AS/Verifier: add report_data and init_data_hash field for SGX/TDX

Related to confidential-containers#228. This is the implementation for SGX/TDX/Sample Signed-off-by: Xynnn007 <xynnn@linux.alibaba.com>
Xynnn007 · Dec 1, 2023 · 9a560d8 · 9a560d8
1 parent 64c49a3
commit 9a560d8
Show file tree

Hide file tree

Showing 4 changed files with 16 additions and 2 deletions.
diff --git a/attestation-service/verifier/src/lib.rs b/attestation-service/verifier/src/lib.rs
@@ -125,6 +125,12 @@ pub trait Verifier {
     /// instance is created. It is always provided by untrusted host,
     /// but its integrity will be protected by the tee evidence.
     /// Typical `init_data_hash` is `HOSTDATA` for SNP.
+    ///
+    ///
+    /// There will be two claims by default regardless of architectures:
+    /// - `init_data_hash`: init data hash of the evidence
+    /// - `report_data`: report data of the evidence
+    /// TODO: See https://github.com/confidential-containers/kbs/issues/228
     async fn evaluate(
         &self,
         evidence: &[u8],

diff --git a/attestation-service/verifier/src/sample/mod.rs b/attestation-service/verifier/src/sample/mod.rs
@@ -15,7 +15,7 @@ struct SampleTeeEvidence {
     report_data: String,
 
     #[serde(default = "String::default")]
-    init_data_hash: String,
+    init_data: String,
 }
 
 #[derive(Debug, Default)]
@@ -64,7 +64,7 @@ async fn verify_tee_evidence(
     if let InitDataHash::Value(expected_init_data_hash) = expected_init_data_hash {
         debug!("Check the binding of init_data_digest.");
         let ev_init_data_hash = base64::engine::general_purpose::STANDARD
-            .decode(&evidence.init_data_hash)
+            .decode(&evidence.init_data)
             .context("base64 decode init data hash for sample evidence")?;
         if *expected_init_data_hash != ev_init_data_hash {
             bail!("INIT DATA HASH is different from that in Sample Quote");
@@ -79,6 +79,8 @@ async fn verify_tee_evidence(
 fn parse_tee_evidence(quote: &SampleTeeEvidence) -> Result<TeeEvidenceParsedClaim> {
     let claims_map = json!({
         "svn": quote.svn,
+        "report_data": quote.report_data,
+        "init_data": quote.init_data,
     });
 
     Ok(claims_map as TeeEvidenceParsedClaim)

diff --git a/attestation-service/verifier/src/sgx/claims.rs b/attestation-service/verifier/src/sgx/claims.rs
@@ -104,6 +104,8 @@ pub fn generate_parsed_claims(quote: sgx_quote3_t) -> Result<TeeEvidenceParsedCl
     let mut claims = Map::new();
     parse_claim!(claims, "header", quote_header);
     parse_claim!(claims, "body", quote_body);
+    parse_claim!(claims, "report_data", quote.report_body.report_data);
+    parse_claim!(claims, "init_data", quote.report_body.config_id);
 
     log::info!("\nParsed Evidence claims map: \n{:?}\n", &claims);
 

diff --git a/attestation-service/verifier/src/tdx/claims.rs b/attestation-service/verifier/src/tdx/claims.rs
@@ -123,6 +123,10 @@ pub fn generate_parsed_claim(
     let mut claims = Map::new();
     parse_claim!(claims, "quote", quote_map);
     parse_claim!(claims, "ccel", ccel_map);
+
+    parse_claim!(claims, "report_data", quote.report_body.report_data);
+    parse_claim!(claims, "init_data", quote.report_body.mr_config_id);
+
     log::info!("\nParsed Evidence claims map: \n{:?}\n", &claims);
 
     Ok(Value::Object(claims) as TeeEvidenceParsedClaim)