mirror of
https://github.com/edgelesssys/constellation.git
synced 2024-12-15 10:54:29 -05:00
913b09aeb8
* terraform: enable creation of SEV-SNP VMs on GCP * variant: add SEV-SNP attestation variant * config: add SEV-SNP config options for GCP * measurements: add GCP SEV-SNP measurements * gcp: separate package for SEV-ES * attestation: add GCP SEV-SNP attestation logic * gcp: factor out common logic * choose: add GCP SEV-SNP * cli: add TF variable passthrough for GCP SEV-SNP variables * cli: support GCP SEV-SNP for `constellation verify` * Adjust usage of GCP SEV-SNP throughout codebase * ci: add GCP SEV-SNP * terraform-provider: support GCP SEV-SNP * docs: add GCP SEV-SNP reference * linter fixes * gcp: only run test with TPM simulator * gcp: remove nonsense test * Update cli/internal/cmd/verify.go Co-authored-by: Daniel Weiße <66256922+daniel-weisse@users.noreply.github.com> * Update docs/docs/overview/clouds.md Co-authored-by: Daniel Weiße <66256922+daniel-weisse@users.noreply.github.com> * Update terraform-provider-constellation/internal/provider/attestation_data_source_test.go Co-authored-by: Adrian Stobbe <stobbe.adrian@gmail.com> * linter fixes * terraform_provider: correctly pass down CC technology * config: mark attestationconfigapi as unimplemented * gcp: fix comments and typos * snp: use nonce and PK hash in SNP report * snp: ensure we never use ARK supplied by Issuer (#3025) * Make sure SNP ARK is always loaded from config, or fetched from AMD KDS * GCP: Set validator `reportData` correctly --------- Signed-off-by: Daniel Weiße <dw@edgeless.systems> Co-authored-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * attestationconfigapi: add GCP to uploading * snp: use correct cert Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * terraform-provider: enable fetching of attestation config values for GCP SEV-SNP * linter fixes --------- Signed-off-by: Daniel Weiße <dw@edgeless.systems> Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> Co-authored-by: Daniel Weiße <66256922+daniel-weisse@users.noreply.github.com> Co-authored-by: Adrian Stobbe <stobbe.adrian@gmail.com>
169 lines
8.1 KiB
Go
169 lines
8.1 KiB
Go
/*
|
|
Copyright (c) Edgeless Systems GmbH
|
|
|
|
SPDX-License-Identifier: AGPL-3.0-only
|
|
*/
|
|
|
|
package config
|
|
|
|
import (
|
|
"bytes"
|
|
"crypto/x509"
|
|
"encoding/json"
|
|
"encoding/pem"
|
|
"fmt"
|
|
|
|
"github.com/edgelesssys/constellation/v2/internal/attestation/measurements"
|
|
"github.com/edgelesssys/constellation/v2/internal/attestation/variant"
|
|
)
|
|
|
|
const (
|
|
// arkPEM is the PEM encoded AMD root key certificate. Received from the AMD Key Distribution System API (KDS).
|
|
arkPEM = `-----BEGIN CERTIFICATE-----\nMIIGYzCCBBKgAwIBAgIDAQAAMEYGCSqGSIb3DQEBCjA5oA8wDQYJYIZIAWUDBAIC\nBQChHDAaBgkqhkiG9w0BAQgwDQYJYIZIAWUDBAICBQCiAwIBMKMDAgEBMHsxFDAS\nBgNVBAsMC0VuZ2luZWVyaW5nMQswCQYDVQQGEwJVUzEUMBIGA1UEBwwLU2FudGEg\nQ2xhcmExCzAJBgNVBAgMAkNBMR8wHQYDVQQKDBZBZHZhbmNlZCBNaWNybyBEZXZp\nY2VzMRIwEAYDVQQDDAlBUkstTWlsYW4wHhcNMjAxMDIyMTcyMzA1WhcNNDUxMDIy\nMTcyMzA1WjB7MRQwEgYDVQQLDAtFbmdpbmVlcmluZzELMAkGA1UEBhMCVVMxFDAS\nBgNVBAcMC1NhbnRhIENsYXJhMQswCQYDVQQIDAJDQTEfMB0GA1UECgwWQWR2YW5j\nZWQgTWljcm8gRGV2aWNlczESMBAGA1UEAwwJQVJLLU1pbGFuMIICIjANBgkqhkiG\n9w0BAQEFAAOCAg8AMIICCgKCAgEA0Ld52RJOdeiJlqK2JdsVmD7FktuotWwX1fNg\nW41XY9Xz1HEhSUmhLz9Cu9DHRlvgJSNxbeYYsnJfvyjx1MfU0V5tkKiU1EesNFta\n1kTA0szNisdYc9isqk7mXT5+KfGRbfc4V/9zRIcE8jlHN61S1ju8X93+6dxDUrG2\nSzxqJ4BhqyYmUDruPXJSX4vUc01P7j98MpqOS95rORdGHeI52Naz5m2B+O+vjsC0\n60d37jY9LFeuOP4Meri8qgfi2S5kKqg/aF6aPtuAZQVR7u3KFYXP59XmJgtcog05\ngmI0T/OitLhuzVvpZcLph0odh/1IPXqx3+MnjD97A7fXpqGd/y8KxX7jksTEzAOg\nbKAeam3lm+3yKIcTYMlsRMXPcjNbIvmsBykD//xSniusuHBkgnlENEWx1UcbQQrs\n+gVDkuVPhsnzIRNgYvM48Y+7LGiJYnrmE8xcrexekBxrva2V9TJQqnN3Q53kt5vi\nQi3+gCfmkwC0F0tirIZbLkXPrPwzZ0M9eNxhIySb2npJfgnqz55I0u33wh4r0ZNQ\neTGfw03MBUtyuzGesGkcw+loqMaq1qR4tjGbPYxCvpCq7+OgpCCoMNit2uLo9M18\nfHz10lOMT8nWAUvRZFzteXCm+7PHdYPlmQwUw3LvenJ/ILXoQPHfbkH0CyPfhl1j\nWhJFZasCAwEAAaN+MHwwDgYDVR0PAQH/BAQDAgEGMB0GA1UdDgQWBBSFrBrRQ/fI\nrFXUxR1BSKvVeErUUzAPBgNVHRMBAf8EBTADAQH/MDoGA1UdHwQzMDEwL6AtoCuG\nKWh0dHBzOi8va2RzaW50Zi5hbWQuY29tL3ZjZWsvdjEvTWlsYW4vY3JsMEYGCSqG\nSIb3DQEBCjA5oA8wDQYJYIZIAWUDBAICBQChHDAaBgkqhkiG9w0BAQgwDQYJYIZI\nAWUDBAICBQCiAwIBMKMDAgEBA4ICAQC6m0kDp6zv4Ojfgy+zleehsx6ol0ocgVel\nETobpx+EuCsqVFRPK1jZ1sp/lyd9+0fQ0r66n7kagRk4Ca39g66WGTJMeJdqYriw\nSTjjDCKVPSesWXYPVAyDhmP5n2v+BYipZWhpvqpaiO+EGK5IBP+578QeW/sSokrK\ndHaLAxG2LhZxj9aF73fqC7OAJZ5aPonw4RE299FVarh1Tx2eT3wSgkDgutCTB1Yq\nzT5DuwvAe+co2CIVIzMDamYuSFjPN0BCgojl7V+bTou7dMsqIu/TW/rPCX9/EUcp\nKGKqPQ3P+N9r1hjEFY1plBg93t53OOo49GNI+V1zvXPLI6xIFVsh+mto2RtgEX/e\npmMKTNN6psW88qg7c1hTWtN6MbRuQ0vm+O+/2tKBF2h8THb94OvvHHoFDpbCELlq\nHnIYhxy0YKXGyaW1NjfULxrrmxVW4wcn5E8GddmvNa6yYm8scJagEi13mhGu4Jqh\n3QU3sf8iUSUr09xQDwHtOQUVIqx4maBZPBtSMf+qUDtjXSSq8lfWcd8bLr9mdsUn\nJZJ0+tuPMKmBnSH860llKk+VpVQsgqbzDIvOLvD6W1Umq25boxCYJ+TuBoa4s+HH\nCViAvgT9kf/rBq1d+ivj6skkHxuzcxbk1xv6ZGxrteJxVH7KlX7YRdZ6eARKwLe4\nAFZEAwoKCQ==\n-----END CERTIFICATE-----\n`
|
|
// tdxRootPEM is the PEM encoded Intel TDX root key certificate. Receieved from the Intel Provisioning Certification Service (PCS).
|
|
tdxRootPEM = `-----BEGIN CERTIFICATE-----\nMIICjzCCAjSgAwIBAgIUImUM1lqdNInzg7SVUr9QGzknBqwwCgYIKoZIzj0EAwIw\naDEaMBgGA1UEAwwRSW50ZWwgU0dYIFJvb3QgQ0ExGjAYBgNVBAoMEUludGVsIENv\ncnBvcmF0aW9uMRQwEgYDVQQHDAtTYW50YSBDbGFyYTELMAkGA1UECAwCQ0ExCzAJ\nBgNVBAYTAlVTMB4XDTE4MDUyMTEwNDUxMFoXDTQ5MTIzMTIzNTk1OVowaDEaMBgG\nA1UEAwwRSW50ZWwgU0dYIFJvb3QgQ0ExGjAYBgNVBAoMEUludGVsIENvcnBvcmF0\naW9uMRQwEgYDVQQHDAtTYW50YSBDbGFyYTELMAkGA1UECAwCQ0ExCzAJBgNVBAYT\nAlVTMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEC6nEwMDIYZOj/iPWsCzaEKi7\n1OiOSLRFhWGjbnBVJfVnkY4u3IjkDYYL0MxO4mqsyYjlBalTVYxFP2sJBK5zlKOB\nuzCBuDAfBgNVHSMEGDAWgBQiZQzWWp00ifODtJVSv1AbOScGrDBSBgNVHR8ESzBJ\nMEegRaBDhkFodHRwczovL2NlcnRpZmljYXRlcy50cnVzdGVkc2VydmljZXMuaW50\nZWwuY29tL0ludGVsU0dYUm9vdENBLmRlcjAdBgNVHQ4EFgQUImUM1lqdNInzg7SV\nUr9QGzknBqwwDgYDVR0PAQH/BAQDAgEGMBIGA1UdEwEB/wQIMAYBAf8CAQEwCgYI\nKoZIzj0EAwIDSQAwRgIhAOW/5QkR+S9CiSDcNoowLuPRLsWGf/Yi7GSX94BgwTwg\nAiEA4J0lrHoMs+Xo5o/sX6O9QWxHRAvZUGOdRQ7cvqRXaqI=\n-----END CERTIFICATE-----\n`
|
|
)
|
|
|
|
// AttestationCfg is the common interface for passing attestation configs.
|
|
type AttestationCfg interface {
|
|
// GetMeasurements returns the measurements that should be used for attestation.
|
|
GetMeasurements() measurements.M
|
|
// SetMeasurements updates a config's measurements using the given measurements.
|
|
SetMeasurements(m measurements.M)
|
|
// GetVariant returns the variant of the attestation config.
|
|
GetVariant() variant.Variant
|
|
// EqualTo returns true if the config is equal to the given config.
|
|
// If the variant differs, an error must be returned.
|
|
EqualTo(AttestationCfg) (bool, error)
|
|
}
|
|
|
|
// UnmarshalAttestationConfig unmarshals the config file into the correct type.
|
|
func UnmarshalAttestationConfig(data []byte, attestVariant variant.Variant) (AttestationCfg, error) {
|
|
switch attestVariant {
|
|
case variant.AWSNitroTPM{}:
|
|
return unmarshalTypedConfig[*AWSNitroTPM](data)
|
|
case variant.AWSSEVSNP{}:
|
|
return unmarshalTypedConfig[*AWSSEVSNP](data)
|
|
case variant.AzureSEVSNP{}:
|
|
return unmarshalTypedConfig[*AzureSEVSNP](data)
|
|
case variant.AzureTrustedLaunch{}:
|
|
return unmarshalTypedConfig[*AzureTrustedLaunch](data)
|
|
case variant.AzureTDX{}:
|
|
return unmarshalTypedConfig[*AzureTDX](data)
|
|
case variant.GCPSEVES{}:
|
|
return unmarshalTypedConfig[*GCPSEVES](data)
|
|
case variant.GCPSEVSNP{}:
|
|
return unmarshalTypedConfig[*GCPSEVSNP](data)
|
|
case variant.QEMUVTPM{}:
|
|
return unmarshalTypedConfig[*QEMUVTPM](data)
|
|
case variant.QEMUTDX{}:
|
|
return unmarshalTypedConfig[*QEMUTDX](data)
|
|
case variant.Dummy{}:
|
|
return unmarshalTypedConfig[*DummyCfg](data)
|
|
default:
|
|
return nil, fmt.Errorf("unknown variant: %s", attestVariant)
|
|
}
|
|
}
|
|
|
|
func unmarshalTypedConfig[T AttestationCfg](data []byte) (AttestationCfg, error) {
|
|
var cfg T
|
|
if err := json.Unmarshal(data, &cfg); err != nil {
|
|
return nil, err
|
|
}
|
|
return cfg, nil
|
|
}
|
|
|
|
// Certificate is a wrapper around x509.Certificate allowing custom marshaling.
|
|
type Certificate x509.Certificate
|
|
|
|
// Equal returns true if the embedded Raw values are equal.
|
|
func (c Certificate) Equal(other Certificate) bool {
|
|
return bytes.Equal(c.Raw, other.Raw)
|
|
}
|
|
|
|
// MarshalJSON marshals the certificate to PEM.
|
|
func (c Certificate) MarshalJSON() ([]byte, error) {
|
|
if len(c.Raw) == 0 {
|
|
return json.Marshal(new(string))
|
|
}
|
|
pem := pem.EncodeToMemory(&pem.Block{Type: "CERTIFICATE", Bytes: c.Raw})
|
|
return json.Marshal(string(pem))
|
|
}
|
|
|
|
// MarshalYAML marshals the certificate to PEM.
|
|
func (c Certificate) MarshalYAML() (any, error) {
|
|
if len(c.Raw) == 0 {
|
|
return "", nil
|
|
}
|
|
pem := pem.EncodeToMemory(&pem.Block{Type: "CERTIFICATE", Bytes: c.Raw})
|
|
return string(pem), nil
|
|
}
|
|
|
|
// UnmarshalJSON unmarshals the certificate from PEM.
|
|
func (c *Certificate) UnmarshalJSON(data []byte) error {
|
|
if len(data) == 0 {
|
|
return nil
|
|
}
|
|
return c.unmarshal(func(val any) error {
|
|
return json.Unmarshal(data, val)
|
|
})
|
|
}
|
|
|
|
// UnmarshalYAML unmarshals the certificate from PEM.
|
|
func (c *Certificate) UnmarshalYAML(unmarshal func(any) error) error {
|
|
return c.unmarshal(unmarshal)
|
|
}
|
|
|
|
func (c *Certificate) unmarshal(unmarshalFunc func(any) error) error {
|
|
var pemData string
|
|
if err := unmarshalFunc(&pemData); err != nil {
|
|
return err
|
|
}
|
|
if pemData == "" {
|
|
return nil
|
|
}
|
|
block, _ := pem.Decode([]byte(pemData))
|
|
cert, err := x509.ParseCertificate(block.Bytes)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
*c = Certificate(*cert)
|
|
return nil
|
|
}
|
|
|
|
func mustParsePEM(data string) Certificate {
|
|
jsonData := fmt.Sprintf("\"%s\"", data)
|
|
var cert Certificate
|
|
if err := json.Unmarshal([]byte(jsonData), &cert); err != nil {
|
|
panic(err)
|
|
}
|
|
return cert
|
|
}
|
|
|
|
// DummyCfg is a placeholder for unknown attestation configs.
|
|
type DummyCfg struct {
|
|
// description: |
|
|
// The measurements that should be used for attestation.
|
|
Measurements measurements.M `json:"measurements,omitempty"`
|
|
}
|
|
|
|
// GetMeasurements returns the configs measurements.
|
|
func (c DummyCfg) GetMeasurements() measurements.M {
|
|
return c.Measurements
|
|
}
|
|
|
|
// GetVariant returns a dummy variant.
|
|
func (DummyCfg) GetVariant() variant.Variant {
|
|
return variant.Dummy{}
|
|
}
|
|
|
|
// SetMeasurements sets the configs measurements.
|
|
func (c *DummyCfg) SetMeasurements(m measurements.M) {
|
|
c.Measurements = m
|
|
}
|
|
|
|
// EqualTo returns true if measurements of the configs are equal.
|
|
func (c DummyCfg) EqualTo(other AttestationCfg) (bool, error) {
|
|
return c.Measurements.EqualTo(other.GetMeasurements()), nil
|
|
}
|