Skip to content

NOISSUE - Agent Pull mode for remote resources#575

Open
SammyOina wants to merge 58 commits intoultravioletrs:mainfrom
SammyOina:pull-mode
Open

NOISSUE - Agent Pull mode for remote resources#575
SammyOina wants to merge 58 commits intoultravioletrs:mainfrom
SammyOina:pull-mode

Conversation

@SammyOina
Copy link
Contributor

@SammyOina SammyOina commented Jan 27, 2026
edited
Loading

What type of PR is this?

What does this do?

Release Notes

  • New Features

    • Added support for remote algorithm and dataset delivery via encrypted OCI images with decryption
    • Integrated Key-Based Service (KBS) for secure resource management
    • Added AWS credential configuration for cloud resource access
    • Enhanced attestation service with improved evidence handling and logging

  • Documentation

    • Added comprehensive guides for remote resource testing workflows

Which issue(s) does this PR fix/relate to?

  • Related Issue #
  • Resolves #

Have you included tests for your changes?

Did you document any new/modified feature?

Notes

@SammyOina SammyOina mentioned this pull request Jan 28, 2026
Open
@SammyOina SammyOina mentioned this pull request Feb 5, 2026
Open
@SammyOina
feat(kbs): implement KBS client for attestation and resource retrieval
6c9fca1 
- Added KBS client implementation in pkg/kbs/client.go with methods for attestation and resource retrieval.
- Introduced necessary data structures for requests and responses.
- Implemented error handling for various scenarios.

test(kbs): add unit tests for KBS client

- Created comprehensive tests for the KBS client in pkg/kbs/client_test.go.
- Included tests for attestation success and failure cases, as well as resource retrieval.

feat(registry): introduce HTTP and S3 registry implementations

- Added HTTPRegistry for downloading resources over HTTP/HTTPS with retry logic in pkg/registry/http.go.
- Implemented S3Registry for downloading resources from AWS S3 and S3-compatible services in pkg/registry/s3.go.
- Included error handling and configuration options for both registries.

chore(registry): define registry interface and configuration

- Created registry interface and configuration struct in pkg/registry/registry.go.
- Added default configuration settings for registry clients.

docs(cvms): update README for CVMS server configuration and usage

- Enhanced documentation for CVMS server with detailed command-line flags and usage examples.
- Clarified direct upload and remote resource modes, including KBS integration.

fix(cvms): integrate KBS for remote resource handling in main.go

- Updated main.go to support remote datasets and algorithms using KBS.
- Added validation for command-line flags to ensure proper configuration.

Signed-off-by: Sammy Oina <sammyoina@gmail.com>
@SammyOina
fix: Move ifeq conditional outside define block in attestation-servic…
71ea5f2 
…e.mk

Make conditionals cannot be evaluated inside define...endef blocks
when used as recipe bodies. Restructured to define the
ATTESTATION_SERVICE_INSTALL_INIT_SYSTEMD block conditionally based
on BR2_PACKAGE_CC_ATTESTATION_AGENT configuration.
@SammyOina
feat: Implement remote resource downloading for algorithms and datase…
475c4e0 
…ts using AWS S3/MinIO credentials.

Signed-off-by: Sammy Oina <sammyoina@gmail.com>
@SammyOina
feat: Add comprehensive documentation and agent support for testing r…
df7214d 
…emote resource download with KBS attestation.

Signed-off-by: Sammy Oina <sammyoina@gmail.com>
@SammyOina
feat: Improve agent logging for remote resource configuration and KBS…
009a4b2 
… status, and add a testing guide for remote resource downloads with KBS attestation.

Signed-off-by: Sammy Oina <sammyoina@gmail.com>
@SammyOina
feat: Add a comprehensive guide for testing remote resource download …
7cda6f4 
…with KBS attestation and update multiple package versions to a specific commit.

Signed-off-by: Sammy Oina <sammyoina@gmail.com>
@SammyOina
feat: Add failure transitions for resource reception states and a com…
9a2e538 
…prehensive guide for testing remote resource downloads with KBS attestation.

Signed-off-by: Sammy Oina <sammyoina@gmail.com>
@SammyOina
feat: Implement remote resource download with KBS attestation in the …
fc933e8 
…agent and add a comprehensive testing guide.

Signed-off-by: Sammy Oina <sammyoina@gmail.com>
@SammyOina
test: Add comprehensive guide for testing remote resource download wi…
ae1af94 
…th KBS attestation and include a debug log in the attestation client.

Signed-off-by: Sammy Oina <sammyoina@gmail.com>
@SammyOina
feat: Delegate KBS attestation and token retrieval to a new attestati…
660c597 
…on-agent service and document remote resource testing.

Signed-off-by: Sammy Oina <sammyoina@gmail.com>
@SammyOina
client fixes
4a09081 
Signed-off-by: Sammy Oina <sammyoina@gmail.com>
@SammyOina
raw evidence
4053f0d 
Signed-off-by: Sammy Oina <sammyoina@gmail.com>
@SammyOina
fix: Build all Go files in cmd directories, not just main.go
4fbb1ef 
This fixes the issue where fetch_raw_evidence.go wasn't being included
in the attestation-service build.
@SammyOina
fix: Wrap binary evidence in JSON for KBS compatibility
3cb9256 
Fixes 'invalid character' error by wrapping raw binary evidence
in a JSON structure with base64 encoding, as expected by KBS.
@SammyOina
chore: Update buildroot packages to c28cefa
b015dc8 
Includes fixes for:
1. attestation-service build (including fetch_raw_evidence.go)
2. Agent KBS evidence format (wrapping binary in JSON)
@SammyOina
fix: Implement KBS RCAR handshake with cookies
fd13581 
Fixes 'cookie not found' error (401) from KBS by:
1. Adding CookieJar support to KBS client
2. Implementing GetChallenge() to perform /auth handshake and capture session cookie
3. Updating Agent to get challenge, decode nonce, and use it for evidence generation
4. Regenerating mocks
@SammyOina
chore: Update buildroot packages to f6981ac
8b8a7d3 
Includes KBS RCAR handshake fix (cookie support + GetChallenge loop)
@SammyOina
fix: Update KBS client JSON tags to kebab-case
4dd192a 
Fixes deserialization error (401) from KBS by:
1. Using kebab-case (e.g. extra-params) for JSON tags as per protocol.
2. Initializing ExtraParams as empty object {} instead of null/omitted.
@SammyOina
fix: Wrap attestation evidence in primary_evidence format
e83612d 
Updates Agent to construct 'tee-evidence' payload with:
- primary_evidence: containing the actual quote/data
- additional_evidence: empty JSON object

This matches the Confidential Containers KBS Attestation Protocol requirements.
@SammyOina
fix: Update KBS protocol version to 0.4.0
49edbbe 
KBS rejected 0.1.0 with a version mismatch error. Bumping to 0.4.0 to match server expectation.
@SammyOina
fix: Generate ephemeral key for KBS RuntimeData
753ed47 
Updates RuntimeData to include a valid ephemeral EC P-256 public key in JWK format, as required by the KBS RCAR protocol.
Also fixes the KBS client struct to support TEEPubKey as an object.
@SammyOina
fix: Update sample attestation quote to valid JSON
b5746c9 
The default attestation.bin was binary, but the KBS Sample Verifier expects a valid JSON quote containing 'svn' and 'report_data'.
Updated the embedded bin file to contain this JSON structure.
@SammyOina
fix: Generate dynamic JSON quote for Sample TEE in FetchRawEvidence
4dc84b9 
The KBS Sample Verifier expects a JSON object with 'svn' and 'report_data'.
Previously, we were returning raw binary data (reportData+nonce).
This commit updates FetchRawEvidence to return a marshaled JSON structure with:
- svn: "1"
- report_data: base64(req.ReportData)
@SammyOina
refactor: Delegate Sample Attestation to Provider
33d1097 
Refactored sample attestation logic:
- Moved JSON Quote generation into EmptyProvider (standalone mode).
- Updated FetchRawEvidence to call provider.TeeAttestation instead of manual generation.
This enables using the real CC Attestation Agent for UNSPECIFIED platform if configured.
@SammyOina
feat: Add comprehensive debug logging and enforce CC AA usage
9f386a6 
Changes:
- Updated EmptyProvider to return error instead of generating mock data
  This forces proper use of CC Attestation Agent's sample attester
- Added detailed logging to attestation-service FetchRawEvidence:
  * Hex dump of evidence (first 200 bytes)
  * String preview of evidence
  * Total evidence length
- Added detailed logging to agent service:
  * Raw evidence hex and string previews
  * KBS evidence JSON preview (first 500 bytes)
  * Evidence lengths at each transformation step

This logging will help diagnose why KBS Sample Verifier is rejecting evidence.
@SammyOina
fix: Enable CC AA by default and add attestation-service log forwarding
a7b0c82 
Changes:
- Set USE_CC_ATTESTATION_AGENT=true by default in systemd service
- Added StandardOutput/StandardError to forward logs to /var/log/cocos/
- Updated HAL makefile to handle new default value
- This ensures attestation-service uses CC AA's sample attester
- Logs will now be visible in CVMS output for debugging
@SammyOina
feat: Add gRPC log forwarding to attestation-service
25a1ebb 
Implemented the same log forwarding mechanism used by the agent:
- Added ProtoHandler to write logs to both stdout and logQueue
- Connected to log client (/run/cocos/log.sock) for gRPC forwarding
- Added goroutine to forward logs to CVMS via log client
- Logs will now appear in CVMS output during computation runs

This enables visibility into attestation-service debug output including:
- CC AA connection status
- Evidence generation details (hex dumps, string previews)
- Any errors from providers
@SammyOina
fix: Parse sample evidence JSON instead of base64-encoding it
c6b60d3 
The attestation-service returns sample evidence as JSON:
{"svn":"1","report_data":"base64..."}

The agent was incorrectly base64-encoding this JSON string again.
KBS Sample Verifier expects the parsed JSON object directly.

Fixed by:
- Parsing the JSON evidence from attestation-service
- Passing the parsed object directly in primary_evidence.evidence
- This matches what KBS Sample Verifier expects
@SammyOina
fix: Make CC AA required for sample attestation when configured
6506b61 
When USE_CC_ATTESTATION_AGENT=true, attestation-service now
requires AA to be available for NoCC/sample platform. This ensures
sample evidence always comes from AA with the correct KBS format.

Changes:
- Error out if AA connection fails for NoCC platform when AA is configured
- Only use EmptyProvider if AA is explicitly NOT configured
- Prevents incorrect sample evidence format from EmptyProvider

This ensures attestation-service delegates to AA for sample evidence
generation instead of creating it itself.
@SammyOina
fix: Implement proper RCAR protocol with tee-pubkey and runtime-data …
f96cce1 
…hash

Fixed KBS attestation error 'REPORT_DATA is different from that in Sample Quote'

Changes:
1. Generate ephemeral EC key pair BEFORE getting evidence from AA
2. Create runtime-data with nonce + tee-pubkey (JWK format)
3. Hash runtime-data (SHA-256) and use as report_data for AA
4. This binds the tee-pubkey to the TEE evidence per RCAR protocol

The report_data in the evidence now matches what KBS expects:
hash(runtime-data) instead of computation ID.

This completes the full RCAR protocol implementation:
- Request → Challenge → Attestation (with bound tee-pubkey) → Response
@SammyOina
fix(agent): use simple nonce for Sample attestation report_data
99a2a4b 
For Sample/NoCC attestation, use the raw nonce bytes directly as
report_data instead of hashing runtime-data. This avoids JSON
serialization mismatches with the KBS Sample verifier.

Real TEEs (TDX/SNP) still use runtime-data hash binding to
cryptographically bind the ephemeral tee-pubkey to the evidence.
@SammyOina
fix(agent): use RFC 8785 canonical JSON for runtime-data hashing
98203f0 
The KBS Sample attestation verifier (and likely others) expects the
report_data to be the SHA-256 hash of the *canonical* JSON serialization
(RFC 8785) of the runtime-data. Standard Go JSON marshaling does not
guarantee key ordering, leading to hash mismatches.

This change uses github.com/gowebpki/jcs to canonicalize the runtime-data
before hashing, ensuring compatibility with the KBS RCAR implementation.
Also reverted the temporary 'simple nonce' workaround.
@SammyOina
feat(hal): add CoCo Keyprovider and Skopeo packages
e79a2b9 
- Add coco-keyprovider buildroot package with systemd service
- Add skopeo buildroot package for OCI image handling
- Add ocicrypt_keyprovider.conf for encrypted image decryption
- Update Config.in to include new packages

This enables standard CoCo ecosystem integration for encrypted
OCI images instead of custom S3/HTTP registry clients.
@SammyOina
feat(oci): add OCI image handling package with Skopeo integration
4c2c9bd 
- Add pkg/oci/types.go with ResourceSource and ImageManifest types
- Add pkg/oci/skopeo.go with Skopeo wrapper for pull/decrypt
- Add pkg/oci/extract.go for extracting algorithms and datasets from layers

This package provides OCI image handling using Skopeo and CoCo
Keyprovider for encrypted image decryption, replacing custom
S3/HTTP registry clients.
@SammyOina
chore: regenerate protobuf files for updated cvms.proto
8a0545a
@SammyOina
refactor(agent): replace S3/HTTP/KBS with OCI package
6e725cd 
- Remove pkg/kbs and pkg/registry imports
- Add pkg/oci import for OCI image handling
- Replace downloadAndDecryptResource with OCI-based implementation
- Use Skopeo + CoCo Keyprovider for automatic decryption
- Reduce code from ~240 lines to ~70 lines

This eliminates custom KBS RCAR handshake, S3/HTTP registry clients,
and manual decryption logic. CoCo Keyprovider handles all decryption
automatically via ocicrypt protocol.
@SammyOina
chore: remove obsolete pkg/kbs and pkg/registry packages
adae3c3 
- Delete pkg/kbs/ (custom KBS client, ~300 lines)
- Delete pkg/registry/ (S3/HTTP registry clients, ~400 lines)
- Remove unused imports from agent/service.go
- Run go mod tidy to clean up dependencies

These packages have been replaced by pkg/oci with Skopeo and
CoCo Keyprovider for standard CoCo ecosystem integration.
@SammyOina
fix(agent): update ResourceSource struct to include type and encrypti…
8785bc0 
…on fields

Signed-off-by: Sammy Oina <sammyoina@gmail.com>
@SammyOina
fix(hal): update CoCo Keyprovider to v0.16.0 and fix build path
15aa927 
- Update version from v0.11.0 to v0.16.0 (matches attestation agent)
- Fix install path: target is at repo root, not in coco_keyprovider subdir
- This fixes the build error where coco_keyprovider binary wasn't found

The cargo workspace in guest-components builds to a shared target/
directory at the repository root, not within each crate's subdirectory.
@SammyOina
feat: Update remote resources testing guide to use kbs-client and coc…
e432e19 
…o-keyprovider for key management and encryption, enable insecure TLS for Skopeo, and enhance CVMS with

Signed-off-by: Sammy Oina <sammyoina@gmail.com>
@SammyOina
feat: Update component versions, revise image encryption documentatio…
754c001 
…n, and sanitize OCI image paths for Skopeo compatibility.

Signed-off-by: Sammy Oina <sammyoina@gmail.com>
@SammyOina
feat: Add decompress option to Dataset and algo_type/algo_args
543ccd7 
…to Algorithm protobuf messages, updating client, test, and build configurations.

Signed-off-by: Sammy Oina <sammyoina@gmail.com>
@SammyOina
Update multiple package versions and enhance OCI image extraction err…
c28503b 
…or reporting for missing algorithm files.

Signed-off-by: Sammy Oina <sammyoina@gmail.com>
@SammyOina
chore: Bump package versions, improve OCI image extraction debugging …
46433ee 
…by returning seen files, and remove unused dataset type parsing from test code.

Signed-off-by: Sammy Oina <sammyoina@gmail.com>
@SammyOina
refactor: Migrate OCI extraction to use structured logging with `slog…
52f1409 
…` and `context`, and update package versions.

Signed-off-by: Sammy Oina <sammyoina@gmail.com>
@SammyOina
feat: Bump multiple component versions, add encrypted status for comp…
db595b6 
…utation inputs and algorithms, and refine OCI layer extraction warnings.

Signed-off-by: Sammy Oina <sammyoina@gmail.com>
@SammyOina
logging
3cebd16 
Signed-off-by: Sammy Oina <sammyoina@gmail.com>
@SammyOina
feat: Add Encrypted field to algorithm and dataset resource sources…
9f02fd4 
… and update all component versions.

Signed-off-by: Sammy Oina <sammyoina@gmail.com>
@SammyOina
feat: update component versions, integrate coco-keyprovider service, …
6c36662 
…and configure ocicrypt key provider.

Signed-off-by: Sammy Oina <sammyoina@gmail.com>
@SammyOina
feat: add support for KBS parameters and dataset/algorithm hash calcu…
c3f5c03 
…lations in CVMS

Signed-off-by: Sammy Oina <sammyoina@gmail.com>
@SammyOina
feat: update resource download and extraction logic to support requir…
8161191 
…ements.txt and improve hash verification

Signed-off-by: Sammy Oina <sammyoina@gmail.com>
@SammyOina
chore: Update dependencies, improve code style, and add GetRawEvidenc…
3d7ea65 
…e to attestation client mocks.

Signed-off-by: Sammy Oina <sammyoina@gmail.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@jovan-djukic jovan-djukic jovan-djukic approved these changes

@smithjilks smithjilks Awaiting requested review from smithjilks

@WashingtonKK WashingtonKK Awaiting requested review from WashingtonKK

@danko-miladinovic danko-miladinovic Awaiting requested review from danko-miladinovic

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@SammyOina @jovan-djukic