Crates.io | az-snp-vtpm |
lib.rs | az-snp-vtpm |
version | 0.7.1 |
source | src |
created_at | 2023-03-28 16:17:24.176005 |
updated_at | 2024-11-18 13:11:23.012175 |
description | vTPM based SEV-SNP attestation for Azure Confidential VMs |
homepage | |
repository | https://github.com/kinvolk/azure-cvm-tooling/ |
max_upload_size | |
id | 823209 |
size | 67,263 |
This library enables guest attestation flows for SEV-SNP CVMs on Azure. Please refer to the documentation in this repository for details on the attestation procedure.
Default image is Ubuntu 22.04 cvm
export IMAGE_ID=/subscriptions/.../resourceGroups/.../providers/Microsoft.Compute/galleries/.../images/.../versions/1.0.0
make deploy
cargo b --release -p az-snp-vtpm
scp ../target/release/snp-vtpm azureuser@$CONFIDENTIAL_VM:
Retrieve SEV-SNP report, validate and print it:
sudo ./snp-vtpm -p
There is a project in the ./example
folder depicting how the crate can be leveraged in a Remote Attestation flow. Note: the code is merely illustrative and doesn't feature exhaustive validation, which would be required in a production scenario.
cargo b -p snp-example
The vTPM is linked to the SEV-SNP report via the vTPM Attestation Key (AK). The public AK is part of a Runtime Data struct, which is hashed and submitted as Report Data when generating the SNP report. To provide freshness guarantees in an attestation exchange we can request a vTPM quote with a nonce. The resulting message is signed by the AK.
┌────────────────────────┐
│ HCL Data │
│ │
│ ┌──────────────────────┴─┐ ─┐
│ │ Runtime Data │ │
│ │ │ │
┌──────────────────────┐ │ │ ┌────────────────────┐ │ ├─┐
┌─┤ vTPM AK ├──┼─┼─┤ vTPM Public AK │ │ │ │
│ └──────────────────────┘ │ │ └────────────────────┘ │ │ │
│ ┌──────────────┐ │ └──────────────────────┬─┘ ─┘ │
│ │ vTPM Quote │ │ ┌────────────────────┐ │ │
│ │ │ │ │ HCL Report │ │ │
signs ┌─ ┌─┴────────────┐ │ │ │ │ │ sha256
│ │ │ Message │ │ │ │ ┌────────────────┐ │ │ │
│ │ │ │ │ │ │ │ SEV-SNP Report │ │ │ │
│ │ │ ┌──────────┐ │ │ │ │ │ │ │ │ │
│ │ │ │ PCR0 │ │ │ │ │ │ ┌──────────────┴─┴─┴─┐ │
│ │ │ └──────────┘ │ │ │ │ │ │ Report Data │ ◄───┘
│ │ │ ... │ │ │ │ │ └──────────────┬─┬─┬─┘
│ │ │ ┌──────────┐ │ │ │ │ └────────────────┘ │ │
└─► │ │ │ PCRn │ │ │ │ └────────────────────┘ │
│ │ └──────────┘ │ │ └────────────────────────┘
│ │ ┌──────────┐ │ │
│ │ │ Nonce │ │ │
│ │ └──────────┘ │ │
└─ └─┬────────────┘ │
└──────────────┘
The integration test suite can run on an SNP CVM. It needs to be executed as root and the tests have to run sequentially.
sudo -E env "PATH=$PATH" cargo t --features integration_test -- --test-threads 1