remote attestation for openfl participants

Author: Ubuntu

openfl-docker/gramine_app/fx.manifest.template

@@ -71,4 +71,6 @@ sgx.allowed_files = [
   "file:{{ workspace_root }}/plan/cols.yaml",
   "file:{{ workspace_root }}/plan/data.yaml",
   "file:{{ workspace_root }}/plan/plan.yaml",
+  "file:{{ workspace_root }}/attestation",
+  "file:{{ workspace_root }}/attestation/*",
 ]

openfl-workspace/workspace/plan/defaults/network.yaml

@@ -7,4 +7,5 @@ settings:
     client_reconnect_interval  : 5
     require_client_auth        : True
     cert_folder                : cert
-    enable_atomic_connections  : False
+    enable_atomic_connections  : False
+    enable_remote_attestation  : False

openfl/interface/aggregator.py

@@ -34,6 +34,7 @@
 from openfl.utilities import click_types
 from openfl.utilities.path_check import is_directory_traversal
 from openfl.utilities.utils import getfqdn_env
+from openfl.utilities.attestation import attestation_utils as attestation_utils
 
 logger = getLogger(__name__)
 
@@ -90,6 +91,21 @@ def start_(plan, authorized_cols, task_group):
             parsed_plan.config["assigner"]["settings"] = {}
         parsed_plan.config["assigner"]["settings"]["selected_task_group"] = task_group
         logger.info(f"Setting aggregator to assign: {task_group} task_group")
+    
+    # Check if remote attestation is enabled in the plan configuration
+    if parsed_plan.config["network"]["settings"].get("enable_remote_attestation", False):
+        # Fetch remote attestation environment variables
+        env_vars = attestation_utils.fetch_attestation_env_vars()
+        if env_vars is not None:
+            attestation_mr = attestation_utils.AttestationManager("aggregator", env_vars["ATTESTATION_REPORT_PATH"], env_vars["ITA_API_KEY"], env_vars["AVS_URL"])
+            # Generate and store the attestation report
+            attestaion_report = attestation_mr.get_attestation_report()
+            logger.info("Remote attestation report fetched successfully.")
+        else:
+            logger.error("Failed to fetch remote attestation environment variables.")
+    else:
+        logger.info("Remote attestation is not enabled. Skipping attestation report generation.")
+
 
     logger.info("🧿 Starting the Aggregator Service.")
 

openfl/interface/collaborator.py

@@ -25,7 +25,7 @@
 from openfl.interface.cli_helper import CERT_DIR
 from openfl.utilities.path_check import is_directory_traversal
 from openfl.utilities.utils import rmtree
-
+from openfl.utilities.attestation import attestation_utils as attestation_utils
 logger = getLogger(__name__)
 
 
@@ -78,6 +78,21 @@ def start_(plan, collaborator_name, data_config):
 
     # TODO: Need to restructure data loader config file loader
 
+    # Check if remote attestation is enabled in the plan configuration
+    if plan.config["network"]["settings"].get("enable_remote_attestation", False):
+        # Fetch remote attestation environment variables
+        env_vars = attestation_utils.fetch_attestation_env_vars()
+        logger.info(f"Remote attestation environment variables fetched from env: {env_vars}")
+        if env_vars is not None:
+            attestation_mr = attestation_utils.AttestationManager(collaborator_name, env_vars["ATTESTATION_REPORT_PATH"], env_vars["ITA_API_KEY"], env_vars["AVS_URL"])
+            # Generate and store the attestation report
+            attestation_report = attestation_mr.get_attestation_report()
+            logger.info("Remote attestation report stored successfully.")
+        else:
+            logger.error("Remote attestation environment variables not set.")
+    else:
+        logger.info("Remote attestation is not enabled in the plan configuration.")
+
     echo(f"Data = {plan.cols_data_paths}")
     logger.info("🧿 Starting a Collaborator Service.")
 

openfl/utilities/attestation/__init__.py

@@ -0,0 +1,259 @@
+
+from base64 import b64encode
+import json
+import base64
+import os
+import http
+import requests
+import hashlib
+import logging
+
+from openfl.utilities.attestation.signer_utils import ECDSASigner
+
+
+logger = logging.getLogger(__name__)
+
+class AttestationManager:
+    """Class to manage attestation for enclaves.
+    This class handles the generation of SGX quotes, fetching MRENCLAVE values,
+    and obtaining attestation reports from AVS (Attestation Verification Service).
+    """
+    
+
+    def __init__(self, participant_name, attestation_report_path, ita_api_key, avs_url):
+        """Initializes the AttestationManager with the provided parameters.
+
+        Args:
+            participant_name (str): Name of the enclave.
+            attestation_report_path (str): Path to the store attestation reports.
+            ita_api_key (str): API key for ITA.
+            avs_url (str): URL for AVS.
+            enable_remote_attestation (bool): Flag to enable remote attestation.
+        """
+        self.participant_name = participant_name
+        self.attestation_report_path = attestation_report_path
+        self.ita_api_key = ita_api_key
+        self.avs_url = avs_url
+
+
+    def get_attestation_report(
+            self
+    ):
+        """Generates the attestation report for the enclave.
+        This function generates the SGX quote, fetches the MRENCLAVE value,
+        and obtains the attestation report from AVS.
+        It also generates an ECDSA-P 384 key pair and certificate for mTLS
+        with the collaborator enclave.
+        The generated report is saved in the specified attestation report path.
+        The function also checks if the required environment variables are set
+        and raises an exception if any of them are missing.
+        The function returns a dictionary containing the MRENCLAVE value,
+        participant name, and the AVS report token.
+        The function raises a FileNotFoundError if the attestation report path
+        does not exist, and a ValueError if the ITA API key or AVS URL is not set.
+        Args:
+            None
+        Raises:
+            FileNotFoundError: If the attestation report path does not exist.
+            ValueError: If the ITA API key or AVS URL is not set.
+        Returns:
+            dict: A dictionary containing the MRENCLAVE value, participant name,
+                  and AVS report token.
+        """
+
+        if not os.path.exists(self.attestation_report_path):
+            raise FileNotFoundError(f"attestation report path {self.attestation_report_path} does not exist")
+        
+        if self.ita_api_key is None:
+            raise ValueError("ITA API key is required for remote attestation") 
+        if self.avs_url is None:
+            raise ValueError("AVS URL is required for remote attestation")
+        
+        mrenclave = self.fetch_mrenclave_from_quote(None)
+        logger.info(f"Enclave MRENCLAVE: {mrenclave}")
+
+        # Generate ECDSA-P 384 key pair and certificate
+        # This is the enclave specific ECDSA-P 384 keypair for setting up mTLS
+        # with collaborator enclave
+        priv_key_path = os.path.join(self.attestation_report_path, f"{self.participant_name}_privkey.pem")
+        ecdsa_p_384_signer = ECDSASigner.get_instance()
+        cert = ecdsa_p_384_signer.cert("localhost",mrenclave).encode('utf-8')
+        key = ecdsa_p_384_signer.serialize_private_key()
+        pub_key = ecdsa_p_384_signer.get_pubkey()
+        pubkey_path = os.path.join(self.attestation_report_path, f"{self.participant_name}_pubkey.pem")
+        with open(pubkey_path, "wb") as fh:
+            fh.write(pub_key.encode('utf-8'))
+        avs_report = self.get_avs_report_ita(
+            self.participant_name,
+            self.attestation_report_path,
+            cert,
+            self.avs_url,
+            self.ita_api_key
+        )
+        logger.info(f"AVS report: {avs_report}")
+        return {'mrenclave': mrenclave,
+                'name': self.participant_name,
+                'token': avs_report["token"]}
+        
+
+    def gen_sgx_quote(
+                self,
+                user_data_bytes=None,
+                quote_dump_path='/tmp/quote.json',
+                orig_data=None,
+                challenge="0000000000000"):
+        """Generates the SGX quote and saves it to the specified path.
+        Args:
+            user_data_bytes (bytes): User data to be included in the quote.
+            quote_dump_path (str): Path to save the generated quote.
+            orig_data (bytes): Original data to be included in the quote.
+            challenge (str): Challenge string to be included in the quote.
+        Returns:
+            dict: A dictionary containing the generated quote.
+        Raises:
+            ValueError: If the user data is not a bytes object or exceeds 64 bytes.
+        """
+
+        # Set user data
+        if user_data_bytes is not None:
+            # Check that user data is a bytes like object
+            if isinstance(user_data_bytes, bytes) is not True:
+                raise ValueError("User data must be a bytes object")
+
+            # Check that user data is at most 64 bytes
+            if len(list(user_data_bytes)) > 64:
+                raise ValueError("User data can be at most 64 bytes")
+
+            # Set user report data
+            with open("/dev/attestation/user_report_data", 'wb') as fh:
+                fh.write(user_data_bytes)
+
+        # Generate attestation quote
+        quote = None
+        with open("/dev/attestation/quote", 'rb') as fh:
+            quote = fh.read(8192)
+
+        # Create quote as expected by AVS for verification
+        # a. base64 encode the quote
+        # b. Set 'userData' to empty, we do not want AVS to verify user data
+        quote_avs = {}
+        quote_avs["quote"] = base64.b64encode(quote).decode('utf-8')
+
+        if orig_data is not None:
+            quote_avs['runtime_data'] = base64.b64encode(orig_data).decode('utf-8')
+        else:
+            quote_avs['runtime_data'] = ''
+
+        # Save the quote in the specified location
+        with open(quote_dump_path, 'w') as fh:
+            json.dump(quote_avs, fh)
+
+        return quote_avs
+
+    def fetch_mrenclave_from_quote(self,quote):
+        """Fetches the MRENCLAVE value from the SGX quote.
+
+        Args:
+            quote (str): The SGX quote in JSON format.
+
+        Returns:
+            str: The MRENCLAVE value extracted from the quote.
+        """
+
+        if quote is None:
+            # Generate attestation quote
+            with open("/dev/attestation/quote", 'rb') as fh:
+                quote = fh.read(8192)
+
+        # Create quote as expected by AVS for verification
+        # a. base64 encode the quote
+        # b. Set 'userData' to empty, we do not want AVS to verify user data
+        quote_avs = {}
+        quote_avs["quote"] = base64.b64encode(quote).decode('utf-8')
+
+        # Decode the base64 encoded quote
+        decoded_quote = base64.b64decode(quote_avs['quote'])
+        
+        # Extract the MRENCLAVE value from the decoded quote
+        mrenclave_hex = decoded_quote[112:144].hex()
+        logger.info(f"Extracted MRENCLAVE: {mrenclave_hex}")
+        
+        return mrenclave_hex
+
+
+
+    def get_avs_report_ita(self,name, attestation_report_path,cert, avs_url, ita_api_key):
+        """Fetches the attestation report from AVS using the ITA API key.
+        This function generates the SGX quote, sends it to AVS for attestation,
+        and saves the attestation report in the specified path.
+        Args:
+            name (str): Name of the enclave.
+            attestation_report_path (str): Path to save the attestation report.
+            cert (bytes): Certificate for mTLS with the collaborator enclave.
+            avs_url (str): URL for AVS.
+            ita_api_key (str): API key for ITA.
+        Returns:
+            dict: A dictionary containing the attestation report from AVS.
+        Raises:
+            Exception: If the connection to AVS fails or if the response is not OK.
+        """
+        # Set the paths for getting the enclave quote and ITA AVS response
+        quote_dir = os.path.normpath("/tmp")
+        quote_path = os.path.join(quote_dir, f"{name}_quote.json")
+        avs_report_path = os.path.join(attestation_report_path, f"{name}_avs_report.json")
+
+        # AVS doesn't work with SHA384, so, moving to SHA256 in the meantime
+        cert_sha256_digest = hashlib.sha256(cert).digest()
+        self.gen_sgx_quote(cert_sha256_digest, quote_path, cert)
+
+        # ITA attestation
+        avs_attest_endpoint = f"{avs_url}/appraisal/v1/attest"
+        headers = {
+            "Accept": "application/json",
+            "Content-Type": "application/json",
+            "x-api-key": ita_api_key
+        }
+
+        # Read the quote and send it to AVS for getting the report
+        with open(quote_path) as fh:
+            quote_avs = fh.read()
+
+        # AVS has a self-signed certificate, so, disabling verification
+        res = requests.post(
+                        avs_attest_endpoint,
+                        headers=headers,
+                        data=quote_avs)
+        if res.status_code != http.HTTPStatus.OK:
+            raise Exception(
+                f"Failed to connect with {avs_url}, err: {res.status_code}")
+
+        avs_report = res.content
+        with open(avs_report_path, "wb") as fh:
+            fh.write(avs_report)
+
+        # Register enclave with governor
+        avs_report = avs_report.decode('utf-8')
+        avs_report = json.loads(avs_report)
+
+        return avs_report
+
+
+def fetch_attestation_env_vars():
+    """Fetches attestation environment variables from the system.
+    This function retrieves the ITA API key, AVS URL, and attestation report path
+    from the environment variables. If the attestation report path is not set,
+    it defaults to None.
+    Args:
+        None
+    Raises:
+        None
+
+    Returns:
+        dict: A dictionary containing the attestation environment variables.
+    """
+    env_vars = {
+        "ITA_API_KEY": os.getenv("ITA_API_KEY"),
+        "AVS_URL": os.getenv("AVS_URL"),
+        "ATTESTATION_REPORT_PATH": os.getenv("ATTESTATION_REPORT_PATH", None)
+    }
+    return env_vars