-
Notifications
You must be signed in to change notification settings - Fork 90
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
KBS: Update KBS protocol to 0.2.0 to fix JWE format due to RFC7516 #597
base: main
Are you sure you want to change the base?
Conversation
Per RFC7516, the AEAD's auth tag should be included inside the JWE body. We fix this to align with trustee side confidential-containers/trustee#597 Signed-off-by: Xynnn007 <[email protected]>
Per RFC7516, the AEAD's auth tag should be included inside the JWE body. We fix this to align with trustee side confidential-containers/trustee#597 Signed-off-by: Xynnn007 <[email protected]>
Ok the test error happened because the guest-components side code is old. I just put another commit that references my repo to include the commit that includes the AEAD update. I think we can merge GC side code firstly. Then go back to this PR. Then another PR on gc side to revert the test image change. |
Per RFC7516, the AEAD's auth tag should be included inside the JWE body. We fix this to align with trustee side confidential-containers/trustee#597 Signed-off-by: Xynnn007 <[email protected]>
I removed the |
cc @deeglaze |
Per RFC7516, the AEAD's auth tag should be included inside the JWE body. We fix this to align with trustee side confidential-containers/trustee#597 Signed-off-by: Xynnn007 <[email protected]>
Test locally and passed. Let's wait for virtee/kbs-types#45 to be merged and update the |
7fb7897
to
56ae015
Compare
@@ -227,6 +229,12 @@ Encryption algorithm used to encrypt the output of the KBS service API. | |||
The output of the KBS service API. It must be encrypted with the KBS-generated | |||
ephemeral key. | |||
|
|||
- `aad` (Required if AEAD is used) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Hi @tylerfanelli I added the aad
and tag
parts to this document. They all follow RFC7516. Thanks for the help from upstream kbs-types
.
Released here. |
7b9e7c7
to
547ed02
Compare
All the technologies depend on ECC already, and it’s much faster to generate keys at boot for ECC. The coconut-svsm project will be switching to ecc from rsa. |
I guess that's fair. I remember asking about this at one point and there was a limitation for some TEE that would make switching the TEE keypair to EC hard. I don't remember details though and the concern might not be valid anymore. We can just go ahead, and we'll notice problems on a CI somewhere. |
Please. I’d advocate for a couple changes actually. KBS ought to distinguish between keys and secrets to allow for different handling. For example, we would prefer to store a key encryption key (aes-256-kw or kwp) wrapped by an HSM key and use attestation as part of authorization to rewrap the key to a key derived from a shared secret between the TEE and HSM. This is the COSE algorithm ECDH-ES-HKDF-256. The salt for the hkdf can be a parameter. It does mean sending more data to kbs, but it allows kbs to be less stateful, and it allows keys to be hsm protected in an attestable way, provided you have key creation attestations for the wrapping key. The key material is only visible to the HSM and the TEE. You’ll want to ensure through attestation that the TEE key forwarded from the verifier to the HSM is only the one from the TEE to make sure the verifier isn’t sneakily rewrapping the key to its own key too, but we’ve known that verifiers should be attested. Initial provisioning of keys from first boot becomes a requirement. When you have keys protected in their own way, you can use the appropriate algorithms for key wrapping in transit. For secrets like rollback counters, you can use the current JWE, since there’s generally no service-specific non-extraction requirement for secrets the way there are with keys. |
thx, it might be good to copy your thoughts to a discrete issue on this repo (verbatim is fine), since we probably won't fully address it in this PR (i hope 😅) and it's easier to track this way. I understand there are venues to decouple kbs from the handling of key material, so I feel there might be a conceptual overlap with sealed secrets/KMS/HSM backends and it's probably good to understand which role those facilities would play in the suggested scheme. There's also a dedicated Trustee Sync, which would be a great place to present those ideas. |
@deeglaze Thanks for the suggestion! If interested, please feel free to join our bi-weekly meeting mentioned by Magnus to share your great ideas. I replaced RSA PKCS1v15 with I still worry about the perfect forward secrecy that seems not to be fully conquered by JWE. Thus I am considering to promote it in future with existing TLS suites to improve this. Newly edited: |
0dc32de
to
e70e893
Compare
bb4e4f1
to
6db712e
Compare
I did some change upon the PR description. Compability tests are passed with |
Fixes confidential-containers#583. This commit does two things: 1. Fix JWE format to align with RFC 7516. 2. Use more strong algorithm for JWE. Due to RFC 7516, the JWE AEAD Auth Tag should be expcilitly be included inside the `tag` part. Before this commit, the tag is actually included as the suffix of the `ciphertext`. We fix this by expcilitly extract the tag and include it into the jwe body. Also, we fix the AAD calculation logic, s.t. derived from ProtectedHeader which is also specifiled by RFC7516. This should be align with the guest-components side. This commit supports the following JWE algorithms for KBS response: 1. RSA PKCS v1.5 Padding. This algorithm is not recommended but for compability it is still reserved. 2. RSA OAEP. 3. ECDH-ES-A256KW with curve P256. This is recommended as EC algorithms are more fast and safe. which algorithm is used is decided by the TEE public key sent by the client. Some more unit tests to test the compability is added to make sure the algorithm is implemented as standard. Both change will make the kbs_client not able to connect to the KBS. Thus we update the KBS protocol version from 0.1.1 to 0.2.0. Signed-off-by: Xynnn007 <[email protected]>
Some dependencies like [email protected] requires a rust toolchain version over 1.81.0. Thus we update this to 1.83.0 to track the latest rust toolchain. This commit also fixes lint error introduced by new version of rust toolchain. Signed-off-by: Xynnn007 <[email protected]>
KBS Build with default feature and KBS build with built-in CoCo AS feature are the same, thus we delete the duplicated one and add more information. Signed-off-by: Xynnn007 <[email protected]>
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM. Thanks for taking care of this
Fixes #583.
This patch does a bunch of fixes per RFC 7516.
tag
part.RSA OAEP
andECDH-ES+A256KW
RSA PKCS#1 v1.5 padding scheme
as deprecated as it is not recommended.josekit
to check the compatibility of JWE used byResponse
.1.83.0
depends on
virtee/kbs-types#53