Trusted Certificate Service (TCS) is a K8s service to protect signing keys using Intel's SGX technology. K8s CSR and cert-manager CR APIs are both supported. TCS also contains integration samples for Istio service mesh and Key Management Reference Application (KMRA).
Apache License 2.0
29
stars
15
forks
source link
[RFC][Proposal] : Plugin API for provisioning CA secrets from external PKIs/Key servers #23
Currently, for CA provisiong (non selfsign case) the TCS is instantiate a QutoeAttestation CR with the SGX quote details and, depends on an attestation controller to reconcile the CR and provision the issuer CA secrets to the enclave. Attestation controller uses the configured key server plugin(s) to validate the quote and fetching the encrypted secret from the key server. There are a few caveats in this design:
The TCS enclave quote exposed in the QuoteAttestation CR can be read or altered by som maliciaou application which has the appropriate permission. This could happen in a cluster where access QuoteAttestation CR is not protected by the appropriate RBAC rules.
Some malicious enclave application initiates the attestation request with it's own quote and public-key, and could steal the CA secrets.
Unnecessary additional Kubernetes instance with sensitive data (quote), which could be avoided.
Instead, I would like to propose that , the TCS itself provides a gRPC plugin API for attestation and secret provisioning. Key severs can integrated by implementing this API. And the plugin has to run as sidecar to TCS container and exposes the plugin service over UNIX domain socket. So in this case the quote is shared in secure channel to the plugin.
avalluri
commented
2 years ago
Currently, for CA provisiong (non selfsign case) the TCS is instantiate a
QutoeAttestationCR with the SGX quote details and, depends on an attestation controller to reconcile the CR and provision the issuer CA secrets to the enclave. Attestation controller uses the configured key server plugin(s) to validate the quote and fetching the encrypted secret from the key server. There are a few caveats in this design:QuoteAttestationCR can be read or altered by som maliciaou application which has the appropriate permission. This could happen in a cluster where accessQuoteAttestationCR is not protected by the appropriate RBAC rules.Instead, I would like to propose that , the TCS itself provides a gRPC plugin API for attestation and secret provisioning. Key severs can integrated by implementing this API. And the plugin has to run as sidecar to TCS container and exposes the plugin service over UNIX domain socket. So in this case the quote is shared in secure channel to the plugin.