Skip to content

Commit

Permalink
updated documentation for SGX
Browse files Browse the repository at this point in the history
  • Loading branch information
@cdotsh
cdotsh committed Mar 25, 2024
1 parent 4787d1c commit 03e7f86
Show file tree
Hide file tree
Showing 11 changed files with 1,092 additions and 11 deletions.
6 changes: 6 additions & 0 deletions doc/Architecture.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -65,6 +65,12 @@ The *snpdriver* interfaces with the AMD SEV-SNP SP. It retrieves SNP measurement
an SNP attestation report as well as the certificate chain for this attestation report from the
respective AMD servers. Currently, it can only act as *Measurement* interface.

__sgxdriver:__
The *sgxdriver* interfaces with the Intel SGX CPU. It retrieves SGX measurements in the form of an SGX attestation report signed by the SGX quoting enclave. It implements a small caching mechanism to fetch and store the certificate chain used for report verification from the Intel SGX API. Currently, the driver only acts as a *Measurement* interface.

__tdxdriver:__
*Will be implemented as soon as Intel TDX hardware is available.*

__swdriver:__
The *swdriver* simply creates keys in software for testing purposes and can be used as *Signer*
interface. **Note**: This should mainly be used for testing purposes.
Expand Down
140 changes: 139 additions & 1 deletion doc/architecture.drawio
View file
Original file line number Diff line number Diff line change
@@ -1 +1,139 @@
<mxfile host="Electron" modified="2022-12-23T11:24:16.965Z" agent="5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) draw.io/20.6.2 Chrome/106.0.5249.199 Electron/21.3.3 Safari/537.36" etag="Q_4aTUl2NbSEXdwkoqpi" version="20.6.2" type="device"><diagram id="4OHlktra853td-nATEaD" name="Page-1">7Vvtc6I4GP9rnNn90A4QsfZjq7V7M+tu5+zcXT+mEDC3gXAhvu1ffwkEIYZat6LSujqj5EmIye95f4IdMIiW9wwm0zH1Eek4lr/sgGHHcWzQ7YsvSVnllH7Xzgkhw74aVBIm+CdSREtRZ9hHqTaQU0o4TnSiR+MYeVyjQcboQh8WUKL/agJDZBAmHiQm9W/s86nahWuV9C8Ih9Pil21L9USwGKwI6RT6dFEhgbsOGDBKeX4VLQeISPAKXPL7Ri/0rhfGUMx3ueHb6JElkD/RyXg4jOF0cf/z+4VznU8zh2SmdqxWy1cFBIzOYh/JWawOuF1MMUeTBHqydyGYLmhTHhHRssVlQGOuuGjL4QEmZEAJZdlcwHdR3+8KesoZ/YEqPX3nGfR6osfcl9rqHDGOlhWS2uc9ohHibCWGLHXhUTIHivai5KDTV7RphXsFV6ESmnA9c4mruFDQ/grMznFhDlz5VuMq9PxVB38vezULfwXutVocB277rOC+Pjne1lnhrVuXGvRrjcuaTY3Df2WAjXzhxFSTMj6lIY0huSuptzo7yjFfKU0UE/5FnK8UF+CMU51FaIn5P/L2S1e1nio9w6WaOWusikYstlu5STafqn3lbVmruO9FpqV0xjy0BRpbhR8cshDxLQPdfJwEbqsMMEQgx3M9OqjjqLr1gWKx5lJ2uteX19WXJkp2f0NE8v2pOTakZL2otwtO/7fg7C04vfckODeMwVVlWCIHpFt+1dVtXWH7Ri+Md7pbx4uLfAWNSrFtxrD3KEYMcvTpc8cRk1oTHMbF9V+I4WAlWx9b9jd9aCpEmd/IlEhQPALTFHsFeYRJsUQCnxG5hd6PMNttxYeOXPneT6t2VKpC+5rTqr0crBlOepHn7xfiNBCIOLqyrWO+aiTSq4lEwKECERF7mXHgyEdz8Zmi+UU4Qyn/6Hq3RYGy19tV8+165+yod8Bpld6ZWfPk24MsJjHx06xt+rd2fhX9q0sEDqZ+rgkXDfhCbLE9mNl2y0AD3ZdtFk8iy0Dst7k6uLnq7Wqu7FaZq54hSY8P4/aonmO1TPVss2z0PZa2SkigY0UzWeUnpe0SeYrlwVh8PkviLBXYiVXJ9IPGArZNfAUsXAdRLwvFNEYbtSVFgkTkC1K2BdiCceBWgow9SG5UR4R9P1P1Oq7pfN1UngYYCXZgpO26x+Rk96ObyZ3Z+HoOtGsw1i7jZl8Zygofv05OyXe7wvVSBl7ju8b1UgiazaKPIR6gXfJhButcZHvysFZQP3kECyjMostexwKNOEXNlNYcXR3XJZoZdBXFFDGxtTai2C4YzYrgYCxrf39Ifx5IYASY4Z8Pg7OrAu5hmEDDfkvJjtgQ6KtgZd8iuWtdWteuA/rq80qPk3YrkpfTFgNpEKToICcwtpmzDyGKaJyBAb0pfM4iYCFCMtSVtgDHYUfuZJRrKA5WOcWjUSLCV1XPP89IuK4EanePGgmbSeDdEkZ5HgOThAjwOM74G8EfOedEJiNzmEDyeSova6vLH5iJ7mvO47g8rKti94gE38dzjSm9/2by8a0MlYs0g+VGDLCtZJlhU/SLq1B9k2L8XhONEUxnTBYVLBgLWRllKXMx/TNrZJVi2nyhBjnDQae2Bhp51pcBozt7SmAcfj4NQu8jxNhU7cOeBO56vu78WjRxYV1egeIc6izO3Htbh+tH7kcNbfqGGc0DmMz/MZQIsd4vkWkkcdF52jN9z3GPUJ0659NkttfmR+nAVd2TjCb69sHQNw+DKkdogyLCPkBsRlDAWxeZbWgHqNGO2gdND6cdZrrUrHY0IdPdtgm1mZLk0ZCgPQj3Lv8BcSYCvelb6yT6uKfP5qNF2Znhyd3iBk7OqXEyq8s346EU4MlDC9BqGViHtpIn+VPP5rOlJ7eroOa8n81Snh1LjzCLLors3PoCmZ8HEedhZ50d7KwNjqoTZjay9n1WkFVPwvyh4bwml/OtWl+tJC9Zainzl3Mutdax9KhlusIe1JZas2pqwugc++jAGvhOGFbnlpp6SkQ0yz+y5gWE8u/A4O5/</diagram></mxfile>
<mxfile host="app.diagrams.net" modified="2024-03-11T08:49:36.194Z" agent="Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36" etag="gg8zenkOYG1FZ9Vb36xT" version="21.6.9" type="device">
<diagram id="4OHlktra853td-nATEaD" name="Page-1">
<mxGraphModel dx="1194" dy="731" grid="1" gridSize="10" guides="1" tooltips="1" connect="1" arrows="1" fold="1" page="1" pageScale="1" pageWidth="850" pageHeight="1100" math="0" shadow="0">
<root>
<mxCell id="0" />
<mxCell id="1" parent="0" />
<mxCell id="NFTrpatYoSMDDnahwGzO-29" value="" style="rounded=0;whiteSpace=wrap;html=1;fontSize=10;fillColor=#d5e8d4;strokeColor=#82b366;" parent="1" vertex="1">
<mxGeometry x="10" y="310" width="370" height="60" as="geometry" />
</mxCell>
<mxCell id="NFTrpatYoSMDDnahwGzO-22" value="" style="rounded=0;whiteSpace=wrap;html=1;fontSize=10;fillColor=#f5f5f5;fontColor=#333333;strokeColor=#666666;" parent="1" vertex="1">
<mxGeometry x="10" width="100" height="50" as="geometry" />
</mxCell>
<mxCell id="NFTrpatYoSMDDnahwGzO-21" value="" style="rounded=0;whiteSpace=wrap;html=1;fontSize=10;fillColor=#f5f5f5;fontColor=#333333;strokeColor=#666666;" parent="1" vertex="1">
<mxGeometry x="280" width="100" height="50" as="geometry" />
</mxCell>
<mxCell id="NFTrpatYoSMDDnahwGzO-20" value="" style="rounded=0;whiteSpace=wrap;html=1;fontSize=10;fillColor=#f5f5f5;fontColor=#333333;strokeColor=#666666;" parent="1" vertex="1">
<mxGeometry x="10" y="90" width="370" height="190" as="geometry" />
</mxCell>
<mxCell id="NFTrpatYoSMDDnahwGzO-7" style="edgeStyle=orthogonalEdgeStyle;rounded=0;orthogonalLoop=1;jettySize=auto;html=1;exitX=0.5;exitY=1;exitDx=0;exitDy=0;entryX=0.5;entryY=0;entryDx=0;entryDy=0;" parent="1" source="NFTrpatYoSMDDnahwGzO-18" target="NFTrpatYoSMDDnahwGzO-5" edge="1">
<mxGeometry relative="1" as="geometry">
<mxPoint x="149.9999999999999" y="180" as="sourcePoint" />
</mxGeometry>
</mxCell>
<mxCell id="NFTrpatYoSMDDnahwGzO-8" style="edgeStyle=orthogonalEdgeStyle;rounded=0;orthogonalLoop=1;jettySize=auto;html=1;exitX=0.5;exitY=1;exitDx=0;exitDy=0;entryX=0.5;entryY=0;entryDx=0;entryDy=0;" parent="1" source="NFTrpatYoSMDDnahwGzO-18" target="NFTrpatYoSMDDnahwGzO-6" edge="1">
<mxGeometry relative="1" as="geometry">
<mxPoint x="149.9999999999999" y="180" as="sourcePoint" />
<Array as="points">
<mxPoint x="195" y="210" />
<mxPoint x="240" y="210" />
</Array>
</mxGeometry>
</mxCell>
<mxCell id="NFTrpatYoSMDDnahwGzO-19" value="Generate(), Sign(), Verify()" style="edgeStyle=orthogonalEdgeStyle;rounded=0;orthogonalLoop=1;jettySize=auto;html=1;exitX=0.5;exitY=1;exitDx=0;exitDy=0;entryX=0.5;entryY=0;entryDx=0;entryDy=0;fontSize=10;startArrow=classic;startFill=1;labelBackgroundColor=#F5F5F5;" parent="1" source="NFTrpatYoSMDDnahwGzO-1" target="NFTrpatYoSMDDnahwGzO-18" edge="1">
<mxGeometry relative="1" as="geometry" />
</mxCell>
<mxCell id="NFTrpatYoSMDDnahwGzO-1" value="cmcd" style="rounded=0;whiteSpace=wrap;html=1;" parent="1" vertex="1">
<mxGeometry x="20" y="100" width="350" height="30" as="geometry" />
</mxCell>
<mxCell id="NFTrpatYoSMDDnahwGzO-33" value="/dev/sev-guest" style="edgeStyle=orthogonalEdgeStyle;rounded=0;orthogonalLoop=1;jettySize=auto;html=1;exitX=0.5;exitY=1;exitDx=0;exitDy=0;entryX=0.5;entryY=0;entryDx=0;entryDy=0;labelBackgroundColor=#FFFFFF;fontSize=10;startArrow=classic;startFill=1;" parent="1" source="NFTrpatYoSMDDnahwGzO-2" target="NFTrpatYoSMDDnahwGzO-32" edge="1">
<mxGeometry relative="1" as="geometry" />
</mxCell>
<mxCell id="NFTrpatYoSMDDnahwGzO-2" value="SNP driver" style="rounded=0;whiteSpace=wrap;html=1;" parent="1" vertex="1">
<mxGeometry x="20" y="240" width="80" height="30" as="geometry" />
</mxCell>
<mxCell id="hybUG0nslqYRsCqv7fSd-3" style="edgeStyle=orthogonalEdgeStyle;rounded=0;orthogonalLoop=1;jettySize=auto;html=1;exitX=0.5;exitY=1;exitDx=0;exitDy=0;entryX=0.5;entryY=0;entryDx=0;entryDy=0;" parent="1" source="NFTrpatYoSMDDnahwGzO-5" target="hybUG0nslqYRsCqv7fSd-1" edge="1">
<mxGeometry relative="1" as="geometry" />
</mxCell>
<mxCell id="NFTrpatYoSMDDnahwGzO-5" value="SGX driver" style="rounded=0;whiteSpace=wrap;html=1;" parent="1" vertex="1">
<mxGeometry x="110" y="240" width="80" height="30" as="geometry" />
</mxCell>
<mxCell id="NFTrpatYoSMDDnahwGzO-34" value="/dev/tpm0" style="edgeStyle=orthogonalEdgeStyle;rounded=0;orthogonalLoop=1;jettySize=auto;html=1;exitX=0.5;exitY=1;exitDx=0;exitDy=0;entryX=0.5;entryY=0;entryDx=0;entryDy=0;labelBackgroundColor=#FFFFFF;fontSize=10;startArrow=classic;startFill=1;" parent="1" source="NFTrpatYoSMDDnahwGzO-6" target="NFTrpatYoSMDDnahwGzO-31" edge="1">
<mxGeometry relative="1" as="geometry" />
</mxCell>
<mxCell id="NFTrpatYoSMDDnahwGzO-6" value="TPM driver" style="rounded=0;whiteSpace=wrap;html=1;" parent="1" vertex="1">
<mxGeometry x="200" y="240" width="80" height="30" as="geometry" />
</mxCell>
<mxCell id="NFTrpatYoSMDDnahwGzO-10" value="One or multiple drivers can be used at once" style="text;html=1;strokeColor=none;fillColor=none;align=center;verticalAlign=middle;whiteSpace=wrap;rounded=0;fontSize=10;" parent="1" vertex="1">
<mxGeometry x="390" y="240" width="155" height="30" as="geometry" />
</mxCell>
<mxCell id="NFTrpatYoSMDDnahwGzO-14" style="edgeStyle=orthogonalEdgeStyle;rounded=0;orthogonalLoop=1;jettySize=auto;html=1;exitX=0.5;exitY=1;exitDx=0;exitDy=0;entryX=0.5;entryY=0;entryDx=0;entryDy=0;fontSize=10;" parent="1" source="NFTrpatYoSMDDnahwGzO-12" target="NFTrpatYoSMDDnahwGzO-1" edge="1">
<mxGeometry relative="1" as="geometry" />
</mxCell>
<mxCell id="NFTrpatYoSMDDnahwGzO-17" value="aTLS" style="edgeStyle=orthogonalEdgeStyle;rounded=0;orthogonalLoop=1;jettySize=auto;html=1;exitX=1;exitY=0.5;exitDx=0;exitDy=0;entryX=0;entryY=0.5;entryDx=0;entryDy=0;fontSize=10;startArrow=classic;startFill=1;" parent="1" source="NFTrpatYoSMDDnahwGzO-12" target="NFTrpatYoSMDDnahwGzO-13" edge="1">
<mxGeometry relative="1" as="geometry" />
</mxCell>
<mxCell id="NFTrpatYoSMDDnahwGzO-12" value="testtool (client)" style="rounded=0;whiteSpace=wrap;html=1;fontSize=10;" parent="1" vertex="1">
<mxGeometry x="20" y="10" width="80" height="30" as="geometry" />
</mxCell>
<mxCell id="NFTrpatYoSMDDnahwGzO-13" value="testtool (server)" style="rounded=0;whiteSpace=wrap;html=1;fontSize=10;" parent="1" vertex="1">
<mxGeometry x="290" y="10" width="80" height="30" as="geometry" />
</mxCell>
<mxCell id="NFTrpatYoSMDDnahwGzO-9" value="CMC Interface (gRPC)" style="edgeStyle=orthogonalEdgeStyle;rounded=0;orthogonalLoop=1;jettySize=auto;html=1;exitX=0.5;exitY=1;exitDx=0;exitDy=0;entryX=0.5;entryY=0;entryDx=0;entryDy=0;fontSize=10;" parent="1" source="NFTrpatYoSMDDnahwGzO-13" target="NFTrpatYoSMDDnahwGzO-1" edge="1">
<mxGeometry x="0.5385" relative="1" as="geometry">
<mxPoint x="150.09523809523807" y="20" as="sourcePoint" />
<mxPoint as="offset" />
</mxGeometry>
</mxCell>
<mxCell id="NFTrpatYoSMDDnahwGzO-15" value="Daemon reachable to attesting / verifying components" style="text;html=1;strokeColor=none;fillColor=none;align=center;verticalAlign=middle;whiteSpace=wrap;rounded=0;fontSize=10;" parent="1" vertex="1">
<mxGeometry x="390" y="100" width="145" height="30" as="geometry" />
</mxCell>
<mxCell id="NFTrpatYoSMDDnahwGzO-16" value="Example application making use of the cmcd" style="text;html=1;strokeColor=none;fillColor=none;align=center;verticalAlign=middle;whiteSpace=wrap;rounded=0;fontSize=10;" parent="1" vertex="1">
<mxGeometry x="395" y="10" width="145" height="30" as="geometry" />
</mxCell>
<mxCell id="NFTrpatYoSMDDnahwGzO-3" value="&lt;div style=&quot;font-size: 10px;&quot;&gt;&lt;font style=&quot;font-size: 10px;&quot;&gt;Measurer and/or &lt;br style=&quot;font-size: 10px;&quot;&gt;&lt;/font&gt;&lt;/div&gt;&lt;div style=&quot;font-size: 10px;&quot;&gt;&lt;font style=&quot;font-size: 10px;&quot;&gt;Signer Interface (golang)&lt;br style=&quot;font-size: 10px;&quot;&gt;&lt;/font&gt;&lt;/div&gt;" style="edgeStyle=orthogonalEdgeStyle;rounded=0;orthogonalLoop=1;jettySize=auto;html=1;exitX=0.5;exitY=1;exitDx=0;exitDy=0;fontSize=10;labelBackgroundColor=#F5F5F5;" parent="1" source="NFTrpatYoSMDDnahwGzO-18" target="NFTrpatYoSMDDnahwGzO-2" edge="1">
<mxGeometry x="-0.7333" relative="1" as="geometry">
<mxPoint x="149.9999999999999" y="180" as="sourcePoint" />
<Array as="points">
<mxPoint x="195" y="210" />
<mxPoint x="60" y="210" />
</Array>
<mxPoint as="offset" />
</mxGeometry>
</mxCell>
<mxCell id="NFTrpatYoSMDDnahwGzO-18" value="attestationreport" style="rounded=0;whiteSpace=wrap;html=1;" parent="1" vertex="1">
<mxGeometry x="20" y="160" width="350" height="30" as="geometry" />
</mxCell>
<mxCell id="NFTrpatYoSMDDnahwGzO-23" value="" style="rounded=0;whiteSpace=wrap;html=1;fontSize=10;fillColor=#f5f5f5;fontColor=#333333;strokeColor=#666666;" parent="1" vertex="1">
<mxGeometry x="10" y="379" width="10" height="10" as="geometry" />
</mxCell>
<mxCell id="NFTrpatYoSMDDnahwGzO-24" value="Software Component" style="text;html=1;strokeColor=none;fillColor=none;align=left;verticalAlign=middle;whiteSpace=wrap;rounded=0;fontSize=10;" parent="1" vertex="1">
<mxGeometry x="20" y="369" width="100" height="30" as="geometry" />
</mxCell>
<mxCell id="NFTrpatYoSMDDnahwGzO-25" value="" style="rounded=0;whiteSpace=wrap;html=1;fontSize=10;" parent="1" vertex="1">
<mxGeometry x="140" y="379" width="10" height="10" as="geometry" />
</mxCell>
<mxCell id="NFTrpatYoSMDDnahwGzO-26" value="golang Package" style="text;html=1;strokeColor=none;fillColor=none;align=left;verticalAlign=middle;whiteSpace=wrap;rounded=0;fontSize=10;" parent="1" vertex="1">
<mxGeometry x="150" y="369" width="80" height="30" as="geometry" />
</mxCell>
<mxCell id="NFTrpatYoSMDDnahwGzO-31" value="TPM" style="rounded=0;whiteSpace=wrap;html=1;" parent="1" vertex="1">
<mxGeometry x="200" y="320" width="80" height="40" as="geometry" />
</mxCell>
<mxCell id="NFTrpatYoSMDDnahwGzO-32" value="AMD PSP" style="rounded=0;whiteSpace=wrap;html=1;" parent="1" vertex="1">
<mxGeometry x="20" y="320" width="80" height="40" as="geometry" />
</mxCell>
<mxCell id="NFTrpatYoSMDDnahwGzO-35" value="" style="rounded=0;whiteSpace=wrap;html=1;fontSize=10;fillColor=#d5e8d4;strokeColor=#82b366;" parent="1" vertex="1">
<mxGeometry x="240" y="379" width="10" height="10" as="geometry" />
</mxCell>
<mxCell id="NFTrpatYoSMDDnahwGzO-36" value="Trusted Firm- and Hardware" style="text;html=1;strokeColor=none;fillColor=none;align=left;verticalAlign=middle;whiteSpace=wrap;rounded=0;fontSize=10;" parent="1" vertex="1">
<mxGeometry x="250" y="369" width="130" height="30" as="geometry" />
</mxCell>
<mxCell id="NFTrpatYoSMDDnahwGzO-38" value="Package for generating and verifying attestation reports" style="text;html=1;strokeColor=none;fillColor=none;align=center;verticalAlign=middle;whiteSpace=wrap;rounded=0;fontSize=10;" parent="1" vertex="1">
<mxGeometry x="390" y="160" width="145" height="30" as="geometry" />
</mxCell>
<mxCell id="NFTrpatYoSMDDnahwGzO-40" value="Example of provided Hardware" style="text;html=1;strokeColor=none;fillColor=none;align=center;verticalAlign=middle;whiteSpace=wrap;rounded=0;fontSize=10;" parent="1" vertex="1">
<mxGeometry x="390" y="325" width="155" height="30" as="geometry" />
</mxCell>
<mxCell id="hybUG0nslqYRsCqv7fSd-4" style="edgeStyle=orthogonalEdgeStyle;rounded=0;orthogonalLoop=1;jettySize=auto;html=1;exitX=0.5;exitY=0;exitDx=0;exitDy=0;entryX=0.5;entryY=1;entryDx=0;entryDy=0;" parent="1" source="hybUG0nslqYRsCqv7fSd-1" target="NFTrpatYoSMDDnahwGzO-5" edge="1">
<mxGeometry relative="1" as="geometry" />
</mxCell>
<mxCell id="hybUG0nslqYRsCqv7fSd-1" value="Intel SGX CPU" style="rounded=0;whiteSpace=wrap;html=1;" parent="1" vertex="1">
<mxGeometry x="110" y="320" width="80" height="40" as="geometry" />
</mxCell>
<mxCell id="c3PVLYxiAtrJ4egzWHBz-1" value="Software driver" style="rounded=0;whiteSpace=wrap;html=1;" vertex="1" parent="1">
<mxGeometry x="290" y="240" width="80" height="30" as="geometry" />
</mxCell>
</root>
</mxGraphModel>
</diagram>
</mxfile>
4 changes: 2 additions & 2 deletions doc/architecture.drawio.svg
View file
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Loading

0 comments on commit 03e7f86

Please sign in to comment.