15 unstable releases (6 breaking)
0.7.1 | Nov 18, 2024 |
---|---|
0.6.0 | Jul 8, 2024 |
0.5.2 | Feb 23, 2024 |
0.4.1 | Dec 19, 2023 |
0.1.1 | Mar 29, 2023 |
#374 in Cryptography
2,970 downloads per month
55KB
1K
SLoC
az-snp-vtpm
This library enables guest attestation flows for SEV-SNP CVMs on Azure. Please refer to the documentation in this repository for details on the attestation procedure.
Create a CVM
Default image is Ubuntu 22.04 cvm
export IMAGE_ID=/subscriptions/.../resourceGroups/.../providers/Microsoft.Compute/galleries/.../images/.../versions/1.0.0
make deploy
Build & Install
cargo b --release -p az-snp-vtpm
scp ../target/release/snp-vtpm azureuser@$CONFIDENTIAL_VM:
Run Binary
Retrieve SEV-SNP report, validate and print it:
sudo ./snp-vtpm -p
Example Project
There is a project in the ./example
folder depicting how the crate can be leveraged in a Remote Attestation flow. Note: the code is merely illustrative and doesn't feature exhaustive validation, which would be required in a production scenario.
cargo b -p snp-example
SEV-SNP Report & vTPM
The vTPM is linked to the SEV-SNP report via the vTPM Attestation Key (AK). The public AK is part of a Runtime Data struct, which is hashed and submitted as Report Data when generating the SNP report. To provide freshness guarantees in an attestation exchange we can request a vTPM quote with a nonce. The resulting message is signed by the AK.
┌────────────────────────┐
│ HCL Data │
│ │
│ ┌──────────────────────┴─┐ ─┐
│ │ Runtime Data │ │
│ │ │ │
┌──────────────────────┐ │ │ ┌────────────────────┐ │ ├─┐
┌─┤ vTPM AK ├──┼─┼─┤ vTPM Public AK │ │ │ │
│ └──────────────────────┘ │ │ └────────────────────┘ │ │ │
│ ┌──────────────┐ │ └──────────────────────┬─┘ ─┘ │
│ │ vTPM Quote │ │ ┌────────────────────┐ │ │
│ │ │ │ │ HCL Report │ │ │
signs ┌─ ┌─┴────────────┐ │ │ │ │ │ sha256
│ │ │ Message │ │ │ │ ┌────────────────┐ │ │ │
│ │ │ │ │ │ │ │ SEV-SNP Report │ │ │ │
│ │ │ ┌──────────┐ │ │ │ │ │ │ │ │ │
│ │ │ │ PCR0 │ │ │ │ │ │ ┌──────────────┴─┴─┴─┐ │
│ │ │ └──────────┘ │ │ │ │ │ │ Report Data │ ◄───┘
│ │ │ ... │ │ │ │ │ └──────────────┬─┬─┬─┘
│ │ │ ┌──────────┐ │ │ │ │ └────────────────┘ │ │
└─► │ │ │ PCRn │ │ │ │ └────────────────────┘ │
│ │ └──────────┘ │ │ └────────────────────────┘
│ │ ┌──────────┐ │ │
│ │ │ Nonce │ │ │
│ │ └──────────┘ │ │
└─ └─┬────────────┘ │
└──────────────┘
Integration Tests
The integration test suite can run on an SNP CVM. It needs to be executed as root and the tests have to run sequentially.
sudo -E env "PATH=$PATH" cargo t --features integration_test -- --test-threads 1
Dependencies
~7–20MB
~244K SLoC