Skip to content

Commit

Permalink
AA/kbs_protocol: fix JWE decryption logic due to RFC7516
Browse files Browse the repository at this point in the history
Per RFC7516, the AEAD's auth tag should be included inside the JWE body.
We fix this to align with trustee side

confidential-containers/trustee#597

Signed-off-by: Xynnn007 <[email protected]>
  • Loading branch information
Xynnn007 committed Nov 25, 2024
1 parent 9d75270 commit 2bfe355
Show file tree
Hide file tree
Showing 5 changed files with 43 additions and 33 deletions.
2 changes: 2 additions & 0 deletions attestation-agent/deps/crypto/src/lib.rs
Original file line number Diff line number Diff line change
Expand Up @@ -34,3 +34,5 @@ pub use asymmetric::*;

mod algorithms;
pub use algorithms::*;

const AEAD_AAD: &[u8] = b"CoCo";
9 changes: 6 additions & 3 deletions attestation-agent/deps/crypto/src/native/aes256gcm.rs
Original file line number Diff line number Diff line change
Expand Up @@ -8,6 +8,8 @@
use anyhow::*;
use openssl::symm::Cipher;

use crate::AEAD_AAD;

const TAG_LENGTH: usize = 16;

pub fn decrypt(encrypted_data: &[u8], key: &[u8], iv: &[u8]) -> Result<Vec<u8>> {
Expand All @@ -17,15 +19,16 @@ pub fn decrypt(encrypted_data: &[u8], key: &[u8], iv: &[u8]) -> Result<Vec<u8>>
}

let (data, tag) = encrypted_data.split_at(encrypted_data.len() - TAG_LENGTH);
openssl::symm::decrypt_aead(cipher, key, Some(iv), &[], data, tag)
openssl::symm::decrypt_aead(cipher, key, Some(iv), AEAD_AAD, data, tag)
.map_err(|e| anyhow!(e.to_string()))
}

pub fn encrypt(data: &[u8], key: &[u8], iv: &[u8]) -> Result<Vec<u8>> {
let cipher = Cipher::aes_256_gcm();
let mut tag = [0u8; TAG_LENGTH];
let mut ciphertext = openssl::symm::encrypt_aead(cipher, key, Some(iv), &[], data, &mut tag)
.map_err(|e| anyhow!(e.to_string()))?;
let mut ciphertext =
openssl::symm::encrypt_aead(cipher, key, Some(iv), AEAD_AAD, data, &mut tag)
.map_err(|e| anyhow!(e.to_string()))?;
ciphertext.extend_from_slice(&tag);
Ok(ciphertext)
}
Expand Down
16 changes: 10 additions & 6 deletions attestation-agent/deps/crypto/src/rust/aes256gcm.rs
Original file line number Diff line number Diff line change
Expand Up @@ -5,26 +5,30 @@

//! This mod implements aes-256-gcm encryption & decryption.
use aes_gcm::{aead::Aead, Aes256Gcm, Key, KeyInit, Nonce};
use aes_gcm::{AeadInPlace, Aes256Gcm, Key, KeyInit, Nonce};
use anyhow::*;

use crate::AEAD_AAD;

pub fn decrypt(encrypted_data: &[u8], key: &[u8], iv: &[u8]) -> Result<Vec<u8>> {
let decrypting_key = Key::<Aes256Gcm>::from_slice(key);
let cipher = Aes256Gcm::new(decrypting_key);
let nonce = Nonce::from_slice(iv);
let plain_text = cipher
.decrypt(nonce, encrypted_data)
let mut plaintext = encrypted_data.to_vec();
cipher
.decrypt_in_place(nonce, AEAD_AAD, &mut plaintext)
.map_err(|e| anyhow!("aes-256-gcm decrypt failed: {:?}", e))?;

Ok(plain_text)
Ok(plaintext)
}

pub fn encrypt(data: &[u8], key: &[u8], iv: &[u8]) -> Result<Vec<u8>> {
let encrypting_key = Key::<Aes256Gcm>::from_slice(key);
let cipher = Aes256Gcm::new(encrypting_key);
let nonce = Nonce::from_slice(iv);
let ciphertext = cipher
.encrypt(nonce, data)
let mut ciphertext = data.to_vec();
cipher
.encrypt_in_place(nonce, AEAD_AAD, &mut ciphertext)
.map_err(|e| anyhow!("aes-256-gcm encrypt failed: {:?}", e))?;

Ok(ciphertext)
Expand Down
44 changes: 22 additions & 22 deletions attestation-agent/kbs_protocol/src/client/rcar_client.rs
Original file line number Diff line number Diff line change
Expand Up @@ -406,28 +406,28 @@ mod test {
kbs_config.push("test/kbs-config.toml");
policy.push("test/policy.rego");

let image = GenericImage::new(
"ghcr.io/confidential-containers/staged-images/kbs",
"latest",
)
.with_exposed_port(8085)
.with_volume(
tmp.path().as_os_str().to_string_lossy(),
"/opt/confidential-containers/kbs/repository",
)
.with_volume(
start_kbs_script.into_os_string().to_string_lossy(),
"/usr/local/bin/start_kbs.sh",
)
.with_volume(
kbs_config.into_os_string().to_string_lossy(),
"/etc/kbs-config.toml",
)
.with_volume(
policy.into_os_string().to_string_lossy(),
"/opa/confidential-containers/kbs/policy.rego",
)
.with_entrypoint("/usr/local/bin/start_kbs.sh");
// TODO: remove the changes after
// https://github.com/confidential-containers/trustee/pull/597
// gets merged.
let image = GenericImage::new("xynnn007/kbs", "fix-aead")
.with_exposed_port(8085)
.with_volume(
tmp.path().as_os_str().to_string_lossy(),
"/opt/confidential-containers/kbs/repository",
)
.with_volume(
start_kbs_script.into_os_string().to_string_lossy(),
"/usr/local/bin/start_kbs.sh",
)
.with_volume(
kbs_config.into_os_string().to_string_lossy(),
"/etc/kbs-config.toml",
)
.with_volume(
policy.into_os_string().to_string_lossy(),
"/opa/confidential-containers/kbs/policy.rego",
)
.with_entrypoint("/usr/local/bin/start_kbs.sh");
let kbs = docker.run(image);

tokio::time::sleep(Duration::from_secs(10)).await;
Expand Down
5 changes: 3 additions & 2 deletions attestation-agent/kbs_protocol/src/keypair.rs
Original file line number Diff line number Diff line change
Expand Up @@ -65,8 +65,9 @@ impl TeeKeyPair {
let symkey = self.decrypt(padding_mode, wrapped_symkey)?;

let iv = URL_SAFE_NO_PAD.decode(&response.iv)?;
let ciphertext = URL_SAFE_NO_PAD.decode(&response.ciphertext)?;

let mut ciphertext = URL_SAFE_NO_PAD.decode(&response.ciphertext)?;
let mut tag = URL_SAFE_NO_PAD.decode(&response.tag)?;
ciphertext.append(&mut tag);
let plaintext = crypto::decrypt(Zeroizing::new(symkey), ciphertext, iv, protected.enc)?;

Ok(plaintext)
Expand Down

0 comments on commit 2bfe355

Please sign in to comment.