This library enables guest attestation flows for SEV-SNP CVMs on Azure. Please refer to the documentation in this repository for details on the attestation procedure.
Default image is Ubuntu 22.04 cvm
bash
export IMAGE_ID=/subscriptions/.../resourceGroups/.../providers/Microsoft.Compute/galleries/.../images/.../versions/1.0.0
make deploy
bash
cargo b --release
scp target/release/snp-vtpm azureuser@$CONFIDENTIAL_VM:
Retrieve SEV-SNP report, validate and print it:
bash
sudo ./snp-vtpm -p
There is a project in the ./example folder depicting how the crate can be leveraged in a Remote Attestation flow. Note: the code is merely illustrative and doesn't feature exhaustive validation, which would be required in a production scenario.
bash
cargo b -p example
The vTPM is linked to the SEV-SNP report via the vTPM Attestation Key (AK). The public AK is part of a Runtime Data struct, which is hashed and submitted as Report Data when generating the SNP report. To provide freshness guarantees in an attestation exchange we can request a vTPM quote with a nonce. The resulting message is signed by the AK.
┌────────────────────────┐
│ HCL Data │
│ │
│ ┌──────────────────────┴─┐ ─┐
│ │ Runtime Data │ │
│ │ │ │
┌──────────────────────┐ │ │ ┌────────────────────┐ │ ├─┐
┌─┤ vTPM AK ├──┼─┼─┤ vTPM Public AK │ │ │ │
│ └──────────────────────┘ │ │ └────────────────────┘ │ │ │
│ ┌──────────────┐ │ └──────────────────────┬─┘ ─┘ │
│ │ vTPM Quote │ │ ┌────────────────────┐ │ │
│ │ │ │ │ HCL Report │ │ │
signs ┌─ ┌─┴────────────┐ │ │ │ │ │ sha256
│ │ │ Message │ │ │ │ ┌────────────────┐ │ │ │
│ │ │ │ │ │ │ │ SEV-SNP Report │ │ │ │
│ │ │ ┌──────────┐ │ │ │ │ │ │ │ │ │
│ │ │ │ PCR0 │ │ │ │ │ │ ┌──────────────┴─┴─┴─┐ │
│ │ │ └──────────┘ │ │ │ │ │ │ Report Data │ ◄───┘
│ │ │ ... │ │ │ │ │ └──────────────┬─┬─┬─┘
│ │ │ ┌──────────┐ │ │ │ │ └────────────────┘ │ │
└─► │ │ │ PCRn │ │ │ │ └────────────────────┘ │
│ │ └──────────┘ │ │ └────────────────────────┘
│ │ ┌──────────┐ │ │
│ │ │ Nonce │ │ │
│ │ └──────────┘ │ │
└─ └─┬────────────┘ │
└──────────────┘