diff --git a/.changelog/5108.feature.md b/.changelog/5108.feature.md new file mode 100644 index 00000000000..0b9af5539e4 --- /dev/null +++ b/.changelog/5108.feature.md @@ -0,0 +1 @@ +go/common/sgx/pcs: Add support for PCS v4 and TCB info v3 diff --git a/go/common/sgx/common.go b/go/common/sgx/common.go index a36935b1044..bbf336e9dd1 100644 --- a/go/common/sgx/common.go +++ b/go/common/sgx/common.go @@ -106,7 +106,7 @@ readLoop: return m.UnmarshalBinary(sum) } -// FromSgxsBytes dervies a MrEnclave from a byte slice containing a `.sgxs` +// FromSgxsBytes derives a MrEnclave from a byte slice containing a `.sgxs` // file. func (m *MrEnclave) FromSgxsBytes(data []byte) error { sum := sha256.Sum256(data) diff --git a/go/common/sgx/pcs/http.go b/go/common/sgx/pcs/http.go index ed86378c835..7e2cecf2d1e 100644 --- a/go/common/sgx/pcs/http.go +++ b/go/common/sgx/pcs/http.go @@ -22,11 +22,11 @@ const ( pcsAPISubscriptionKeyHeader = "Ocp-Apim-Subscription-Key" pcsAPITimeout = 10 * time.Second pcsAPIBaseURL = "https://api.trustedservices.intel.com/sgx" - pcsAPIGetPCKCertificatePath = "/certification/v3/pckcert" - pcsAPIGetRevocationListPath = "/certification/v3/pckcrl" - pcsAPIGetTCBInfoPath = "/certification/v3/tcb" - pcsAPIGetQEIdentityPath = "/certification/v3/qe/identity" - pcsAPICertChainHeader = "SGX-TCB-Info-Issuer-Chain" + pcsAPIGetPCKCertificatePath = "/certification/v4/pckcert" + pcsAPIGetRevocationListPath = "/certification/v4/pckcrl" + pcsAPIGetTCBInfoPath = "/certification/v4/tcb" + pcsAPIGetQEIdentityPath = "/certification/v4/qe/identity" + pcsAPICertChainHeader = "TCB-Info-Issuer-Chain" ) // HTTPClientConfig is the Intel SGX PCS client configuration. diff --git a/go/common/sgx/pcs/quote.go b/go/common/sgx/pcs/quote.go index 038a7f41c5b..e69091271b2 100644 --- a/go/common/sgx/pcs/quote.go +++ b/go/common/sgx/pcs/quote.go @@ -73,6 +73,11 @@ func (q *Quote) UnmarshalBinary(data []byte) error { } offset += quoteHeaderLen + // Support only SGX, as TDX is not needed. + if q.Header.TEEType != teeTypeSGX { + return fmt.Errorf("pcs/quote: unsupported TEE type: %X", q.Header.TEEType) + } + // ISV Report. if err := q.ISVReport.UnmarshalBinary(data[offset : offset+reportBodyLen]); err != nil { return err @@ -105,6 +110,10 @@ func (q *Quote) UnmarshalBinary(data []byte) error { // // In case of successful verification it returns the TCB level. func (q *Quote) Verify(policy *QuotePolicy, ts time.Time, tcb *TCBBundle) (*sgx.VerifiedQuote, error) { + if q.Header.TEEType != teeTypeSGX { + return nil, fmt.Errorf("pcs/quote: unsupported TEE type: %X", q.Header.TEEType) + } + if !bytes.Equal(q.Header.QEVendorID[:], QEVendorID_Intel) { return nil, fmt.Errorf("pcs/quote: unsupported QE vendor: %X", q.Header.QEVendorID) } @@ -149,6 +158,7 @@ func (q *Quote) Verify(policy *QuotePolicy, ts time.Time, tcb *TCBBundle) (*sgx. // QuoteHeader is a quote header. type QuoteHeader struct { Version uint16 + TEEType uint32 QESVN uint16 PCESVN uint16 QEVendorID [16]byte @@ -170,6 +180,12 @@ func (qh *QuoteHeader) UnmarshalBinary(data []byte) error { } qh.attestationKeyType = AttestationKeyType(binary.LittleEndian.Uint16(data[2:])) + + qh.TEEType = binary.LittleEndian.Uint32(data[4:]) + if qh.TEEType != teeTypeSGX { + return fmt.Errorf("pcs/quote: unsupported TEE type: %X", qh.TEEType) + } + qh.QESVN = binary.LittleEndian.Uint16(data[8:]) qh.PCESVN = binary.LittleEndian.Uint16(data[10:]) copy(qh.QEVendorID[:], data[12:]) @@ -180,6 +196,9 @@ func (qh *QuoteHeader) UnmarshalBinary(data []byte) error { return nil } +// teeTypeSGX is the SGX TEE type. +const teeTypeSGX uint32 = 0 + // QEVendorID_Intel is the Quoting Enclave vendor ID for Intel (939A7233F79C4CA9940A0DB3957F0607). var QEVendorID_Intel = []byte{0x93, 0x9a, 0x72, 0x33, 0xf7, 0x9c, 0x4c, 0xa9, 0x94, 0x0a, 0x0d, 0xb3, 0x95, 0x7f, 0x06, 0x07} // nolint: revive diff --git a/go/common/sgx/pcs/quote_test.go b/go/common/sgx/pcs/quote_test.go index 54f347579ab..4d04b49914a 100644 --- a/go/common/sgx/pcs/quote_test.go +++ b/go/common/sgx/pcs/quote_test.go @@ -24,25 +24,25 @@ func TestQuoteECDSA_P256_PCK_CertificateChain(t *testing.T) { // Validate quote header. require.EqualValues(3, quote.Header.Version) - require.EqualValues(7, quote.Header.QESVN) - require.EqualValues(12, quote.Header.PCESVN) + require.EqualValues(9, quote.Header.QESVN) + require.EqualValues(13, quote.Header.PCESVN) require.EqualValues(QEVendorID_Intel, quote.Header.QEVendorID[:]) // Validate ISV report. - require.EqualValues([]byte{5, 5, 12, 12, 255, 255, 1, 0, 0, 0, 0, 0, 0, 0, 0, 0}, quote.ISVReport.CPUSVN[:]) + require.EqualValues([]byte{8, 9, 14, 13, 255, 255, 1, 0, 0, 0, 0, 0, 0, 0, 0, 0}, quote.ISVReport.CPUSVN[:]) require.EqualValues(0, quote.ISVReport.MiscSelect) require.EqualValues(sgx.AttributeInit|sgx.AttributeMode64Bit, quote.ISVReport.Attributes.Flags) require.EqualValues(3, quote.ISVReport.Attributes.Xfrm) - require.EqualValues("9479d8eddfd7b1b700319419551dc340f688c2ef519a5e18657ecf32981dbd9e", quote.ISVReport.MRENCLAVE.String()) - require.EqualValues("4025dab7ebda1fbecc4e3637606e021214d0f41c6d0422fd378b2a8b88818459", quote.ISVReport.MRSIGNER.String()) + require.EqualValues("68823bc62f409ee33a32ea270cfe45d4b19a6fb3c8570d7bc186cbe062398e8f", quote.ISVReport.MRENCLAVE.String()) + require.EqualValues("9affcfae47b848ec2caf1c49b4b283531e1cc425f93582b36806e52a43d78d1a", quote.ISVReport.MRSIGNER.String()) require.EqualValues(0, quote.ISVReport.ISVProdID) require.EqualValues(0, quote.ISVReport.ISVSVN) - require.EqualValues([]byte{40, 70, 22, 193, 254, 244, 193, 12, 227, 221, 176, 206, 20, 9, 124, 124, 204, 247, 205, 137, 173, 0, 101, 51, 97, 62, 66, 75, 27, 209, 53, 129, 110, 106, 90, 82, 54, 76, 68, 47, 98, 51, 80, 100, 74, 118, 49, 84, 73, 90, 65, 53, 114, 117, 53, 65, 109, 52, 56, 80, 69, 80, 88, 111}, quote.ISVReport.ReportData[:]) + require.EqualValues([]byte{2, 106, 105, 206, 217, 108, 62, 2, 149, 209, 109, 107, 56, 142, 5, 122, 19, 122, 20, 49, 150, 113, 102, 42, 88, 68, 199, 71, 47, 60, 98, 174, 14, 61, 63, 153, 183, 125, 216, 155, 15, 193, 67, 108, 79, 233, 104, 40, 57, 26, 82, 88, 138, 15, 136, 52, 85, 161, 139, 143, 88, 114, 227, 240}, quote.ISVReport.ReportData[:]) // Validate quote signature. require.EqualValues(AttestationKeyECDSA_P256, quote.Signature.AttestationKeyType()) qs := quote.Signature.(*QuoteSignatureECDSA_P256) - require.EqualValues([]byte{5, 5, 12, 12, 255, 255, 1, 0, 0, 0, 0, 0, 0, 0, 0, 0}, qs.QEReport.CPUSVN[:]) + require.EqualValues([]byte{8, 9, 14, 13, 255, 255, 1, 0, 0, 0, 0, 0, 0, 0, 0, 0}, qs.QEReport.CPUSVN[:]) require.EqualValues(0, qs.QEReport.MiscSelect) require.EqualValues(sgx.AttributeInit|sgx.AttributeMode64Bit|sgx.AttributeProvisionKey, qs.QEReport.Attributes.Flags) require.EqualValues(231, qs.QEReport.Attributes.Xfrm) @@ -51,11 +51,11 @@ func TestQuoteECDSA_P256_PCK_CertificateChain(t *testing.T) { require.Len(cd.CertificateChain, 3) // Prepare TCB bundle needed for verification. - rawTCBInfo, err := os.ReadFile("testdata/tcb_info_v2_fmspc_00606A000000.json") // From PCS V3 response. + rawTCBInfo, err := os.ReadFile("testdata/tcb_info_v3_fmspc_00606A000000.json") // From PCS V4 response. require.NoError(err, "Read test vector") - rawCerts, err := os.ReadFile("testdata/tcb_info_v2_fmspc_00606A000000_certs.pem") // From PCS V3 response (SGX-TCB-Info-Issuer-Chain header). + rawCerts, err := os.ReadFile("testdata/tcb_info_v3_fmspc_00606A000000_certs.pem") // From PCS V4 response (TCB-Info-Issuer-Chain header). require.NoError(err, "Read test vector") - rawQEIdentity, err := os.ReadFile("testdata/qe_identity_v2.json") // From PCS V3 response. + rawQEIdentity, err := os.ReadFile("testdata/qe_identity_v2.json") // From PCS V4 response. require.NoError(err, "Read test vector") var tcbInfo SignedTCBInfo @@ -72,32 +72,38 @@ func TestQuoteECDSA_P256_PCK_CertificateChain(t *testing.T) { Certificates: rawCerts, } - now := time.Unix(1652701082, 0) + now := time.Unix(1671497404, 0) verifiedQuote, err := quote.Verify(nil, now, &tcbBundle) require.NoError(err, "Verify quote signature") - require.EqualValues("9479d8eddfd7b1b700319419551dc340f688c2ef519a5e18657ecf32981dbd9e", verifiedQuote.Identity.MrEnclave.String()) - require.EqualValues("4025dab7ebda1fbecc4e3637606e021214d0f41c6d0422fd378b2a8b88818459", verifiedQuote.Identity.MrSigner.String()) + require.EqualValues("68823bc62f409ee33a32ea270cfe45d4b19a6fb3c8570d7bc186cbe062398e8f", verifiedQuote.Identity.MrEnclave.String()) + require.EqualValues("9affcfae47b848ec2caf1c49b4b283531e1cc425f93582b36806e52a43d78d1a", verifiedQuote.Identity.MrSigner.String()) + + // Test X509 certificate has expired (not after 1891163521). + now2a := time.Unix(1891163522, 0) + _, err = quote.Verify(nil, now2a, &tcbBundle) + require.Error(err, "Quote verification should fail for expired PCK certificates") + require.ErrorContains(err, "pcs/quote: failed to verify PCK certificate chain: x509: certificate has expired or is not yet valid") - // Test X509 certificate not yet valid. - now2 := time.Unix(1052695757, 0) - _, err = quote.Verify(nil, now2, &tcbBundle) + // Test X509 certificate not yet valid (not before 1670238721). + now2b := time.Unix(1670238720, 0) + _, err = quote.Verify(nil, now2b, &tcbBundle) require.Error(err, "Quote verification should fail for PCK certificates not yet valid") require.ErrorContains(err, "pcs/quote: failed to verify PCK certificate chain: x509: certificate has expired or is not yet valid") - // Test TCB info not yet valid. - now3 := time.Unix(1652609357, 0) + // Test TCB info not yet valid (qe identity issue date 1671194736). + now3 := time.Unix(1671194735, 0) _, err = quote.Verify(nil, now3, &tcbBundle) require.Error(err, "Quote verification should fail for TCB info not yet valid") require.ErrorContains(err, "pcs/quote: failed to verify TCB bundle: pcs/tcb: failed to verify QE identity: pcs/tcb: invalid QE identity: pcs/tcb: QE identity issue date in the future") - // Test TCB info expired. - now4 := time.Unix(1657879757, 0) + // Test TCB info expired (qe identity issue date 1671194736 + validity period 30 * 24 * 60 * 60 = 1673786736). + now4 := time.Unix(1673786737, 0) _, err = quote.Verify(nil, now4, &tcbBundle) require.Error(err, "Quote verification should fail for TCB info expired") require.ErrorContains(err, "pcs/quote: failed to verify TCB bundle: pcs/tcb: failed to verify QE identity: pcs/tcb: invalid QE identity: pcs/tcb: QE identity expired") // Test alternate validity from quote policy. - now5 := time.Unix(1657879757, 0) + now5 := time.Unix(1673786737, 0) quotePolicy := &QuotePolicy{ TCBValidityPeriod: 90, } @@ -133,7 +139,7 @@ func TestQuoteECDSA_P256_PCK_CertificateChain(t *testing.T) { require.ErrorContains(err, "pcs/quote: failed to verify TCB bundle: pcs/tcb: unexpected certificate chain length: 0") // Test TCB info certificates bad. - rawCertsBad, err := os.ReadFile("testdata/tcb_info_v2_fmspc_00606A000000_certs_bad.pem") + rawCertsBad, err := os.ReadFile("testdata/tcb_info_v3_fmspc_00606A000000_certs_bad.pem") require.NoError(err, "Read test vector") tcbBundle3 := TCBBundle{ @@ -177,8 +183,8 @@ func TestQuoteECDSA_P256_PCK_CertificateChain(t *testing.T) { verifiedQuote, err = quoteBundle.Verify(nil, now) require.NoError(err, "Verify quote bundle") - require.EqualValues("9479d8eddfd7b1b700319419551dc340f688c2ef519a5e18657ecf32981dbd9e", verifiedQuote.Identity.MrEnclave.String()) - require.EqualValues("4025dab7ebda1fbecc4e3637606e021214d0f41c6d0422fd378b2a8b88818459", verifiedQuote.Identity.MrSigner.String()) + require.EqualValues("68823bc62f409ee33a32ea270cfe45d4b19a6fb3c8570d7bc186cbe062398e8f", verifiedQuote.Identity.MrEnclave.String()) + require.EqualValues("9affcfae47b848ec2caf1c49b4b283531e1cc425f93582b36806e52a43d78d1a", verifiedQuote.Identity.MrSigner.String()) // Test quote bundle serialization round-trip. rawQB := cbor.Marshal(quoteBundle) @@ -187,8 +193,8 @@ func TestQuoteECDSA_P256_PCK_CertificateChain(t *testing.T) { require.NoError(err, "QuoteBundle serialization should round-trip") verifiedQuote, err = quoteBundle2.Verify(nil, now) require.NoError(err, "Verify deserialized quote bundle") - require.EqualValues("9479d8eddfd7b1b700319419551dc340f688c2ef519a5e18657ecf32981dbd9e", verifiedQuote.Identity.MrEnclave.String()) - require.EqualValues("4025dab7ebda1fbecc4e3637606e021214d0f41c6d0422fd378b2a8b88818459", verifiedQuote.Identity.MrSigner.String()) + require.EqualValues("68823bc62f409ee33a32ea270cfe45d4b19a6fb3c8570d7bc186cbe062398e8f", verifiedQuote.Identity.MrEnclave.String()) + require.EqualValues("9affcfae47b848ec2caf1c49b4b283531e1cc425f93582b36806e52a43d78d1a", verifiedQuote.Identity.MrSigner.String()) } func TestQuoteECDSA_P256_EPPID(t *testing.T) { @@ -212,8 +218,8 @@ func TestQuoteECDSA_P256_EPPID(t *testing.T) { require.EqualValues(0, quote.ISVReport.MiscSelect) require.EqualValues(sgx.AttributeInit|sgx.AttributeMode64Bit, quote.ISVReport.Attributes.Flags) require.EqualValues(3, quote.ISVReport.Attributes.Xfrm) - require.EqualValues("9479d8eddfd7b1b700319419551dc340f688c2ef519a5e18657ecf32981dbd9e", quote.ISVReport.MRENCLAVE.String()) - require.EqualValues("4025dab7ebda1fbecc4e3637606e021214d0f41c6d0422fd378b2a8b88818459", quote.ISVReport.MRSIGNER.String()) + require.EqualValues("68823bc62f409ee33a32ea270cfe45d4b19a6fb3c8570d7bc186cbe062398e8f", quote.ISVReport.MRENCLAVE.String()) + require.EqualValues("9affcfae47b848ec2caf1c49b4b283531e1cc425f93582b36806e52a43d78d1a", quote.ISVReport.MRSIGNER.String()) require.EqualValues(0, quote.ISVReport.ISVProdID) require.EqualValues(0, quote.ISVReport.ISVSVN) require.EqualValues([]byte{88, 71, 160, 127, 98, 203, 186, 123, 157, 240, 227, 172, 25, 83, 16, 250, 226, 19, 77, 70, 182, 58, 130, 156, 76, 232, 128, 32, 45, 239, 29, 161, 119, 73, 117, 86, 119, 84, 116, 67, 70, 80, 103, 51, 101, 54, 75, 57, 74, 78, 66, 101, 57, 99, 73, 110, 103, 90, 53, 104, 115, 84, 100, 112}, quote.ISVReport.ReportData[:]) diff --git a/go/common/sgx/pcs/tcb.go b/go/common/sgx/pcs/tcb.go index 59cd90b69c4..449968ff690 100644 --- a/go/common/sgx/pcs/tcb.go +++ b/go/common/sgx/pcs/tcb.go @@ -15,8 +15,11 @@ import ( ) const ( + // requiredTCBInfoID is the required TCB info identifier. + requiredTCBInfoID = "SGX" + // requiredTCBInfoVersion is the required TCB info version. - requiredTCBInfoVersion = 2 + requiredTCBInfoVersion = 3 // requiredQEID is the required QE identity enclave ID. requiredQEID = "QE" @@ -184,8 +187,16 @@ func (st *SignedTCBInfo) open(ts time.Time, policy *QuotePolicy, pk *ecdsa.Publi return &tcbInfo, nil } +// TDXModule is a representation of the properties of Intel’s TDX SEAM module. +type TDXModule struct { + MRSIGNER string `json:"mrsigner"` + Attributes [8]byte `json:"attributes"` + AttributesMask [8]byte `json:"attributesMask"` +} + // TCBInfo is the TCB info body. type TCBInfo struct { + ID string `json:"id"` Version int `json:"version"` IssueDate string `json:"issueDate"` NextUpdate string `json:"nextUpdate"` @@ -193,10 +204,15 @@ type TCBInfo struct { PCEID string `json:"pceId"` TCBType int `json:"tcbType"` TCBEvaluationDataNumber uint32 `json:"tcbEvaluationDataNumber"` + TDXModule TDXModule `json:"tdxModule,omitempty"` TCBLevels []TCBLevel `json:"tcbLevels"` } func (ti *TCBInfo) validate(ts time.Time, policy *QuotePolicy) error { + if ti.ID != requiredTCBInfoID { + return fmt.Errorf("pcs/tcb: unexpected TCB info identifier: %s", ti.ID) + } + if ti.Version != requiredTCBInfoVersion { return fmt.Errorf("pcs/tcb: unexpected TCB info version: %d", ti.Version) } @@ -328,26 +344,19 @@ func (tle *TCBOutOfDateError) Error() string { return fmt.Sprintf("%s TCB is not up to date (likely needs upgrade): %s", tle.Kind, tle.Status) } +// TCBComponent is a TCB component. +type TCBComponent struct { + SVN int32 `json:"svn"` + Category string `json:"category,omitempty"` + Type string `json:"type,omitempty"` +} + // TCBLevel is a platform TCB level. type TCBLevel struct { TCB struct { - PCESVN int32 `json:"pcesvn"` - Comp01SVN int32 `json:"sgxtcbcomp01svn"` - Comp02SVN int32 `json:"sgxtcbcomp02svn"` - Comp03SVN int32 `json:"sgxtcbcomp03svn"` - Comp04SVN int32 `json:"sgxtcbcomp04svn"` - Comp05SVN int32 `json:"sgxtcbcomp05svn"` - Comp06SVN int32 `json:"sgxtcbcomp06svn"` - Comp07SVN int32 `json:"sgxtcbcomp07svn"` - Comp08SVN int32 `json:"sgxtcbcomp08svn"` - Comp09SVN int32 `json:"sgxtcbcomp09svn"` - Comp10SVN int32 `json:"sgxtcbcomp10svn"` - Comp11SVN int32 `json:"sgxtcbcomp11svn"` - Comp12SVN int32 `json:"sgxtcbcomp12svn"` - Comp13SVN int32 `json:"sgxtcbcomp13svn"` - Comp14SVN int32 `json:"sgxtcbcomp14svn"` - Comp15SVN int32 `json:"sgxtcbcomp15svn"` - Comp16SVN int32 `json:"sgxtcbcomp16svn"` + PCESVN int32 `json:"pcesvn"` + SGXComponents [16]TCBComponent `json:"sgxtcbcomponents"` + TDXComponents [16]TCBComponent `json:"tdxtcbcomponents,omitempty"` } `json:"tcb"` Date string `json:"tcbDate"` Status TCBStatus `json:"tcbStatus"` @@ -360,26 +369,9 @@ func (tl *TCBLevel) matches(tcbCompSvn [16]int32, pcesvn int32) bool { // 16) with the corresponding values in the TCB Level. If all SGX TCB Comp SVNs in the // certificate are greater or equal to the corresponding values in TCB Level, go to b, // otherwise move to the next item on TCB Levels list. - for i, svn := range []int32{ - tl.TCB.Comp01SVN, - tl.TCB.Comp02SVN, - tl.TCB.Comp03SVN, - tl.TCB.Comp04SVN, - tl.TCB.Comp05SVN, - tl.TCB.Comp06SVN, - tl.TCB.Comp07SVN, - tl.TCB.Comp08SVN, - tl.TCB.Comp09SVN, - tl.TCB.Comp10SVN, - tl.TCB.Comp11SVN, - tl.TCB.Comp12SVN, - tl.TCB.Comp13SVN, - tl.TCB.Comp14SVN, - tl.TCB.Comp15SVN, - tl.TCB.Comp16SVN, - } { + for i, comp := range tl.TCB.SGXComponents { // At least one SVN is lower, no match. - if tcbCompSvn[i] < svn { + if tcbCompSvn[i] < comp.SVN { return false } } @@ -490,6 +482,7 @@ type QEIdentity struct { MRSIGNER string `json:"mrsigner"` ISVProdID uint16 `json:"isvprodid"` TCBLevels []EnclaveTCBLevel `json:"tcbLevels"` + AdvisoryIDs []int `json:"advisoryIDs,omitempty"` } func (qe *QEIdentity) validate(ts time.Time, policy *QuotePolicy) error { diff --git a/go/common/sgx/pcs/testdata/qe_identity_v2.json b/go/common/sgx/pcs/testdata/qe_identity_v2.json index cf3c32bf88f..8a10ab7bfd1 100644 --- a/go/common/sgx/pcs/testdata/qe_identity_v2.json +++ b/go/common/sgx/pcs/testdata/qe_identity_v2.json @@ -1 +1 @@ -{"enclaveIdentity":{"id":"QE","version":2,"issueDate":"2022-05-16T10:34:11Z","nextUpdate":"2022-06-15T10:34:11Z","tcbEvaluationDataNumber":12,"miscselect":"00000000","miscselectMask":"FFFFFFFF","attributes":"11000000000000000000000000000000","attributesMask":"FBFFFFFFFFFFFFFF0000000000000000","mrsigner":"8C4F5775D796503E96137F77C68A829A0056AC8DED70140B081B094490C57BFF","isvprodid":1,"tcbLevels":[{"tcb":{"isvsvn":6},"tcbDate":"2021-11-10T00:00:00Z","tcbStatus":"UpToDate"},{"tcb":{"isvsvn":5},"tcbDate":"2020-11-11T00:00:00Z","tcbStatus":"OutOfDate"},{"tcb":{"isvsvn":4},"tcbDate":"2019-11-13T00:00:00Z","tcbStatus":"OutOfDate"},{"tcb":{"isvsvn":2},"tcbDate":"2019-05-15T00:00:00Z","tcbStatus":"OutOfDate"},{"tcb":{"isvsvn":1},"tcbDate":"2018-08-15T00:00:00Z","tcbStatus":"OutOfDate"}]},"signature":"68251f6b5229f1d8232f8db2cef3e7d7e687a118b26d58f45fbf64c7cf9f83b50909d725a9dd03d8fe49742c12188b6e03b5321c58fd14e0e6b0d644de74d277"} \ No newline at end of file +{"enclaveIdentity":{"id":"QE","version":2,"issueDate":"2022-12-16T12:45:36Z","nextUpdate":"2023-01-15T12:45:36Z","tcbEvaluationDataNumber":13,"miscselect":"00000000","miscselectMask":"FFFFFFFF","attributes":"11000000000000000000000000000000","attributesMask":"FBFFFFFFFFFFFFFF0000000000000000","mrsigner":"8C4F5775D796503E96137F77C68A829A0056AC8DED70140B081B094490C57BFF","isvprodid":1,"tcbLevels":[{"tcb":{"isvsvn":6},"tcbDate":"2022-11-09T00:00:00Z","tcbStatus":"UpToDate"},{"tcb":{"isvsvn":5},"tcbDate":"2020-11-11T00:00:00Z","tcbStatus":"OutOfDate","advisoryIDs":["INTEL-SA-00477"]},{"tcb":{"isvsvn":4},"tcbDate":"2019-11-13T00:00:00Z","tcbStatus":"OutOfDate","advisoryIDs":["INTEL-SA-00334","INTEL-SA-00477"]},{"tcb":{"isvsvn":2},"tcbDate":"2019-05-15T00:00:00Z","tcbStatus":"OutOfDate","advisoryIDs":["INTEL-SA-00219","INTEL-SA-00293","INTEL-SA-00334","INTEL-SA-00477"]},{"tcb":{"isvsvn":1},"tcbDate":"2018-08-15T00:00:00Z","tcbStatus":"OutOfDate","advisoryIDs":["INTEL-SA-00202","INTEL-SA-00219","INTEL-SA-00293","INTEL-SA-00334","INTEL-SA-00477"]}]},"signature":"6be6247f58edcb10b53368b566d3e34c8ae33d1f33eebf93de707113e05bf9646e62c89035a3d572de25bd8eacbb435616966bf4ad12e40efd837113439ed7a8"} \ No newline at end of file diff --git a/go/common/sgx/pcs/testdata/quote_v3_ecdsa_p256_pck_chain.bin b/go/common/sgx/pcs/testdata/quote_v3_ecdsa_p256_pck_chain.bin index 075eee9f9e7..bc241e0746a 100644 Binary files a/go/common/sgx/pcs/testdata/quote_v3_ecdsa_p256_pck_chain.bin and b/go/common/sgx/pcs/testdata/quote_v3_ecdsa_p256_pck_chain.bin differ diff --git a/go/common/sgx/pcs/testdata/tcb_info_v2_fmspc_00606A000000.json b/go/common/sgx/pcs/testdata/tcb_info_v2_fmspc_00606A000000.json deleted file mode 100644 index 0a463197f42..00000000000 --- a/go/common/sgx/pcs/testdata/tcb_info_v2_fmspc_00606A000000.json +++ /dev/null @@ -1 +0,0 @@ -{"tcbInfo":{"version":2,"issueDate":"2022-05-16T07:22:26Z","nextUpdate":"2022-06-15T07:22:26Z","fmspc":"00606A000000","pceId":"0000","tcbType":0,"tcbEvaluationDataNumber":12,"tcbLevels":[{"tcb":{"sgxtcbcomp01svn":4,"sgxtcbcomp02svn":4,"sgxtcbcomp03svn":3,"sgxtcbcomp04svn":3,"sgxtcbcomp05svn":255,"sgxtcbcomp06svn":255,"sgxtcbcomp07svn":0,"sgxtcbcomp08svn":0,"sgxtcbcomp09svn":0,"sgxtcbcomp10svn":0,"sgxtcbcomp11svn":0,"sgxtcbcomp12svn":0,"sgxtcbcomp13svn":0,"sgxtcbcomp14svn":0,"sgxtcbcomp15svn":0,"sgxtcbcomp16svn":0,"pcesvn":11},"tcbDate":"2021-11-10T00:00:00Z","tcbStatus":"UpToDate"},{"tcb":{"sgxtcbcomp01svn":4,"sgxtcbcomp02svn":4,"sgxtcbcomp03svn":3,"sgxtcbcomp04svn":3,"sgxtcbcomp05svn":255,"sgxtcbcomp06svn":255,"sgxtcbcomp07svn":0,"sgxtcbcomp08svn":0,"sgxtcbcomp09svn":0,"sgxtcbcomp10svn":0,"sgxtcbcomp11svn":0,"sgxtcbcomp12svn":0,"sgxtcbcomp13svn":0,"sgxtcbcomp14svn":0,"sgxtcbcomp15svn":0,"sgxtcbcomp16svn":0,"pcesvn":10},"tcbDate":"2020-11-11T00:00:00Z","tcbStatus":"OutOfDate"},{"tcb":{"sgxtcbcomp01svn":3,"sgxtcbcomp02svn":3,"sgxtcbcomp03svn":3,"sgxtcbcomp04svn":3,"sgxtcbcomp05svn":255,"sgxtcbcomp06svn":255,"sgxtcbcomp07svn":0,"sgxtcbcomp08svn":0,"sgxtcbcomp09svn":0,"sgxtcbcomp10svn":0,"sgxtcbcomp11svn":0,"sgxtcbcomp12svn":0,"sgxtcbcomp13svn":0,"sgxtcbcomp14svn":0,"sgxtcbcomp15svn":0,"sgxtcbcomp16svn":0,"pcesvn":10},"tcbDate":"2020-06-10T00:00:00Z","tcbStatus":"OutOfDate"},{"tcb":{"sgxtcbcomp01svn":3,"sgxtcbcomp02svn":3,"sgxtcbcomp03svn":3,"sgxtcbcomp04svn":3,"sgxtcbcomp05svn":255,"sgxtcbcomp06svn":255,"sgxtcbcomp07svn":0,"sgxtcbcomp08svn":0,"sgxtcbcomp09svn":0,"sgxtcbcomp10svn":0,"sgxtcbcomp11svn":0,"sgxtcbcomp12svn":0,"sgxtcbcomp13svn":0,"sgxtcbcomp14svn":0,"sgxtcbcomp15svn":0,"sgxtcbcomp16svn":0,"pcesvn":5},"tcbDate":"2018-01-04T00:00:00Z","tcbStatus":"OutOfDate"}]},"signature":"68a39fa09446abdd13d9294cadc5710a87f6c7083b207d3aba6c5217af7c979b5e70fcedb4d8427682c8cefddd9163527cb792a4d1f25ada533ec355e44679ad"} diff --git a/go/common/sgx/pcs/testdata/tcb_info_v3_fmspc_00606A000000.json b/go/common/sgx/pcs/testdata/tcb_info_v3_fmspc_00606A000000.json new file mode 100644 index 00000000000..fc35f8f11eb --- /dev/null +++ b/go/common/sgx/pcs/testdata/tcb_info_v3_fmspc_00606A000000.json @@ -0,0 +1 @@ +{"tcbInfo":{"id":"SGX","version":3,"issueDate":"2022-12-19T09:40:10Z","nextUpdate":"2023-01-18T09:40:10Z","fmspc":"00606A000000","pceId":"0000","tcbType":0,"tcbEvaluationDataNumber":13,"tcbLevels":[{"tcb":{"sgxtcbcomponents":[{"svn":7,"category":"BIOS","type":"Early Microcode Update"},{"svn":9,"category":"OS/VMM","type":"SGX Late Microcode Update"},{"svn":3,"category":"OS/VMM","type":"TXT SINIT"},{"svn":3,"category":"BIOS"},{"svn":255},{"svn":255},{"svn":1},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0}],"pcesvn":13},"tcbDate":"2022-08-10T00:00:00Z","tcbStatus":"SWHardeningNeeded","advisoryIDs":["INTEL-SA-00615","INTEL-SA-00657"]},{"tcb":{"sgxtcbcomponents":[{"svn":7,"category":"BIOS","type":"Early Microcode Update"},{"svn":9,"category":"OS/VMM","type":"SGX Late Microcode Update"},{"svn":3,"category":"OS/VMM","type":"TXT SINIT"},{"svn":3,"category":"BIOS"},{"svn":255},{"svn":255},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0}],"pcesvn":13},"tcbDate":"2022-08-10T00:00:00Z","tcbStatus":"ConfigurationAndSWHardeningNeeded","advisoryIDs":["INTEL-SA-00615","INTEL-SA-00657"]},{"tcb":{"sgxtcbcomponents":[{"svn":4,"category":"BIOS","type":"Early Microcode Update"},{"svn":4,"category":"OS/VMM","type":"SGX Late Microcode Update"},{"svn":3,"category":"OS/VMM","type":"TXT SINIT"},{"svn":3,"category":"BIOS"},{"svn":255},{"svn":255},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0}],"pcesvn":11},"tcbDate":"2021-11-10T00:00:00Z","tcbStatus":"OutOfDate","advisoryIDs":["INTEL-SA-00586","INTEL-SA-00614","INTEL-SA-00615","INTEL-SA-00657"]},{"tcb":{"sgxtcbcomponents":[{"svn":4,"category":"BIOS","type":"Early Microcode Update"},{"svn":4,"category":"OS/VMM","type":"SGX Late Microcode Update"},{"svn":3,"category":"OS/VMM","type":"TXT SINIT"},{"svn":3,"category":"BIOS"},{"svn":255},{"svn":255},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0}],"pcesvn":10},"tcbDate":"2020-11-11T00:00:00Z","tcbStatus":"OutOfDate","advisoryIDs":["INTEL-SA-00477","INTEL-SA-00586","INTEL-SA-00614","INTEL-SA-00615","INTEL-SA-00657"]},{"tcb":{"sgxtcbcomponents":[{"svn":4,"category":"BIOS","type":"Early Microcode Update"},{"svn":4,"category":"OS/VMM","type":"SGX Late Microcode Update"},{"svn":3,"category":"OS/VMM","type":"TXT SINIT"},{"svn":3,"category":"BIOS"},{"svn":255},{"svn":255},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0}],"pcesvn":5},"tcbDate":"2018-01-04T00:00:00Z","tcbStatus":"OutOfDate","advisoryIDs":["INTEL-SA-00106","INTEL-SA-00115","INTEL-SA-00135","INTEL-SA-00203","INTEL-SA-00220","INTEL-SA-00233","INTEL-SA-00270","INTEL-SA-00293","INTEL-SA-00320","INTEL-SA-00329","INTEL-SA-00381","INTEL-SA-00389","INTEL-SA-00477","INTEL-SA-00586","INTEL-SA-00614","INTEL-SA-00615","INTEL-SA-00657"]}]},"signature":"00ebb478cec3792ed87afa4cab0bd0d38388f5b9e684e487d08aaab0665f4207d72d061f676f1739e4a2a0172928620311e6efdf9d3d0e8dacd61a4e77966a42"} \ No newline at end of file diff --git a/go/common/sgx/pcs/testdata/tcb_info_v2_fmspc_00606A000000_certs.pem b/go/common/sgx/pcs/testdata/tcb_info_v3_fmspc_00606A000000_certs.pem similarity index 100% rename from go/common/sgx/pcs/testdata/tcb_info_v2_fmspc_00606A000000_certs.pem rename to go/common/sgx/pcs/testdata/tcb_info_v3_fmspc_00606A000000_certs.pem diff --git a/go/common/sgx/pcs/testdata/tcb_info_v2_fmspc_00606A000000_certs_bad.pem b/go/common/sgx/pcs/testdata/tcb_info_v3_fmspc_00606A000000_certs_bad.pem similarity index 100% rename from go/common/sgx/pcs/testdata/tcb_info_v2_fmspc_00606A000000_certs_bad.pem rename to go/common/sgx/pcs/testdata/tcb_info_v3_fmspc_00606A000000_certs_bad.pem diff --git a/runtime/src/common/sgx/pcs.rs b/runtime/src/common/sgx/pcs.rs index f2953c9b980..e3dee86d2c6 100644 --- a/runtime/src/common/sgx/pcs.rs +++ b/runtime/src/common/sgx/pcs.rs @@ -15,7 +15,8 @@ use sgx_isa::{AttributesFlags, Report}; use super::{EnclaveIdentity, MrEnclave, MrSigner, VerifiedQuote}; // Required values of various TCB fields. -const REQUIRED_TCB_INFO_VERSION: u32 = 2; +const REQUIRED_TCB_INFO_ID: &str = "SGX"; +const REQUIRED_TCB_INFO_VERSION: u32 = 3; const REQUIRED_QE_ID: &str = "QE"; const REQUIRED_QE_IDENTITY_VERSION: u32 = 2; const DEFAULT_MIN_TCB_EVALUATION_DATA_NUMBER: u32 = 12; // As of 2022-08-01. @@ -468,9 +469,25 @@ impl SignedTCBInfo { } } +/// TDX module is a representation of the properties of Intel’s TDX SEAM module. +#[derive(Clone, Debug, Default, serde::Deserialize)] +pub struct TDXModule { + #[serde(rename = "mrsigner")] + pub mr_signer: String, + + #[serde(rename = "attributes")] + pub attributes: [u8; 8], + + #[serde(rename = "attributesMask")] + pub attributes_mask: [u8; 8], +} + /// TCB info body. #[derive(Clone, Debug, Default, serde::Deserialize)] pub struct TCBInfo { + #[serde(rename = "id")] + pub id: String, + #[serde(rename = "version")] pub version: u32, @@ -492,12 +509,21 @@ pub struct TCBInfo { #[serde(rename = "tcbEvaluationDataNumber")] pub tcb_evaluation_data_number: u32, + #[serde(default, rename = "tdxModule")] + pub tdx_module: TDXModule, + #[serde(rename = "tcbLevels")] pub tcb_levels: Vec, } impl TCBInfo { fn validate(&self, ts: DateTime, policy: &QuotePolicy) -> Result<(), Error> { + if self.id != REQUIRED_TCB_INFO_ID { + return Err(Error::TCBParseError(anyhow::anyhow!( + "unexpected TCB info identifier" + ))); + } + if self.version != REQUIRED_TCB_INFO_VERSION { return Err(Error::TCBParseError(anyhow::anyhow!( "unexpected TCB info version" @@ -583,29 +609,9 @@ impl TCBLevel { // 16) with the corresponding values in the TCB Level. If all SGX TCB Comp SVNs in the // certificate are greater or equal to the corresponding values in TCB Level, go to b, // otherwise move to the next item on TCB Levels list. - for (i, svn) in [ - self.tcb.comp01svn, - self.tcb.comp02svn, - self.tcb.comp03svn, - self.tcb.comp04svn, - self.tcb.comp05svn, - self.tcb.comp06svn, - self.tcb.comp07svn, - self.tcb.comp08svn, - self.tcb.comp09svn, - self.tcb.comp10svn, - self.tcb.comp11svn, - self.tcb.comp12svn, - self.tcb.comp13svn, - self.tcb.comp14svn, - self.tcb.comp15svn, - self.tcb.comp16svn, - ] - .iter() - .enumerate() - { + for (i, comp) in self.tcb.sgx_components.iter().enumerate() { // At least one SVN is lower, no match. - if tcb_comp_svn[i] < *svn { + if tcb_comp_svn[i] < comp.svn { return false; } } @@ -628,38 +634,24 @@ pub struct TCBVersions { #[serde(rename = "pcesvn")] pub pcesvn: u32, - #[serde(rename = "sgxtcbcomp01svn")] - pub comp01svn: u32, - #[serde(rename = "sgxtcbcomp02svn")] - pub comp02svn: u32, - #[serde(rename = "sgxtcbcomp03svn")] - pub comp03svn: u32, - #[serde(rename = "sgxtcbcomp04svn")] - pub comp04svn: u32, - #[serde(rename = "sgxtcbcomp05svn")] - pub comp05svn: u32, - #[serde(rename = "sgxtcbcomp06svn")] - pub comp06svn: u32, - #[serde(rename = "sgxtcbcomp07svn")] - pub comp07svn: u32, - #[serde(rename = "sgxtcbcomp08svn")] - pub comp08svn: u32, - #[serde(rename = "sgxtcbcomp09svn")] - pub comp09svn: u32, - #[serde(rename = "sgxtcbcomp10svn")] - pub comp10svn: u32, - #[serde(rename = "sgxtcbcomp11svn")] - pub comp11svn: u32, - #[serde(rename = "sgxtcbcomp12svn")] - pub comp12svn: u32, - #[serde(rename = "sgxtcbcomp13svn")] - pub comp13svn: u32, - #[serde(rename = "sgxtcbcomp14svn")] - pub comp14svn: u32, - #[serde(rename = "sgxtcbcomp15svn")] - pub comp15svn: u32, - #[serde(rename = "sgxtcbcomp16svn")] - pub comp16svn: u32, + #[serde(rename = "sgxtcbcomponents")] + pub sgx_components: [TCBComponent; 16], + + #[serde(default, rename = "tdxtcbcomponents")] + pub tdx_components: [TCBComponent; 16], +} + +/// A TCB component. +#[derive(Clone, Debug, Default, serde::Deserialize)] +pub struct TCBComponent { + #[serde(rename = "svn")] + pub svn: u32, + + #[serde(default, rename = "category")] + pub category: String, + + #[serde(default, rename = "type")] + pub tcb_comp_type: String, } /// TCB status. @@ -759,6 +751,9 @@ pub struct QEIdentity { #[serde(rename = "tcbLevels")] pub tcb_levels: Vec, + + #[serde(default, rename = "advisoryIDs")] + pub advisory_ids: Vec, } impl QEIdentity { @@ -920,10 +915,10 @@ mod tests { const RAW_QUOTE: &[u8] = include_bytes!("../../../testdata/quote_v3_ecdsa_p256_pck_chain.bin"); const RAW_TCB_INFO: &[u8] = - include_bytes!("../../../testdata/tcb_info_v2_fmspc_00606A000000.json"); // From PCS V3 response. + include_bytes!("../../../testdata/tcb_info_v3_fmspc_00606A000000.json"); // From PCS V4 response. const RAW_CERTS: &[u8] = - include_bytes!("../../../testdata/tcb_info_v2_fmspc_00606A000000_certs.pem"); // From PCS V3 response (SGX-TCB-Info-Issuer-Chain header). - const RAW_QE_IDENTITY: &[u8] = include_bytes!("../../../testdata/qe_identity_v2.json"); // From PCS V3 response. + include_bytes!("../../../testdata/tcb_info_v3_fmspc_00606A000000_certs.pem"); // From PCS V4 response (TCB-Info-Issuer-Chain header). + const RAW_QE_IDENTITY: &[u8] = include_bytes!("../../../testdata/qe_identity_v2.json"); // From PCS V4 response. let qb = QuoteBundle { quote: RAW_QUOTE.to_owned(), @@ -934,16 +929,16 @@ mod tests { }, }; - let now = Utc.timestamp(1652701082, 0); + let now = Utc.timestamp(1671497404, 0); let verified_quote = qb.verify(&QuotePolicy::default(), now).unwrap(); assert_eq!( verified_quote.identity.mr_signer, - "4025dab7ebda1fbecc4e3637606e021214d0f41c6d0422fd378b2a8b88818459".into() + "9affcfae47b848ec2caf1c49b4b283531e1cc425f93582b36806e52a43d78d1a".into() ); assert_eq!( verified_quote.identity.mr_enclave, - "9479d8eddfd7b1b700319419551dc340f688c2ef519a5e18657ecf32981dbd9e".into() + "68823bc62f409ee33a32ea270cfe45d4b19a6fb3c8570d7bc186cbe062398e8f".into() ); } @@ -954,16 +949,16 @@ mod tests { let qb: QuoteBundle = cbor::from_slice(RAW_QUOTE_BUNDLE).unwrap(); - let now = Utc.timestamp(1652701082, 0); + let now = Utc.timestamp(1671497404, 0); let verified_quote = qb.verify(&QuotePolicy::default(), now).unwrap(); assert_eq!( verified_quote.identity.mr_signer, - "4025dab7ebda1fbecc4e3637606e021214d0f41c6d0422fd378b2a8b88818459".into() + "9affcfae47b848ec2caf1c49b4b283531e1cc425f93582b36806e52a43d78d1a".into() ); assert_eq!( verified_quote.identity.mr_enclave, - "9479d8eddfd7b1b700319419551dc340f688c2ef519a5e18657ecf32981dbd9e".into() + "68823bc62f409ee33a32ea270cfe45d4b19a6fb3c8570d7bc186cbe062398e8f".into() ); } @@ -974,7 +969,7 @@ mod tests { let qb: QuoteBundle = cbor::from_slice(RAW_QUOTE_BUNDLE).unwrap(); - let now = Utc.timestamp(1652701082, 0); + let now = Utc.timestamp(1671497404, 0); let policy = &QuotePolicy { fmspc_blacklist: vec!["00606A000000".to_string()], ..Default::default() diff --git a/runtime/testdata/pcs_quote_bundle.cbor b/runtime/testdata/pcs_quote_bundle.cbor index d5c80292c37..ea4b1cd8a09 100644 Binary files a/runtime/testdata/pcs_quote_bundle.cbor and b/runtime/testdata/pcs_quote_bundle.cbor differ diff --git a/runtime/testdata/qe_identity_v2.json b/runtime/testdata/qe_identity_v2.json index cf3c32bf88f..8a10ab7bfd1 100644 --- a/runtime/testdata/qe_identity_v2.json +++ b/runtime/testdata/qe_identity_v2.json @@ -1 +1 @@ -{"enclaveIdentity":{"id":"QE","version":2,"issueDate":"2022-05-16T10:34:11Z","nextUpdate":"2022-06-15T10:34:11Z","tcbEvaluationDataNumber":12,"miscselect":"00000000","miscselectMask":"FFFFFFFF","attributes":"11000000000000000000000000000000","attributesMask":"FBFFFFFFFFFFFFFF0000000000000000","mrsigner":"8C4F5775D796503E96137F77C68A829A0056AC8DED70140B081B094490C57BFF","isvprodid":1,"tcbLevels":[{"tcb":{"isvsvn":6},"tcbDate":"2021-11-10T00:00:00Z","tcbStatus":"UpToDate"},{"tcb":{"isvsvn":5},"tcbDate":"2020-11-11T00:00:00Z","tcbStatus":"OutOfDate"},{"tcb":{"isvsvn":4},"tcbDate":"2019-11-13T00:00:00Z","tcbStatus":"OutOfDate"},{"tcb":{"isvsvn":2},"tcbDate":"2019-05-15T00:00:00Z","tcbStatus":"OutOfDate"},{"tcb":{"isvsvn":1},"tcbDate":"2018-08-15T00:00:00Z","tcbStatus":"OutOfDate"}]},"signature":"68251f6b5229f1d8232f8db2cef3e7d7e687a118b26d58f45fbf64c7cf9f83b50909d725a9dd03d8fe49742c12188b6e03b5321c58fd14e0e6b0d644de74d277"} \ No newline at end of file +{"enclaveIdentity":{"id":"QE","version":2,"issueDate":"2022-12-16T12:45:36Z","nextUpdate":"2023-01-15T12:45:36Z","tcbEvaluationDataNumber":13,"miscselect":"00000000","miscselectMask":"FFFFFFFF","attributes":"11000000000000000000000000000000","attributesMask":"FBFFFFFFFFFFFFFF0000000000000000","mrsigner":"8C4F5775D796503E96137F77C68A829A0056AC8DED70140B081B094490C57BFF","isvprodid":1,"tcbLevels":[{"tcb":{"isvsvn":6},"tcbDate":"2022-11-09T00:00:00Z","tcbStatus":"UpToDate"},{"tcb":{"isvsvn":5},"tcbDate":"2020-11-11T00:00:00Z","tcbStatus":"OutOfDate","advisoryIDs":["INTEL-SA-00477"]},{"tcb":{"isvsvn":4},"tcbDate":"2019-11-13T00:00:00Z","tcbStatus":"OutOfDate","advisoryIDs":["INTEL-SA-00334","INTEL-SA-00477"]},{"tcb":{"isvsvn":2},"tcbDate":"2019-05-15T00:00:00Z","tcbStatus":"OutOfDate","advisoryIDs":["INTEL-SA-00219","INTEL-SA-00293","INTEL-SA-00334","INTEL-SA-00477"]},{"tcb":{"isvsvn":1},"tcbDate":"2018-08-15T00:00:00Z","tcbStatus":"OutOfDate","advisoryIDs":["INTEL-SA-00202","INTEL-SA-00219","INTEL-SA-00293","INTEL-SA-00334","INTEL-SA-00477"]}]},"signature":"6be6247f58edcb10b53368b566d3e34c8ae33d1f33eebf93de707113e05bf9646e62c89035a3d572de25bd8eacbb435616966bf4ad12e40efd837113439ed7a8"} \ No newline at end of file diff --git a/runtime/testdata/quote_v3_ecdsa_p256_pck_chain.bin b/runtime/testdata/quote_v3_ecdsa_p256_pck_chain.bin index 075eee9f9e7..bc241e0746a 100644 Binary files a/runtime/testdata/quote_v3_ecdsa_p256_pck_chain.bin and b/runtime/testdata/quote_v3_ecdsa_p256_pck_chain.bin differ diff --git a/runtime/testdata/tcb_info_v2_fmspc_00606A000000.json b/runtime/testdata/tcb_info_v2_fmspc_00606A000000.json deleted file mode 100644 index 2d2e3a391cf..00000000000 --- a/runtime/testdata/tcb_info_v2_fmspc_00606A000000.json +++ /dev/null @@ -1 +0,0 @@ -{"tcbInfo":{"version":2,"issueDate":"2022-05-16T07:22:26Z","nextUpdate":"2022-06-15T07:22:26Z","fmspc":"00606A000000","pceId":"0000","tcbType":0,"tcbEvaluationDataNumber":12,"tcbLevels":[{"tcb":{"sgxtcbcomp01svn":4,"sgxtcbcomp02svn":4,"sgxtcbcomp03svn":3,"sgxtcbcomp04svn":3,"sgxtcbcomp05svn":255,"sgxtcbcomp06svn":255,"sgxtcbcomp07svn":0,"sgxtcbcomp08svn":0,"sgxtcbcomp09svn":0,"sgxtcbcomp10svn":0,"sgxtcbcomp11svn":0,"sgxtcbcomp12svn":0,"sgxtcbcomp13svn":0,"sgxtcbcomp14svn":0,"sgxtcbcomp15svn":0,"sgxtcbcomp16svn":0,"pcesvn":11},"tcbDate":"2021-11-10T00:00:00Z","tcbStatus":"UpToDate"},{"tcb":{"sgxtcbcomp01svn":4,"sgxtcbcomp02svn":4,"sgxtcbcomp03svn":3,"sgxtcbcomp04svn":3,"sgxtcbcomp05svn":255,"sgxtcbcomp06svn":255,"sgxtcbcomp07svn":0,"sgxtcbcomp08svn":0,"sgxtcbcomp09svn":0,"sgxtcbcomp10svn":0,"sgxtcbcomp11svn":0,"sgxtcbcomp12svn":0,"sgxtcbcomp13svn":0,"sgxtcbcomp14svn":0,"sgxtcbcomp15svn":0,"sgxtcbcomp16svn":0,"pcesvn":10},"tcbDate":"2020-11-11T00:00:00Z","tcbStatus":"OutOfDate"},{"tcb":{"sgxtcbcomp01svn":3,"sgxtcbcomp02svn":3,"sgxtcbcomp03svn":3,"sgxtcbcomp04svn":3,"sgxtcbcomp05svn":255,"sgxtcbcomp06svn":255,"sgxtcbcomp07svn":0,"sgxtcbcomp08svn":0,"sgxtcbcomp09svn":0,"sgxtcbcomp10svn":0,"sgxtcbcomp11svn":0,"sgxtcbcomp12svn":0,"sgxtcbcomp13svn":0,"sgxtcbcomp14svn":0,"sgxtcbcomp15svn":0,"sgxtcbcomp16svn":0,"pcesvn":10},"tcbDate":"2020-06-10T00:00:00Z","tcbStatus":"OutOfDate"},{"tcb":{"sgxtcbcomp01svn":3,"sgxtcbcomp02svn":3,"sgxtcbcomp03svn":3,"sgxtcbcomp04svn":3,"sgxtcbcomp05svn":255,"sgxtcbcomp06svn":255,"sgxtcbcomp07svn":0,"sgxtcbcomp08svn":0,"sgxtcbcomp09svn":0,"sgxtcbcomp10svn":0,"sgxtcbcomp11svn":0,"sgxtcbcomp12svn":0,"sgxtcbcomp13svn":0,"sgxtcbcomp14svn":0,"sgxtcbcomp15svn":0,"sgxtcbcomp16svn":0,"pcesvn":5},"tcbDate":"2018-01-04T00:00:00Z","tcbStatus":"OutOfDate"}]},"signature":"68a39fa09446abdd13d9294cadc5710a87f6c7083b207d3aba6c5217af7c979b5e70fcedb4d8427682c8cefddd9163527cb792a4d1f25ada533ec355e44679ad"} \ No newline at end of file diff --git a/runtime/testdata/tcb_info_v3_fmspc_00606A000000.json b/runtime/testdata/tcb_info_v3_fmspc_00606A000000.json new file mode 100644 index 00000000000..fc35f8f11eb --- /dev/null +++ b/runtime/testdata/tcb_info_v3_fmspc_00606A000000.json @@ -0,0 +1 @@ +{"tcbInfo":{"id":"SGX","version":3,"issueDate":"2022-12-19T09:40:10Z","nextUpdate":"2023-01-18T09:40:10Z","fmspc":"00606A000000","pceId":"0000","tcbType":0,"tcbEvaluationDataNumber":13,"tcbLevels":[{"tcb":{"sgxtcbcomponents":[{"svn":7,"category":"BIOS","type":"Early Microcode Update"},{"svn":9,"category":"OS/VMM","type":"SGX Late Microcode Update"},{"svn":3,"category":"OS/VMM","type":"TXT SINIT"},{"svn":3,"category":"BIOS"},{"svn":255},{"svn":255},{"svn":1},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0}],"pcesvn":13},"tcbDate":"2022-08-10T00:00:00Z","tcbStatus":"SWHardeningNeeded","advisoryIDs":["INTEL-SA-00615","INTEL-SA-00657"]},{"tcb":{"sgxtcbcomponents":[{"svn":7,"category":"BIOS","type":"Early Microcode Update"},{"svn":9,"category":"OS/VMM","type":"SGX Late Microcode Update"},{"svn":3,"category":"OS/VMM","type":"TXT SINIT"},{"svn":3,"category":"BIOS"},{"svn":255},{"svn":255},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0}],"pcesvn":13},"tcbDate":"2022-08-10T00:00:00Z","tcbStatus":"ConfigurationAndSWHardeningNeeded","advisoryIDs":["INTEL-SA-00615","INTEL-SA-00657"]},{"tcb":{"sgxtcbcomponents":[{"svn":4,"category":"BIOS","type":"Early Microcode Update"},{"svn":4,"category":"OS/VMM","type":"SGX Late Microcode Update"},{"svn":3,"category":"OS/VMM","type":"TXT SINIT"},{"svn":3,"category":"BIOS"},{"svn":255},{"svn":255},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0}],"pcesvn":11},"tcbDate":"2021-11-10T00:00:00Z","tcbStatus":"OutOfDate","advisoryIDs":["INTEL-SA-00586","INTEL-SA-00614","INTEL-SA-00615","INTEL-SA-00657"]},{"tcb":{"sgxtcbcomponents":[{"svn":4,"category":"BIOS","type":"Early Microcode Update"},{"svn":4,"category":"OS/VMM","type":"SGX Late Microcode Update"},{"svn":3,"category":"OS/VMM","type":"TXT SINIT"},{"svn":3,"category":"BIOS"},{"svn":255},{"svn":255},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0}],"pcesvn":10},"tcbDate":"2020-11-11T00:00:00Z","tcbStatus":"OutOfDate","advisoryIDs":["INTEL-SA-00477","INTEL-SA-00586","INTEL-SA-00614","INTEL-SA-00615","INTEL-SA-00657"]},{"tcb":{"sgxtcbcomponents":[{"svn":4,"category":"BIOS","type":"Early Microcode Update"},{"svn":4,"category":"OS/VMM","type":"SGX Late Microcode Update"},{"svn":3,"category":"OS/VMM","type":"TXT SINIT"},{"svn":3,"category":"BIOS"},{"svn":255},{"svn":255},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0}],"pcesvn":5},"tcbDate":"2018-01-04T00:00:00Z","tcbStatus":"OutOfDate","advisoryIDs":["INTEL-SA-00106","INTEL-SA-00115","INTEL-SA-00135","INTEL-SA-00203","INTEL-SA-00220","INTEL-SA-00233","INTEL-SA-00270","INTEL-SA-00293","INTEL-SA-00320","INTEL-SA-00329","INTEL-SA-00381","INTEL-SA-00389","INTEL-SA-00477","INTEL-SA-00586","INTEL-SA-00614","INTEL-SA-00615","INTEL-SA-00657"]}]},"signature":"00ebb478cec3792ed87afa4cab0bd0d38388f5b9e684e487d08aaab0665f4207d72d061f676f1739e4a2a0172928620311e6efdf9d3d0e8dacd61a4e77966a42"} \ No newline at end of file diff --git a/runtime/testdata/tcb_info_v2_fmspc_00606A000000_certs.pem b/runtime/testdata/tcb_info_v3_fmspc_00606A000000_certs.pem similarity index 100% rename from runtime/testdata/tcb_info_v2_fmspc_00606A000000_certs.pem rename to runtime/testdata/tcb_info_v3_fmspc_00606A000000_certs.pem diff --git a/runtime/testdata/tcb_info_v2_fmspc_00606A000000_certs_bad.pem b/runtime/testdata/tcb_info_v3_fmspc_00606A000000_certs_bad.pem similarity index 100% rename from runtime/testdata/tcb_info_v2_fmspc_00606A000000_certs_bad.pem rename to runtime/testdata/tcb_info_v3_fmspc_00606A000000_certs_bad.pem