Merge main

Author: ameba23

Cargo.lock

@@ -1,3 +1,6 @@
+[workspace]
+members = [".", "dummy-attestation-server"]
+
 [package]
 name = "attested-tls-proxy"
 version = "0.1.0"
@@ -30,6 +33,7 @@ serde = "1.0.228"
 tracing = "0.1.41"
 tracing-subscriber = { version = "0.3.20", features = ["env-filter", "json"] }
 parity-scale-codec = "3.7.5"
+reqwest = "0.12.23"
 
 [dev-dependencies]
 rcgen = "0.14.5"

Cargo.toml

@@ -15,7 +15,6 @@ It has three subcommands:
 
 ### How it works
 
-
 This works as follows:
 1. The source HTTP client (eg: curl or a web browser) makes an HTTP request to a proxy-client instance running locally.
 2. The proxy-client forwards the request to a proxy-server instance over a remote-attested TLS channel.
@@ -139,3 +138,10 @@ Following a successful attestation exchange, the client can make HTTP requests u
 
 As described above, the server will inject measurement data into the request headers before forwarding them to the target service, and the client will inject measurement data into the response headers before forwarding them to the source client.
 
+### CLI differences from `cvm-reverse-proxy`
+
+This aims to have a similar command line interface to `cvm-reverse-proxy` but there are some differences:
+
+- The measurements file path is specified with `--measurements-file` rather than `--server-measurements` or `--client-measurements`.
+- If no measurements file is specified, `--allowed-remote-attestation-type` must be given.
+- `--log-dcap-quote` logs all attestation data (not only DCAP), but [currently] only remote attestation data, not locally-generated data.

README.md

@@ -0,0 +1,21 @@
+[package]
+name = "dummy-attestation-server"
+version = "0.1.0"
+edition = "2024"
+license = "MIT"
+publish = false
+
+[dependencies]
+attested-tls-proxy = { path = ".." }
+tokio = { version = "1.48.0", features = ["full"] }
+axum = "0.8.6"
+clap = { version = "4.5.51", features = ["derive", "env"] }
+anyhow = "1.0.100"
+hex = "0.4.3"
+serde_json = "1.0.145"
+tracing = "0.1.41"
+tracing-subscriber = { version = "0.3.20", features = ["env-filter", "json"] }
+parity-scale-codec = "3.7.5"
+reqwest = { version = "0.12.23", default-features = false }
+
+[dev-dependencies]

dummy-attestation-server/Cargo.toml

@@ -0,0 +1,118 @@
+pub use attested_tls_proxy::attestation::AttestationGenerator;
+use std::net::SocketAddr;
+
+use anyhow::anyhow;
+use attested_tls_proxy::attestation::{AttestationExchangeMessage, AttestationVerifier};
+use axum::{
+    extract::{Path, State},
+    http::StatusCode,
+    response::{IntoResponse, Response},
+};
+use parity_scale_codec::{Decode, Encode};
+use tokio::net::TcpListener;
+
+#[derive(Clone)]
+struct SharedState {
+    attestation_generator: AttestationGenerator,
+}
+
+/// An HTTP server which produces test attestations
+pub async fn dummy_attestation_server(
+    listener: TcpListener,
+    attestation_generator: AttestationGenerator,
+) -> anyhow::Result<()> {
+    let app = axum::Router::new()
+        .route("/attest/{input_data}", axum::routing::get(get_attest))
+        .with_state(SharedState {
+            attestation_generator,
+        });
+
+    axum::serve(listener, app).await?;
+
+    Ok(())
+}
+
+/// Handler for the GET `/attest/{input_data}` route
+/// Input data should be 64 bytes hex
+async fn get_attest(
+    State(shared_state): State<SharedState>,
+    Path(input_data): Path<String>,
+) -> Result<(StatusCode, Vec<u8>), ServerError> {
+    let input_data: [u8; 64] = hex::decode(input_data)?
+        .try_into()
+        .map_err(|_| anyhow!("Input data must be 64 bytes"))?;
+
+    let attestation = shared_state
+        .attestation_generator
+        .generate_attestation(input_data)
+        .await?
+        .encode();
+
+    Ok((StatusCode::OK, attestation))
+}
+
+/// A client helper which makes a request to `/attest`
+pub async fn dummy_attestation_client(
+    server_addr: SocketAddr,
+    attestation_verifier: AttestationVerifier,
+) -> anyhow::Result<AttestationExchangeMessage> {
+    let input_data = [0; 64];
+    let response = reqwest::get(format!(
+        "http://{server_addr}/attest/{}",
+        hex::encode(input_data)
+    ))
+    .await?
+    .bytes()
+    .await?;
+
+    let remote_attestation_message = AttestationExchangeMessage::decode(&mut &response[..])?;
+    let remote_attestation_type = remote_attestation_message.attestation_type;
+
+    println!("Remote attestation type: {remote_attestation_type}");
+
+    attestation_verifier
+        .verify_attestation(remote_attestation_message.clone(), input_data)
+        .await?;
+
+    Ok(remote_attestation_message)
+}
+
+struct ServerError(pub anyhow::Error);
+
+impl<E> From<E> for ServerError
+where
+    E: Into<anyhow::Error>,
+{
+    fn from(err: E) -> Self {
+        ServerError(err.into())
+    }
+}
+
+impl IntoResponse for ServerError {
+    fn into_response(self) -> Response {
+        eprintln!("{:?}", self.0);
+        (StatusCode::INTERNAL_SERVER_ERROR, format!("{:?}", self.0)).into_response()
+    }
+}
+
+#[cfg(test)]
+mod tests {
+    use super::*;
+
+    #[tokio::test]
+    async fn test_dummy_server() {
+        let attestation_generator = AttestationGenerator::with_no_attestation();
+
+        let listener = TcpListener::bind("127.0.0.1:0").await.unwrap();
+        let server_addr = listener.local_addr().unwrap();
+
+        tokio::spawn(async move {
+            dummy_attestation_server(listener, attestation_generator)
+                .await
+                .unwrap();
+        });
+        dummy_attestation_client(server_addr, AttestationVerifier::expect_none())
+            .await
+            .unwrap();
+    }
+}

dummy-attestation-server/src/lib.rs

@@ -0,0 +1,110 @@
+use attested_tls_proxy::attestation::{
+    measurements::MeasurementPolicy, AttestationGenerator, AttestationType, AttestationVerifier,
+};
+use clap::{Parser, Subcommand};
+use dummy_attestation_server::{dummy_attestation_client, dummy_attestation_server};
+use std::{net::SocketAddr, path::PathBuf};
+use tokio::net::TcpListener;
+use tracing::level_filters::LevelFilter;
+
+#[derive(Parser, Debug, Clone)]
+#[clap(version, about, long_about = None)]
+struct Cli {
+    #[clap(subcommand)]
+    command: CliCommand,
+    /// Log debug messages
+    #[arg(long, global = true)]
+    log_debug: bool,
+    /// Log in JSON format
+    #[arg(long, global = true)]
+    log_json: bool,
+    /// Log DCAP quotes to folder `quotes/`
+    #[arg(long, global = true)]
+    log_dcap_quote: bool,
+}
+#[derive(Subcommand, Debug, Clone)]
+enum CliCommand {
+    Server {
+        /// Socket address to listen on
+        #[arg(short, long, default_value = "0.0.0.0:0", env = "LISTEN_ADDR")]
+        listen_addr: SocketAddr,
+        /// Type of attestation to present (defaults to none)
+        #[arg(long)]
+        server_attestation_type: Option<String>,
+    },
+    Client {
+        /// Socket address of a dummy attestation server
+        server_addr: SocketAddr,
+        /// Optional path to file containing JSON measurements to be enforced on the remote party
+        #[arg(long, global = true, env = "MEASUREMENTS_FILE")]
+        measurements_file: Option<PathBuf>,
+    },
+}
+
+#[tokio::main]
+async fn main() -> anyhow::Result<()> {
+    let cli = Cli::parse();
+
+    let level_filter = if cli.log_debug {
+        LevelFilter::DEBUG
+    } else {
+        LevelFilter::WARN
+    };
+
+    let env_filter = tracing_subscriber::EnvFilter::builder()
+        .with_default_directive(level_filter.into())
+        .from_env_lossy();
+
+    let subscriber = tracing_subscriber::fmt::Subscriber::builder().with_env_filter(env_filter);
+
+    if cli.log_json {
+        subscriber.json().init();
+    } else {
+        subscriber.pretty().init();
+    }
+
+    if cli.log_dcap_quote {
+        tokio::fs::create_dir_all("quotes").await?;
+    }
+
+    match cli.command {
+        CliCommand::Server {
+            listen_addr,
+            server_attestation_type,
+        } => {
+            let server_attestation_type: AttestationType = serde_json::from_value(
+                serde_json::Value::String(server_attestation_type.unwrap_or("none".to_string())),
+            )?;
+
+            let attestation_generator =
+                AttestationGenerator::new_not_dummy(server_attestation_type)?;
+
+            let listener = TcpListener::bind(listen_addr).await?;
+
+            println!("Listening on {}", listener.local_addr()?);
+            dummy_attestation_server(listener, attestation_generator).await?;
+        }
+        CliCommand::Client {
+            server_addr,
+            measurements_file,
+        } => {
+            let measurement_policy = match measurements_file {
+                Some(measurements_file) => MeasurementPolicy::from_file(measurements_file).await?,
+                None => MeasurementPolicy::accept_anything(),
+            };
+
+            let attestation_verifier = AttestationVerifier {
+                measurement_policy,
+                pccs_url: None,
+                log_dcap_quote: cli.log_dcap_quote,
+            };
+
+            let attestation_message =
+                dummy_attestation_client(server_addr, attestation_verifier).await?;
+
+            println!("{attestation_message:?}")
+        }
+    }
+
+    Ok(())
+}

dummy-attestation-server/src/main.rs

@@ -0,0 +1,99 @@
+//! Data Center Attestation Primitives (DCAP) evidence generation and verification
+use crate::attestation::{
+    measurements::{CvmImageMeasurements, Measurements, PlatformMeasurements},
+    AttestationError,
+};
+
+use configfs_tsm::QuoteGenerationError;
+use dcap_qvl::{
+    collateral::get_collateral_for_fmspc,
+    quote::{Quote, Report},
+};
+
+/// For fetching collateral directly from Intel, if no PCCS is specified
+pub const PCS_URL: &str = "https://api.trustedservices.intel.com";
+
+/// Quote generation using configfs_tsm
+pub async fn create_dcap_attestation(input_data: [u8; 64]) -> Result<Vec<u8>, AttestationError> {
+    Ok(generate_quote(input_data)?)
+}
+
+/// Verify a DCAP TDX quote, and return the measurement values
+pub async fn verify_dcap_attestation(
+    input: Vec<u8>,
+    expected_input_data: [u8; 64],
+    pccs_url: Option<String>,
+) -> Result<Measurements, AttestationError> {
+    let (platform_measurements, image_measurements) = if cfg!(not(test)) {
+        let now = std::time::SystemTime::now()
+            .duration_since(std::time::UNIX_EPOCH)?
+            .as_secs();
+        let quote = Quote::parse(&input)?;
+
+        let ca = quote.ca()?;
+        let fmspc = hex::encode_upper(quote.fmspc()?);
+        let collateral = get_collateral_for_fmspc(
+            &pccs_url.clone().unwrap_or(PCS_URL.to_string()),
+            fmspc,
+            ca,
+            false, // Indicates not SGX
+        )
+        .await?;
+
+        let _verified_report = dcap_qvl::verify::verify(&input, &collateral, now)?;
+
+        let measurements = (
+            PlatformMeasurements::from_dcap_qvl_quote(&quote)?,
+            CvmImageMeasurements::from_dcap_qvl_quote(&quote)?,
+        );
+        if get_quote_input_data(quote.report) != expected_input_data {
+            return Err(AttestationError::InputMismatch);
+        }
+        measurements
+    } else {
+        // In tests we use mock quotes which will fail to verify
+        let quote = tdx_quote::Quote::from_bytes(&input)?;
+        if quote.report_input_data() != expected_input_data {
+            return Err(AttestationError::InputMismatch);
+        }
+
+        (
+            PlatformMeasurements::from_tdx_quote(&quote),
+            CvmImageMeasurements::from_tdx_quote(&quote),
+        )
+    };
+
+    Ok(Measurements {
+        platform: platform_measurements,
+        cvm_image: image_measurements,
+    })
+}
+
+/// Create a mock quote for testing on non-confidential hardware
+#[cfg(test)]
+fn generate_quote(input: [u8; 64]) -> Result<Vec<u8>, QuoteGenerationError> {
+    let attestation_key = tdx_quote::SigningKey::random(&mut rand_core::OsRng);
+    let provisioning_certification_key = tdx_quote::SigningKey::random(&mut rand_core::OsRng);
+    Ok(tdx_quote::Quote::mock(
+        attestation_key.clone(),
+        provisioning_certification_key.clone(),
+        input,
+        b"Mock cert chain".to_vec(),
+    )
+    .as_bytes())
+}
+
+/// Create a quote
+#[cfg(not(test))]
+fn generate_quote(input: [u8; 64]) -> Result<Vec<u8>, QuoteGenerationError> {
+    configfs_tsm::create_quote(input)
+}
+
+/// Given a [Report] get the input data regardless of report type
+pub fn get_quote_input_data(report: Report) -> [u8; 64] {
+    match report {
+        Report::TD10(r) => r.report_data,
+        Report::TD15(r) => r.base.report_data,
+        Report::SgxEnclave(r) => r.report_data,
+    }
+}