Skip to content

[GCP]Policy deny when set snp measurement as policy #719

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
yuxisun1217 opened this issue Feb 25, 2025 · 3 comments
Open

[GCP]Policy deny when set snp measurement as policy #719

yuxisun1217 opened this issue Feb 25, 2025 · 3 comments
Labels
bug Something isn't working

Comments

@yuxisun1217
Copy link

yuxisun1217 commented Feb 25, 2025
edited
Loading

Describe the bug

In GCP VM if use snp measurement as policy it always hit "PolicyDeny" error when get-resource.
The attestation step can pass.

Server policy:

package policy
default allow = false
input_tcb := input["tcb-status"]
allow {
    input_tcb["snp"]["measurement"] == "WerZtCZk1U/aVPcHZwOG9hsdO9NOLajI+awGfmF6Cq5GIzBKSqmLswdWr/tLbAoF"
}

Attestation token:

eyJhbGciOiJSUzM4NCIsImp3ayI6eyJhbGciOiJSUzM4NCIsImUiOiJBUUFCIiwia3R5IjoiUlNBIiwibiI6InZsaE9YdFQ4WE8yY2xvNUl1d1Q3ai0zN21EWWdkSmFUQUw4anhPRFdwZkYzUFU0ajhqQ2J4NFRteWhvSEZ2eUNJUDlhMG9tX0xHbTdPdGQxOUJTU2dSOEdlQkczLVRkOHZJVGZnOG5oTXAzZ2toQ3FuTTJocnJzT3hLMFgwb2dpTkRTbFpqbjZ5T3RkYUJ6ejNmbU4tUE5ybzNjcGp1Q3ZYS3ZjaW5UWENwaFVxdVJoMmhkbFNINFFLemhRNjJhQlptR0pNRm5TX0xnRHZKRGFGZFNOcGdQNnBySllHdnUwMW5zQjREWjJrS2pteFFQNFZ6LUdSQTdUdzc3RHRPMFdveHpUNnlpTEtOZEdGTkhGN3ZIMVFtVVZsWm1JTHpHaGdXM2dfWDlSZ2NJN25jT1o4SmZ1Ym9QMnJhS0tRRlRXdFd2UldXOE5wNkY2UmRJQmtsdnV6dyJ9LCJ0eXAiOiJKV1QifQ.eyJjdXN0b21pemVkX2NsYWltcyI6eyJpbml0X2RhdGEiOm51bGwsInJ1bnRpbWVfZGF0YSI6eyJub25jZSI6IldUWGNTNlBQbzRsY2hId2JPSmVUeEx1MjRrcUg4MVNCTG4rL3Q4bkxRVDg9IiwidGVlLXB1YmtleSI6eyJhbGciOiJSU0ExXzUiLCJlIjoiQVFBQiIsImt0eSI6IlJTQSIsIm4iOiJwUnc4M05vZ2FUSXc0eVY0ZGVqV1M3dHhXQlBudDhsU2g2a0Rfa19TYjc2R1hmU1p1dEhOY2tQdTh6RXRlcFc0S1AyejVxa1VEcHFLZmdNMFFMTk9jTGpERzZWeG9rNjlvdkxPUEl0ZEVnNng1MlZYclQ2UEd0Qk1JUG16Y2d4YlZGaGtWcDJXb09pSTZaYmVqRnlXeFRxY1IyU3ZpdmdkdGZDVGdGVEtCUWRSSUZqam1HT2ZBd3FIR1otcjkxeW9YR1dwS09JY050dTdCZzl3Wm93aWtxb0JuZEE4ekNxUnRhT0MzcTJrM0IxdUVQaVVDSGJ2ZVBzQk9UbnVkVHNEbmd4RW15bEE3TDRzTXRkbTIxSmdoakVpM2k5UHRvbjVLMFdHUTRmN01WYlZJZlRLLWhiT3ZwSnd0cUdwOEM0bHJtV2FYZjkxOVhtRjdXMy1sRlhFdFEifX19LCJldmFsdWF0aW9uLXJlcG9ydHMiOlt7InBvbGljeS1oYXNoIjoiYzBlNzkyOTY3MWZiNjc4MDM4N2Y1NDc2MGQ4NGQ2NWQyY2U5NjA5M2RmYjMzZWZkYTIxZjVlYjA1YWZjZGE3N2JiYTQ0NGMwMmNkMTc3YjIzYTVkMzUwNzE2NzI2MTU3IiwicG9saWN5LWlkIjoiZGVmYXVsdCJ9XSwiZXhwIjoxNzQyMzY1NDYzLCJpYXQiOjE3NDIzNjUxNjMsImlzcyI6IkNvQ28tQXR0ZXN0YXRpb24tU2VydmljZSIsImp0aSI6IjhsNGw2YUJqN3IiLCJuYmYiOjE3NDIzNjUxNjMsInRjYi1zdGF0dXMiOiJ7XCJpbml0X2RhdGFcIjpcIkFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUE9XCIsXCJyZXBvcnRfZGF0YVwiOlwiM24xZ0hxYzRraVBTcEVOVjVBSXpsV25BWWQ2N3BNZmloWUhTYmd4dU4yVkhhLy9jNTFLSWtuS1lhK21UUFJQaEFBQUFBQUFBQUFBQUFBQUFBQUFBQUE9PVwiLFwic25wLm1lYXN1cmVtZW50XCI6XCJXZXJadENaazFVL2FWUGNIWndPRzloc2RPOU5PTGFqSSthd0dmbUY2Q3E1R0l6QktTcW1Mc3dkV3IvdExiQW9GXCIsXCJzbnAucGxhdGZvcm1fc210X2VuYWJsZWRcIjpcIjFcIixcInNucC5wbGF0Zm9ybV90c21lX2VuYWJsZWRcIjpcIjBcIixcInNucC5wb2xpY3lfYWJpX21ham9yXCI6XCIwXCIsXCJzbnAucG9saWN5X2FiaV9taW5vclwiOlwiMFwiLFwic25wLnBvbGljeV9kZWJ1Z19hbGxvd2VkXCI6XCIwXCIsXCJzbnAucG9saWN5X21pZ3JhdGVfbWFcIjpcIjBcIixcInNucC5wb2xpY3lfc2luZ2xlX3NvY2tldFwiOlwiMFwiLFwic25wLnBvbGljeV9zbXRfYWxsb3dlZFwiOlwiMVwiLFwic25wLnJlcG9ydGVkX3RjYl9ib290bG9hZGVyXCI6XCI0XCIsXCJzbnAucmVwb3J0ZWRfdGNiX21pY3JvY29kZVwiOlwiMjE5XCIsXCJzbnAucmVwb3J0ZWRfdGNiX3NucFwiOlwiMjRcIixcInNucC5yZXBvcnRlZF90Y2JfdGVlXCI6XCIwXCJ9IiwidGVlIjoic25wIn0.NO8WodwJYN_J0m1jYYGQOrnFdqv_wiOlsy2x-8m2imb0zOv9SmaEh-jK204_V2U2C__JRd89Tw1-5NJrlvmBhTpbGHeuUIXCHXD-nTTsdQQ-4k-yEM6-5kmbCycMxA38bEx9J2-HMIjk4rFscO5OQjbuKVWMElzrRKOeRSgYdlGtqVfMUsCQpj8V8bdPV-pBiLuD440aEpWt0wCsVTHDVAKAyoLwlpkASTV2wiOVUOI6e_ZT5ApGKyV1EX1JxNwgNtHJ5H6OXWQxSYcv8mntkskPkq_id_IJp8slJI4uEVl5jvlfToAlCdsyMK_H4pNE0VhDe5MpBpUeP2er6SUOTg

Attestation token payload:

{
  "customized_claims": {
    "init_data": null,
    "runtime_data": {
      "nonce": "Pn26/CYqumELcdg0zIV989Nll5HEZ/rEF8pUGeiHAgQ=",
      "tee-pubkey": {
        "alg": "RSA1_5",
        "e": "AQAB",
        "kty": "RSA",
        "n": "pRw83NogaTIw4yV4dejWS7txWBPnt8lSh6kD_k_Sb76GXfSZutHNckPu8zEtepW4KP2z5qkUDpqKfgM0QLNOcLjDG6Vxok69ovLOPItdEg6x52VXrT6PGtBMIPmzcgxbVFhkVp2WoOiI6ZbejFyWxTqcR2SvivgdtfCTgFTKBQdRIFjjmGOfAwqHGZ-r91yoXGWpKOIcNtu7Bg9wZowikqoBndA8zCqRtaOC3q2k3B1uEPiUCHbvePsBOTnudTsDngxEmylA7L4sMtdm21JghjEi3i9Pton5K0WGQ4f7MVbVIfTK-hbOvpJwtqGp8C4lrmWaXf919XmF7W3-lFXEtQ"
      }
    }
  },
  "evaluation-reports": [
    {
      "policy-hash": "c0e7929671fb6780387f54760d84d65d2ce96093dfb33efda21f5eb05afcda77bba444c02cd177b23a5d350716726157",
      "policy-id": "default"
    }
  ],
  "exp": 1740477661,
  "iat": 1740477361,
  "iss": "CoCo-Attestation-Service",
  "jti": "NW16c3ZO3x",
  "nbf": 1740477361,
  "tcb-status": "{\"init_data\":\"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=\",\"report_data\":\"hnmityIPJY64Q0Dxk2KBLwVyIuB2lFju8QxCigbQPQVk59DUtQphGhIKeAIqW7XvAAAAAAAAAAAAAAAAAAAAAA==\",\"snp.measurement\":\"WerZtCZk1U/aVPcHZwOG9hsdO9NOLajI+awGfmF6Cq5GIzBKSqmLswdWr/tLbAoF\",\"snp.platform_smt_enabled\":\"1\",\"snp.platform_tsme_enabled\":\"0\",\"snp.policy_abi_major\":\"0\",\"snp.policy_abi_minor\":\"0\",\"snp.policy_debug_allowed\":\"0\",\"snp.policy_migrate_ma\":\"0\",\"snp.policy_single_socket\":\"0\",\"snp.policy_smt_allowed\":\"1\",\"snp.reported_tcb_bootloader\":\"4\",\"snp.reported_tcb_microcode\":\"219\",\"snp.reported_tcb_snp\":\"24\",\"snp.reported_tcb_tee\":\"0\"}",
  "tee": "snp"
}

How to reproduce

kbs-client --url https://trusteeserver:8080 --cert-file /root/host.crt get-resource --attestation-token /root/gcp_attestation_token --tee-key-file /root/trustee/kbs/test/tee_key.pem --path default/test/dummy_test

CoCo version information

kbs 0.1.0

What TEE are you seeing the problem on

Snp

Failing command and relevant log output

Server debug log:
debug.log
@yuxisun1217 yuxisun1217 added the bug Something isn't working label Feb 25, 2025
@fitzthum
Copy link
Member

fitzthum commented Mar 3, 2025

Hm, it would be useful to see the attestation token itself to make sure that it matches up with the policy. Can you get that via debug? (It's not the same as the attestation info that is currently being printed) You'll probably need to add a debug entry in the simple attestation token broker

@yuxisun1217
Copy link
Author

Hi @fitzthum ,

Thanks! Could you please show more details about how to collect this attestation token you need? I'm not very clear how to collect it. Thanks!

@fitzthum
Copy link
Member

If you don't mind changing the source, you can add a debug log around here printing out the token.

I notice your log also has [2025-02-25T09:56:01Z DEBUG actix_web::middleware::logger] Error in response: TokenVerifierError(TokenVerificationFailed { source: Cannot verify token since trusted JWK Set is empty })

it's pretty easy to get around that temporarily by setting insecure_key to true in the config. I'm not sure how that error relates to the PolicyDeny tho.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@fitzthum @yuxisun1217