Skip to content

Commit

Permalink
Use product_name() from amd.rs to get determine the cert chain *ask…
Browse files Browse the repository at this point in the history 
…* to use in verifying the tee certificate.

Right now we are falling to Milan if there is no product name.

Bug: b/344012112
Bug: b/320258549

Change-Id: I60637c82b33efd98478eb0bc7e09ea917f51d785
  • Loading branch information
@alwabel1
alwabel1 committed Jun 27, 2024
1 parent 29e2b3b commit 3920e52
Show file tree
Hide file tree
Showing 11 changed files with 316 additions and 23 deletions.
11 changes: 0 additions & 11 deletions enclave_apps/Cargo.lock
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

2 changes: 2 additions & 0 deletions oak_attestation_verification/BUILD
View file
Original file line number Diff line number Diff line change
Expand Up @@ -26,6 +26,7 @@ rust_library(
srcs = glob(["src/**"]),
compile_data = [
"//oak_attestation_verification/data:ask_milan.pem",
"//oak_attestation_verification/data:ask_genoa.pem",
],
deps = [
"//oak_dice",
Expand Down Expand Up @@ -55,6 +56,7 @@ rust_library(
srcs = glob(["src/**"]),
compile_data = [
"//oak_attestation_verification/data:ask_milan.pem",
"//oak_attestation_verification/data:ask_genoa.pem",
],
crate_features = ["regex"],
deps = [
Expand Down
7 changes: 3 additions & 4 deletions oak_attestation_verification/src/amd.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -33,7 +33,7 @@ use zerocopy::{AsBytes, FromZeroes};
// Table 8 of
// https://www.amd.com/content/dam/amd/en/documents/epyc-technical-docs/specifications/57230.pdf
const RSA_SSA_PSS_OID: ObjectIdentifier = ObjectIdentifier::new_unwrap("1.2.840.113549.1.1.10");
const _PRODUCT_NAME_OID: ObjectIdentifier = ObjectIdentifier::new_unwrap("1.3.6.1.4.1.3704.1.2");
const PRODUCT_NAME_OID: ObjectIdentifier = ObjectIdentifier::new_unwrap("1.3.6.1.4.1.3704.1.2");
const BL_OID: ObjectIdentifier = ObjectIdentifier::new_unwrap("1.3.6.1.4.1.3704.1.3.1");
const TEE_OID: ObjectIdentifier = ObjectIdentifier::new_unwrap("1.3.6.1.4.1.3704.1.3.2");
const SNP_OID: ObjectIdentifier = ObjectIdentifier::new_unwrap("1.3.6.1.4.1.3704.1.3.3");
Expand Down Expand Up @@ -81,16 +81,15 @@ pub fn verify_cert_signature(signer: &Certificate, signee: &Certificate) -> anyh
.map_err(|_err| anyhow::anyhow!("signature verification failed"))
}

// Currently unused, use `pub` only to disable the warning.
fn _product_name(cert: &Certificate) -> anyhow::Result<String> {
pub fn product_name(cert: &Certificate) -> anyhow::Result<String> {
let exts = cert
.tbs_certificate
.extensions
.as_ref()
.ok_or_else(|| anyhow::anyhow!("could not get extensions from cert"))?;
let pn_ext = exts
.iter()
.find(|&ext| ext.extn_id == _PRODUCT_NAME_OID)
.find(|&ext| ext.extn_id == PRODUCT_NAME_OID)
.ok_or_else(|| anyhow::anyhow!("no product name found in cert"))?;
String::from_utf8(pn_ext.extn_value.as_bytes().to_vec())
.map_err(|_utf8_err| anyhow::anyhow!("failed to read product name"))
Expand Down
23 changes: 15 additions & 8 deletions oak_attestation_verification/src/verifier.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -68,7 +68,7 @@ use x509_cert::{
use zerocopy::FromBytes;

use crate::{
amd::{verify_attestation_report_signature, verify_cert_signature},
amd::{product_name, verify_attestation_report_signature, verify_cert_signature},
claims::{get_digest, parse_endorsement_statement},
endorsement::verify_binary_endorsement,
util::{
Expand All @@ -77,8 +77,6 @@ use crate::{
},
};

const ASK_MILAN_CERT_PEM: &str = include_str!("../data/ask_milan.pem");

// We don't use additional authenticated data.
const ADDITIONAL_DATA: &[u8] = b"";

Expand Down Expand Up @@ -526,6 +524,9 @@ fn verify_insecure(_expected_values: &InsecureExpectedValues) -> anyhow::Result<
Ok(())
}

const ASK_MILAN_CERT_PEM: &str = include_str!("../data/ask_milan.pem");
const ASK_GENOA_CERT_PEM: &str = include_str!("../data/ask_genoa.pem");

/// Verifies the signature chain for the attestation report included in the
/// root.
fn verify_root_attestation_signature(
Expand All @@ -539,13 +540,19 @@ fn verify_root_attestation_signature(
// We demand that product-specific ASK signs the VCEK.
let vcek = Certificate::from_der(serialized_certificate)
.map_err(|_err| anyhow::anyhow!("could not parse VCEK cert"))?;
// Right now there are only Milan CPUs, so it is not urgent to code the
// decision between Milan and Genoa which would appear here.
let ask_milan = Certificate::from_pem(ASK_MILAN_CERT_PEM)
.map_err(|_err| anyhow::anyhow!("could not parse ASK cert"))?;

let ask = if product_name(&vcek)?.contains("Milan") {
Certificate::from_pem(ASK_MILAN_CERT_PEM)
.map_err(|_err| anyhow::anyhow!("could not parse Milan ASK cert"))?
} else if product_name(&vcek)?.contains("Genoa") {
Certificate::from_pem(ASK_GENOA_CERT_PEM)
.map_err(|_err| anyhow::anyhow!("could not parse Genoa ASK cert"))?
} else {
anyhow::bail!("unsupported AMD product");
};

// TODO(#4747): user current date as part of VCEK verification.
verify_cert_signature(&ask_milan, &vcek)?;
verify_cert_signature(&ask, &vcek)?;

let report = AttestationReport::ref_from(&root_layer.remote_attestation_report)
.context("invalid AMD SEV-SNP attestation report")?;
Expand Down
5 changes: 5 additions & 0 deletions oak_attestation_verification/testdata/BUILD
View file
Original file line number Diff line number Diff line change
Expand Up @@ -46,4 +46,9 @@ exports_files([
"rk_evidence_20240312.textproto",
"rk_vcek_milan.der",
"rk_vcek_milan.pem",
"genoa_oc_evidence.binarypb",
"genoa_oc_evidence.prototext",
"genoa_oc_reference_values.binarypb",
"genoa_oc_reference_values.textproto",
"vcek_genoa.der",
])
Binary file added oak_attestation_verification/testdata/genoa_oc_evidence.binarypb
View file
Binary file not shown.
160 changes: 160 additions & 0 deletions oak_attestation_verification/testdata/genoa_oc_evidence.prototext
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,160 @@
# proto-file: proto/attestation/evidence.proto
# proto-message: oak.attestaton.v1.Evidence
#
# Valid real-world evidence for an Oak Containers chain, used for testing.
# Generated on 2024-06-17. `genoa_oc_evidence.binarypb` is the same instance in
# serialized binary format. ECA: Embedded Certification Authority
#
# The stage0 binary is measured in the attestation report.

root_layer {
platform: AMD_SEV_SNP
remote_attestation_report:
"\002\000\000\000\000\000\000\000\000\000\003\000\000\000\000\000\000\000"
"\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000"
"\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\001\000"
"\000\000\007\000\000\000\000\000\017>"
"\001\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\350\306"
"\305B\273q.]yMi\345[\345\314\232\210\346\010c\030\003\204\322#:"
"\024I\317;"
"\350\317\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000"
"\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\336eN"
"\321\353\003\266\225g3\2155\177\206s\\d\374w\026v\274\325\320\\\246\257"
"\350o>"
"\271\367T\222\"\257\256a9\250\322\202\243M\t\325\237\225\000\000\000\000"
"\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000"
"\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000"
"\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000"
"\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000"
"\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000"
"\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000"
"\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\221.;"
"\345\t\251\263\323\004V\267$+"
"\210\275e\022L\227\342\362M\257B\366\020\367Y\322\312~"
"\203\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377"
"\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\007\000\000"
"\000\000\000\017>"
"\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000"
"\000\000\000\000\000\000\322B\035\227o\225\316\013\250I\267\314\\x\221\""
"\361\345\234w\2407\',\023z\344\321\210\273\020*\333\307\305="
"\003\002\277\370*C,"
"\224\243\005\336\307\247\242p\316\261\232\020\360J\2031ld\206\226\215"
"\007\000\000\000\000\000\017>"
"\0307\001\000\0307\001\000\007\000\000\000\000\000\017>"
"\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000"
"\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000"
"\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000"
"\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000"
"\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000"
"\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000"
"\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000"
"\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000"
"\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000"
"\000\000\000\000\000\000\007\272\3619.\347M\277,p\220\215\231^{[{"
"\351\213\266\007[\335<\301\377\363\370\353\353\000\026\201("
"I\366Q\\\\N\210\343\200\236\217\242\201\022\000\000\000\000\000\000\000"
"\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\0002ho"
"\324s\336q\210\341\357;\227\304\371\277\2025\260\227@\363.\320r("
"\332\213\225\215:~\357f\022/"
"\313$"
"q\302incb\016\370\340\355\253\000\000\000\000\000\000\000\000\000\000"
"\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000"
"\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000"
"\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000"
"\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000"
"\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000"
"\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000"
"\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000"
"\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000"
"\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000"
"\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000"
"\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000"
"\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000"
"\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000"
"\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000"
"\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000"
"\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000"
"\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000"
"\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000"
"\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000"
"\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000"
"\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000"
"\000\000\000\000"
eca_public_key:
"\247\001\002\002T\253w\004\245;&\367\312F\341\206w1)"
"7\302\302b\026\300\003&\004\201\002 \001!X x "
"\326\342o\235\361\371\352\275:\315<"
"nk\323\245\214\244\314z\2110\257S\253\030\355Zb\\R\"X "
"\240=n_\331\240\225\014\232&\024\350\017MF\205*O\356M\274*"
"\251\221\025\335\224N\275H\373\205"
}
layers {
eca_certificate:
"\204C\241\001&\241\004RAsymmetricECDSA256Y\002U\245\001x("
"ab7704a53b26f7ca46e18677312937c2c26216c0\002x("
"4c4fb0ef5cb0015774d1c0c9393ae46be01d1bb6:"
"\000GDWXf\247\001\002\002TLO\260\357\\\260\001Wt\321\300\3119:"
"\344k\340\035\033\266\003&\004\201\002 \001!X "
"\2073i\364y\243&\351\375qN\336\225F82\0229."
"1e\364\020\234x\374\213\264\021\230\026{\"X "
"6\020\216\231_b\356P\201\254\301\203\314\331Y9\352C\365\357\023i\231]"
"e\370Z\222~\323\331\337:\000GDXB \000:\000GDZ\247:\000GD`\241:\000GDkX "
"D*6\221>.)\235\242\265\026\201D\203\266\254\357\021\266>"
"\003\3675a\003A\250V\0223\367\277:\000GDa\241:\000GDkX "
"\371\023\362\201\333tS`X\306\\F\017xrMH\322\312\376^"
"\277\016\26122\220i\242\315\217\017:\000GDlxn console=ttyS0 panic=-1 "
"brd.rd_nr=1 brd.rd_size=10000000 brd.max_part=1 "
"ip=10.0.2.15:::255.255.255.0::eth0:off:\000GDb\241:\000GDkX "
"h\313Bj\372\242\224e\367\307\037&"
"\324\371\253Z\202\302\341\222b6d\213\354\"j\201\224C\035\271:"
"\000GDc\241:\000GDkX "
";0y=\1778\210t*\326?\023\353\346\240\003\274\233v4\231,"
"dx\246\020\037\236\363#\265\256:\000GDd\241:\000GDkX "
"L\230T(\375\306\020\034q\314&\335\303\023\315\202!"
"\274\274TG\031\221\3549\261\276\002m\016\034(:\000GDe\241:\000GDkX "
"\244\337\235\212d\334\271\247\023\316\300(\327\r+"
"\025\231\372\357\007\314\320\320\341\201i1IkH\230\310X@"
"\177\023\262M\347.\316\t\351\272\212B\037]\246,"
"\216\350\267b\002\361\343T\022\243\217\031_*"
"\013\361sr\227T\272\301\004\365,e\317\325\006\263@"
"\271\261\264\252\374\340y\034c\"\200yk\274\005 \361"
}
layers {
eca_certificate:
"\204C\241\001&\241\004RAsymmetricECDSA256X\377\245\001x("
"4c4fb0ef5cb0015774d1c0c9393ae46be01d1bb6\002x("
"9f944dc52869227483fe209eda45742fdd842d0e:"
"\000GDWXf\247\001\002\002T\237\224M\305(i\"t\203\376 "
"\236\332Et/\335\204-\016\003&\004\201\002 \001!X "
"\247\321\310\312l[NDHJP\210\364\037\377U["
"\033\215\334\025\007\340\265S\272\355JRK)\263\"X "
"o\021\254u\275B.y.jMsd\327\314,"
"\312VE\214c\037\345\326\356\235\210\214\365\210\210_:\000GDXB "
"\000:\000GD\\\241:\000GDf\241:\000GDkX "
"\343\336\331\347\317\331S\264\356cs\373\213A*v\276\020*"
"n\335N\005\252\177\211p\342\013\374K\315X@\245\307\262\250))\261a#(\225>"
"\300/"
"\237\202\004F\002\246\240YD@m\352=\272\024<w&"
"\346\\q\250\321\303W\224\215\267\201|\214\375m@\262~|\367\340\257f{"
"\254\302mL\226\341~\006"
}
application_keys {
encryption_public_key_certificate:
"\204C\241\001&\241\004RAsymmetricECDSA256Y\001\n\245\001x("
"9f944dc52869227483fe209eda45742fdd842d0e\002x("
"b158433a663e6263b7a1a1bd0cca058713c49b51:\000GDWXD\246\001\001\002T\261XC:f>"
"bc\267\241\241\275\014\312\005\207\023\304\233Q\0038\036\004\201\005 \004!X "
"T\004\000\236\202G\276\274u\022\332{\013 "
"q>8\343\017l)\352\302>\310f\220J9\370w\026:\000GDXB "
"\000:\000GD^\242:\000GDh\241:\000GDkX "
"\277\027=\204ld\345\312\364\221\336\233^\242\337\2544\234\376\"\245\346\360:"
"\330\004\213\270\n\336C\014:\000GDi\241:\000GDkX "
"\343\260\304B\230\374\034\024\232\373\364\310\231o\271$"
"\'\256A\344d\233\223L\244\225\231\033xR\270UX@\342?\357\257["
"\255\276\360\215\3122\237q\321\267\344A\221\256\021\262\327\354\031PLr\\\"2"
"\317cW9\210j\212\216\324\n\313BC\310 "
"5\237(\316\030]\241\0144\214O\000\244\027\0106>|"
"r"
signing_public_key_certificate: "\204C\241\001&\241\004RAsymmetricECDSA256Y\001,\245\001x(9f944dc52869227483fe209eda45742fdd842d0e\002x(30de4e24fe44b203a9a3df471708eee913a8fc10:\000GDWXf\247\001\002\002T0\336N$\376D\262\003\251\243\337G\027\010\356\351\023\250\374\020\003&\004\201\002 \001!X \217\242\302]=3h\262?xw\311\254\204\206oD\017\235\327\251N|\245D\016\361\274a\037w\333\"X )@\314\242#=\006\311\317\277P>\347?\337\\\361\364\3067\363v\273}\252\3667\372\360VV\344:\000GDXB \000:\000GD^\242:\000GDh\241:\000GDkX \277\027=\204ld\345\312\364\221\336\233^\242\337\2544\234\376\"\245\346\360:\330\004\213\270\n\336C\014:\000GDi\241:\000GDkX \343\260\304B\230\374\034\024\232\373\364\310\231o\271$\'\256A\344d\233\223L\244\225\231\033xR\270UX@\342\332{X\322\221\276S\341<\276\023\375#`\235\343;\032L\301Y\245\226\n\017\3361\374\246O\007\031\361\360\026PV9\0278\235:\010\002\204\346\312+\256\215\211\035:\275\213\030\216\340\301\236\357\257\234"
group_encryption_public_key_certificate: "\204C\241\001&\241\004RAsymmetricECDSA256X\252\244\001x(9f944dc52869227483fe209eda45742fdd842d0e\002x(c2c484686b9b84a3f87007ace2a59ba144457239:\000GDWXD\246\001\001\002T\302\304\204hk\233\204\243\370p\007\254\342\245\233\241DEr9\0038\036\004\201\005 \004!X \356\034\307\261\3414\360\220\377\275=\003\001\247\224\352\027\236\005\377\002\302\314\310\207\335\256b7\322)\t:\000GDXB \000X@0\244c\214t\247\375\321rY=\246\2651\223\024\213t \322\203\243\352s.\245\336\t\326\221\322\2014%\344\217\006wdu2\030\007\224\212\031\036\217\324e\242\256\373\000\356\251\341\364\355\316\312U\331\331"
}
Binary file added oak_attestation_verification/testdata/genoa_oc_reference_values.binarypb
View file
Binary file not shown.
82 changes: 82 additions & 0 deletions oak_attestation_verification/testdata/genoa_oc_reference_values.textproto
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,82 @@
oak_containers {
root_layer {
amd_sev {
stage0 {
skip {
}
}
min_tcb_version {
boot_loader: 7
snp: 15
microcode: 62
}
}
}
kernel_layer {
kernel {
digests {
image {
digests {
sha2_256: "D*6\221>.)\235\242\265\026\201D\203\266\254\357\021\266>\003\3675a\003A\250V\0223\367\277"
}
}
setup_data {
digests {
sha2_256: "h\313Bj\372\242\224e\367\307\037&\324\371\253Z\202\302\341\222b6d\213\354\"j\201\224C\035\271"
}
}
}
}
init_ram_fs {
digests {
digests {
sha2_256: ";0y=\1778\210t*\326?\023\353\346\240\003\274\233v4\231,dx\246\020\037\236\363#\265\256"
}
}
}
memory_map {
digests {
digests {
sha2_256: "L\230T(\375\306\020\034q\314&\335\303\023\315\202!\274\274TG\031\221\3549\261\276\002m\016\034("
}
}
}
acpi {
digests {
digests {
sha2_256: "\244\337\235\212d\334\271\247\023\316\300(\327\r+\025\231\372\357\007\314\320\320\341\201i1IkH\230\310"
}
}
}
kernel_cmd_line_text {
string_literals {
value: " console=ttyS0 panic=-1 brd.rd_nr=1 brd.rd_size=10000000 brd.max_part=1 ip=10.0.2.15:::255.255.255.0::eth0:off"
}
}
}
system_layer {
system_image {
digests {
digests {
sha2_256: "\343\336\331\347\317\331S\264\356cs\373\213A*v\276\020*n\335N\005\252\177\211p\342\013\374K\315"
}
}
}
}
container_layer {
binary {
digests {
digests {
sha2_256: "\277\027=\204ld\345\312\364\221\336\233^\242\337\2544\234\376\"\245\346\360:\330\004\213\270\n\336C\014"
}
}
}
configuration {
digests {
digests {
sha2_256: "\343\260\304B\230\374\034\024\232\373\364\310\231o\271$\'\256A\344d\233\223L\244\225\231\033xR\270U"
}
}
}
}
}
Binary file added oak_attestation_verification/testdata/vcek_genoa.der
View file
Binary file not shown.
Loading

0 comments on commit 3920e52

Please sign in to comment.