Investigate support for AMD SEV-SNP attestation #4035

achamayou · 2022-07-14T18:50:33Z

CCF should support requesting, and verifying SEV-SNP attestations.

Work Breakdown:

Attestation verification in standalone library (similar to OpenEnclave functionality)

Get a scriptable way to get and connect to an ACI container
Get quotes from the SEV-SNP platform
Parse quotes for verification
Write function to verify the quote (using AMD root of trust and certificate chain)

Follow-up work has been broken down in #4068, #4069, #4070, #4071, #4072.

jumaffre · 2022-08-04T10:44:16Z

I believe this is effectively done and follow-up tickets have been created to cover the work necessary to complete AMD SEV-SNP support for CCF.

achamayou added enhancement 3.x labels Jul 14, 2022

jumaffre assigned DomAyre and jumaffre Jul 21, 2022

achamayou added the S label Jul 25, 2022

achamayou changed the title ~~Support for AMD SEV-SNP attestation~~ Investigate support for AMD SEV-SNP attestation Jul 25, 2022

shokouedamsr added this to the 3.x milestone Jul 25, 2022

jumaffre closed this as completed Aug 4, 2022

Provide feedback