Add copyright information to package
Add testing to igvm measurements
Remove trailing white space
Improve testing
Resolve PR comments
Add measure to cli
Add README for feature
Fix PR comments
Added new line to shell script
Add measurement interface
Fix ci
Refactor code for IgvmMeasurement to become a CLI dependency
Refactor code for IgvmMeasurement to become a CLI dependency
Refactor based on ci failures
Fix error handling
Add header
Fix ci
* manager, cli and agent vtpm support
* rebase and changed atls for vtpm
* deleted unused code
* changed chekproto.yaml script so it find the manager proto file correctly
* fixe manager proto version
* fix agent tests
* fix server agent test
* fix attestation test
* fix attestation test gofumpt
* created dummy RWC for TPM
* fix comment
* add default PCR values
* rebase main
* fix rust ci and missing header
* changed embedded attestation to VMPL 2
* fix unused impot
* fix pkg test
* address attestation type
* fix agent attestation test
* add prc15 check
* fix comments
* fix cli tests
* add doc
* add mock for LeveledQuoteProvider when SEV-SNP device is not found
Signed-off-by: Sammy Oina <sammyoina@gmail.com>
* fix manager reading attestation policy
* refactor PCR value checks and update attestation policy values
Signed-off-by: Sammy Oina <sammyoina@gmail.com>
* fix tests for sev and grpc
---------
Signed-off-by: Sammy Oina <sammyoina@gmail.com>
Co-authored-by: Sammy Oina <sammyoina@gmail.com>
* Standardize attestation report data size to 64 bytes
Redefined the report data for attestation requests from a variable byte slice to a fixed 64-byte array across various critical components. This change enforces a standardized data length, simplifying validation logic and ensuring consistency when handling the attestation data for both the server and client end-points, logging functionalities, and the CLI tool. Updated attestation data handling in the SDK to accommodate the new fixed-length constraint.
By strictly adhering to the 64-byte requirement, the modifications promote robust input checking and prevent potential issues related to dynamic data length processing.
Signed-off-by: SammyOina <sammyoina@gmail.com>
* Refactor attestation validation logic
Streamlined attestation validation in the CLI with a new configuration parsing approach. Introduced a retry mechanism with timeout and backoff for HTTPS getters that facilitate remote trust validation. Clarified expected data lengths in proto comments across attestation and manager services, ensuring consistency and correctness of the cryptographic data fields.
This modification enhances maintainability by replacing a verbose struct with a configurable object model, thus simplifying parameter handling. Robustness is improved through failure-retrieval strategies during remote validation, and additional in-code documentation specifies cryptographic constraints for critical data elements.
Signed-off-by: SammyOina <sammyoina@gmail.com>
* Add new attestation validation flags
Enhanced attestation validation in the CLI with additional flag support for FAMILY_ID, IMAGE_ID, REPORT_ID, REPORT_ID_MA, MEASUREMENT, CHIP_ID, and TCB-related fields. This update enables fine-grained control over attestation report criteria, ensuring stricter validation conforming to protocol requirements. Adjusted the default value for MinimumGuestSvn to align with the new policy specifications.
Signed-off-by: SammyOina <sammyoina@gmail.com>
* Enhance attestation policy configuration
Introduced several new configuration flags to the CLI's attestation policy, including options for minimum AMD-SP firmware builds, revocation list checking, and network restrictions. Expanded trust criteria parameters with the support for trusted author and identity key hashes. The default VMPL setting is now explicitly initialized. These changes improve security controls and offer more detailed attestation verification settings.
Signed-off-by: SammyOina <sammyoina@gmail.com>
* Simplify attestation validation process
Refactored the attestation CLI command to improve usability by removing the need for explicitly provided report data as an argument. Default values for configuration parameters have been centralized into constants for maintainability. Additionally, integrated data parsing functions to streamline the validation checks with robust error handling for cases such as invalid hex strings and file I/O issues.
This enhancement reduces user error and the complexity of entering attestation data by parsing relevant information from within the environment, all while maintaining the same security standards.
The process of marking flags as required for CLI commands has been corrected to prevent runtime errors and improve command reliability.
Signed-off-by: SammyOina <sammyoina@gmail.com>
* Refined attestation validation logic
Enhanced attestation command handling by removing the hardcoded report data length and replacing it with the standard SHA-512 hash size, ensuring dynamic compatibility with hash lengths. Introduced size constants to improve code readability and enforce explicit length checks on attestation input data, raising errors when requirements are unmet. This preventative measure aims to avert potential runtime errors stemming from unexpected data sizes. The change also simplifies the minimum guest SVN description for clarity.
References to removed unnecessary whitespace maintain code cleanliness. These adjustments culminate in a more robust and maintainable attestation process, in accordance with the best practices for secure handling of cryptographic data and compliance with AMD's ABI format specifications.
Signed-off-by: SammyOina <sammyoina@gmail.com>
* Enhanced attestation documentation and command syntax
Updated CLI documentation to include detailed descriptions of the attestation retrieval and validation process, along with a comprehensive list of new flags for the validation command, providing users with extensive control over the attestation verification process. Updated command syntax with flags for specifying report data, improving command clarity and consistency. These changes ensure better user guidance and offer a more robust attestation handling experience.
Signed-off-by: SammyOina <sammyoina@gmail.com>
* Enforce report data size validation uniformly
Refactored report data size validation to ensure it is performed consistently across the system. Removed the hard-coded length check from attestation request validation in favor of a centralized verification based on the sha512 digest size. Also, eliminated fallback mechanism to the SHA-512 hash of report data and made the length requirement explicit, leading to immediate failure if not met. This harmonizes the error handling logic, reinforces data integrity checks, and simplifies debugging by removing ambiguous length correction behavior. Adjusted related validation functions to use a common utility, enhancing maintainability.
Fix spelling errors in log messages for attestation validation commands to improve clarity in output.
Signed-off-by: SammyOina <sammyoina@gmail.com>
* Initialize attestation config with defaults
Enhanced the attestation command initialization by setting default values for the `Config` struct to prevent nil pointer exceptions and potentially streamline configuration handling. Moreover, corrected a flag declaration by removing shorthand.P support for 'permit_provisional_software', aligning it with other flags for consistency. This change should improve stability and user experience while configuring attestation policy.
Signed-off-by: SammyOina <sammyoina@gmail.com>
* nil check prior
Signed-off-by: SammyOina <sammyoina@gmail.com>
* fix typos
Signed-off-by: SammyOina <sammyoina@gmail.com>
* use file for attestation report
Signed-off-by: SammyOina <sammyoina@gmail.com>
* Refine attestation validation with default policy values
Adjusted default values and constants related to the attestation configuration for enhanced clarity and consistency. Changed the default minimum guest SVN value to align with new policy requirements and introduced a default guest policy constant. Additionally, standardized byte array placeholders for attestation validation fields to prevent potential issues with uninitialized bytes and ensure robust input validation checks. These changes promote more intuitive and secure attestation validation procedures.
Signed-off-by: SammyOina <sammyoina@gmail.com>
* Refine attestation defaults and flag requirements
Updated the default guest policy to use hexadecimal notation for clarity and added a default minimum version for the firmware API version flag. Made 'chip_id', 'measurement', 'report_id', and 'report_id_ma' flags mandatory to ensure critical attestation data is provided by the user, enhancing validation robustness. Added a check for 'measurement' field length for consistency in input validation.
Signed-off-by: SammyOina <sammyoina@gmail.com>
* Optimize attestation file format
Standardized attestation file format across the codebase by moving the 'attestationFilePath' constant from the function scope to a higher scope within the package. Switched the file extension from .txt to .bin to reflect binary data storage, improving consistency and potential performance benefits from binary file handling.
Signed-off-by: SammyOina <sammyoina@gmail.com>
* Optimize default values for attestation validation
Removed unnecessary empty initializers and replaced hardcoded empty values with nil for optional fields in attestation validation flags. Introduced a constant defaultReportIdMa for the REPORT_ID_MA field to provide a meaningful default instead of an empty one. Streamlined the command setup by removing the requirement flags for fields that are now optional and unchecked if unset, reducing burdens on the user for providing unnecessary input.
The change simplifies the command's usage and eliminates the need for users to specify values for certain fields that can be optional, improving the command's flexibility and user experience. Additionally, setting a specific default for REPORT_ID_MA ensures clarity in cases where this is not provided by the user.
This update enhances the maintainability and usability of the attestation validation functionality.
Signed-off-by: SammyOina <sammyoina@gmail.com>
* Refactor hardcoded attestation report size
Introduced a constant `size64` to replace the previously hardcoded array size of `64` used across various Attestation methods. This change enhances code maintainability and readability by centralizing the size definition, making it easier to update in the future if necessary.
Signed-off-by: SammyOina <sammyoina@gmail.com>
* Updated protocol buffer dependencies and cleaned CLI flags
Protobuf compiler versions were updated to v4.25.2 across various RPC service definitions for agent and manager packages, ensuring compatibility with the latest features and fixes. In the CLI attestation code, unnecessary flags (`DisallowNetwork` and `PermitProvisionalSoftware`) were removed to streamline user options, reflecting a more secure and user-focused configuration interface. Added an input validation check in `attestation.go` for CA bundle presence when a product name is set, enhancing the reliability of attestation validation. Also rectified a bug in `grpc.go` by fixing an incorrect variable assignment for reading the key file content, thereby preventing potential TLS-related errors.
Signed-off-by: SammyOina <sammyoina@gmail.com>
* Updated protoc version and adjusted proto file paths
Bumped the protocol compiler version to 25.2 to align with our dependency updates and ensure compatibility. Additionally, revised the proto file paths under the continuous integration setup, moving from 'manager/' to 'pkg/manager/' to reflect the recent directory restructuring. The changes ensure that proto file checks and comparisons are conducted in the correct file locations, preventing potential build and sync issues in future developments.
Signed-off-by: SammyOina <sammyoina@gmail.com>
* Enhance hash size consistency in gRPC attestation
Aligned the hard-coded byte array size for `ReportData` with `sha512.Size` constant to ensure consistency and maintainability in gRPC attestation requests and responses. This change mitigates the risk of future errors if the SHA512 hash size standard is altered.
Signed-off-by: SammyOina <sammyoina@gmail.com>
* Optimize agent-config listener loop
Removed the goroutine wrapping the listener loop in 'agent-config' manual test to streamline and simplify the connection handling logic. This change ensures the loop runs on the main goroutine, improving the readability and maintainability of the code.
Refactoring assists in avoiding potential race conditions and makes the server's flow easier to understand for future debugging and development.
Signed-off-by: SammyOina <sammyoina@gmail.com>
* Refactor report data size checks to use constant
Centralize the report data size definition by replacing various size checks and array declarations with a constant `ReportDataSize`. This streamlines code maintenance and ensures consistency across all instances where report data size is validated or used. The changes remove direct references to the hash function output size, decoupling the report data size from the hash function's characteristics and allowing easier updates if the data size requirement changes.
These modifications bolster the codebase's flexibility for potential adjustments in security protocols or data handling specifications.
Signed-off-by: SammyOina <sammyoina@gmail.com>
* Refactor config JSON handling in attestation CLI
Introduced an `exampleJSONConfig` constant containing a sample configuration to improve code readability and maintainability. Previously, the example JSON configuration for the attestation CLI was an inline string, making the code cluttered and less maintainable. With this change, the example configuration is now stored as a constant, resulting in cleaner command flag setup and enhanced clarity. This constant is used in the command flag description to guide users when providing their custom configuration. Additionally, refactored the command flags related to the configuration by aligning and sorting them for better code organization.
Signed-off-by: SammyOina <sammyoina@gmail.com>
---------
Signed-off-by: SammyOina <sammyoina@gmail.com>
* Expand CLI with Manager Service and Enhanced Attestation Commands
The CLI has been updated to interact not only with the Agent service but also with the Manager service, reflecting an expanded scope of operations. As part of this update, 'manager' subcommands have now been incorporated, ensuring users can seamlessly initiate computations through the manager service using the CLI.
Furthermore, attestation functionality has greatly improved. In addition to retrieving attestations from the agent, users can now validate and verify them directly from the CLI, bolstering security measures. New subcommands under 'attestation' provide clear and specific actions for attestation management.
Additionally, the command structure has been refactored to categorize commands under 'agent' or 'manager' prefixes, promoting better command organization and a more intuitive user experience.
These enhancements are part of ongoing efforts to provide robust and secure tools for service interaction and computational task management in distributed networks.
Relevant documentation adjustments and example usage have been updated in README files to align with these functional improvements.
Signed-off-by: SammyOina <sammyoina@gmail.com>
* capitalize comments
Signed-off-by: SammyOina <sammyoina@gmail.com>
---------
Signed-off-by: SammyOina <sammyoina@gmail.com>
* Improve attestation and update deps
Enhanced the attestation process to require additional report data and a variable privacy level, catering to varying security requirements. The `Run` method's context parameter was removed to simplify invocation following API alignment. Dependencies got updated, notably adding `github.com/google/go-sev-guest` for attestation, and some were indirectly bumped. These updates ensure the agent service leverages the latest available features and improvements for security and stability.
Signed-off-by: SammyOina <sammyoina@gmail.com>
* Extend AttestationRequest with data fields
Enhanced the AttestationRequest message structure by introducing 'report_data' and 'vpml' fields to encapsulate additional attestation context. Adjusted service and middleware layers to incorporate these new parameters, enabling richer attestation workflows. The GRPC endpoint, logging, and metrics layers have been updated to handle the additional data, catering to more secure and nuanced attestation use cases.
Refactors Attestation command in CLI to accept report data argument and include an optional 'vpml' flag for specifying virtual machine privilege level. This change empowers users to request attestation with specific context directly from the CLI.
Signed-off-by: SammyOina <sammyoina@gmail.com>
* Refactor attestation to remove vpml dependency
Removed the `vpml` field from the AttestationRequest protobuf, and all associated handling code, streamlining the attestation process. Code adjustments were made in gRPC client, server, and service layers to ensure proper request construction and validation that focuses only on report data. This change simplifies the attestation API and its usage, reducing error risk and improving maintainability. It reflects a decision to decouple the protocol from specific vendor measurement levels, potentially due to a shift towards a more generalized attestation procedure.
Signed-off-by: SammyOina <sammyoina@gmail.com>
* Enhance CLI usability and streamline SDK attestation
- Added a usage example to the CLI attestation command for better user guidance.
- Simplified the SDK attestation function by removing an unused parameter and directly populating the request structure with report data to align function parameters with actual usage requirements.
Signed-off-by: SammyOina <sammyoina@gmail.com>
---------
Signed-off-by: SammyOina <sammyoina@gmail.com>
* Refactor CLI commands to use CLI struct
Introduced a CLI struct to encapsulate dependencies such as agentSDK and managerSDK previously passed to command constructors. This shift towards a more object-oriented approach simplifies command creation and enhances code readability. CLI-related commands are now methods on the CLI struct, accessing shared services directly, which streamlines the setup of CLI command hierarchies and reduces the need to pass dependencies around.
Removed the OpenAPI specification file as it was likely deemed obsolete or no longer necessary to be included with the CLI binary, suggesting a possible shift in how the API is managed or documented.
Lastly, the main application now sets up two distinct command groups for 'agent' and 'manager', with respective commands organized under them, making the CLI tool's structure more intuitive for users.
Signed-off-by: SammyOina <sammyoina@gmail.com>
* fix ci
Signed-off-by: SammyOina <sammyoina@gmail.com>
---------
Signed-off-by: SammyOina <sammyoina@gmail.com>
* add stringer
Signed-off-by: SammyOina <sammyoina@gmail.com>
* rename module to cocos
Signed-off-by: SammyOina <sammyoina@gmail.com>
* Fix fmt.Stringer implementation in computations.go
The fmt.Stringer implementation for Datasets and Algorithms in computations.go was fixed to correctly use pointers.
This commit addresses the issue where the String() method for Datasets and Algorithms in computations.go was not correctly implemented. The fix ensures that the String() method now correctly marshals the data to JSON and returns the string representation.
The changes made in this commit will improve the functionality and accuracy of the String() method for Datasets and Algorithms.
Signed-off-by: SammyOina <sammyoina@gmail.com>
---------
Signed-off-by: SammyOina <sammyoina@gmail.com>
* add state machine
Signed-off-by: SammyOina <sammyoina@gmail.com>
* This commit addresses the following changes:
- In agent/service.go:
- Added a goroutine to start the StateMachine
- Sent the start event to the StateMachine
- In agent/state.go:
- Added a copyright notice and license identifier
These changes ensure that the StateMachine starts correctly and that the agent/state.go file includes the necessary copyright and license information.
Signed-off-by: SammyOina <sammyoina@gmail.com>
* Fix race condition in agent service initialization
The commit fixes a race condition in the agent service initialization.
Previously, the `New` function in `agent/service.go` would start the state machine
goroutine before initializing the `sm` field. This could lead to a race condition
where the state machine would access uninitialized fields.
To fix this, the `New` function now takes a `context.Context` argument and passes it
to the `Start` method of the state machine. Additionally, a `sync.Mutex` has been
added to the `StateMachine` struct to ensure thread safety.
This commit addresses the race condition and ensures proper initialization of the agent service.
Signed-off-by: SammyOina <sammyoina@gmail.com>
* Fix sending events when algorithms and datasets are received
This commit fixes a bug where events were not being sent when algorithms and datasets were received in the agent service. The bug was causing the events to not be triggered, leading to incorrect behavior. This commit adds the necessary code to send the events when algorithms and datasets are received, ensuring that the events are properly triggered.
Signed-off-by: SammyOina <sammyoina@gmail.com>
* Fix bug: computation results not ready
The computation results were not being marked as ready,
resulting in an error when trying to access them.
This commit fixes the issue by adding a check for
the computation results before returning them.
Signed-off-by: SammyOina <sammyoina@gmail.com>
* Fix bug in agent service and state
The commit fixes a bug in the agent service and state files.
Previously, the condition to check the state in the agent service
was incorrect. It was checking the state directly instead of
using the GetState() method. This has been fixed by using the
GetState() method to check the state.
Additionally, a new GetState() method has been added to the
StateMachine struct in the state file. This method retrieves
the current state by acquiring a lock and returning the state
value.
The changes have been tested and verified to resolve the bug
and improve the accuracy of state checking in the agent service.
Signed-off-by: SammyOina <sammyoina@gmail.com>
* check for time outs
Signed-off-by: SammyOina <sammyoina@gmail.com>
* Fix bug in agent state machine
The bug in the agent state machine caused an error when attempting an invalid transition. This commit fixes the bug by properly locking and unlocking the state machine before and after transitioning to the next state. Additionally, the logger now correctly logs the current and next state during a valid transition.
Signed-off-by: SammyOina <sammyoina@gmail.com>
* Fix race condition in state machine
The commit fixes a race condition in the state machine implementation in the `Start` method. The race condition occurs when multiple goroutines try to access and modify the state concurrently. To fix this, a mutex lock and unlock are added around the critical sections of code to ensure exclusive access to the state variable. This prevents race conditions and ensures the state transitions are executed correctly.
Signed-off-by: SammyOina <sammyoina@gmail.com>
* Fix race condition in StateMachine.Start()
The StateMachine.Start() method was experiencing a race condition
when multiple events were being processed concurrently. This was
caused by not properly locking and unlocking the state machine
before and after updating the state. This commit fixes the issue
by adding proper locking and unlocking around the state update
operation. Additionally, the logging statement has been updated
to include the previous and next states for better debugging.
Signed-off-by: SammyOina <sammyoina@gmail.com>
---------
Signed-off-by: SammyOina <sammyoina@gmail.com>
Danko Miladinovic
dorcaslitunya
Sammy Kerata Oina
Washington Kigani Kamadi