Releases: google/go-sev-guest
v0.9.0 [Broken, use v0.9.1]
This release adds a new option for validation, CertTableOptions, that is more open-ended to add extra validation for specified GUID strings. With this change, we deprecate the CertificateChain message's firmware_cert in favor of a general "extras" map.
The extras map contains any "unknown" GUID entries (i.e., unspecified by the GHCB specification) in the certificate table returned by GetExtendedReport. The ASVK remains a special circumstance that AMD's kernel department needs to clarify with AMD's KDS department.
In order for this library to continue to be general purpose, the gce.go constant definition is removed in favor of separating that logic into a different repository that can provide a validation function and GUID constant to pass in as validation options when the user knows to expect GCE-specific certificates.
What's Changed
- Use len(...) == 0 instead of == nil by @deeglaze in #78
- Add CertTableOptions for "extra" certs by @deeglaze in #81
Full Changelog: v0.8.0...v0.9.0
Contributors
Assets 4
v0.8.0 [Broken, use v0.9.1]
Biggest change is VLEK support in the verifier and validator.
What's Changed
- client: fix Windows builds by @msanft in #74
- Make test KDS tri-value, deprecate --test_use_kds. by @deeglaze in #75
- Update dependencies and CI's protobuf version by @deeglaze in #76
- Add support for validating VLEK certificates by @deeglaze in #67
Full Changelog: v0.7.1...v0.8.0
Contributors
Assets 4
v0.7.1
Minor bug fix update to amend which TCB version is used from an attestation report to fill from KDS.
What's Changed
- Allow PEM format certificates by @deeglaze in #66
- Improve product handling in attestations by @deeglaze in #65
- fix link to AMD docs by @datosh in #68
- Make error when getting certificates more transparent for user by @datosh in #70
- fix: Use reported TCB when fetching VCEK by @msanft in #73
- Fix
TrustedKeyKeystypo by @msanft in #71
New Contributors
Full Changelog: v0.6.2...v0.7.1
Contributors
Assets 4
v0.7.0
This release has 1 major semantic change and a few minor bug fixes.
Major change:
- PR#59: TCB versions are interpreted with the viewpoint of a fleet of machines rather than a more tightly constrained ordering relationship of TCB versions within a single node.
Substantive changes:
- PR#56: GitHub releases should now have prebuilt binaries of the CLI tools attached for easier adoption.
- PR#50: Adds INSTALL.md instructions for expectations about the sev-guest device
Minor changes:
- PR#63: Fixes the 32-bit build. Required for the 32-bit build of go-tpm-tools.
- PR#61: Corrects an error condition matcher that tests use, and fixes the impacted tests.
- PR#60: Typo fix.
- PR#58: Fixes an ASN1 string encoding in test-only fake certificate generation from PrintableString to IA5String.
- PR#57: Removes a workaround for clock skew on AMD KDS's NotBefore timestamp since they now back-date certificates by 24 hours.
- PR#54: Updates the AMD SEV certificate link to correspond to AMD's website reorganization.
- PR#47: A minor change to permit VLEK certificates in report data, but not yet fully support them.
- PR#46: Fixes linter errors about unused receiver variables.
v0.6.2
Changelog
- 40a285c Account for unexpected errors better in Match
- 74ccb7f Add a GoReleaser release action
- acd7c82 Add an INSTALL.md document
- 52039f7 Fix 'priviledged' typo
- d6cd532 Fix 32-bit builds
- efdb2cf Fix ASN1 type discrepancy in fake certificates
- d179b8f Fix Issue#51 with new TCB validation
- 27d7d52 Fix broken link in README
- df775bc Lint cleanup for _ receivers
- bfc5fd1 Merge pull request #46 from deeglaze/lint
- e422105 Merge pull request #47 from derpsteb/fix/flags_bitmask
- a3e7158 Merge pull request #50 from deeglaze/install
- 708b4eb Merge pull request #54 from deeglaze/sevcert
- e3c8cd5 Merge pull request #56 from deeglaze/releasebin
- 5b44841 Merge pull request #57 from deeglaze/skewbgone
- 8b363ef Merge pull request #58 from deeglaze/fixia5
- 14e1b8e Merge pull request #59 from deeglaze/tcbcomp
- d2f2129 Merge pull request #60 from deeglaze/privtypo
- 8271b48 Merge pull request #61 from deeglaze/errs
- 14ac50e Merge pull request #63 from deeglaze/bit32
- 4a4701c Remove KDS clock skew workaround
- 77cc6c1 Update attestation_report 'flags' bitmask
v0.6.1
v0.6.0
v0.6
Added certificate verification and attestation robustness features.
New recommendation for verify.SnpAttestation: Use verify.DefaultOptions() instead of &verify.Options{}.
This is a minor breaking release for some exported functions' signatures, but to increase uniformity. Where some fields were passed, now the entire options object is passed.
Functions affected:
- verify.GetAttestationFromReport
- verify.GetCrlAndCheckRoot
- verify.VcekNotRevoked
- trust.AMDRootCerts.X509Options
The API changes are permanent, but the robustness features are temporary. Most users should not be affected since recommended usage is to just use verify.SnpAttestation.
While distributions update their kernels to 6.4 or later, there's a chance 47894e0fa6a5 is included and 72f7754dcf31 isn't, such that a host may throttle GET_REPORT and the sev-guest driver will delete the VMPCK0 instead of allow the command to try again.
The KDS clock skew option is a stop-gap to avoid getting "certificates from the future" that fail to verify while AMD updates its KDS semantics to back-date its certificates by a day.
v0.5.2
Includes fixes to the testclient to account for the change to ProductCerts representation in the AMDRootCerts struct. Changes VCEK certificate checking to a full chain verification. The "bad root" test construction needed to be fixed to accommodate the way x509.Verify works.
v0.5.1 DO NOT USE
This bug release fixes a defect in the testclient in v0.5.0. The change to AMDRootCerts to use ProductCerts did not get carried into the testclient implementation.
EDIT: Also includes a defect with testclient's badroot accidentally verifying.