api.py: create CCTrustedApi abstract class

1. create CCTrustedApi class to abstract all interfaces and definitions. 2. implement the sdk.py in VMSDK Signed-off-by: Lu Ken <[email protected]>
cc-api · Dec 20, 2023 · 5b8a59e · 5b8a59e
1 parent 115712e
commit 5b8a59e
Show file tree

Hide file tree

Showing 11 changed files with 259 additions and 101 deletions.
diff --git a/common/python/cctrusted_base/__init__.py b/common/python/cctrusted_base/__init__.py
diff --git a/common/python/cctrusted_base/api.py b/common/python/cctrusted_base/api.py
@@ -0,0 +1,100 @@
+"""
+The CC Trusted API
+"""
+from abc import ABC, abstractmethod
+# pylint: disable=unused-import
+from cctrusted_base.imr import TcgIMR
+from cctrusted_base.quote import Quote
+from cctrusted_base.eventlog import TcgEventLog
+from cctrusted_base.tcg import TcgAlgorithmRegistry
+
+class CCTrustedApi(ABC):
+
+    """Abstract class for CC Trusted API.
+
+    The inherited SDK class will implement the APIs.
+    """
+
+    @abstractmethod
+    def get_default_algorithms(self) -> TcgAlgorithmRegistry:
+        """Get the default Digest algorithms supported by trusted foundation.
+
+        Different trusted foundation may support different algorithms, for example
+        the Intel TDX use SHA384, TPM uses SHA256.
+
+        Beyond the default digest algorithm, some trusted foundation like TPM
+        may support multiple algorithms.
+
+        Returns:
+            The default algorithms.
+        """
+        raise NotImplementedError("Inherited SDK class should implement this.")
+
+    @abstractmethod
+    def get_measurement_count(self) -> int:
+        """Get the count of measurement register.
+
+        Different trusted foundation may provide different count of measurement
+        register. For example, Intel TDX TDREPORT provides the 4 measurement
+        register by default. TPM provides 24 measurement (0~16 for SRTM and 17~24
+        for DRTM).
+
+        Beyond the real mesurement register, some SDK may extend virtual measurement
+        reigster for addtional trust chain like container, namespace, cluster in
+        cloud native paradiagm.
+
+        Returns:
+            The count of measurement registers
+        """
+        raise NotImplementedError("Inherited SDK class should implement this.")
+
+    @abstractmethod
+    def get_measurement(self, imr_select:[int, int]) -> TcgIMR:
+        """Get measurement register according to given selected index and algorithms
+
+        Each trusted foundation in CC environment provides the multiple measurement
+        registers, the count is update to ``get_measurement_count()``. And for each
+        measurement register, it may provides multiple digest for different algorithms.
+
+        Args:
+            imr_select ([int, int]): The first is index of measurement register,
+                the second is the alrogithms ID
+
+        Returns:
+            The object of TcgIMR
+        """
+        raise NotImplementedError("Inherited SDK class should implement this.")
+
+    @abstractmethod
+    def get_quote(self, nonce: bytearray, data: bytearray, extraArgs=None) -> Quote:
+        """Get the quote for given nonce and data.
+
+        The quote is signing of attestation data (IMR values or hashes of IMR
+        values), made by a trusted foundation (TPM) using a key trusted by the
+        verifier.
+
+        Different trusted foundation may use different quote format.
+
+        Args:
+            nonce (bytearray): against replay attacks.
+            data (bytearray): user data
+            extraArgs: for TPM, it will be given list of IMR/PCRs
+
+        Returns:
+            The ``Quote`` object.
+        """
+        raise NotImplementedError("Inherited SDK class should implement this.")
+
+    @abstractmethod
+    def get_eventlog(self, start:int = None, count:int = None) -> TcgEventLog:
+        """Get eventlog for given index and count.
+
+        TCG log in Eventlog. Verify to spoof events in the TCG log, hence defeating
+        remotely-attested measured-boot.
+        To measure the full CC runtime environment, the eventlog may include addtional
+        OS type and cloud native type event beyond the measured-boot.
+
+        Returns:
+            ``TcgEventLog`` object.
+        """
+        raise NotImplementedError("Inherited SDK class should implement this.")
diff --git a/vmsdk/python/cc_event_log_cli.py b/vmsdk/python/cc_event_log_cli.py
@@ -2,13 +2,13 @@
 Command line to dump the cc event logs
 """
 import logging
-import cctrusted
+from cctrusted import CCTrustedVmSdk
 
 LOG = logging.getLogger(__name__)
 
 logging.basicConfig(level=logging.NOTSET, format='%(message)s')
 
-event_logs = cctrusted.get_eventlog()
+event_logs = CCTrustedVmSdk.inst().get_eventlog()
 LOG.info("Total %d of event logs fetched.", len(event_logs.event_logs))
 event_logs.spec_id_header.dump()
 for e in event_logs.event_logs:

diff --git a/vmsdk/python/cc_imr_cli.py b/vmsdk/python/cc_imr_cli.py
@@ -3,16 +3,16 @@
 Command line to dump the integrated measurement register
 """
 import logging
-import cctrusted
+from cctrusted import CCTrustedVmSdk
 
 LOG = logging.getLogger(__name__)
 
 logging.basicConfig(level=logging.NOTSET, format='%(name)s %(levelname)-8s %(message)s')
 
-count = cctrusted.get_measurement_count()
-for index in range(cctrusted.get_measurement_count()):
-    alg = cctrusted.get_default_algorithms()
-    digest_obj = cctrusted.get_measurement([index, alg.alg_id])
+count = CCTrustedVmSdk.inst().get_measurement_count()
+for index in range(CCTrustedVmSdk.inst().get_measurement_count()):
+    alg = CCTrustedVmSdk.inst().get_default_algorithms()
+    digest_obj = CCTrustedVmSdk.inst().get_measurement([index, alg.alg_id])
 
     hash_str = ""
     for hash_item in digest_obj.hash:

diff --git a/vmsdk/python/cc_quote_cli.py b/vmsdk/python/cc_quote_cli.py
@@ -3,7 +3,7 @@
 """
 import argparse
 import logging
-import cctrusted
+from cctrusted import CCTrustedVmSdk
 
 LOG = logging.getLogger(__name__)
 OUT_FORMAT_RAW = "raw"
@@ -32,6 +32,6 @@
     parser.exit(2, "Specified output format is not supported!")
 
 logging.basicConfig(level=logging.NOTSET, format='%(name)s %(levelname)-8s %(message)s')
-quote = cctrusted.get_quote(None, None, None)
+quote = CCTrustedVmSdk.inst().get_quote(None, None, None)
 if quote is not None:
     quote.dump(dump_raw)
diff --git a/vmsdk/python/cctrusted/__init__.py b/vmsdk/python/cctrusted/__init__.py
@@ -3,5 +3,5 @@
 """
 
 # pylint: disable=syntax-error
-from .api import*
-from .api_tdx import *
+from cctrusted.sdk import*
+from cctrusted.tdx import *
diff --git a/vmsdk/python/cctrusted/api.py b/vmsdk/python/cctrusted/api.py
diff --git a/vmsdk/python/cctrusted/api_tdx.py b/vmsdk/python/cctrusted/api_tdx.py
diff --git a/vmsdk/python/cctrusted/sdk.py b/vmsdk/python/cctrusted/sdk.py
@@ -0,0 +1,126 @@
+"""
+The VMSDK implementation for ``CCTrusted`` API.
+"""
+import logging
+
+# pylint: disable=unused-import
+from cctrusted_base.api import CCTrustedApi
+from cctrusted_base.imr import TcgIMR
+from cctrusted_base.quote import Quote
+from cctrusted_base.eventlog import TcgEventLog
+from cctrusted_base.tcg import TcgAlgorithmRegistry
+from cctrusted.cvm import ConfidentialVM
+
+
+LOG = logging.getLogger(__name__)
+
+class CCTrustedVmSdk(CCTrustedApi):
+
+    """CC trusted API implementation for a general CVM."""
+
+    _inst = None
+
+    @classmethod
+    def inst(cls):
+        """Singleton instance function."""
+        if cls._inst is None:
+            cls._inst = cls()
+        return cls._inst
+
+    def __init__(self):
+        """Contrustor of CCTrustedCVM."""
+        self._cvm = ConfidentialVM.inst()
+
+    def get_default_algorithms(self) -> TcgAlgorithmRegistry:
+        """Get the default Digest algorithms supported by trusted foundation.
+
+        Different trusted foundation may support different algorithms, for example
+        the Intel TDX use SHA384, TPM uses SHA256.
+
+        Beyond the default digest algorithm, some trusted foundation like TPM
+        may support multiple algorithms.
+
+        Returns:
+            The default algorithms.
+        """
+        return TcgAlgorithmRegistry(self._cvm.default_algo_id)
+
+    def get_measurement_count(self) -> int:
+        """Get the count of measurement register.
+
+        Different trusted foundation may provide different count of measurement
+        register. For example, Intel TDX TDREPORT provides the 4 measurement
+        register by default. TPM provides 24 measurement (0~16 for SRTM and 17~24
+        for DRTM).
+
+        Beyond the real mesurement register, some SDK may extend virtual measurement
+        reigster for addtional trust chain like container, namespace, cluster in
+        cloud native paradiagm.
+
+        Returns:
+            The count of measurement registers
+        """
+        return len(self._cvm.imrs)
+
+    def get_measurement(self, imr_select:[int, int]) -> TcgIMR:
+        """Get measurement register according to given selected index and algorithms
+
+        Each trusted foundation in CC environment provides the multiple measurement
+        registers, the count is update to ``get_measurement_count()``. And for each
+        measurement register, it may provides multiple digest for different algorithms.
+
+        Args:
+            imr_select ([int, int]): The first is index of measurement register,
+                the second is the alrogithms ID
+
+        Returns:
+            The object of TcgIMR
+        """
+        imr_index = imr_select[0]
+        algo_id = imr_select[1]
+
+        if imr_index not in self._cvm.imrs:
+            LOG.error("Invalid select index for IMR.")
+            return None
+
+        if algo_id is None or algo_id is TcgAlgorithmRegistry.TPM_ALG_ERROR:
+            algo_id = self._cvm.default_algo_id
+
+        return self._cvm.imrs[imr_index].digest(algo_id)
+
+    def get_quote(self, nonce: bytearray, data: bytearray, extraArgs=None) -> Quote:
+        """Get the quote for given nonce and data.
+
+        The quote is signing of attestation data (IMR values or hashes of IMR
+        values), made by a trusted foundation (TPM) using a key trusted by the
+        verifier.
+
+        Different trusted foundation may use different quote format.
+
+        Args:
+            nonce (bytearray): against replay attacks.
+            data (bytearray): user data
+            extraArgs: for TPM, it will be given list of IMR/PCRs
+
+        Returns:
+            The ``Quote`` object.
+        """
+        return self._cvm.get_quote(nonce, data, extraArgs)
+
+    def get_eventlog(self, start:int = None, count:int = None) -> TcgEventLog:
+        """Get eventlog for given index and count.
+
+        TCG log in Eventlog. Verify to spoof events in the TCG log, hence defeating
+        remotely-attested measured-boot.
+        To measure the full CC runtime environment, the eventlog may include addtional
+        OS type and cloud native type event beyond the measured-boot.
+
+        Returns:
+            ``TcgEventLog`` object.
+        """
+        event_logs = TcgEventLog(self._cvm.cc_event_log)
+        event_logs.select(start, count,
+            self._cvm.ccel_data.log_area_start_address,
+            self._cvm.ccel_data.log_area_minimum_length)
+
+        return event_logs