Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

KBS: Update KBS protocol to 0.2.0 to fix JWE format due to RFC7516 #597

Open
wants to merge 3 commits into
base: main
Choose a base branch
from
Open

KBS: Update KBS protocol to 0.2.0 to fix JWE format due to RFC7516 #597

wants to merge 3 commits into from

Conversation

Xynnn007
Copy link
Member

@Xynnn007 Xynnn007 commented Nov 25, 2024
edited
Loading

Fixes #583.

This patch does a bunch of fixes per RFC 7516.

  1. AEAD Auth Tag is now expcilitly included inside the tag part.
  2. Add new JWE algorithms RSA OAEP and ECDH-ES+A256KW
  3. Mark RSA PKCS#1 v1.5 padding scheme as deprecated as it is not recommended.
  4. Add unit tests based on josekit to check the compatibility of JWE used by Response.
  5. Update rust toolchain to 1.83.0

depends on
virtee/kbs-types#53

@Xynnn007 Xynnn007 requested a review from a team as a code owner November 25, 2024 03:13
Xynnn007 added a commit to Xynnn007/guest-components that referenced this pull request Nov 25, 2024
@Xynnn007
AA/kbs_protocol: fix JWE decryption logic due to RFC7516
eca6d3d 
Per RFC7516, the AEAD's auth tag should be included inside the JWE body.
We fix this to align with trustee side

confidential-containers/trustee#597

Signed-off-by: Xynnn007 <[email protected]>
@Xynnn007 Xynnn007 mentioned this pull request Nov 25, 2024
Open
Xynnn007 added a commit to Xynnn007/guest-components that referenced this pull request Nov 25, 2024
@Xynnn007
AA/kbs_protocol: fix JWE decryption logic due to RFC7516
2bfe355 
Per RFC7516, the AEAD's auth tag should be included inside the JWE body.
We fix this to align with trustee side

confidential-containers/trustee#597

Signed-off-by: Xynnn007 <[email protected]>
@Xynnn007
Copy link
Member Author

Xynnn007 commented Nov 25, 2024
edited
Loading

Ok the test error happened because the guest-components side code is old. I just put another commit that references my repo to include the commit that includes the AEAD update.

I think we can merge GC side code firstly. Then go back to this PR. Then another PR on gc side to revert the test image change.

mythi
mythi reviewed Nov 25, 2024
View reviewed changes
Cargo.toml Outdated Show resolved Hide resolved
Xynnn007 added a commit to Xynnn007/guest-components that referenced this pull request Nov 26, 2024
@Xynnn007
AA/kbs_protocol: Update protocol version to 0.2.0 to fix JWE
82dbd62 
Per RFC7516, the AEAD's auth tag should be included inside the JWE body.
We fix this to align with trustee side

confidential-containers/trustee#597

Signed-off-by: Xynnn007 <[email protected]>
@Xynnn007
Copy link
Member Author

Xynnn007 commented Nov 26, 2024
edited
Loading

I removed the kbs_protocol updating commit. The CI must fail. We can merge confidential-containers/guest-components#820 (comment) first and I will add the kbs_protocol updating commit back to this PR to make the CI happy.

@Xynnn007
Copy link
Member Author

cc @deeglaze

Xynnn007 added a commit to Xynnn007/guest-components that referenced this pull request Nov 26, 2024
@Xynnn007
AA/kbs_protocol: Update protocol version to 0.2.0 to fix JWE
6656961 
Per RFC7516, the AEAD's auth tag should be included inside the JWE body.
We fix this to align with trustee side

confidential-containers/trustee#597

Signed-off-by: Xynnn007 <[email protected]>
@Xynnn007 Xynnn007 mentioned this pull request Nov 27, 2024
Open
@Xynnn007 Xynnn007 marked this pull request as draft November 27, 2024 03:42
@Xynnn007 Xynnn007 mentioned this pull request Nov 27, 2024
Merged
@Xynnn007
Copy link
Member Author

Xynnn007 commented Dec 2, 2024

Test locally and passed. Let's wait for virtee/kbs-types#45 to be merged and update the kbs-types crate rev.

@Xynnn007 Xynnn007 force-pushed the fix-jwe branch 2 times, most recently from 7fb7897 to 56ae015 Compare December 2, 2024 04:02
@Xynnn007 Xynnn007 marked this pull request as ready for review December 2, 2024 04:03
Xynnn007
Xynnn007 commented Dec 2, 2024
View reviewed changes
kbs/docs/kbs_attestation_protocol.md
@@ -227,6 +229,12 @@ Encryption algorithm used to encrypt the output of the KBS service API.
The output of the KBS service API. It must be encrypted with the KBS-generated
ephemeral key.

- `aad` (Required if AEAD is used)
Copy link
Member Author

@Xynnn007 Xynnn007 Dec 2, 2024
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hi @tylerfanelli I added the aad and tag parts to this document. They all follow RFC7516. Thanks for the help from upstream kbs-types.

@Xynnn007 Xynnn007 changed the title KBS: fix JWE format KBS: Upadte KBS protocol to 0.2.0 to fix JWE format Dec 2, 2024
@Xynnn007 Xynnn007 changed the title KBS: Upadte KBS protocol to 0.2.0 to fix JWE format KBS: Upadte KBS protocol to 0.2.0 to fix JWE format due to RFC7516 Dec 2, 2024
@tylerfanelli
Copy link
Contributor

Test locally and passed. Let's wait for virtee/kbs-types#45 to be merged and update the kbs-types crate rev.

Released here.

@Xynnn007 Xynnn007 force-pushed the fix-jwe branch 3 times, most recently from 7b9e7c7 to 547ed02 Compare December 10, 2024 08:19
@Xynnn007 Xynnn007 requested review from mythi and mkulke December 11, 2024 02:21
@Xynnn007 Xynnn007 force-pushed the fix-jwe branch 10 times, most recently from bb4e4f1 to 6db712e Compare December 18, 2024 01:34
@Xynnn007 Xynnn007 marked this pull request as ready for review December 18, 2024 01:36
@Xynnn007 Xynnn007 marked this pull request as draft December 18, 2024 01:36
@Xynnn007 Xynnn007 marked this pull request as ready for review December 18, 2024 02:03
@Xynnn007
Copy link
Member Author

I did some change upon the PR description. Compability tests are passed with josekit crate. Now we can wait for upstream PR to get merged and then I rebase the dep.

@Xynnn007 Xynnn007 requested a review from mkulke December 18, 2024 02:28
fitzthum
fitzthum approved these changes Dec 20, 2024
View reviewed changes
Copy link
Member

@fitzthum fitzthum left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM. Thanks for taking care of this

@tylerfanelli
Copy link
Contributor

@Xynnn007 Is there any update on this? Changes still being made, or anything needed from kbs_types?

@Xynnn007
Copy link
Member Author

Xynnn007 commented Feb 5, 2025

@Xynnn007 Is there any update on this? Changes still being made, or anything needed from kbs_types?

I have rebased the code and let's see CI on this PR and confidential-containers/guest-components#820. If both succeed, nothing else needed from kbs-types.

@Xynnn007
Copy link
Member Author

Xynnn007 commented Feb 5, 2025

@tylerfanelli Looks fine now. Will you do a release for kbs-types?

@tylerfanelli
Copy link
Contributor

@tylerfanelli Looks fine now. Will you do a release for kbs-types?

Sure, released.

@Xynnn007
KBS: Update KBS protocol to 0.2.0 to fix JWE
1a83598 
Fixes confidential-containers#583.

This commit does two things:
1. Fix JWE format to align with RFC 7516.
2. Use more strong algorithm for JWE.

Due to RFC 7516, the JWE AEAD Auth Tag should be expcilitly be included
inside the `tag` part. Before this commit, the tag is actually included
as the suffix of the `ciphertext`.

We fix this by expcilitly extract the tag and include it into the jwe
body.

Also, we fix the AAD calculation logic, s.t. derived from
ProtectedHeader which is also specifiled by RFC7516. This should be
align with the guest-components side.

This commit supports the following JWE algorithms for KBS response:

1. RSA PKCS v1.5 Padding. This algorithm is not recommended but for
compability it is still reserved.
2. RSA OAEP.
3. ECDH-ES-A256KW with curve P256. This is recommended as EC algorithms
are more fast and safe.

which algorithm is used is decided by the TEE public key sent by the
client.

Some more unit tests to test the compability is added to make sure the
algorithm is implemented as standard.

Both change will make the kbs_client not able to connect to the KBS.
Thus we update the KBS protocol version from 0.1.1 to 0.2.0.

Signed-off-by: Xynnn007 <[email protected]>
@Xynnn007
ci: update rust toolchain to 1.83.0
18fdcfa 
Some dependencies like [email protected] requires a rust toolchain version
over 1.81.0. Thus we update this to 1.83.0 to track the latest rust
toolchain.

This commit also fixes lint error introduced by new version of rust
toolchain.

Signed-off-by: Xynnn007 <[email protected]>
@Xynnn007
ci: remove duplicated KBS test case
4f16990 
KBS Build with default feature and KBS build with built-in CoCo AS
feature are the same, thus we delete the duplicated one and add more
information.

Signed-off-by: Xynnn007 <[email protected]>
@Xynnn007
Copy link
Member Author

Xynnn007 commented Feb 6, 2025

PLEASE DO NOT merge this until confidential-containers/guest-components#820 gets merged

@tylerfanelli tylerfanelli mentioned this pull request Feb 9, 2025
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@fitzthum fitzthum fitzthum approved these changes

@mythi mythi Awaiting requested review from mythi

@mkulke mkulke Awaiting requested review from mkulke

Assignees
No one assigned
Labels
None yet
Projects
Trustee Roadmap
Status: We have code
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

JWE encryption is missing base64url-encoded protected header as AEAD
6 participants
@Xynnn007 @tylerfanelli @mkulke @deeglaze @mythi @fitzthum