Is your feature request related to a problem? Please describe.
Many confidential services such as Azure Confidential VMs and Confidential Spaces follow vTPM based attestation model, with the vTPM rooted in TEE attestation. Right now CCF natively supports validating TEE attestation verification. The feature ask is to extend CCF to also natively support verification of vTPM quotes rooted in TEE hardware.
Describe the solution you'd like
A new API such as the following which will consume a vTPM quote along with TEE attestation and other collateral, verify the quote and return verified claims.
interface vTpmAttestation {
verifyTpmAttestation(
quote: ArrayBuffer,
evidence: ArrayBuffer,
endorsements: ArrayBuffer,
uvm_endorsements?: ArrayBuffer,
endorsed_tcb?: string,
): vTpmAttestationResult;
}
This API will build on the existing SnpAttestation logic.
Describe alternatives you've considered
It may be possible to do this in an ACL app, but doing it natively in CCF will likely offer must better performance and more flexibility e.g., in the choice of libraries.
Additional context
This feature is needed for a key management system we have built and deployed using ACL. The KMS currently support Confidential Containers on ACI, but we would like to extend it to support Google Confidential Spaces.
Is your feature request related to a problem? Please describe.
Many confidential services such as Azure Confidential VMs and Confidential Spaces follow vTPM based attestation model, with the vTPM rooted in TEE attestation. Right now CCF natively supports validating TEE attestation verification. The feature ask is to extend CCF to also natively support verification of vTPM quotes rooted in TEE hardware.
Describe the solution you'd like
A new API such as the following which will consume a vTPM quote along with TEE attestation and other collateral, verify the quote and return verified claims.
This API will build on the existing SnpAttestation logic.
Describe alternatives you've considered
It may be possible to do this in an ACL app, but doing it natively in CCF will likely offer must better performance and more flexibility e.g., in the choice of libraries.
Additional context
This feature is needed for a key management system we have built and deployed using ACL. The KMS currently support Confidential Containers on ACI, but we would like to extend it to support Google Confidential Spaces.