Attestation#
Utilities to perform end-to-end attestation of all NVIDIA devices connected to a system.
nvat_attest_system() is the main function used for this.
See nvat_attestation_ctx_st for available options.
Macros#
Functions#
- nvat_rc_t nvat_attest_system(const nvat_attestation_ctx_t ctx, const nvat_nonce_t nonce, nvat_str_t *out_detached_eat, nvat_claims_collection_t *out_claims)
Run end-to-end attestation on the current system using settings in the nvat_attestation_ctx_t .
- nvat_rc_t nvat_attestation_ctx_create(nvat_attestation_ctx_t *ctx, nvat_devices_t enabled_devices)
Create a new attestation context with default settings for all enabled devices.
- void nvat_attestation_ctx_free(nvat_attestation_ctx_t *attestation_ctx)
- nvat_rc_t nvat_attestation_ctx_set_default_nras_url(nvat_attestation_ctx_t ctx, const char *nras_url)
Set the default NRAS url to use when using NVIDIA Remote Attestation Service as the remote verifier.
- nvat_rc_t nvat_attestation_ctx_set_default_ocsp_client(nvat_attestation_ctx_t ctx, nvat_ocsp_client_t ocsp_client)
Change the default OCSP client to use when initializing local verifiers.
- nvat_rc_t nvat_attestation_ctx_set_default_ocsp_url(nvat_attestation_ctx_t ctx, const char *ocsp_url)
Change the default OCSP url to use when initializing local verifiers.
- nvat_rc_t nvat_attestation_ctx_set_default_rim_store(nvat_attestation_ctx_t ctx, nvat_rim_store_t rim_store)
Change the default RIM store to use when initializing local verifiers.
- nvat_rc_t nvat_attestation_ctx_set_default_rim_store_url(nvat_attestation_ctx_t ctx, const char *rim_store_url)
Change the default RIM url to use when initializing local verifiers.
- nvat_rc_t nvat_attestation_ctx_set_evidence_policy(nvat_attestation_ctx_t ctx, nvat_evidence_policy_t *evidence_policy)
Set the effective evidence policy for this context.
- nvat_rc_t nvat_attestation_ctx_set_gpu_evidence_source_json_file(nvat_attestation_ctx_t ctx, const char *file_path)
Set the GPU evidence source to use a JSON file.
- nvat_rc_t nvat_attestation_ctx_set_relying_party_policy(nvat_attestation_ctx_t ctx, nvat_relying_party_policy_t rp_policy)
Set the effective relying party policy for this context.
- nvat_rc_t nvat_attestation_ctx_set_switch_evidence_source_json_file(nvat_attestation_ctx_t ctx, const char *file_path)
Set the switch evidence source to use a JSON file.
- nvat_rc_t nvat_attestation_ctx_set_verifier_type(nvat_attestation_ctx_t ctx, nvat_verifier_type_t verifier_type)
Sets the verifier type for all enabled devices in this context.
Typedefs#
- nvat_attestation_ctx_t
Context required to perform system attestation.
- nvat_verifier_type_t
Integer indicating a verifier backend to use.
Functions#
- nvat_rc_t nvat_attest_system(
- const nvat_attestation_ctx_t ctx,
- const nvat_nonce_t nonce,
- nvat_str_t *out_detached_eat,
- nvat_claims_collection_t *out_claims,
Run end-to-end attestation on the current system using settings in the nvat_attestation_ctx_t.
This operation will:
collect evidence from each configured device type (GPU, switch, etc) using the configured evidence collectors
evaluate every piece of evidence collected using the configured verifiers and produce attestation results in the form of claims
evalute the final set of attestation results using the configured relying party policy
On success, the pointer
out_claimsis updated to point to a claims collection allocated on the heap.The attestation process can be configured by environment variables:
If using a remote rim store, the URL can be set using
NVAT_RIM_STORE_BASE_URLIf using remote OCSP, the URL can be set usingNVAT_OCSP_BASE_URLIf using remote verifier, the URL can be set usingNVAT_NRAS_BASE_URLSee for more info about configuring the attestation process: Configuring attestation. See here for claims schema: Claims schema
- Parameters:
ctx – - The attestation context to use.
nonce – - The nonce to use for the attestation. If NULL, a nonce will be generated.
out_detached_eat – - Pointer to store the detached EAT, which is a NULL terminated JSON string. If NULL, the detached EAT will be discarded.
out_claims – - Pointer to store the claims collection, which is a NULL terminated JSON string. If NULL, the claims collection will be discarded.
- Returns:
NVAT_RC_OK if the system is trustworthy according to the RP policy (if RP policy is not set, this indicates that the
x-nvidia-overall-resultclaim in the detached EAT is true)NVAT_RC_OVERALL_RESULT_FALSE if the
x-nvidia-overall-resultclaim is false in the detached EAT (only if RP policy is not set)NVAT_RC_RP_POLICY_MISMATCH if the RP policy rejected the attestation results. (only if RP policy is set)
NVAT_RC_INTERNAL_ERROR if an internal error occurs.
Other internal errors depending on the implementations supplied to the nvat_attestation_ctx_t.
- nvat_rc_t nvat_attestation_ctx_create(
- nvat_attestation_ctx_t *ctx,
- nvat_devices_t enabled_devices,
Create a new attestation context with default settings for all enabled devices.
Defaults to local evidence collection and verification.
- void nvat_attestation_ctx_free(
- nvat_attestation_ctx_t *attestation_ctx,
- nvat_rc_t nvat_attestation_ctx_set_default_nras_url(
- nvat_attestation_ctx_t ctx,
- const char *nras_url,
Set the default NRAS url to use when using NVIDIA Remote Attestation Service as the remote verifier.
Note that this setting does not change the NRAS url of any verifiers previously set in the context.
- nvat_rc_t nvat_attestation_ctx_set_default_ocsp_client(
- nvat_attestation_ctx_t ctx,
- nvat_ocsp_client_t ocsp_client,
Change the default OCSP client to use when initializing local verifiers.
Note that this setting does not change the OCSP client of any verifiers previously set in the context.
- nvat_rc_t nvat_attestation_ctx_set_default_ocsp_url(
- nvat_attestation_ctx_t ctx,
- const char *ocsp_url,
Change the default OCSP url to use when initializing local verifiers.
Note that this setting does not change the OCSP client of any verifiers previously set in the context.
- nvat_rc_t nvat_attestation_ctx_set_default_rim_store(
- nvat_attestation_ctx_t ctx,
- nvat_rim_store_t rim_store,
Change the default RIM store to use when initializing local verifiers.
Note that this setting does not change the RIM store of any verifiers previously set in the context.
- nvat_rc_t nvat_attestation_ctx_set_default_rim_store_url(
- nvat_attestation_ctx_t ctx,
- const char *rim_store_url,
Change the default RIM url to use when initializing local verifiers.
Note that this setting does not change the RIM store of any verifiers previously set in the context.
- nvat_rc_t nvat_attestation_ctx_set_evidence_policy(
- nvat_attestation_ctx_t ctx,
- nvat_evidence_policy_t *evidence_policy,
Set the effective evidence policy for this context.
Ownership: On success, ownership of the evidence policy is transferred to the attestation context.
- Parameters:
evidence_policy – if NULL, the existing policy is cleared and a default policy will be set.
- nvat_rc_t nvat_attestation_ctx_set_gpu_evidence_source_json_file(
- nvat_attestation_ctx_t ctx,
- const char *file_path,
Set the GPU evidence source to use a JSON file.
See nvat_gpu_evidence_source_from_json_file() for the expected format of the JSON file.
- nvat_rc_t nvat_attestation_ctx_set_relying_party_policy(
- nvat_attestation_ctx_t ctx,
- nvat_relying_party_policy_t rp_policy,
Set the effective relying party policy for this context.
- Parameters:
rp_policy – if NULL, the existing policy is cleared and a default policy will be set.
- nvat_rc_t nvat_attestation_ctx_set_switch_evidence_source_json_file(
- nvat_attestation_ctx_t ctx,
- const char *file_path,
Set the switch evidence source to use a JSON file.
See nvat_switch_evidence_source_from_json_file() for the expected format of the JSON file.
- nvat_rc_t nvat_attestation_ctx_set_verifier_type(
- nvat_attestation_ctx_t ctx,
- nvat_verifier_type_t verifier_type,
Sets the verifier type for all enabled devices in this context.
Typedefs#
-
typedef struct nvat_attestation_ctx_st *nvat_attestation_ctx_t#
Context required to perform system attestation.
Settings included in the context:
evidence source for each device type (Default: NVML for GPU, NSCQ for NVSwitch)
verifiers for each device type (Default: Local)
evidence policy
relying party policy
functions beginning with nvat_attestation_ctx_* are used to set these options
-
typedef uint8_t nvat_verifier_type_t#
Integer indicating a verifier backend to use.
Valid values include:
NVAT_VERIFY_LOCAL
NVAT_VERIFY_REMOTE