attestation: add MachineState to ValidateCVM

2024-10-01 01:36:09 -04:00 · 2023-03-06 09:15:52 +01:00 · 2023-03-06 09:15:52 +01:00 · 2535073df8
commit 2535073df8
parent 3471d73c6c
10 changed files with 16 additions and 33 deletions
--- a/internal/attestation/aws/validator.go
+++ b/internal/attestation/aws/validator.go
@ -18,6 +18,7 @@ import (
 	"github.com/edgelesssys/constellation/v2/internal/attestation/measurements"
 	"github.com/edgelesssys/constellation/v2/internal/attestation/vtpm"
 	"github.com/edgelesssys/constellation/v2/internal/oid"
+	"github.com/google/go-tpm-tools/proto/attest"
 	"github.com/google/go-tpm/tpm2"
 )

@ -54,7 +55,7 @@ func getTrustedKey(akPub []byte, instanceInfo []byte) (crypto.PublicKey, error)
 }

 // tpmEnabled verifies if the virtual machine has the tpm2.0 feature enabled.
-func (v *Validator) tpmEnabled(attestation vtpm.AttestationDocument) error {
+func (v *Validator) tpmEnabled(attestation vtpm.AttestationDocument, _ *attest.MachineState) error {
 	// https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/verify-nitrotpm-support-on-ami.html
 	// 1. Get the vm's ami (from IdentiTyDocument.imageId)
 	// 2. Check the value of key "TpmSupport": {"Value": "v2.0"}"
--- a/internal/attestation/aws/validator_test.go
+++ b/internal/attestation/aws/validator_test.go
@ -108,7 +108,7 @@ func TestTpmEnabled(t *testing.T) {
 				},
 			}

-			err := v.tpmEnabled(tc.attDoc)
+			err := v.tpmEnabled(tc.attDoc, nil)
 			if tc.wantErr {
 				assert.Error(err)
 			} else {
--- a/internal/attestation/azure/snp/validator.go
+++ b/internal/attestation/azure/snp/validator.go
@ -24,6 +24,7 @@ import (
 	"github.com/edgelesssys/constellation/v2/internal/attestation/vtpm"
 	internalCrypto "github.com/edgelesssys/constellation/v2/internal/crypto"
 	"github.com/edgelesssys/constellation/v2/internal/oid"
+	"github.com/google/go-tpm-tools/proto/attest"
 	"github.com/google/go-tpm/tpm2"
 )

@ -55,7 +56,7 @@ func NewValidator(pcrs measurements.M, idKeyDigests idkeydigest.IDKeyDigests, en
 }

 // validateCVM is a stub, since SEV-SNP attestation is already verified in trustedKeyFromSNP().
-func validateCVM(attestation vtpm.AttestationDocument) error {
+func validateCVM(vtpm.AttestationDocument, *attest.MachineState) error {
 	return nil
 }

--- a/internal/attestation/azure/snp/validator_test.go
+++ b/internal/attestation/azure/snp/validator_test.go
@ -307,28 +307,7 @@ func int32ToByte(val uint32) []byte {
 }

 func TestValidateAzureCVM(t *testing.T) {
-	testCases := map[string]struct {
-		attDoc  vtpm.AttestationDocument
-		wantErr bool
-	}{
-		"success": {
-			attDoc:  vtpm.AttestationDocument{},
-			wantErr: false,
-		},
-	}
-
-	for name, tc := range testCases {
-		t.Run(name, func(t *testing.T) {
-			assert := assert.New(t)
-
-			err := validateCVM(tc.attDoc)
-			if tc.wantErr {
-				assert.Error(err)
-			} else {
-				assert.NoError(err)
-			}
-		})
-	}
+	assert.NoError(t, validateCVM(vtpm.AttestationDocument{}, nil))
 }

 func TestNewSNPReportFromBytes(t *testing.T) {
--- a/internal/attestation/azure/trustedlaunch/validator.go
+++ b/internal/attestation/azure/trustedlaunch/validator.go
@ -18,6 +18,7 @@ import (
 	"github.com/edgelesssys/constellation/v2/internal/attestation/vtpm"
 	certutil "github.com/edgelesssys/constellation/v2/internal/crypto"
 	"github.com/edgelesssys/constellation/v2/internal/oid"
+	"github.com/google/go-tpm-tools/proto/attest"
 	"github.com/google/go-tpm/tpm2"
 )

@ -97,7 +98,7 @@ func (v *Validator) verifyAttestationKey(akPub, instanceInfo []byte) (crypto.Pub
 }

 // validateVM returns nil.
-func validateVM(attestation vtpm.AttestationDocument) error {
+func validateVM(vtpm.AttestationDocument, *attest.MachineState) error {
 	return nil
 }

--- a/internal/attestation/gcp/validator.go
+++ b/internal/attestation/gcp/validator.go
@ -104,7 +104,7 @@ func trustedKeyFromGCEAPI(getClient func(ctx context.Context, opts ...option.Cli

 // gceNonHostInfoEvent looks for the GCE Non-Host info event in an event log.
 // Returns an error if the event is not found, or if the event is missing the required flag to mark the VM confidential.
-func gceNonHostInfoEvent(attDoc vtpm.AttestationDocument) error {
+func gceNonHostInfoEvent(attDoc vtpm.AttestationDocument, _ *attest.MachineState) error {
 	if attDoc.Attestation == nil {
 		return errors.New("missing attestation in attestation document")
 	}
--- a/internal/attestation/gcp/validator_test.go
+++ b/internal/attestation/gcp/validator_test.go
@ -62,7 +62,7 @@ func TestGceNonHostInfoEvent(t *testing.T) {
 	for name, tc := range testCases {
 		t.Run(name, func(t *testing.T) {
 			assert := assert.New(t)
-			err := gceNonHostInfoEvent(tc.attDoc)
+			err := gceNonHostInfoEvent(tc.attDoc, nil)
 			if tc.wantErr {
 				assert.Error(err)
 			} else {
--- a/internal/attestation/qemu/validator.go
+++ b/internal/attestation/qemu/validator.go
@ -12,6 +12,7 @@ import (
 	"github.com/edgelesssys/constellation/v2/internal/attestation/measurements"
 	"github.com/edgelesssys/constellation/v2/internal/attestation/vtpm"
 	"github.com/edgelesssys/constellation/v2/internal/oid"
+	"github.com/google/go-tpm-tools/proto/attest"
 	"github.com/google/go-tpm/tpm2"
 )

@ -27,7 +28,7 @@ func NewValidator(pcrs measurements.M, log vtpm.AttestationLogger) *Validator {
 		Validator: vtpm.NewValidator(
 			pcrs,
 			unconditionalTrust,
-			func(attestation vtpm.AttestationDocument) error { return nil },
+			func(vtpm.AttestationDocument, *attest.MachineState) error { return nil },
 			log,
 		),
 	}
--- a/internal/attestation/vtpm/attestation.go
+++ b/internal/attestation/vtpm/attestation.go
@ -61,7 +61,7 @@ type (
 	// GetInstanceInfo returns VM metdata.
 	GetInstanceInfo func(tpm io.ReadWriteCloser) ([]byte, error)
 	// ValidateCVM validates confidential computing capabilities of the instance issuing the attestation.
-	ValidateCVM func(attestation AttestationDocument) error
+	ValidateCVM func(attestation AttestationDocument, state *attest.MachineState) error
 )

 // AttestationLogger is a logger used to print warnings and infos during attestation validation.
@ -199,7 +199,7 @@ func (v *Validator) Validate(attDocRaw []byte, nonce []byte) (userData []byte, e
 	}

 	// Validate confidential computing capabilities of the VM
-	if err := v.validateCVM(attDoc); err != nil {
+	if err := v.validateCVM(attDoc, nil); err != nil {
 		return nil, fmt.Errorf("verifying VM confidential computing capabilities: %w", err)
 	}

--- a/internal/attestation/vtpm/attestation_test.go
+++ b/internal/attestation/vtpm/attestation_test.go
@ -57,7 +57,7 @@ func fakeGetInstanceInfo(tpm io.ReadWriteCloser) ([]byte, error) {
 func TestValidate(t *testing.T) {
 	require := require.New(t)

-	fakeValidateCVM := func(AttestationDocument) error { return nil }
+	fakeValidateCVM := func(AttestationDocument, *attest.MachineState) error { return nil }
 	fakeGetTrustedKey := func(aKPub, instanceInfo []byte) (crypto.PublicKey, error) {
 		pubArea, err := tpm2.DecodePublic(aKPub)
 		if err != nil {
@ -186,7 +186,7 @@ func TestValidate(t *testing.T) {
 			validator: NewValidator(
 				testExpectedPCRs,
 				fakeGetTrustedKey,
-				func(attestation AttestationDocument) error {
+				func(AttestationDocument, *attest.MachineState) error {
 					return errors.New("untrusted")
 				},
 				warnLog),