Full Verification

PreviousVerifying a SecretVM NextQuick Verification

Last updated 1 day ago

Was this helpful?

Full Verification

Follow the process below to verify the integrity of a given SecretVM instance:

Retrieve the Attestation Quote

Retrieve the Attestation Quote by accessing the <your_machine_url>:29343/cpu.html endpoint on your machine. Copy the Attestation Quote to use in the next step.

To rule out a man-in-the-middle attack, view the certificate that secures the connection and note its fingerprint value

Verify and Parse the Attestation Quote

Use SecretAI Portal's page to paste the Attestation Quote on the Verify CPU Attestation tab and click "Verify" to confirm the validity of the quote and see the values of the attestation report fields.

Note the values of mr_td, rtrmr0, rtmr1, rtmr2, rtmr3 and the report_data registers

Build the SecretVM artifacts

Clone the repository and follow instructions to build the four artifacts.

The following artifacts will be required:

ovmf.fd - the OVMF-based firmware
bzImage - the OS Kernel
initramfs.cpio.gz - the compressed initial RAM filesystem (initramfs) image
rootfs.cpio - the archive file containing the root file system

The source code for all the components is available in their respective repositories that can be found in Yocto Recipe files.

Alternatively, the artifacts can be downloaded from github .

Independently Calculate the Expected Register Values

We provide a tool (based on Phala's and Oasis' ) to perform the calculation of the relevant attestation report fields from the artifacts.

Run reproduce-mr passing all the necessary parameters to independently calculate the MRTD, RTMR0, RTMR1, RTMR2 and RTMR3 registers of the Attestation Report.

Example: ./reproduce-mr -fw ovmf.fd -kernel bzImage -initrd auto/initramfs.cpio.gz -dockercompose config/docker-compose.yaml -rootfs rootfs.iso -memory 2G -cpu 1 -cmdline "console=ttyS0 loglevel=7 clearcpuid=mtrr,rtmr ro initrd=initrd"

Sample output:

^{_{MRTD: ba87a347454466680bfd267446df89d8117c04ea9f28234dd3d84e1a8a957d5adaf02d4aa88433b559fb13bd40f0109e
RTMR0: b6941a8c47be7050bdba6220b915e141c5e33b9c32d9446f743fe5e73cc7612f55acfa662262d1ea2b8017e519c07a7c
RTMR1: 4afcac4edf01c068d1a623ec69519c9c3a7abc91e3e71a578a5ba346e60c02316d3eeee3a4237e9a4278f2af592211ec
RTMR2: c8f67a1007adb5759cbb5d57b2136bcc54c2d2e4d3bac763b9de4cab78729752d4dff1f054bfbcb38443fa71460e37a2
RTMR3: 9959d12cfe7a120fe363e47e7accb9bd15fba4665bdb8b5186a2b57d7bf1999664a8295d51944f0227eb8ceaeefde133
MR_AGGREGATED: c3c786f51c9d0af4c05a695f84294860af80aed7a643e865b080c3be56fdbcc6
MR_IMAGE: efae035908324f4583713a3c9af4f30b1b87c33ec88ed29681742e13acb9e879}}

Compare and Validate

Validate if the calculated register values to the one observed in Step 2

If the values match, you just confirmed that you are dealing with a genuine Confidential Virtual Machine, that it is composed of the exact artifacts that you built/downloaded, and that it is running the specific docker-compose.yaml file.

Rule out Man-in-the-Midlde Attacks

Verify that the first part of the report_data field matches the fingerprint of the TLS certificate that was retrieved in Step 1

PreviousVerifying a SecretVM NextQuick Verification

Last updated 1 day ago

Was this helpful?

Follow the process below to verify the integrity of a given SecretVM instance:

Retrieve the Attestation Quote

Retrieve the Attestation Quote by accessing the <your_machine_url>:29343/cpu.html endpoint on your machine. Copy the Attestation Quote to use in the next step.

To rule out a man-in-the-middle attack, view the certificate that secures the connection and note its fingerprint value

Verify and Parse the Attestation Quote

Note the values of mr_td, rtrmr0, rtmr1, rtmr2, rtmr3 and the report_data registers

Build the SecretVM artifacts

Clone the repository and follow instructions to build the four artifacts.

The following artifacts will be required:

ovmf.fd - the OVMF-based firmware
bzImage - the OS Kernel
initramfs.cpio.gz - the compressed initial RAM filesystem (initramfs) image
rootfs.cpio - the archive file containing the root file system

The source code for all the components is available in their respective repositories that can be found in Yocto Recipe files.

Alternatively, the artifacts can be downloaded from github .

Independently Calculate the Expected Register Values

We provide a tool (based on Phala's and Oasis' ) to perform the calculation of the relevant attestation report fields from the artifacts.

Run reproduce-mr passing all the necessary parameters to independently calculate the MRTD, RTMR0, RTMR1, RTMR2 and RTMR3 registers of the Attestation Report.

Sample output:

Compare and Validate

Validate if the calculated register values to the one observed in Step 2

Rule out Man-in-the-Midlde Attacks

Verify that the first part of the report_data field matches the fingerprint of the TLS certificate that was retrieved in Step 1