fix: unify RA-TLS cert attestation format and fix onboard os_image_hash#586
Closed
fix: unify RA-TLS cert attestation format and fix onboard os_image_hash#586
Conversation
Two changes: 1. ra-tls: use unified PHALA_RATLS_ATTESTATION OID for TDX certs instead of the legacy separate TDX_QUOTE + EVENT_LOG OIDs. The new format preserves vm_config (including os_image_hash). The reader already prefers the new format and falls back to old OIDs for backward compat. 2. kms: when the remote source KMS uses the old cert format (missing vm_config), the receiver-side onboard check fills os_image_hash from the local KMS's own value. This is safe because mrAggregated already validates OS image integrity through the RTMR measurement chain. This workaround should be removed once all source KMS instances use the new cert format.
kvinwang
force-pushed
the
fix/ra-tls-cert-format-and-onboard-workaround
branch
from
9f05e22 to
81e4eae
Compare
Collaborator
Author
|
Merged into #585 |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
PHALA_RATLS_ATTESTATIONOID for TDX certs instead of the legacy separateTDX_QUOTE+EVENT_LOGOIDs. The new format preservesvm_config(includingos_image_hash). The reader already prefers the new format and falls back to old OIDs for backward compat with existing certs.vm_config), the receiver-sideensure_kms_allowedfillsos_image_hashfrom the local KMS's own value. This is safe becausemrAggregatedalready validates OS image integrity through the RTMR measurement chain. Marked with TODO to remove once all source KMS instances are upgraded."0x"osImages workaround and note the fix.Test plan
cargo check -p ra-tls -p dstack-kmscargo clippy -p ra-tls -p dstack-kms --all-targets -- -D warningsPHALA_RATLS_ATTESTATIONwithconfigpopulatedos_image_hash