Signed-off-by: Magnus Kulke <[email protected]>

Signed-off-by: Jeremi Piotrowski <[email protected]>

ReportData is a JSON document, the SHA256 hash of which is included in the
SnpReport ReportData field.

Signed-off-by: Jeremi Piotrowski <[email protected]>

…lic key

Signed-off-by: Jeremi Piotrowski <[email protected]>

Signed-off-by: Jeremi Piotrowski <[email protected]>

* Add quote retrieval code

* Add quote validation code

* Convert akpub type to openssl pubkey

---------

Signed-off-by: Magnus Kulke <[email protected]>

- Add LICENSE
- Reword readmes
- Add copyright messages to source
- Reorganize code
- Add lint, fmt in GA
- Change wd in GA

Signed-off-by: Magnus Kulke <[email protected]>

vTPM report retrieval should be decoupled from parsing the report,
as the verbatim report should be passed as evidence and can be
passed and processed later.

- Use HCL report in binary
- Add lib
- Added more explicit error types
- Change return type for get_ak fn
- Add get_quote cmd
- Expose buf_to_hcl_data(), so we can call it from a verifier
- Make get_report() return raw bytes

Co-authored-by: Suraj Deshmukh <[email protected]>

Signed-off-by: Magnus Kulke <[email protected]>

Export HCL report as library

* Rename library; add metadata to manifest

* Add error enum to verify_report_data; make it a hcl fn

* Added some documentation

* Change wd for rust ci

* Use PCRs 0-7;14 for the quote

---------

Signed-off-by: Magnus Kulke <[email protected]>

Signed-off-by: Magnus Kulke <[email protected]>

Signed-off-by: Suraj Deshmukh <[email protected]>

docs: Add instructions to run e2e test

Add feature flags for attester/verifier code

To allow compilation for small attester bins we can split off the
verifier code, which has a reliance on OpenSSL.

- Code has been moved around a bit to make the split easier
- Added Cargo --feature toggles
- Switch to rsa crate for attester feature
- Switch to ureq for http (reqwest is too heavy for imds calls and
  requires the unused tokio async ecosystem as a dependency)
- Do not parse PEMs in the attester code. If we want to add VCEK +
  ASK to the evidence (like in an extended SNP report) we can parse
  the PEM representation in the verifier code

Signed-off-by: Magnus Kulke <[email protected]>

Signed-off-by: Magnus Kulke <[email protected]>

* Add example sub-project
* Add doc section about vTPM + SNP report

---------

Signed-off-by: Magnus Kulke <[email protected]>
Co-authored-by: Suraj Deshmukh <[email protected]>

Signed-off-by: Magnus Kulke <[email protected]>

* Put openssl types behind feature annotation
* Compile features in CI
* Bump version

---------

Signed-off-by: Magnus Kulke <[email protected]>

---------

Signed-off-by: Magnus Kulke <[email protected]>

- Remove the SUFFIX mechanism, force the user to generate unique names.
- Add a new SSH target which outputs how to SSH depending on the env var
  ASSIGN_PUBLIC_IP.
- Assign domain name to the VM so that we have a predictable DNS name
  for the VM.

Signed-off-by: Suraj Deshmukh <[email protected]>

WIP

Signed-off-by: Suraj Deshmukh <[email protected]>