\n\x06config\x18\x01\x20\ - \x01(\tR\x06config\"\x1d\n\x1bUpdateConfigurationResponse2\xac\x04\n\x17\ - AttestationAgentService\x12\\\n\x0bGetEvidence\x12%.attestation_agent.Ge\ - tEvidenceRequest\x1a&.attestation_agent.GetEvidenceResponse\x12S\n\x08Ge\ - tToken\x12\".attestation_agent.GetTokenRequest\x1a#.attestation_agent.Ge\ - tTokenResponse\x12\x83\x01\n\x18ExtendRuntimeMeasurement\x122.attestatio\ - n_agent.ExtendRuntimeMeasurementRequest\x1a3.attestation_agent.ExtendRun\ - timeMeasurementResponse\x12b\n\rCheckInitData\x12'.attestation_agent.Che\ - ckInitDataRequest\x1a(.attestation_agent.CheckInitDataResponse\x12t\n\ - \x13UpdateConfiguration\x12-.attestation_agent.UpdateConfigurationReques\ - t\x1a..attestation_agent.UpdateConfigurationResponseb\x06proto3\ + \x20\x01(\x0cR\x05Token\"\xae\x01\n\x1fExtendRuntimeMeasurementRequest\ + \x12\x16\n\x06Domain\x18\x01\x20\x01(\tR\x06Domain\x12\x1c\n\tOperation\ + \x18\x02\x20\x01(\tR\tOperation\x12\x18\n\x07Content\x18\x03\x20\x01(\tR\ + \x07Content\x12)\n\rRegisterIndex\x18\x04\x20\x01(\x04H\0R\rRegisterInde\ + x\x88\x01\x01B\x10\n\x0e_RegisterIndex\"\"\n\x20ExtendRuntimeMeasurement\ + Response\"K\n\x11InitDataPlaintext\x12\x18\n\x07Content\x18\x01\x20\x01(\ + \x0cR\x07Content\x12\x1c\n\tAlgorithm\x18\x02\x20\x01(\tR\tAlgorithm\".\ + \n\x14CheckInitDataRequest\x12\x16\n\x06Digest\x18\x01\x20\x01(\x0cR\x06\ + Digest\"\x17\n\x15CheckInitDataResponse\"4\n\x1aUpdateConfigurationReque\ + st\x12\x16\n\x06config\x18\x01\x20\x01(\tR\x06config\"\x1d\n\x1bUpdateCo\ + nfigurationResponse2\xac\x04\n\x17AttestationAgentService\x12\\\n\x0bGet\ + Evidence\x12%.attestation_agent.GetEvidenceRequest\x1a&.attestation_agen\ + t.GetEvidenceResponse\x12S\n\x08GetToken\x12\".attestation_agent.GetToke\ + nRequest\x1a#.attestation_agent.GetTokenResponse\x12\x83\x01\n\x18Extend\ + RuntimeMeasurement\x122.attestation_agent.ExtendRuntimeMeasurementReques\ + t\x1a3.attestation_agent.ExtendRuntimeMeasurementResponse\x12b\n\rCheckI\ + nitData\x12'.attestation_agent.CheckInitDataRequest\x1a(.attestation_age\ + nt.CheckInitDataResponse\x12t\n\x13UpdateConfiguration\x12-.attestation_\ + agent.UpdateConfigurationRequest\x1a..attestation_agent.UpdateConfigurat\ + ionResponseb\x06proto3\ "; /// `FileDescriptorProto` object which was a source for this generated file diff --git a/attestation-agent/attestation-agent/src/config/mod.rs b/attestation-agent/attestation-agent/src/config/mod.rs index 851cf4a46..fa0d9acf8 100644 --- a/attestation-agent/attestation-agent/src/config/mod.rs +++ b/attestation-agent/attestation-agent/src/config/mod.rs @@ -5,6 +5,9 @@ use anyhow::Result; use serde::Deserialize; +use sha2::{Digest, Sha256, Sha384, Sha512}; + +use crate::DEFAULT_PCR_INDEX; pub mod aa_kbc_params; @@ -16,17 +19,69 @@ pub mod kbs; pub const DEFAULT_AA_CONFIG_PATH: &str = "/etc/attestation-agent.conf"; +pub const DEFAULT_EVENTLOG_HASH: &str = "sha384"; + +/// Hash algorithms used to calculate runtime/init data binding +#[derive(Deserialize, Clone, Debug, Copy)] +#[serde(rename_all = "lowercase")] +pub enum HashAlgorithm { + Sha256, + Sha384, + Sha512, +} + +impl Default for HashAlgorithm { + fn default() -> Self { + Self::Sha384 + } +} + +fn hash_reportdata(material: &[u8]) -> Vec { + D::new().chain_update(material).finalize().to_vec() +} + +impl HashAlgorithm { + pub fn digest(&self, material: &[u8]) -> Vec { + match self { + HashAlgorithm::Sha256 => hash_reportdata::(material), + HashAlgorithm::Sha384 => hash_reportdata::(material), + HashAlgorithm::Sha512 => hash_reportdata::(material), + } + } +} + #[derive(Clone, Debug, Deserialize)] pub struct Config { /// configs about token pub token_configs: TokenConfigs, - // TODO: Add more fields that accessing AS needs. + + /// configs about eventlog + pub eventlog_config: EventlogConfig, +} + +#[derive(Clone, Debug, Deserialize)] +pub struct EventlogConfig { + /// Hash algorithm used to extend runtime measurement for eventlog. + pub eventlog_algorithm: HashAlgorithm, + + /// PCR Register to extend INIT entry + pub init_pcr: u64, +} + +impl Default for EventlogConfig { + fn default() -> Self { + Self { + eventlog_algorithm: HashAlgorithm::Sha384, + init_pcr: DEFAULT_PCR_INDEX, + } + } } impl Config { pub fn new() -> Result { Ok(Self { token_configs: TokenConfigs::new()?, + eventlog_config: EventlogConfig::default(), }) } } @@ -59,6 +114,8 @@ impl TryFrom<&str> for Config { fn try_from(config_path: &str) -> Result { let c = config::Config::builder() .add_source(config::File::with_name(config_path)) + .set_default("eventlog_config.eventlog_algorithm", DEFAULT_EVENTLOG_HASH)? + .set_default("eventlog_config.init_pcr", DEFAULT_PCR_INDEX)? .build()?; let cfg = c.try_deserialize()?; @@ -68,7 +125,6 @@ impl TryFrom<&str> for Config { #[cfg(test)] mod tests { - #[cfg(all(feature = "kbs", feature = "coco_as"))] #[rstest::rstest] #[case("config.example.toml")] #[case("config.example.json")] diff --git a/attestation-agent/attestation-agent/src/eventlog.rs b/attestation-agent/attestation-agent/src/eventlog.rs new file mode 100644 index 000000000..47e73e4a1 --- /dev/null +++ b/attestation-agent/attestation-agent/src/eventlog.rs @@ -0,0 +1,97 @@ +// Copyright (c) 2024 Alibaba Cloud +// +// SPDX-License-Identifier: Apache-2.0 +// + +use std::{fmt::Display, fs::File, io::Write}; + +use anyhow::{Context, Result}; +use const_format::concatcp; + +use crate::config::HashAlgorithm; + +/// AA's eventlog will be put into this parent directory +pub const EVENTLOG_PARENT_DIR_PATH: &str = "/run/attestation-agent"; + +/// AA's eventlog will be stored inside the file +pub const EVENTLOG_PATH: &str = concatcp!(EVENTLOG_PARENT_DIR_PATH, "/eventlog"); + +pub struct EventLog { + file: File, +} + +impl EventLog { + pub fn new() -> Result { + std::fs::create_dir_all(EVENTLOG_PARENT_DIR_PATH).context("create eventlog parent dir")?; + let file = File::create(EVENTLOG_PATH).context("create eventlog")?; + Ok(Self { file }) + } + + pub fn write_log(&mut self, log: &str) -> Result<()> { + writeln!(self.file, "{log}").context("failed to write log")?; + self.file + .flush() + .context("failed to flush log to I/O media")?; + Ok(()) + } +} + +pub struct EventEntry<'a> { + domain: &'a str, + operation: &'a str, + content: &'a str, +} + +impl<'a> EventEntry<'a> { + pub fn new(domain: &'a str, operation: &'a str, content: &'a str) -> Self { + Self { + domain, + operation, + content, + } + } + + /// Calculate the EventEntry's digest with the given [`HashAlgorithm`] + pub fn digest_with(&self, hash_alg: HashAlgorithm) -> Vec { + let log_entry = self.to_string(); + hash_alg.digest(log_entry.as_bytes()) + } +} + +impl<'a> Display for EventEntry<'a> { + fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result { + write!(f, "{} {} {}", self.domain, self.operation, self.content) + } +} + +#[cfg(test)] +mod tests { + use rstest::rstest; + + use crate::config::HashAlgorithm; + + use super::EventEntry; + + #[rstest] + #[case( + "domain", + "operation", + "content", + "65aad3b1620d4fe224d727579db2db87ff5c033f3e4424ae0fd72eb1149d3bd5", + HashAlgorithm::Sha256 + )] + #[case("domain", "operation", "content", "26d944cb8d99096590252283b8c807b9508329b068703bdb7bac7eb6efe5b32fc0fadf1462662b95d2c708aa49c0bfe1", HashAlgorithm::Sha384)] + #[case("domain", "operation", "content", "6e75837e0fbf8367fa4550254b8f0f52eb659be0901340357ed91dda97f0ebca10537540a021eec78df9d29ade51609a01eaaa46d32e0218cdac1644dc9933b0", HashAlgorithm::Sha512)] + fn test_event_digest( + #[case] domain: &str, + #[case] operation: &str, + #[case] content: &str, + #[case] digest: &str, + #[case] hash_alg: HashAlgorithm, + ) { + let event = EventEntry::new(domain, operation, content); + let dig = event.digest_with(hash_alg); + let dig_hex = dig.iter().map(|c| format!("{c:02x}")).collect::(); + assert_eq!(dig_hex, digest); + } +} diff --git a/attestation-agent/attestation-agent/src/lib.rs b/attestation-agent/attestation-agent/src/lib.rs index 9fbf3ee29..8674f28b6 100644 --- a/attestation-agent/attestation-agent/src/lib.rs +++ b/attestation-agent/attestation-agent/src/lib.rs @@ -8,12 +8,16 @@ use std::{io::Write, str::FromStr}; use anyhow::{Context, Result}; use async_trait::async_trait; use attester::{detect_tee_type, BoxedAttester}; +use tokio::sync::Mutex; pub use attester::InitdataResult; pub mod config; +mod eventlog; pub mod token; +use config::HashAlgorithm; +use eventlog::{EventEntry, EventLog}; use log::{info, warn}; use token::*; @@ -60,7 +64,9 @@ pub trait AttestationAPIs { /// Extend runtime measurement register async fn extend_runtime_measurement( &mut self, - events: Vec>, + domain: &str, + operation: &str, + content: &str, register_index: Option, ) -> Result<()>; @@ -72,9 +78,36 @@ pub trait AttestationAPIs { pub struct AttestationAgent { config: Config, attester: BoxedAttester, + eventlog: Mutex, } impl AttestationAgent { + pub async fn init(&mut self) -> Result<()> { + // We should get the current platform's evidence to see the RTMR value. + // Here we assume RTMR is not polluted thus all be set `\0` + let init_entry = match self.config.eventlog_config.eventlog_algorithm { + HashAlgorithm::Sha256 => "INIT sha256/0000000000000000000000000000000000000000000000000000000000000000", + HashAlgorithm::Sha384 => "INIT sha384/000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000", + HashAlgorithm::Sha512 => "INIT sha512/00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000", + }; + + let event_digest = self + .config + .eventlog_config + .eventlog_algorithm + .digest(init_entry.as_bytes()); + + let mut eventlog = self.eventlog.lock().await; + + self.attester + .extend_runtime_measurement(event_digest, self.config.eventlog_config.init_pcr) + .await + .context("write INIT entry")?; + eventlog.write_log(init_entry).context("write INIT log")?; + + Ok(()) + } + /// Create a new instance of [AttestationAgent]. pub fn new(config_path: Option<&str>) -> Result { let config = match config_path { @@ -90,8 +123,13 @@ impl AttestationAgent { let tee_type = detect_tee_type(); let attester: BoxedAttester = tee_type.try_into()?; + let eventlog = Mutex::new(EventLog::new()?); - Ok(AttestationAgent { config, attester }) + Ok(AttestationAgent { + config, + attester, + eventlog, + }) } /// This is a workaround API for initdata in CoCo. Once @@ -116,6 +154,11 @@ impl AttestationAgent { } } +/// Default PCR index used by AA. `17` is selected for its usage of dynamic root of trust for measurement. +/// - [Linux TPM PCR Registry](https://uapi-group.org/specifications/specs/linux_tpm_pcr_registry/) +/// - [TCG TRUSTED BOOT CHAIN IN EDK II](https://tianocore-docs.github.io/edk2-TrustedBootChain/release-1.00/3_TCG_Trusted_Boot_Chain_in_EDKII.html) +const DEFAULT_PCR_INDEX: u64 = 17; + #[async_trait] impl AttestationAPIs for AttestationAgent { async fn get_token(&mut self, token_type: &str) -> Result> { @@ -143,15 +186,35 @@ impl AttestationAPIs for AttestationAgent { Ok(evidence.into_bytes()) } - /// Extend runtime measurement register + /// Extend runtime measurement register. Parameters + /// - `events`: a event slice. Any single event will be calculated into a hash digest to extend the current + /// platform's RTMR. + /// - `register_index`: a target PCR that will be used to extend RTMR. Note that different platform + /// would have its own strategy to map a PCR index into a architectual RTMR index. If not given, a default one + /// will be used. async fn extend_runtime_measurement( &mut self, - events: Vec>, + domain: &str, + operation: &str, + content: &str, register_index: Option, ) -> Result<()> { + let register_index = register_index.unwrap_or_else(|| { + info!("No PCR index provided, use default {DEFAULT_PCR_INDEX}"); + DEFAULT_PCR_INDEX + }); + + let log_entry = EventEntry::new(domain, operation, content); + let event_digest = log_entry.digest_with(self.config.eventlog_config.eventlog_algorithm); + + let mut eventlog = self.eventlog.lock().await; + self.attester - .extend_runtime_measurement(events, register_index) + .extend_runtime_measurement(event_digest, register_index) .await?; + + eventlog.write_log(&log_entry.to_string())?; + Ok(()) } diff --git a/attestation-agent/attester/src/lib.rs b/attestation-agent/attester/src/lib.rs index b68ca519e..81d6c9d41 100644 --- a/attestation-agent/attester/src/lib.rs +++ b/attestation-agent/attester/src/lib.rs @@ -83,8 +83,8 @@ pub trait Attester { /// to enable dynamic measurement capabilities for input data at runtime. async fn extend_runtime_measurement( &self, - _events: Vec>, - _register_index: Option, + _event_digest: Vec, + _register_index: u64, ) -> Result<()> { bail!("Unimplemented") } diff --git a/attestation-agent/kbs_protocol/src/token_provider/aa/attestation_agent.rs b/attestation-agent/kbs_protocol/src/token_provider/aa/attestation_agent.rs index 9b807e41f..4ff9523cd 100644 --- a/attestation-agent/kbs_protocol/src/token_provider/aa/attestation_agent.rs +++ b/attestation-agent/kbs_protocol/src/token_provider/aa/attestation_agent.rs @@ -517,8 +517,12 @@ impl ::protobuf::reflect::ProtobufValue for GetTokenResponse { #[derive(PartialEq,Clone,Default,Debug)] pub struct ExtendRuntimeMeasurementRequest { // message fields - // @@protoc_insertion_point(field:attestation_agent.ExtendRuntimeMeasurementRequest.Events) - pub Events: ::std::vec::Vec<::std::vec::Vec>, + // @@protoc_insertion_point(field:attestation_agent.ExtendRuntimeMeasurementRequest.Domain) + pub Domain: ::std::string::String, + // @@protoc_insertion_point(field:attestation_agent.ExtendRuntimeMeasurementRequest.Operation) + pub Operation: ::std::string::String, + // @@protoc_insertion_point(field:attestation_agent.ExtendRuntimeMeasurementRequest.Content) + pub Content: ::std::string::String, // @@protoc_insertion_point(field:attestation_agent.ExtendRuntimeMeasurementRequest.RegisterIndex) pub RegisterIndex: ::std::option::Option, // special fields @@ -538,12 +542,22 @@ impl ExtendRuntimeMeasurementRequest { } fn generated_message_descriptor_data() -> ::protobuf::reflect::GeneratedMessageDescriptorData { - let mut fields = ::std::vec::Vec::with_capacity(2); + let mut fields = ::std::vec::Vec::with_capacity(4); let mut oneofs = ::std::vec::Vec::with_capacity(0); - fields.push(::protobuf::reflect::rt::v2::make_vec_simpler_accessor::<_, _>( - "Events", - |m: &ExtendRuntimeMeasurementRequest| { &m.Events }, - |m: &mut ExtendRuntimeMeasurementRequest| { &mut m.Events }, + fields.push(::protobuf::reflect::rt::v2::make_simpler_field_accessor::<_, _>( + "Domain", + |m: &ExtendRuntimeMeasurementRequest| { &m.Domain }, + |m: &mut ExtendRuntimeMeasurementRequest| { &mut m.Domain }, + )); + fields.push(::protobuf::reflect::rt::v2::make_simpler_field_accessor::<_, _>( + "Operation", + |m: &ExtendRuntimeMeasurementRequest| { &m.Operation }, + |m: &mut ExtendRuntimeMeasurementRequest| { &mut m.Operation }, + )); + fields.push(::protobuf::reflect::rt::v2::make_simpler_field_accessor::<_, _>( + "Content", + |m: &ExtendRuntimeMeasurementRequest| { &m.Content }, + |m: &mut ExtendRuntimeMeasurementRequest| { &mut m.Content }, )); fields.push(::protobuf::reflect::rt::v2::make_option_accessor::<_, _>( "RegisterIndex", @@ -569,9 +583,15 @@ impl ::protobuf::Message for ExtendRuntimeMeasurementRequest { while let Some(tag) = is.read_raw_tag_or_eof()? { match tag { 10 => { - self.Events.push(is.read_bytes()?); + self.Domain = is.read_string()?; + }, + 18 => { + self.Operation = is.read_string()?; }, - 16 => { + 26 => { + self.Content = is.read_string()?; + }, + 32 => { self.RegisterIndex = ::std::option::Option::Some(is.read_uint64()?); }, tag => { @@ -586,11 +606,17 @@ impl ::protobuf::Message for ExtendRuntimeMeasurementRequest { #[allow(unused_variables)] fn compute_size(&self) -> u64 { let mut my_size = 0; - for value in &self.Events { - my_size += ::protobuf::rt::bytes_size(1, &value); - }; + if !self.Domain.is_empty() { + my_size += ::protobuf::rt::string_size(1, &self.Domain); + } + if !self.Operation.is_empty() { + my_size += ::protobuf::rt::string_size(2, &self.Operation); + } + if !self.Content.is_empty() { + my_size += ::protobuf::rt::string_size(3, &self.Content); + } if let Some(v) = self.RegisterIndex { - my_size += ::protobuf::rt::uint64_size(2, v); + my_size += ::protobuf::rt::uint64_size(4, v); } my_size += ::protobuf::rt::unknown_fields_size(self.special_fields.unknown_fields()); self.special_fields.cached_size().set(my_size as u32); @@ -598,11 +624,17 @@ impl ::protobuf::Message for ExtendRuntimeMeasurementRequest { } fn write_to_with_cached_sizes(&self, os: &mut ::protobuf::CodedOutputStream<'_>) -> ::protobuf::Result<()> { - for v in &self.Events { - os.write_bytes(1, &v)?; - }; + if !self.Domain.is_empty() { + os.write_string(1, &self.Domain)?; + } + if !self.Operation.is_empty() { + os.write_string(2, &self.Operation)?; + } + if !self.Content.is_empty() { + os.write_string(3, &self.Content)?; + } if let Some(v) = self.RegisterIndex { - os.write_uint64(2, v)?; + os.write_uint64(4, v)?; } os.write_unknown_fields(self.special_fields.unknown_fields())?; ::std::result::Result::Ok(()) @@ -621,14 +653,18 @@ impl ::protobuf::Message for ExtendRuntimeMeasurementRequest { } fn clear(&mut self) { - self.Events.clear(); + self.Domain.clear(); + self.Operation.clear(); + self.Content.clear(); self.RegisterIndex = ::std::option::Option::None; self.special_fields.clear(); } fn default_instance() -> &'static ExtendRuntimeMeasurementRequest { static instance: ExtendRuntimeMeasurementRequest = ExtendRuntimeMeasurementRequest { - Events: ::std::vec::Vec::new(), + Domain: ::std::string::String::new(), + Operation: ::std::string::String::new(), + Content: ::std::string::String::new(), RegisterIndex: ::std::option::Option::None, special_fields: ::protobuf::SpecialFields::new(), }; @@ -1352,24 +1388,26 @@ static file_descriptor_proto_data: &'static [u8] = b"\ \"1\n\x13GetEvidenceResponse\x12\x1a\n\x08Evidence\x18\x01\x20\x01(\x0cR\ \x08Evidence\"/\n\x0fGetTokenRequest\x12\x1c\n\tTokenType\x18\x01\x20\ \x01(\tR\tTokenType\"(\n\x10GetTokenResponse\x12\x14\n\x05Token\x18\x01\ - \x20\x01(\x0cR\x05Token\"v\n\x1fExtendRuntimeMeasurementRequest\x12\x16\ - \n\x06Events\x18\x01\x20\x03(\x0cR\x06Events\x12)\n\rRegisterIndex\x18\ - \x02\x20\x01(\x04H\0R\rRegisterIndex\x88\x01\x01B\x10\n\x0e_RegisterInde\ - x\"\"\n\x20ExtendRuntimeMeasurementResponse\"K\n\x11InitDataPlaintext\ - \x12\x18\n\x07Content\x18\x01\x20\x01(\x0cR\x07Content\x12\x1c\n\tAlgori\ - thm\x18\x02\x20\x01(\tR\tAlgorithm\".\n\x14CheckInitDataRequest\x12\x16\ - \n\x06Digest\x18\x01\x20\x01(\x0cR\x06Digest\"\x17\n\x15CheckInitDataRes\ - ponse\"4\n\x1aUpdateConfigurationRequest\x12\x16\n\x06config\x18\x01\x20\ - \x01(\tR\x06config\"\x1d\n\x1bUpdateConfigurationResponse2\xac\x04\n\x17\ - AttestationAgentService\x12\\\n\x0bGetEvidence\x12%.attestation_agent.Ge\ - tEvidenceRequest\x1a&.attestation_agent.GetEvidenceResponse\x12S\n\x08Ge\ - tToken\x12\".attestation_agent.GetTokenRequest\x1a#.attestation_agent.Ge\ - tTokenResponse\x12\x83\x01\n\x18ExtendRuntimeMeasurement\x122.attestatio\ - n_agent.ExtendRuntimeMeasurementRequest\x1a3.attestation_agent.ExtendRun\ - timeMeasurementResponse\x12b\n\rCheckInitData\x12'.attestation_agent.Che\ - ckInitDataRequest\x1a(.attestation_agent.CheckInitDataResponse\x12t\n\ - \x13UpdateConfiguration\x12-.attestation_agent.UpdateConfigurationReques\ - t\x1a..attestation_agent.UpdateConfigurationResponseb\x06proto3\ + \x20\x01(\x0cR\x05Token\"\xae\x01\n\x1fExtendRuntimeMeasurementRequest\ + \x12\x16\n\x06Domain\x18\x01\x20\x01(\tR\x06Domain\x12\x1c\n\tOperation\ + \x18\x02\x20\x01(\tR\tOperation\x12\x18\n\x07Content\x18\x03\x20\x01(\tR\ + \x07Content\x12)\n\rRegisterIndex\x18\x04\x20\x01(\x04H\0R\rRegisterInde\ + x\x88\x01\x01B\x10\n\x0e_RegisterIndex\"\"\n\x20ExtendRuntimeMeasurement\ + Response\"K\n\x11InitDataPlaintext\x12\x18\n\x07Content\x18\x01\x20\x01(\ + \x0cR\x07Content\x12\x1c\n\tAlgorithm\x18\x02\x20\x01(\tR\tAlgorithm\".\ + \n\x14CheckInitDataRequest\x12\x16\n\x06Digest\x18\x01\x20\x01(\x0cR\x06\ + Digest\"\x17\n\x15CheckInitDataResponse\"4\n\x1aUpdateConfigurationReque\ + st\x12\x16\n\x06config\x18\x01\x20\x01(\tR\x06config\"\x1d\n\x1bUpdateCo\ + nfigurationResponse2\xac\x04\n\x17AttestationAgentService\x12\\\n\x0bGet\ + Evidence\x12%.attestation_agent.GetEvidenceRequest\x1a&.attestation_agen\ + t.GetEvidenceResponse\x12S\n\x08GetToken\x12\".attestation_agent.GetToke\ + nRequest\x1a#.attestation_agent.GetTokenResponse\x12\x83\x01\n\x18Extend\ + RuntimeMeasurement\x122.attestation_agent.ExtendRuntimeMeasurementReques\ + t\x1a3.attestation_agent.ExtendRuntimeMeasurementResponse\x12b\n\rCheckI\ + nitData\x12'.attestation_agent.CheckInitDataRequest\x1a(.attestation_age\ + nt.CheckInitDataResponse\x12t\n\x13UpdateConfiguration\x12-.attestation_\ + agent.UpdateConfigurationRequest\x1a..attestation_agent.UpdateConfigurat\ + ionResponseb\x06proto3\ "; /// `FileDescriptorProto` object which was a source for this generated file diff --git a/attestation-agent/protos/attestation-agent.proto b/attestation-agent/protos/attestation-agent.proto index 07ab41d82..7442670e0 100644 --- a/attestation-agent/protos/attestation-agent.proto +++ b/attestation-agent/protos/attestation-agent.proto @@ -18,9 +18,20 @@ message GetTokenResponse { bytes Token = 1; } +// Extend the dynamic/runtime measurement with given materials. This would change the state +// of current TEE's status, e.g. TDX's RTMR, (v)TPM's PCR, by adding a record in eventlog. message ExtendRuntimeMeasurementRequest { - repeated bytes Events = 1; - optional uint64 RegisterIndex = 2; + // The domain to which this event entry belongs. This domain is used to distinguish the semantics of log entries in different contexts. + string Domain = 1; + + // Concrete operation type that this event entry records. + string Operation = 2; + + // Detailed content of the operation that this event entry records. + string Content = 3; + + // Which PCR will be extended with the hash of this entry. + optional uint64 RegisterIndex = 4; } message ExtendRuntimeMeasurementResponse {} From 7736977f68c539cc3c77b2bf5bcfe9fefbfcd4f2 Mon Sep 17 00:00:00 2001 From: Xynnn007 Date: Tue, 23 Apr 2024 17:07:09 +0800 Subject: [PATCH 4/5] AA/attester: fix TDX's RTMR extension Signed-off-by: Xynnn007 --- attestation-agent/attester/src/tdx/mod.rs | 54 +++++++-------- attestation-agent/attester/src/tdx/rtmr.rs | 76 ++++++++++++++++++++++ 2 files changed, 104 insertions(+), 26 deletions(-) create mode 100644 attestation-agent/attester/src/tdx/rtmr.rs diff --git a/attestation-agent/attester/src/tdx/mod.rs b/attestation-agent/attester/src/tdx/mod.rs index 231644911..ddd8ebf17 100644 --- a/attestation-agent/attester/src/tdx/mod.rs +++ b/attestation-agent/attester/src/tdx/mod.rs @@ -3,6 +3,8 @@ // SPDX-License-Identifier: Apache-2.0 // +use self::rtmr::TdxRtmrEvent; + use super::tsm_report::*; use super::Attester; use crate::utils::pad; @@ -11,16 +13,14 @@ use anyhow::*; use base64::Engine; use scroll::Pread; use serde::{Deserialize, Serialize}; -use sha2::{Digest, Sha384}; -use std::mem; use std::path::Path; use tdx_attest_rs::tdx_report_t; mod report; +mod rtmr; const TDX_REPORT_DATA_SIZE: usize = 64; const CCEL_PATH: &str = "/sys/firmware/acpi/tables/data/CCEL"; -const RUNTIME_MEASUREMENT_RTMR_INDEX: u64 = 2; pub fn detect_platform() -> bool { TsmReportPath::new(TsmReportProvider::Tdx).is_ok() || Path::new("/dev/tdx_guest").exists() @@ -104,34 +104,36 @@ impl Attester for TdxAttester { async fn extend_runtime_measurement( &self, - events: Vec>, - _register_index: Option, + event_digest: Vec, + register_index: u64, ) -> Result<()> { if !runtime_measurement_extend_available() { bail!("TDX Attester: Cannot extend runtime measurement on this system"); } - for event in events { - let mut event_buffer = [0u8; mem::size_of::()]; - let mut hasher = Sha384::new(); - hasher.update(&event); - let hash = hasher.finalize().to_vec(); - let rtmr_event = unsafe { - &mut *(event_buffer.as_mut_ptr() as *mut tdx_attest_rs::tdx_rtmr_event_t) - }; - rtmr_event.version = 1; - rtmr_event.rtmr_index = RUNTIME_MEASUREMENT_RTMR_INDEX; - rtmr_event.extend_data.copy_from_slice(&hash); - match tdx_attest_rs::tdx_att_extend(&event_buffer) { - tdx_attest_rs::tdx_attest_error_t::TDX_ATTEST_SUCCESS => { - log::debug!("TDX extend runtime measurement succeeded.") - } - error_code => { - bail!( - "TDX Attester: Failed to extend RTMR. Error code: {:?}", - error_code - ); - } + // The match follows https://github.com/confidential-containers/td-shim/blob/main/doc/tdshim_spec.md#td-event-log + let rtmr_index = match register_index { + 1 | 7 => 0, + 2..=6 => 1, + 8..=15 => 2, + _ => 3, + }; + + let extend_data: [u8; 48] = pad(&event_digest); + let event: Vec = TdxRtmrEvent::default() + .with_extend_data(extend_data) + .with_rtmr_index(rtmr_index) + .into(); + + match tdx_attest_rs::tdx_att_extend(&event) { + tdx_attest_rs::tdx_attest_error_t::TDX_ATTEST_SUCCESS => { + log::debug!("TDX extend runtime measurement succeeded.") + } + error_code => { + bail!( + "TDX Attester: Failed to extend RTMR. Error code: {:?}", + error_code + ); } } diff --git a/attestation-agent/attester/src/tdx/rtmr.rs b/attestation-agent/attester/src/tdx/rtmr.rs new file mode 100644 index 000000000..8d9be076d --- /dev/null +++ b/attestation-agent/attester/src/tdx/rtmr.rs @@ -0,0 +1,76 @@ +// Copyright (c) 2024 Alibaba Cloud +// +// SPDX-License-Identifier: Apache-2.0 +// + +/// The actual rtmr event data handled in DCAP +#[repr(C, packed)] +pub struct TdxRtmrEvent { + /// Always 1 + version: u32, + + /// The RTMR that will be extended. As defined in + /// https://github.com/confidential-containers/td-shim/blob/main/doc/tdshim_spec.md#td-measurement + /// we will use RTMR 3 for guest application code and configuration. + rtmr_index: u64, + + /// Data that will be used to extend RTMR + extend_data: [u8; 48usize], + + /// Not used in DCAP + event_type: u32, + + /// Always 0 + event_data_size: u32, + + /// Not used in DCAP + event_data: Vec, +} + +impl Default for TdxRtmrEvent { + fn default() -> Self { + Self { + extend_data: [0; 48], + version: 1, + rtmr_index: 2, + event_type: 0, + event_data_size: 0, + event_data: Vec::new(), + } + } +} + +impl TdxRtmrEvent { + pub fn with_extend_data(mut self, extend_data: [u8; 48]) -> Self { + self.extend_data = extend_data; + self + } + + pub fn with_rtmr_index(mut self, rtmr_index: u64) -> Self { + self.rtmr_index = rtmr_index; + self + } +} + +impl From for Vec { + fn from(val: TdxRtmrEvent) -> Self { + let event_ptr = &val as *const TdxRtmrEvent as *const u8; + let event_data_size = std::mem::size_of::() * val.event_data_size as usize; + let res_size = std::mem::size_of::() * 3 + + std::mem::size_of::() + + std::mem::size_of::<[u8; 48]>() + + event_data_size; + let mut res = vec![0; res_size]; + unsafe { + for (i, chunk) in res.iter_mut().enumerate().take(res_size - event_data_size) { + *chunk = *event_ptr.add(i); + } + } + let event_data = val.event_data; + for i in 0..event_data_size { + res[i + res_size - event_data_size] = event_data[i]; + } + + res + } +} From 41a31d1652168dfafc375ade55b60e75d3b5b0a3 Mon Sep 17 00:00:00 2001 From: Xynnn007 Date: Wed, 29 May 2024 15:54:33 +0800 Subject: [PATCH 5/5] Attester/TDX: add AA eventlog support Signed-off-by: Xynnn007 --- attestation-agent/attester/src/tdx/mod.rs | 19 ++++++++++++++++++- 1 file changed, 18 insertions(+), 1 deletion(-) diff --git a/attestation-agent/attester/src/tdx/mod.rs b/attestation-agent/attester/src/tdx/mod.rs index ddd8ebf17..4269df765 100644 --- a/attestation-agent/attester/src/tdx/mod.rs +++ b/attestation-agent/attester/src/tdx/mod.rs @@ -13,6 +13,7 @@ use anyhow::*; use base64::Engine; use scroll::Pread; use serde::{Deserialize, Serialize}; +use std::fs; use std::path::Path; use tdx_attest_rs::tdx_report_t; @@ -54,6 +55,8 @@ fn runtime_measurement_extend_available() -> bool { true } +pub const DEFAULT_EVENTLOG_PATH: &str = "/run/attestation-agent/eventlog"; + #[derive(Serialize, Deserialize)] struct TdxEvidence { // Base64 encoded CC Eventlog ACPI table @@ -61,6 +64,8 @@ struct TdxEvidence { cc_eventlog: Option, // Base64 encoded TD quote. quote: String, + // Eventlog of Attestation Agent + aa_eventlog: Option, } #[derive(Debug, Default)] @@ -97,7 +102,19 @@ impl Attester for TdxAttester { } }; - let evidence = TdxEvidence { cc_eventlog, quote }; + let aa_eventlog = match fs::read_to_string(DEFAULT_EVENTLOG_PATH) { + Result::Ok(el) => Some(el), + Result::Err(e) => { + log::warn!("Read AA Eventlog failed: {:?}", e); + None + } + }; + + let evidence = TdxEvidence { + cc_eventlog, + quote, + aa_eventlog, + }; serde_json::to_string(&evidence).context("Serialize TDX evidence failed") }