search

ccc-certifier-framework / certifier-framework-for-confidential-computing

The Confidential Computing Certifier Framework consists of a client API called the Certifier-API and server-based policy evaluation called the Certifier Service. It simplifies and unifies programming and operations support for multi-vendor Confidential Computing platforms by providing support for scalable, policy-driven trust management including
Apache License 2.0
54 stars 16 forks source link

Build CC-service to verify an SGX quote without using Intel enclaves or libraries. #87

Open gapisback opened 1 year ago

gapisback commented 1 year ago

Design & implement CC-service to verify an SGX quote (for example, the one generated by Gramine) without using Intel enclaves or libraries

I've attached a copy of the Quote information I have. You may want to check if there is a later version.
The version received as a pdf attachment is from August, 2019. The latest version is here, Intel® Software Guard Extensions (Intel® SGX) Data Center Attestation Primitives: ECDSA Quote Library API, dd. April 2022.

A more recent one is found here, Intel_SGX_ECDSA_QuoteLibReference_DCAP_API.pdf, dd. March 2023.

As usual, do the work in a new branch. The directory will be certifier_service/sgx_quote_verify.

  1. Read the documentation and download the *.h files needed. Write a short document (<5 pages) describing the verification process. You can use the binary quote generated by gramine for the test case. I'm allocating a week for this (4/21) as an estimate but let me know it you think it's different when as you start the work. This should include a description of the algorithms, certificates, etc used in the standalone verification.

  2. Write support functions to hash and verify the quote using openssl including the certificate chain. Write a test to check it. According to the docs, the cert chain is in the quote (but let me know if this is wrong). The he hardest part, given the somewhat contorted .h structure is figuring out what to hash. My estimate for this is another week (4/28).

  3. Extract from the quote all the hardware properties. The extract should be done in the library. Write a test that prints out the relevant HW properties in the quote. Identify the ones you think we should check. My estimate, again, is about a week but is subject to change as we learn more.

Suggested implementation details of this CC-service support module:

NOTE: Above content copied from an internal mail from John Manferdelli reg this dev-task.

Reference material (updated: 6/28/2023)

  1. Intel® Software Guard Extensions Data Center Attestation Primitives: ECDSA Quote Library API, dd. Mar 2023
  2. Intel SGX DCAP Primitives – Product brief : Has the picture of overall architecture
  3. GitHub: SGX DCAP Quote Generation : Haven’t dug into this module, yet
  4. GitHub: SGX DCAP Quote Verification : Interesting files are here (Am digging thru …) QuoteVerification.h QuoteVerification.cpp EnclaveIdentityVerifier.cpp TCBInfoVerifier.cpp
jlmucb commented 10 months ago

For Gramine, we can check all properties now and only rely on DCAP for signature checks. At this point, the enhancement is simply tp perform the signature checks ourselves.

gapisback commented 2 weeks ago

9/25/204: Revisited with the team. This is a good thing to do, eventually, but is not a priority right now.

This is a low-priority feature ...

Even in future, thinking about Intel's push for TDX, ... we think that the quote infrastructure used for / by TDX is similar to that of SGX. So, whatever we do here might help us do similar stuff for TDX.