diff --git a/Cargo.lock b/Cargo.lock index b4d168c38..4029bcd15 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -30,7 +30,7 @@ dependencies = [ "actix-service", "actix-tls", "actix-utils", - "ahash 0.8.8", + "ahash 0.8.10", "base64 0.21.7", "bitflags 2.4.2", "brotli", @@ -66,7 +66,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "e01ed3140b2f8d422c68afa1ed2e85d996ea619c988ac834d255db32138655cb" dependencies = [ "quote", - "syn 2.0.49", + "syn 2.0.51", ] [[package]] @@ -167,7 +167,7 @@ dependencies = [ "actix-tls", "actix-utils", "actix-web-codegen", - "ahash 0.8.8", + "ahash 0.8.10", "bytes", "bytestring", "cfg-if", @@ -201,7 +201,7 @@ dependencies = [ "actix-router", "proc-macro2", "quote", - "syn 2.0.49", + "syn 2.0.51", ] [[package]] @@ -282,9 +282,9 @@ dependencies = [ [[package]] name = "ahash" -version = "0.8.8" +version = "0.8.10" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "42cd52102d3df161c77a887b608d7a4897d7cc112886a9537b738a887a03aaff" +checksum = "8b79b82693f705137f8fb9b37871d99e4f9a7df12b917eed79c3d3954830a60b" dependencies = [ "cfg-if", "getrandom", @@ -343,9 +343,9 @@ dependencies = [ [[package]] name = "anstream" -version = "0.6.11" +version = "0.6.13" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "6e2e1ebcb11de5c03c67de28a7df593d32191b44939c482e97702baaaa6ab6a5" +checksum = "d96bd03f33fe50a863e394ee9718a706f988b9079b20c3784fb726e7678b62fb" dependencies = [ "anstyle", "anstyle-parse", @@ -391,9 +391,9 @@ dependencies = [ [[package]] name = "anyhow" -version = "1.0.79" +version = "1.0.80" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "080e9890a082662b09c1ad45f567faeeb47f22b5fb23895fbe1e651e718e25ca" +checksum = "5ad32ce52e4161730f7098c077cd2ed6229b5804ccf99e5366be1ab72a98b4e1" [[package]] name = "api-server" @@ -407,7 +407,7 @@ dependencies = [ "attestation-service", "base64 0.21.7", "cfg-if", - "clap 4.5.0", + "clap 4.5.1", "config", "env_logger 0.10.2", "jsonwebtoken", @@ -425,7 +425,7 @@ dependencies = [ "rustls 0.20.9", "rustls-pemfile", "scc", - "semver 1.0.21", + "semver 1.0.22", "serde", "serde_json", "strum", @@ -507,7 +507,7 @@ checksum = "16e62a023e7c117e27523144c5d2459f4397fcc3cab0085af8e2224f643a0193" dependencies = [ "proc-macro2", "quote", - "syn 2.0.49", + "syn 2.0.51", ] [[package]] @@ -518,7 +518,7 @@ checksum = "c980ee35e870bd1a4d2c8294d4c04d0499e67bca1e4b5cefcc693c2fa00caea9" dependencies = [ "proc-macro2", "quote", - "syn 2.0.49", + "syn 2.0.51", ] [[package]] @@ -531,7 +531,7 @@ dependencies = [ "async-trait", "base64 0.21.7", "cfg-if", - "clap 4.5.0", + "clap 4.5.1", "env_logger 0.10.2", "futures", "hex", @@ -564,7 +564,7 @@ dependencies = [ [[package]] name = "attester" version = "0.1.0" -source = "git+https://github.com/confidential-containers/guest-components.git?rev=8b0dbeb#8b0dbebf714b69c162c0c34b3b53d72e2da665b8" +source = "git+https://github.com/confidential-containers/guest-components.git?rev=21b2c536b4d6c5c1442b53916c908b54dde136e8#21b2c536b4d6c5c1442b53916c908b54dde136e8" dependencies = [ "anyhow", "async-trait", @@ -579,11 +579,14 @@ dependencies = [ "log", "nix", "occlum_dcap", + "scroll 0.12.0", "serde", "serde_json", "sev", "strum", "tdx-attest-rs", + "tempfile", + "thiserror", "tokio", ] @@ -651,9 +654,9 @@ dependencies = [ [[package]] name = "az-cvm-vtpm" -version = "0.5.1" +version = "0.5.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "a10f6fa739b35830481a36f199a57cdcb4dbea2dbc416070a1a9618dd4d4df2a" +checksum = "53f5fa6fe32f6409dca8202ddd267027ac1f1de4cd91b9e21d92062c14d63cae" dependencies = [ "bincode", "jsonwebkey", @@ -672,13 +675,13 @@ dependencies = [ [[package]] name = "az-snp-vtpm" -version = "0.5.1" +version = "0.5.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "45e9b802881e606ed0a259218dfb657e2a9130f37bf4161ff8db5c4ed10488c5" +checksum = "5b394dfe2307a0ee74bf22a7ebbb2563a03739927ad44e216803300260426b5d" dependencies = [ "az-cvm-vtpm", "bincode", - "clap 4.5.0", + "clap 4.5.1", "openssl", "serde", "sev", @@ -688,9 +691,9 @@ dependencies = [ [[package]] name = "az-tdx-vtpm" -version = "0.5.1" +version = "0.5.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d5e9475a3a25803c9ada11c2481356dd1e4c4fafe56a97ee6566a61c1d7d5832" +checksum = "199c3d801575d0e6779aa66876ef88703324892f2fc0b1daf56c2ee09a51ec98" dependencies = [ "az-cvm-vtpm", "base64-url", @@ -876,9 +879,9 @@ dependencies = [ [[package]] name = "bumpalo" -version = "3.15.0" +version = "3.15.3" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d32a994c2b3ca201d9b263612a374263f05e7adde37c4707f693dcd375076d1f" +checksum = "8ea184aa71bb362a1157c896979544cc23974e08fd265f29ea96b59f0b4a555b" [[package]] name = "byteorder" @@ -922,11 +925,10 @@ dependencies = [ [[package]] name = "cc" -version = "1.0.83" +version = "1.0.88" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f1174fb0b6ec23863f8b971027804a42614e347eafb0a95bf0b12cdae21fc4d0" +checksum = "02f341c093d19155a6e41631ce5971aac4e9a868262212153124c15fa22d1cdc" dependencies = [ - "jobserver", "libc", ] @@ -957,7 +959,7 @@ dependencies = [ "num-traits", "serde", "wasm-bindgen", - "windows-targets 0.52.0", + "windows-targets 0.52.3", ] [[package]] @@ -1035,14 +1037,14 @@ dependencies = [ "indexmap 1.9.3", "strsim 0.10.0", "termcolor", - "textwrap 0.16.0", + "textwrap 0.16.1", ] [[package]] name = "clap" -version = "4.5.0" +version = "4.5.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "80c21025abd42669a92efc996ef13cfb2c5c627858421ea58d5c3b331a6c134f" +checksum = "c918d541ef2913577a0f9566e9ce27cb35b6df072075769e0b26cb5a554520da" dependencies = [ "clap_builder", "clap_derive", @@ -1050,9 +1052,9 @@ dependencies = [ [[package]] name = "clap_builder" -version = "4.5.0" +version = "4.5.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "458bf1f341769dfcf849846f65dffdf9146daa56bcd2a47cb4e1de9915567c99" +checksum = "9f3e7391dad68afb0c2ede1bf619f579a3dc9c2ec67f089baa397123a2f3d1eb" dependencies = [ "anstream", "anstyle", @@ -1069,7 +1071,7 @@ dependencies = [ "heck", "proc-macro2", "quote", - "syn 2.0.49", + "syn 2.0.51", ] [[package]] @@ -1275,7 +1277,7 @@ checksum = "7a81dae078cea95a014a339291cec439d2f232ebe854a9d672b796c6afafa9b7" [[package]] name = "crypto" version = "0.1.0" -source = "git+https://github.com/confidential-containers/guest-components.git?rev=8b0dbeb#8b0dbebf714b69c162c0c34b3b53d72e2da665b8" +source = "git+https://github.com/confidential-containers/guest-components.git?rev=21b2c536b4d6c5c1442b53916c908b54dde136e8#21b2c536b4d6c5c1442b53916c908b54dde136e8" dependencies = [ "aes-gcm", "anyhow", @@ -1504,7 +1506,7 @@ checksum = "487585f4d0c6655fe74905e2504d8ad6908e4db67f744eb140876906c2f3175d" dependencies = [ "proc-macro2", "quote", - "syn 2.0.49", + "syn 2.0.51", ] [[package]] @@ -1607,7 +1609,7 @@ checksum = "5c785274071b1b420972453b306eeca06acf4633829db4223b58a2a8c5953bc4" dependencies = [ "proc-macro2", "quote", - "syn 2.0.49", + "syn 2.0.51", ] [[package]] @@ -1808,7 +1810,7 @@ checksum = "87750cf4b7a4c0625b1529e4c543c2182106e4dedc60a2a6455e00d212c489ac" dependencies = [ "proc-macro2", "quote", - "syn 2.0.49", + "syn 2.0.51", ] [[package]] @@ -1825,9 +1827,9 @@ checksum = "38d84fa142264698cdce1a9f9172cf383a0c82de1bddcf3092901442c4097004" [[package]] name = "futures-timer" -version = "3.0.2" +version = "3.0.3" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "e64b03909df88034c26dc1547e8970b91f98bdb65165d6a4e9110d94263dbb2c" +checksum = "f288b0a4f20f9a56b5d1da57e2227c661b7b16168e2f72365f57b63326e29b24" [[package]] name = "futures-util" @@ -1947,9 +1949,9 @@ dependencies = [ [[package]] name = "half" -version = "2.3.1" +version = "2.4.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "bc52e53916c08643f1b56ec082790d1e86a32e58dc5268f897f313fbae7b4872" +checksum = "b5eceaaeec696539ddaf7b333340f1af35a5aa87ae3e4f3ead0532f72affab2e" dependencies = [ "cfg-if", "crunchy", @@ -1987,9 +1989,9 @@ dependencies = [ [[package]] name = "hermit-abi" -version = "0.3.6" +version = "0.3.8" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "bd5256b483761cd23699d0da46cc6fd2ee3be420bbe6d020ae4a091e70b7e9fd" +checksum = "379dada1584ad501b383485dd706b8afb7a70fcbc7f4da7d780638a5a6124a60" [[package]] name = "hex" @@ -2269,7 +2271,7 @@ version = "0.4.12" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "f23ff5ef2b80d608d61efee834934d862cd92461afc0560dedf493e4c033738b" dependencies = [ - "hermit-abi 0.3.6", + "hermit-abi 0.3.8", "libc", "windows-sys 0.52.0", ] @@ -2295,15 +2297,6 @@ version = "1.0.10" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "b1a46d1a171d865aa5f83f92695765caa047a9b4cbae2cbf37dbd613a793fd4c" -[[package]] -name = "jobserver" -version = "0.1.28" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "ab46a6e9526ddef3ae7f787c06f0f2600639ba80ea3eade3d8e670a2230f51d6" -dependencies = [ - "libc", -] - [[package]] name = "js-sys" version = "0.3.68" @@ -2350,7 +2343,7 @@ dependencies = [ "base64 0.21.7", "js-sys", "pem", - "ring 0.17.7", + "ring 0.17.8", "serde", "serde_json", "simple_asn1", @@ -2403,7 +2396,7 @@ dependencies = [ "anyhow", "api-server", "cfg-if", - "clap 4.5.0", + "clap 4.5.1", "env_logger 0.10.2", "log", "tokio", @@ -2415,7 +2408,7 @@ version = "0.1.0" dependencies = [ "anyhow", "base64 0.21.7", - "clap 4.5.0", + "clap 4.5.1", "env_logger 0.10.2", "jwt-simple", "kbs_protocol", @@ -2439,7 +2432,7 @@ dependencies = [ [[package]] name = "kbs_protocol" version = "0.1.0" -source = "git+https://github.com/confidential-containers/guest-components.git?rev=8b0dbeb#8b0dbebf714b69c162c0c34b3b53d72e2da665b8" +source = "git+https://github.com/confidential-containers/guest-components.git?rev=21b2c536b4d6c5c1442b53916c908b54dde136e8#21b2c536b4d6c5c1442b53916c908b54dde136e8" dependencies = [ "anyhow", "async-trait", @@ -2817,7 +2810,7 @@ checksum = "ed3955f1a9c7c0c15e092f9c887db08b1fc683305fdf6eb6684f22555355e202" dependencies = [ "proc-macro2", "quote", - "syn 2.0.49", + "syn 2.0.51", ] [[package]] @@ -2856,7 +2849,7 @@ version = "1.16.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "4161fcb6d602d4d2081af7c3a45852d875a03dd337a6bfdd6e06407b61342a43" dependencies = [ - "hermit-abi 0.3.6", + "hermit-abi 0.3.8", "libc", ] @@ -2920,9 +2913,9 @@ checksum = "624a8340c38c1b80fd549087862da4ba43e08858af025b236e509b6649fc13d5" [[package]] name = "openssl" -version = "0.10.63" +version = "0.10.64" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "15c9d69dd87a29568d4d017cfe8ec518706046a05184e5aea92d0af890b803c8" +checksum = "95a0481286a310808298130d22dd1fef0fa571e05a8f44ec801801e84b216b1f" dependencies = [ "bitflags 2.4.2", "cfg-if", @@ -2941,7 +2934,7 @@ checksum = "a948666b637a0f465e8564c73e89d4dde00d72d4d473cc972f390fc3dcee7d9c" dependencies = [ "proc-macro2", "quote", - "syn 2.0.49", + "syn 2.0.51", ] [[package]] @@ -2961,9 +2954,9 @@ dependencies = [ [[package]] name = "openssl-sys" -version = "0.9.99" +version = "0.9.101" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "22e1bf214306098e4832460f797824c05d25aacdf896f64a985fb0fd992454ae" +checksum = "dda2b0f344e78efc2facf7d195d098df0dd72151b26ab98da807afc26c198dff" dependencies = [ "cc", "libc", @@ -3171,7 +3164,7 @@ dependencies = [ "pest_meta", "proc-macro2", "quote", - "syn 2.0.49", + "syn 2.0.51", ] [[package]] @@ -3226,7 +3219,7 @@ dependencies = [ "phf_shared", "proc-macro2", "quote", - "syn 2.0.49", + "syn 2.0.51", ] [[package]] @@ -3290,7 +3283,7 @@ checksum = "266c042b60c9c76b8d53061e52b2e0d1116abc57cefc8c5cd671619a56ac3690" dependencies = [ "proc-macro2", "quote", - "syn 2.0.49", + "syn 2.0.51", ] [[package]] @@ -3595,7 +3588,7 @@ dependencies = [ "base64 0.21.7", "cfg-if", "chrono", - "clap 4.5.0", + "clap 4.5.1", "config", "env_logger 0.10.2", "log", @@ -3700,7 +3693,7 @@ dependencies = [ [[package]] name = "resource_uri" version = "0.1.0" -source = "git+https://github.com/confidential-containers/guest-components.git?rev=8b0dbeb#8b0dbebf714b69c162c0c34b3b53d72e2da665b8" +source = "git+https://github.com/confidential-containers/guest-components.git?rev=21b2c536b4d6c5c1442b53916c908b54dde136e8#21b2c536b4d6c5c1442b53916c908b54dde136e8" dependencies = [ "anyhow", "serde", @@ -3735,16 +3728,17 @@ dependencies = [ [[package]] name = "ring" -version = "0.17.7" +version = "0.17.8" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "688c63d65483050968b2a8937f7995f443e27041a0f7700aa59b0822aedebb74" +checksum = "c17fa4cb658e3583423e915b9f3acc01cceaee1860e33d59ebae66adc3a2dc0d" dependencies = [ "cc", + "cfg-if", "getrandom", "libc", "spin 0.9.8", "untrusted 0.9.0", - "windows-sys 0.48.0", + "windows-sys 0.52.0", ] [[package]] @@ -3825,7 +3819,7 @@ dependencies = [ "regex", "relative-path", "rustc_version 0.4.0", - "syn 2.0.49", + "syn 2.0.51", "unicode-ident", ] @@ -3866,7 +3860,7 @@ version = "0.4.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "bfa0f585226d2e68097d4f95d113b15b83a82e819ab25717ec0590d9584ef366" dependencies = [ - "semver 1.0.21", + "semver 1.0.22", ] [[package]] @@ -3910,7 +3904,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "f9d5a6813c0759e4609cd494e8e725babae6a2ca7b62a5536a13daaec6fcb7ba" dependencies = [ "log", - "ring 0.17.7", + "ring 0.17.8", "rustls-webpki 0.101.7", "sct", ] @@ -3922,7 +3916,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "e87c9956bd9807afa1f77e0f7594af32566e830e088a5576d27c5b6f30f49d41" dependencies = [ "log", - "ring 0.17.7", + "ring 0.17.8", "rustls-pki-types", "rustls-webpki 0.102.2", "subtle", @@ -3940,9 +3934,9 @@ dependencies = [ [[package]] name = "rustls-pki-types" -version = "1.3.0" +version = "1.3.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "048a63e5b3ac996d78d402940b5fa47973d2d080c6c6fffa1d0f19c4445310b7" +checksum = "5ede67b28608b4c60685c7d54122d4400d90f62b40caee7700e700380a390fa8" [[package]] name = "rustls-webpki" @@ -3950,7 +3944,7 @@ version = "0.101.7" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "8b6275d1ee7a1cd780b64aca7726599a1dbc893b1e64144529e55c3c2f745765" dependencies = [ - "ring 0.17.7", + "ring 0.17.8", "untrusted 0.9.0", ] @@ -3960,7 +3954,7 @@ version = "0.102.2" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "faaa0a62740bedb9b2ef5afa303da42764c012f743917351dc9a237ea1663610" dependencies = [ - "ring 0.17.7", + "ring 0.17.8", "rustls-pki-types", "untrusted 0.9.0", ] @@ -3973,9 +3967,9 @@ checksum = "7ffc183a10b4478d04cbbbfc96d0873219d962dd5accaff2ffbd4ceb7df837f4" [[package]] name = "ryu" -version = "1.0.16" +version = "1.0.17" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f98d2aa92eebf49b69786be48e4477826b256916e84a57ff2a4f21923b48eb4c" +checksum = "e86697c916019a8588c99b5fac3cead74ec0b4b819707a682fd4d23fa0ce1ba1" [[package]] name = "salsa20" @@ -4022,7 +4016,16 @@ version = "0.11.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "04c565b551bafbef4157586fa379538366e4385d42082f255bfd96e4fe8519da" dependencies = [ - "scroll_derive", + "scroll_derive 0.11.1", +] + +[[package]] +name = "scroll" +version = "0.12.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "6ab8598aa408498679922eff7fa985c25d58a90771bd6be794434c5277eab1a6" +dependencies = [ + "scroll_derive 0.12.0", ] [[package]] @@ -4033,7 +4036,18 @@ checksum = "1db149f81d46d2deba7cd3c50772474707729550221e69588478ebf9ada425ae" dependencies = [ "proc-macro2", "quote", - "syn 2.0.49", + "syn 2.0.51", +] + +[[package]] +name = "scroll_derive" +version = "0.12.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "7f81c2fde025af7e69b1d1420531c8a8811ca898919db177141a85313b1cb932" +dependencies = [ + "proc-macro2", + "quote", + "syn 2.0.51", ] [[package]] @@ -4053,7 +4067,7 @@ version = "0.7.1" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "da046153aa2352493d6cb7da4b6e5c0c057d8a1d0a9aa8560baffdd945acd414" dependencies = [ - "ring 0.17.7", + "ring 0.17.8", "untrusted 0.9.0", ] @@ -4105,9 +4119,9 @@ dependencies = [ [[package]] name = "semver" -version = "1.0.21" +version = "1.0.22" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "b97ed7a9823b74f99c7742f5336af7be5ecd3eeafcb1507d1fa93347b1d589b0" +checksum = "92d43fe69e652f3df9bdc2b85b2854a0825b86e4fb76bc44d945137d053639ca" [[package]] name = "semver-parser" @@ -4120,9 +4134,9 @@ dependencies = [ [[package]] name = "serde" -version = "1.0.196" +version = "1.0.197" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "870026e60fa08c69f064aa766c10f10b1d62db9ccd4d0abb206472bee0ce3b32" +checksum = "3fb1c873e1b9b056a4dc4c0c198b24c3ffa059243875552b2bd0933b1aee4ce2" dependencies = [ "serde_derive", ] @@ -4147,20 +4161,20 @@ dependencies = [ [[package]] name = "serde_derive" -version = "1.0.196" +version = "1.0.197" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "33c85360c95e7d137454dc81d9a4ed2b8efd8fbe19cee57357b32b9771fccb67" +checksum = "7eb0b34b42edc17f6b7cac84a52a1c5f0e1bb2227e997ca9011ea3dd34e8610b" dependencies = [ "proc-macro2", "quote", - "syn 2.0.49", + "syn 2.0.51", ] [[package]] name = "serde_json" -version = "1.0.113" +version = "1.0.114" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "69801b70b1c3dac963ecb03a364ba0ceda9cf60c71cfe475e99864759c8b8a79" +checksum = "c5f09b1bd632ef549eaa9f60a1f8de742bdbc698e6cee2095fc84dde5f549ae0" dependencies = [ "itoa", "ryu", @@ -4411,12 +4425,12 @@ checksum = "e6ecd384b10a64542d77071bd64bd7b231f4ed5940fba55e98c3de13824cf3d7" [[package]] name = "socket2" -version = "0.5.5" +version = "0.5.6" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "7b5fac59a5cb5dd637972e5fca70daf0523c9067fcdc4842f053dae04a18f8e9" +checksum = "05ffd9c0a93b7543e062e759284fcf5f5e3b098501104bfbdde4d404db792871" dependencies = [ "libc", - "windows-sys 0.48.0", + "windows-sys 0.52.0", ] [[package]] @@ -4513,7 +4527,7 @@ dependencies = [ "proc-macro2", "quote", "rustversion", - "syn 2.0.49", + "syn 2.0.51", ] [[package]] @@ -4535,9 +4549,9 @@ dependencies = [ [[package]] name = "syn" -version = "2.0.49" +version = "2.0.51" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "915aea9e586f80826ee59f8453c1101f9d1c4b3964cd2460185ee8e299ada496" +checksum = "6ab617d94515e94ae53b8406c628598680aa0c9587474ecbe58188f7b345d66c" dependencies = [ "proc-macro2", "quote", @@ -4585,14 +4599,14 @@ dependencies = [ [[package]] name = "target-lexicon" -version = "0.12.13" +version = "0.12.14" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "69758bda2e78f098e4ccb393021a0963bb3442eac05f135c30f61b7370bbafae" +checksum = "e1fc403891a21bcfb7c37834ba66a547a8f402146eba7265b5a6d88059c9ff2f" [[package]] name = "tdx-attest-rs" version = "0.1.2" -source = "git+https://github.com/intel/SGXDataCenterAttestationPrimitives?tag=DCAP_1.16#71557c7d1d869b6bd6f95566c051cbd098549509" +source = "git+https://github.com/intel/SGXDataCenterAttestationPrimitives?tag=DCAP_1.20#621a0850fccf531a8d8131f9293a760925f55730" dependencies = [ "tdx-attest-sys", ] @@ -4600,16 +4614,16 @@ dependencies = [ [[package]] name = "tdx-attest-sys" version = "0.1.0" -source = "git+https://github.com/intel/SGXDataCenterAttestationPrimitives?tag=DCAP_1.16#71557c7d1d869b6bd6f95566c051cbd098549509" +source = "git+https://github.com/intel/SGXDataCenterAttestationPrimitives?tag=DCAP_1.20#621a0850fccf531a8d8131f9293a760925f55730" dependencies = [ "bindgen 0.59.2", ] [[package]] name = "tempfile" -version = "3.10.0" +version = "3.10.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "a365e8cd18e44762ef95d87f284f4b5cd04107fec2ff3052bd6a3e6069669e67" +checksum = "85b77fafb263dd9d05cbeac119526425676db3784113aa9295c88498cbf8bff1" dependencies = [ "cfg-if", "fastrand", @@ -4646,9 +4660,9 @@ dependencies = [ [[package]] name = "textwrap" -version = "0.16.0" +version = "0.16.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "222a222a5bfe1bba4a77b45ec488a741b3cb8872e5e499451fd7d0129c9c7c3d" +checksum = "23d434d3f8967a09480fb04132ebe0a3e088c173e6d0ee7897abbdf4eab0f8b9" [[package]] name = "thiserror" @@ -4667,14 +4681,14 @@ checksum = "a953cb265bef375dae3de6663da4d3804eee9682ea80d8e2542529b73c531c81" dependencies = [ "proc-macro2", "quote", - "syn 2.0.49", + "syn 2.0.51", ] [[package]] name = "thread_local" -version = "1.1.7" +version = "1.1.8" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "3fdd6f064ccff2d6567adcb3873ca630700f00b5ad3f060c25b5dcfd9a4ce152" +checksum = "8b9ef9bad013ada3808854ceac7b46812a6465ba368859a37e2100283d2d719c" dependencies = [ "cfg-if", "once_cell", @@ -4765,7 +4779,7 @@ checksum = "5b8a1e28f2deaa14e508979454cb3a223b10b938b45af148bc0986de36f1923b" dependencies = [ "proc-macro2", "quote", - "syn 2.0.49", + "syn 2.0.51", ] [[package]] @@ -4970,7 +4984,7 @@ checksum = "34704c8d6ebcbc939824180af020566b01a7c01f80641264eba0999f6c2b6be7" dependencies = [ "proc-macro2", "quote", - "syn 2.0.49", + "syn 2.0.51", ] [[package]] @@ -5122,9 +5136,9 @@ checksum = "3354b9ac3fae1ff6755cb6db53683adb661634f67557942dea4facebec0fee4b" [[package]] name = "unicode-normalization" -version = "0.1.22" +version = "0.1.23" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "5c5713f0fc4b5db668a2ac63cdb7bb4469d8c9fed047b1d0292cc7b0ce2ba921" +checksum = "a56d1686db2308d901306f92a263857ef59ea39678a5458e7cb17f01415101f5" dependencies = [ "tinyvec", ] @@ -5266,7 +5280,7 @@ dependencies = [ "log", "openssl", "rstest", - "scroll", + "scroll 0.11.0", "serde", "serde_json", "serial_test", @@ -5351,7 +5365,7 @@ dependencies = [ "once_cell", "proc-macro2", "quote", - "syn 2.0.49", + "syn 2.0.51", "wasm-bindgen-shared", ] @@ -5385,7 +5399,7 @@ checksum = "642f325be6301eb8107a83d12a8ac6c1e1c54345a7ef1a9261962dfefda09e66" dependencies = [ "proc-macro2", "quote", - "syn 2.0.49", + "syn 2.0.51", "wasm-bindgen-backend", "wasm-bindgen-shared", ] @@ -5412,7 +5426,7 @@ version = "0.22.4" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "ed63aea5ce73d0ff405984102c42de94fc55a6b75765d621c65262469b3c9b53" dependencies = [ - "ring 0.17.7", + "ring 0.17.8", "untrusted 0.9.0", ] @@ -5489,7 +5503,7 @@ version = "0.52.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "33ab640c8d7e35bf8ba19b884ba838ceb4fba93a4e8c65a9059d08afcfc683d9" dependencies = [ - "windows-targets 0.52.0", + "windows-targets 0.52.3", ] [[package]] @@ -5507,7 +5521,7 @@ version = "0.52.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "282be5f36a8ce781fad8c8ae18fa3f9beff57ec1b52cb3de0789201425d9a33d" dependencies = [ - "windows-targets 0.52.0", + "windows-targets 0.52.3", ] [[package]] @@ -5527,17 +5541,17 @@ dependencies = [ [[package]] name = "windows-targets" -version = "0.52.0" +version = "0.52.3" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "8a18201040b24831fbb9e4eb208f8892e1f50a37feb53cc7ff887feb8f50e7cd" +checksum = "d380ba1dc7187569a8a9e91ed34b8ccfc33123bbacb8c0aed2d1ad7f3ef2dc5f" dependencies = [ - "windows_aarch64_gnullvm 0.52.0", - "windows_aarch64_msvc 0.52.0", - "windows_i686_gnu 0.52.0", - "windows_i686_msvc 0.52.0", - "windows_x86_64_gnu 0.52.0", - "windows_x86_64_gnullvm 0.52.0", - "windows_x86_64_msvc 0.52.0", + "windows_aarch64_gnullvm 0.52.3", + "windows_aarch64_msvc 0.52.3", + "windows_i686_gnu 0.52.3", + "windows_i686_msvc 0.52.3", + "windows_x86_64_gnu 0.52.3", + "windows_x86_64_gnullvm 0.52.3", + "windows_x86_64_msvc 0.52.3", ] [[package]] @@ -5548,9 +5562,9 @@ checksum = "2b38e32f0abccf9987a4e3079dfb67dcd799fb61361e53e2882c3cbaf0d905d8" [[package]] name = "windows_aarch64_gnullvm" -version = "0.52.0" +version = "0.52.3" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "cb7764e35d4db8a7921e09562a0304bf2f93e0a51bfccee0bd0bb0b666b015ea" +checksum = "68e5dcfb9413f53afd9c8f86e56a7b4d86d9a2fa26090ea2dc9e40fba56c6ec6" [[package]] name = "windows_aarch64_msvc" @@ -5560,9 +5574,9 @@ checksum = "dc35310971f3b2dbbf3f0690a219f40e2d9afcf64f9ab7cc1be722937c26b4bc" [[package]] name = "windows_aarch64_msvc" -version = "0.52.0" +version = "0.52.3" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "bbaa0368d4f1d2aaefc55b6fcfee13f41544ddf36801e793edbbfd7d7df075ef" +checksum = "8dab469ebbc45798319e69eebf92308e541ce46760b49b18c6b3fe5e8965b30f" [[package]] name = "windows_i686_gnu" @@ -5572,9 +5586,9 @@ checksum = "a75915e7def60c94dcef72200b9a8e58e5091744960da64ec734a6c6e9b3743e" [[package]] name = "windows_i686_gnu" -version = "0.52.0" +version = "0.52.3" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "a28637cb1fa3560a16915793afb20081aba2c92ee8af57b4d5f28e4b3e7df313" +checksum = "2a4e9b6a7cac734a8b4138a4e1044eac3404d8326b6c0f939276560687a033fb" [[package]] name = "windows_i686_msvc" @@ -5584,9 +5598,9 @@ checksum = "8f55c233f70c4b27f66c523580f78f1004e8b5a8b659e05a4eb49d4166cca406" [[package]] name = "windows_i686_msvc" -version = "0.52.0" +version = "0.52.3" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "ffe5e8e31046ce6230cc7215707b816e339ff4d4d67c65dffa206fd0f7aa7b9a" +checksum = "28b0ec9c422ca95ff34a78755cfa6ad4a51371da2a5ace67500cf7ca5f232c58" [[package]] name = "windows_x86_64_gnu" @@ -5596,9 +5610,9 @@ checksum = "53d40abd2583d23e4718fddf1ebec84dbff8381c07cae67ff7768bbf19c6718e" [[package]] name = "windows_x86_64_gnu" -version = "0.52.0" +version = "0.52.3" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "3d6fa32db2bc4a2f5abeacf2b69f7992cd09dca97498da74a151a3132c26befd" +checksum = "704131571ba93e89d7cd43482277d6632589b18ecf4468f591fbae0a8b101614" [[package]] name = "windows_x86_64_gnullvm" @@ -5608,9 +5622,9 @@ checksum = "0b7b52767868a23d5bab768e390dc5f5c55825b6d30b86c844ff2dc7414044cc" [[package]] name = "windows_x86_64_gnullvm" -version = "0.52.0" +version = "0.52.3" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "1a657e1e9d3f514745a572a6846d3c7aa7dbe1658c056ed9c3344c4109a6949e" +checksum = "42079295511643151e98d61c38c0acc444e52dd42ab456f7ccfd5152e8ecf21c" [[package]] name = "windows_x86_64_msvc" @@ -5620,9 +5634,9 @@ checksum = "ed94fce61571a4006852b7389a063ab983c02eb1bb37b47f8272ce92d06d9538" [[package]] name = "windows_x86_64_msvc" -version = "0.52.0" +version = "0.52.3" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "dff9641d1cd4be8d1a070daf9e3773c5f67e78b4d9d42263020c057706765c04" +checksum = "0770833d60a970638e989b3fa9fd2bb1aaadcf88963d1659fd7d9990196ed2d6" [[package]] name = "winreg" @@ -5688,7 +5702,7 @@ checksum = "9ce1b18ccd8e73a9321186f97e46f9f04b778851177567b1975109d26a08d2a6" dependencies = [ "proc-macro2", "quote", - "syn 2.0.49", + "syn 2.0.51", ] [[package]] @@ -5708,7 +5722,7 @@ checksum = "ce36e65b0d2999d2aafac989fb249189a141aee1f53c612c1f37d72631959f69" dependencies = [ "proc-macro2", "quote", - "syn 2.0.49", + "syn 2.0.51", ] [[package]] diff --git a/attestation-service/docs/parsed_claims.md b/attestation-service/docs/parsed_claims.md index cf79cb7a9..b783fcfdb 100644 --- a/attestation-service/docs/parsed_claims.md +++ b/attestation-service/docs/parsed_claims.md @@ -72,3 +72,19 @@ The following fields always exist. - `sgx.body.reserved4`: Reserved. - `sgx.body.isv_family_id`: ISV assigned Family ID. - `sgx.body.report_data`: Data provided by the user. + +## Azure TDX Confidential VM (az-tdx-vtpm) + +The claim inherit the fields from the TDX claim with and additional `tpm` hierarchy in which the TEE's PCR values are stored: + +- `tpm.pcr{01,..,n}`: SHA256 PCR registers for the TEE's vTPM quote. + +Note: The TD Report and TD Quote are fetched during early boot in this TEE. Kernel, Initrd and rootfs are measured into the vTPM's registers. + +## Azure SEV-SNP Confidential VM (az-snp-vtpm) + +The claim inherit the fields from the SEV-SNP claim with and additional `tpm` hierarchy in which the TEE's PCR values are stored: + +- `tpm.pcr{01,..,n}`: SHA256 PCR registers for the TEE's vTPM quote. + +Note: The TD Report and TD Quote are fetched during early boot in this TEE. Kernel, Initrd and rootfs are measured into the vTPM's registers. diff --git a/attestation-service/verifier/Cargo.toml b/attestation-service/verifier/Cargo.toml index 3a3a8a882..17480f34e 100644 --- a/attestation-service/verifier/Cargo.toml +++ b/attestation-service/verifier/Cargo.toml @@ -18,8 +18,8 @@ cca-verifier = [ "ear", "jsonwebtoken", "veraison-apiclient" ] anyhow.workspace = true asn1-rs = { version = "0.5.1", optional = true } async-trait.workspace = true -az-snp-vtpm = { version = "0.5.1", default-features = false, features = ["verifier"], optional = true } -az-tdx-vtpm = { version = "0.5.1", default-features = false, features = ["verifier"], optional = true } +az-snp-vtpm = { version = "0.5.2", default-features = false, features = ["verifier"], optional = true } +az-tdx-vtpm = { version = "0.5.2", default-features = false, features = ["verifier"], optional = true } base64 = "0.21" bincode = "1.3.3" byteorder = "1" diff --git a/attestation-service/verifier/src/az_snp_vtpm/mod.rs b/attestation-service/verifier/src/az_snp_vtpm/mod.rs index 0dfdc6f8c..82b4243e9 100644 --- a/attestation-service/verifier/src/az_snp_vtpm/mod.rs +++ b/attestation-service/verifier/src/az_snp_vtpm/mod.rs @@ -18,6 +18,7 @@ use az_snp_vtpm::vtpm::Quote; use log::{debug, warn}; use openssl::pkey::PKey; use serde::{Deserialize, Serialize}; +use serde_json::Value; use sev::firmware::host::{CertTableEntry, CertType}; const HCL_VMPL_VALUE: u32 = 0; @@ -43,6 +44,24 @@ impl AzSnpVtpm { } } +pub(crate) fn extend_claim_with_tpm_quote( + claim: &mut TeeEvidenceParsedClaim, + quote: &Quote, +) -> Result<()> { + let Value::Object(ref mut map) = claim else { + bail!("failed to extend the claim, not an object"); + }; + + let mut tpm_values = serde_json::Map::new(); + for (i, pcr) in quote.pcrs_sha256().enumerate() { + tpm_values.insert(format!("pcr{:02}", i), Value::String(hex::encode(pcr))); + } + debug!("extending claim with TPM quote: {:#?}", tpm_values); + map.insert("tpm".to_string(), Value::Object(tpm_values)); + + Ok(()) +} + #[async_trait] impl Verifier for AzSnpVtpm { /// The following verification steps are performed: @@ -83,7 +102,9 @@ impl Verifier for AzSnpVtpm { let vcek = Vcek::from_pem(&evidence.vcek)?; verify_snp_report(&snp_report, &vcek, &self.vendor_certs)?; - let claim = parse_tee_evidence(&snp_report); + let mut claim = parse_tee_evidence(&snp_report); + extend_claim_with_tpm_quote(&mut claim, &evidence.quote)?; + Ok(claim) } } @@ -145,9 +166,10 @@ fn verify_snp_report( mod tests { use super::*; use az_snp_vtpm::vtpm::VerifyError; + use serde_json::json; const REPORT: &[u8; 2600] = include_bytes!("../../test_data/az-snp-vtpm/hcl-report.bin"); - const QUOTE: &[u8; 1362] = include_bytes!("../../test_data/az-snp-vtpm/quote.bin"); + const QUOTE: &[u8; 1170] = include_bytes!("../../test_data/az-snp-vtpm/quote.bin"); const REPORT_DATA: &[u8] = "challenge".as_bytes(); #[test] @@ -273,4 +295,22 @@ mod tests { VerifyError::PcrMismatch.to_string() ); } + + #[test] + fn test_extend_claim_with_tpm_quote() { + let mut claim = json!({"some": "thing"}); + let quote: Quote = bincode::deserialize(QUOTE).unwrap(); + extend_claim_with_tpm_quote(&mut claim, "e).unwrap(); + + let map = claim.as_object().unwrap(); + assert_eq!(map.len(), 2); + let tpm_map = map.get("tpm").unwrap().as_object().unwrap(); + assert_eq!(tpm_map.len(), 24); + + for (i, pcr) in quote.pcrs_sha256().enumerate() { + let key = format!("pcr{:02}", i); + let value = tpm_map.get(&key).unwrap().as_str().unwrap(); + assert_eq!(value, hex::encode(pcr)); + } + } } diff --git a/attestation-service/verifier/src/az_tdx_vtpm/mod.rs b/attestation-service/verifier/src/az_tdx_vtpm/mod.rs index 274bca9f0..3e41add46 100644 --- a/attestation-service/verifier/src/az_tdx_vtpm/mod.rs +++ b/attestation-service/verifier/src/az_tdx_vtpm/mod.rs @@ -3,6 +3,7 @@ // SPDX-License-Identifier: Apache-2.0 // +use super::az_snp_vtpm::extend_claim_with_tpm_quote; use super::tdx::claims::generate_parsed_claim; use super::tdx::quote::{ecdsa_quote_verification, parse_tdx_quote, Quote as TdQuote}; use super::{TeeEvidenceParsedClaim, Verifier}; @@ -62,7 +63,9 @@ impl Verifier for AzTdxVtpm { verify_hcl_var_data(&hcl_report, &td_quote)?; - let claim = generate_parsed_claim(td_quote, None)?; + let mut claim = generate_parsed_claim(td_quote, None)?; + extend_claim_with_tpm_quote(&mut claim, &evidence.tpm_quote)?; + Ok(claim) } } @@ -111,7 +114,7 @@ mod tests { use az_tdx_vtpm::vtpm::VerifyError; const REPORT: &[u8; 2600] = include_bytes!("../../test_data/az-tdx-vtpm/hcl-report.bin"); - const QUOTE: &[u8; 1362] = include_bytes!("../../test_data/az-tdx-vtpm/quote.bin"); + const QUOTE: &[u8; 1170] = include_bytes!("../../test_data/az-tdx-vtpm/quote.bin"); const TD_QUOTE: &[u8; 5006] = include_bytes!("../../test_data/az-tdx-vtpm/td-quote.bin"); #[test] diff --git a/attestation-service/verifier/src/snp/mod.rs b/attestation-service/verifier/src/snp/mod.rs index 918be3aa9..3de637fea 100644 --- a/attestation-service/verifier/src/snp/mod.rs +++ b/attestation-service/verifier/src/snp/mod.rs @@ -112,7 +112,9 @@ impl Verifier for Snp { } } - Ok(parse_tee_evidence(&report)) + let claims_map = parse_tee_evidence(&report); + let json = json!(claims_map); + Ok(json) } } diff --git a/attestation-service/verifier/test_data/az-snp-vtpm/hcl-report.bin b/attestation-service/verifier/test_data/az-snp-vtpm/hcl-report.bin index 5c58c8dbf..eb375e905 100644 Binary files a/attestation-service/verifier/test_data/az-snp-vtpm/hcl-report.bin and b/attestation-service/verifier/test_data/az-snp-vtpm/hcl-report.bin differ diff --git a/attestation-service/verifier/test_data/az-snp-vtpm/quote.bin b/attestation-service/verifier/test_data/az-snp-vtpm/quote.bin index 76d0dd044..3a281ff34 100644 Binary files a/attestation-service/verifier/test_data/az-snp-vtpm/quote.bin and b/attestation-service/verifier/test_data/az-snp-vtpm/quote.bin differ diff --git a/attestation-service/verifier/test_data/az-snp-vtpm/vcek.pem b/attestation-service/verifier/test_data/az-snp-vtpm/vcek.pem index c7e9c01c8..8f50d2204 100644 --- a/attestation-service/verifier/test_data/az-snp-vtpm/vcek.pem +++ b/attestation-service/verifier/test_data/az-snp-vtpm/vcek.pem @@ -3,29 +3,105 @@ MIIFTDCCAvugAwIBAgIBADBGBgkqhkiG9w0BAQowOaAPMA0GCWCGSAFlAwQCAgUA oRwwGgYJKoZIhvcNAQEIMA0GCWCGSAFlAwQCAgUAogMCATCjAwIBATB7MRQwEgYD VQQLDAtFbmdpbmVlcmluZzELMAkGA1UEBhMCVVMxFDASBgNVBAcMC1NhbnRhIENs YXJhMQswCQYDVQQIDAJDQTEfMB0GA1UECgwWQWR2YW5jZWQgTWljcm8gRGV2aWNl -czESMBAGA1UEAwwJU0VWLU1pbGFuMB4XDTIzMDEwMTA1MzExOFoXDTMwMDEwMTA1 -MzExOFowejEUMBIGA1UECwwLRW5naW5lZXJpbmcxCzAJBgNVBAYTAlVTMRQwEgYD +czESMBAGA1UEAwwJU0VWLU1pbGFuMB4XDTIzMDUwMjIxMjIxOVoXDTMwMDUwMjIx +MjIxOVowejEUMBIGA1UECwwLRW5naW5lZXJpbmcxCzAJBgNVBAYTAlVTMRQwEgYD VQQHDAtTYW50YSBDbGFyYTELMAkGA1UECAwCQ0ExHzAdBgNVBAoMFkFkdmFuY2Vk IE1pY3JvIERldmljZXMxETAPBgNVBAMMCFNFVi1WQ0VLMHYwEAYHKoZIzj0CAQYF -K4EEACIDYgAEP3PCTk5P1qVUrvZPD+Motv8TNuSxJs5IR21EHLVk7HKQ3bNFknCc -mwE4ldVb27hjHGpizC9Oom6HHfa7XjX+3P+77N217Tn8/u2MUWhlv7koTxe/xwuV -Xn07DiWV7ZSKo4IBFjCCARIwEAYJKwYBBAGceAEBBAMCAQAwFwYJKwYBBAGceAEC +K4EEACIDYgAE53roqP63VFYieePXcG6qPLq8m9pLUrvFe4V3RUMfTwPmAMBILaXW +3jNzcaPfj8bz9ZgtTRaIHPW5hPuro1OO1rM+dYI6N11Xtjqadw78qxcPdOUQMkjY +y6q5pqga5xj9o4IBFjCCARIwEAYJKwYBBAGceAEBBAMCAQAwFwYJKwYBBAGceAEC BAoWCE1pbGFuLUIwMBEGCisGAQQBnHgBAwEEAwIBAzARBgorBgEEAZx4AQMCBAMC AQAwEQYKKwYBBAGceAEDBAQDAgEAMBEGCisGAQQBnHgBAwUEAwIBADARBgorBgEE AZx4AQMGBAMCAQAwEQYKKwYBBAGceAEDBwQDAgEAMBEGCisGAQQBnHgBAwMEAwIB -CDARBgorBgEEAZx4AQMIBAMCAXMwTQYJKwYBBAGceAEEBEA6dUWWsrgPLlF2yq6v -VEvZSbse/BceAuFyGwp2fd/Jn04lmNJXQQtXEr6LTctPmYOLymx50lAmx2rwnxl5 -gvA8MEYGCSqGSIb3DQEBCjA5oA8wDQYJYIZIAWUDBAICBQChHDAaBgkqhkiG9w0B -AQgwDQYJYIZIAWUDBAICBQCiAwIBMKMDAgEBA4ICAQA3s4HR1ZshYd/PeYXfiuLV -kmTCWm+OBd9HVM0hXcNv2KWxRzmG7lBzNKfk71DLqsjOYK5uAS0Jdad9iSbJS6F9 -nQNL1O7/n8M3K6OYa1SYFubU1tXJjRL3Bzx/rcL1w6sGQIeXwDXNjxyPO433YbIW -oQ6VuUj5AeTLlp3hChfrQ0Nkj3DbfsmDmSL4F0vsSq629YxQ6XTT+tIT897iMMVI -IMUeJ4O7wxcMnoKoNbM+dTmKrkDm4/FdqYpsT2ziPD9FcTcMud0qZGy8YmUCa9cV -/g7xKrDfRe8A8FDe1iFAVJ62xhS7GiOx/F2Gd/oEHto9dwE4/OVRmZlFy1njlxZt -3Dd6W8z0TLmiyHngApx8VMJHNuf4+UeiDYkWo14ZzGlsMKHweGQhy/bRbkIpjNB/ -fUZsn404ZxV8+mbTdeMftIUAofDHryPq2/K4FZB6IucEil9S/dejUerlAlDn+uq/ -TT/FatsAv8gMnTHNB2/GRDRuiLf5bqRGXFRelV8K0edfoxxvW8JjiK2h6bsQf4aA -JPH53P1GFWvEu9zOsGTldzOIvcPdykMFxhssRryI4YTTwAg6BPpXM83kdnGCEPgU -pNO5zaEImuqtrxdmOZt8qGxyQ2DYgwS0QC8srEIxBtM9eBSJAodvgUiovwACF4+w -5CU3rQt0CzyWLJop7k8GMw== +CDARBgorBgEEAZx4AQMIBAMCAXMwTQYJKwYBBAGceAEEBEAZdSpEfbUBoyreRkKK +RukmOb01Fdu0Xi5nu8sJNP/PHz48AEzLSpnJ+n5P+wnaazJKxYrO2vZ58kun21+D +jGzKMEYGCSqGSIb3DQEBCjA5oA8wDQYJYIZIAWUDBAICBQChHDAaBgkqhkiG9w0B +AQgwDQYJYIZIAWUDBAICBQCiAwIBMKMDAgEBA4ICAQCJk1WMW74Z9cOTBpgetdgb +fNHAmUKPwJIsOAWVlM/8dciPWcKdWc5VB7fy8bpOqCc95/RbUKFdT3cezjZ8Ukmo +mQh7ALdiuSvBVh2RVGVAJW9/xuIQTB09jJO2izL03vHy6ojrUBohyLUJI1Qajheu +6YjlZ2sL4xkvzMGqvKInqXYGEqMDrqgCIEFQ63Si1HWIi/ms3DPW+kZZNQVzAFCk +dDxMAaApAbBJNww28bCSHrkgnQdwrRzUlM38truqV/g0ItThiAzBWE7asBggRHxA +lHu53ECo4uZ0k9v3lD6NQ6lldnl0nM31rbry1rQlJqseyvWqDq4+/+LksBqdfsud +hDP1SdeRD7YzBziTn5Tr/XY+Vg+GxMfUNE2E0XW3FJMLGd8AnGIipRN67BmDQuY7 +oVeWF1ZJ0Gk+d3fbCuJ5lYECcBBq8zKje9u/zX1UaSwgi11RMkKB4pfBmLrGPppz +q/s5rx4x2+HrHyHLvpLeQaxWzMe0ZaF5XBYi5ujsOci550cl4x6mjb/grUucurSc +cjl0NTQeyL5L7cpNTp450U9p7+EVRRxx2kufc1EbcDyZ5pwlnqApcgLX5ajF51im +LikpLkCNCWdu5QNKFXquJkNSCaocE56djP1CwqirfeRuHvj7NpVA6QRJ8TFdjWV/ +J7rtq64Z//EpcDJ1B/c7PA== -----END CERTIFICATE----- + +-----BEGIN CERTIFICATE----- +MIIGiTCCBDigAwIBAgIDAQABMEYGCSqGSIb3DQEBCjA5oA8wDQYJYIZIAWUDBAIC +BQChHDAaBgkqhkiG9w0BAQgwDQYJYIZIAWUDBAICBQCiAwIBMKMDAgEBMHsxFDAS +BgNVBAsMC0VuZ2luZWVyaW5nMQswCQYDVQQGEwJVUzEUMBIGA1UEBwwLU2FudGEg +Q2xhcmExCzAJBgNVBAgMAkNBMR8wHQYDVQQKDBZBZHZhbmNlZCBNaWNybyBEZXZp +Y2VzMRIwEAYDVQQDDAlBUkstTWlsYW4wHhcNMjAxMDIyMTgyNDIwWhcNNDUxMDIy +MTgyNDIwWjB7MRQwEgYDVQQLDAtFbmdpbmVlcmluZzELMAkGA1UEBhMCVVMxFDAS +BgNVBAcMC1NhbnRhIENsYXJhMQswCQYDVQQIDAJDQTEfMB0GA1UECgwWQWR2YW5j +ZWQgTWljcm8gRGV2aWNlczESMBAGA1UEAwwJU0VWLU1pbGFuMIICIjANBgkqhkiG +9w0BAQEFAAOCAg8AMIICCgKCAgEAnU2drrNTfbhNQIllf+W2y+ROCbSzId1aKZft +2T9zjZQOzjGccl17i1mIKWl7NTcB0VYXt3JxZSzOZjsjLNVAEN2MGj9TiedL+Qew +KZX0JmQEuYjm+WKksLtxgdLp9E7EZNwNDqV1r0qRP5tB8OWkyQbIdLeu4aCz7j/S +l1FkBytev9sbFGzt7cwnjzi9m7noqsk+uRVBp3+In35QPdcj8YflEmnHBNvuUDJh +LCJMW8KOjP6++Phbs3iCitJcANEtW4qTNFoKW3CHlbcSCjTM8KsNbUx3A8ek5EVL +jZWH1pt9E3TfpR6XyfQKnY6kl5aEIPwdW3eFYaqCFPrIo9pQT6WuDSP4JCYJbZne +KKIbZjzXkJt3NQG32EukYImBb9SCkm9+fS5LZFg9ojzubMX3+NkBoSXI7OPvnHMx +jup9mw5se6QUV7GqpCA2TNypolmuQ+cAaxV7JqHE8dl9pWf+Y3arb+9iiFCwFt4l +AlJw5D0CTRTC1Y5YWFDBCrA/vGnmTnqG8C+jjUAS7cjjR8q4OPhyDmJRPnaC/ZG5 +uP0K0z6GoO/3uen9wqshCuHegLTpOeHEJRKrQFr4PVIwVOB0+ebO5FgoyOw43nyF +D5UKBDxEB4BKo/0uAiKHLRvvgLbORbU8KARIs1EoqEjmF8UtrmQWV2hUjwzqwvHF +ei8rPxMCAwEAAaOBozCBoDAdBgNVHQ4EFgQUO8ZuGCrD/T1iZEib47dHLLT8v/gw +HwYDVR0jBBgwFoAUhawa0UP3yKxV1MUdQUir1XhK1FMwEgYDVR0TAQH/BAgwBgEB +/wIBADAOBgNVHQ8BAf8EBAMCAQQwOgYDVR0fBDMwMTAvoC2gK4YpaHR0cHM6Ly9r +ZHNpbnRmLmFtZC5jb20vdmNlay92MS9NaWxhbi9jcmwwRgYJKoZIhvcNAQEKMDmg +DzANBglghkgBZQMEAgIFAKEcMBoGCSqGSIb3DQEBCDANBglghkgBZQMEAgIFAKID +AgEwowMCAQEDggIBAIgeUQScAf3lDYqgWU1VtlDbmIN8S2dC5kmQzsZ/HtAjQnLE +PI1jh3gJbLxL6gf3K8jxctzOWnkYcbdfMOOr28KT35IaAR20rekKRFptTHhe+DFr +3AFzZLDD7cWK29/GpPitPJDKCvI7A4Ug06rk7J0zBe1fz/qe4i2/F12rvfwCGYhc +RxPy7QF3q8fR6GCJdB1UQ5SlwCjFxD4uezURztIlIAjMkt7DFvKRh+2zK+5plVGG +FsjDJtMz2ud9y0pvOE4j3dH5IW9jGxaSGStqNrabnnpF236ETr1/a43b8FFKL5QN +mt8Vr9xnXRpznqCRvqjr+kVrb6dlfuTlliXeQTMlBoRWFJORL8AcBJxGZ4K2mXft +l1jU5TLeh5KXL9NW7a/qAOIUs2FiOhqrtzAhJRg9Ij8QkQ9Pk+cKGzw6El3T3kFr +Eg6zkxmvMuabZOsdKfRkWfhH2ZKcTlDfmH1H0zq0Q2bG3uvaVdiCtFY1LlWyB38J +S2fNsR/Py6t5brEJCFNvzaDky6KeC4ion/cVgUai7zzS3bGQWzKDKU35SqNU2WkP +I8xCZ00WtIiKKFnXWUQxvlKmmgZBIYPe01zD0N8atFxmWiSnfJl690B9rJpNR/fI +ajxCW3Seiws6r1Zm+tCuVbMiNtpS9ThjNX4uve5thyfE2DgoxRFvY1CsoF5M +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIGYzCCBBKgAwIBAgIDAQAAMEYGCSqGSIb3DQEBCjA5oA8wDQYJYIZIAWUDBAIC +BQChHDAaBgkqhkiG9w0BAQgwDQYJYIZIAWUDBAICBQCiAwIBMKMDAgEBMHsxFDAS +BgNVBAsMC0VuZ2luZWVyaW5nMQswCQYDVQQGEwJVUzEUMBIGA1UEBwwLU2FudGEg +Q2xhcmExCzAJBgNVBAgMAkNBMR8wHQYDVQQKDBZBZHZhbmNlZCBNaWNybyBEZXZp +Y2VzMRIwEAYDVQQDDAlBUkstTWlsYW4wHhcNMjAxMDIyMTcyMzA1WhcNNDUxMDIy +MTcyMzA1WjB7MRQwEgYDVQQLDAtFbmdpbmVlcmluZzELMAkGA1UEBhMCVVMxFDAS +BgNVBAcMC1NhbnRhIENsYXJhMQswCQYDVQQIDAJDQTEfMB0GA1UECgwWQWR2YW5j +ZWQgTWljcm8gRGV2aWNlczESMBAGA1UEAwwJQVJLLU1pbGFuMIICIjANBgkqhkiG +9w0BAQEFAAOCAg8AMIICCgKCAgEA0Ld52RJOdeiJlqK2JdsVmD7FktuotWwX1fNg +W41XY9Xz1HEhSUmhLz9Cu9DHRlvgJSNxbeYYsnJfvyjx1MfU0V5tkKiU1EesNFta +1kTA0szNisdYc9isqk7mXT5+KfGRbfc4V/9zRIcE8jlHN61S1ju8X93+6dxDUrG2 +SzxqJ4BhqyYmUDruPXJSX4vUc01P7j98MpqOS95rORdGHeI52Naz5m2B+O+vjsC0 +60d37jY9LFeuOP4Meri8qgfi2S5kKqg/aF6aPtuAZQVR7u3KFYXP59XmJgtcog05 +gmI0T/OitLhuzVvpZcLph0odh/1IPXqx3+MnjD97A7fXpqGd/y8KxX7jksTEzAOg +bKAeam3lm+3yKIcTYMlsRMXPcjNbIvmsBykD//xSniusuHBkgnlENEWx1UcbQQrs ++gVDkuVPhsnzIRNgYvM48Y+7LGiJYnrmE8xcrexekBxrva2V9TJQqnN3Q53kt5vi +Qi3+gCfmkwC0F0tirIZbLkXPrPwzZ0M9eNxhIySb2npJfgnqz55I0u33wh4r0ZNQ +eTGfw03MBUtyuzGesGkcw+loqMaq1qR4tjGbPYxCvpCq7+OgpCCoMNit2uLo9M18 +fHz10lOMT8nWAUvRZFzteXCm+7PHdYPlmQwUw3LvenJ/ILXoQPHfbkH0CyPfhl1j +WhJFZasCAwEAAaN+MHwwDgYDVR0PAQH/BAQDAgEGMB0GA1UdDgQWBBSFrBrRQ/fI +rFXUxR1BSKvVeErUUzAPBgNVHRMBAf8EBTADAQH/MDoGA1UdHwQzMDEwL6AtoCuG +KWh0dHBzOi8va2RzaW50Zi5hbWQuY29tL3ZjZWsvdjEvTWlsYW4vY3JsMEYGCSqG +SIb3DQEBCjA5oA8wDQYJYIZIAWUDBAICBQChHDAaBgkqhkiG9w0BAQgwDQYJYIZI +AWUDBAICBQCiAwIBMKMDAgEBA4ICAQC6m0kDp6zv4Ojfgy+zleehsx6ol0ocgVel +ETobpx+EuCsqVFRPK1jZ1sp/lyd9+0fQ0r66n7kagRk4Ca39g66WGTJMeJdqYriw +STjjDCKVPSesWXYPVAyDhmP5n2v+BYipZWhpvqpaiO+EGK5IBP+578QeW/sSokrK +dHaLAxG2LhZxj9aF73fqC7OAJZ5aPonw4RE299FVarh1Tx2eT3wSgkDgutCTB1Yq +zT5DuwvAe+co2CIVIzMDamYuSFjPN0BCgojl7V+bTou7dMsqIu/TW/rPCX9/EUcp +KGKqPQ3P+N9r1hjEFY1plBg93t53OOo49GNI+V1zvXPLI6xIFVsh+mto2RtgEX/e +pmMKTNN6psW88qg7c1hTWtN6MbRuQ0vm+O+/2tKBF2h8THb94OvvHHoFDpbCELlq +HnIYhxy0YKXGyaW1NjfULxrrmxVW4wcn5E8GddmvNa6yYm8scJagEi13mhGu4Jqh +3QU3sf8iUSUr09xQDwHtOQUVIqx4maBZPBtSMf+qUDtjXSSq8lfWcd8bLr9mdsUn +JZJ0+tuPMKmBnSH860llKk+VpVQsgqbzDIvOLvD6W1Umq25boxCYJ+TuBoa4s+HH +CViAvgT9kf/rBq1d+ivj6skkHxuzcxbk1xv6ZGxrteJxVH7KlX7YRdZ6eARKwLe4 +AFZEAwoKCQ== +-----END CERTIFICATE----- + diff --git a/attestation-service/verifier/test_data/az-tdx-vtpm/hcl-report.bin b/attestation-service/verifier/test_data/az-tdx-vtpm/hcl-report.bin index daca213c6..512df8aa9 100644 Binary files a/attestation-service/verifier/test_data/az-tdx-vtpm/hcl-report.bin and b/attestation-service/verifier/test_data/az-tdx-vtpm/hcl-report.bin differ diff --git a/attestation-service/verifier/test_data/az-tdx-vtpm/quote.bin b/attestation-service/verifier/test_data/az-tdx-vtpm/quote.bin index 26e9da2c8..beb697cbe 100644 Binary files a/attestation-service/verifier/test_data/az-tdx-vtpm/quote.bin and b/attestation-service/verifier/test_data/az-tdx-vtpm/quote.bin differ diff --git a/attestation-service/verifier/test_data/az-tdx-vtpm/td-quote.bin b/attestation-service/verifier/test_data/az-tdx-vtpm/td-quote.bin index b5b00b282..e90918ef3 100644 Binary files a/attestation-service/verifier/test_data/az-tdx-vtpm/td-quote.bin and b/attestation-service/verifier/test_data/az-tdx-vtpm/td-quote.bin differ diff --git a/kbs/tools/client/Cargo.toml b/kbs/tools/client/Cargo.toml index a77af84a8..c706e3573 100644 --- a/kbs/tools/client/Cargo.toml +++ b/kbs/tools/client/Cargo.toml @@ -18,7 +18,7 @@ base64.workspace = true clap = { version = "4.0.29", features = ["derive"] } env_logger.workspace = true jwt-simple = "0.11.4" -kbs_protocol = { git = "https://github.com/confidential-containers/guest-components.git", rev = "8b0dbeb", default-features = false } +kbs_protocol = { git = "https://github.com/confidential-containers/guest-components.git", rev = "21b2c536b4d6c5c1442b53916c908b54dde136e8", default-features = false } log.workspace = true reqwest = { version = "0.11.18", default-features = false, features = ["cookies", "json"] } serde = { version = "1.0", features = ["derive"] }