Add an Orchestrator RPC for session binding

Bug: 359179452 Change-Id: I181aaf052cb81d4e5dff69b5720df911a74bf87b
project-oak · Feb 16, 2025 · 155f0b4 · 155f0b4
1 parent e7c76de
commit 155f0b4
Show file tree

Hide file tree

Showing 3 changed files with 41 additions and 4 deletions.
diff --git a/oak_containers/orchestrator/src/ipc_server.rs b/oak_containers/orchestrator/src/ipc_server.rs
@@ -26,8 +26,8 @@ use oak_proto_rust::oak::{
     attestation::v1::{Endorsements, Evidence},
     containers::{
         v1::{
-            DeriveSessionKeysRequest, DeriveSessionKeysResponse, KeyOrigin, SignRequest,
-            SignResponse,
+            BindSessionRequest, BindSessionResponse, DeriveSessionKeysRequest,
+            DeriveSessionKeysResponse, KeyOrigin, SignRequest, SignResponse,
         },
         GetApplicationConfigResponse,
     },
@@ -111,6 +111,20 @@ impl OrchestratorCrypto for CryptoService {
         };
         Ok(tonic::Response::new(SignResponse { signature: Some(signature) }))
     }
+
+    async fn bind_session(
+        &self,
+        request: Request<BindSessionRequest>,
+    ) -> Result<Response<BindSessionResponse>, tonic::Status> {
+        let request = request.into_inner();
+        let signature = Signature {
+            signature: <p256::ecdsa::SigningKey as oak_crypto::signer::Signer>::sign(
+                &self.instance_keys.session_binding_key,
+                &request.transcript,
+            ),
+        };
+        Ok(tonic::Response::new(BindSessionResponse { signature: Some(signature) }))
+    }
 }
 
 pub struct ServiceImplementation {

diff --git a/oak_proto_rust/generated/oak.containers.v1.rs b/oak_proto_rust/generated/oak.containers.v1.rs
@@ -73,6 +73,19 @@ pub struct SignResponse {
     #[prost(message, optional, tag = "1")]
     pub signature: ::core::option::Option<super::super::crypto::v1::Signature>,
 }
+#[allow(clippy::derive_partial_eq_without_eq)]
+#[derive(Clone, PartialEq, ::prost_derive::Message)]
+pub struct BindSessionRequest {
+    /// Session handshake transcript.
+    #[prost(bytes = "vec", tag = "1")]
+    pub transcript: ::prost::alloc::vec::Vec<u8>,
+}
+#[allow(clippy::derive_partial_eq_without_eq)]
+#[derive(Clone, PartialEq, ::prost_derive::Message)]
+pub struct BindSessionResponse {
+    #[prost(message, optional, tag = "1")]
+    pub signature: ::core::option::Option<super::super::crypto::v1::Signature>,
+}
 /// Choice between a key generated by the enclave instance and the key
 /// distributed to the enclave group with Key Provisioning.
 #[derive(Clone, Copy, Debug, PartialEq, Eq, Hash, PartialOrd, Ord, ::prost_derive::Enumeration)]

diff --git a/proto/containers/orchestrator_crypto.proto b/proto/containers/orchestrator_crypto.proto
@@ -50,16 +50,26 @@ message SignResponse {
   oak.crypto.v1.Signature signature = 1;
 }
 
+message BindSessionRequest {
+  // Session handshake transcript.
+  bytes transcript = 1;
+}
+
+message BindSessionResponse {
+  oak.crypto.v1.Signature signature = 1;
+}
+
 // RPC service that is exposed to an enclave application and allows it to:
 // - Encrypt/decrypt messages
 // - Sign arbitrary data
-
-// TODO(#4504): Implement data signing.
 service OrchestratorCrypto {
   // Derives session keys for decrypting client requests and encrypting enclave
   // responses.
   rpc DeriveSessionKeys(DeriveSessionKeysRequest)
       returns (DeriveSessionKeysResponse) {}
   // Signs the provided message using the hardware rooted signing key.
   rpc Sign(SignRequest) returns (SignResponse) {}
+  // Signs the provided session handshake transcript using the hardware rooted
+  // session binding key.
+  rpc BindSession(BindSessionRequest) returns (BindSessionResponse) {}
 }