From 98e32113e7fb191c432205643b35a96f986a8961 Mon Sep 17 00:00:00 2001 From: Alex van Poppelen Date: Wed, 8 Jan 2025 07:22:42 -0800 Subject: [PATCH] Update the MBM attestation workflow documentation. --- certz/README.md | 22 +++++++++++++--------- 1 file changed, 13 insertions(+), 9 deletions(-) diff --git a/certz/README.md b/certz/README.md index d724770..6fa874e 100644 --- a/certz/README.md +++ b/certz/README.md @@ -199,15 +199,19 @@ Call `Certz.GetIntegrityManifest`. The `Certz.GetIntegrityManifestResponse`'s PCRs to be included and all allowable digest values. Send a `Certz.GenerateCSRRequest` to the `Certz.Rotate` endpoint, containing a -`Certz.ReferenceIntegritySpec`. Using the returned `Certz.GenerateCSRResponse`, -do the following. Verify the EK certificate chain, and verify the -AK by nonce and certification by EK. Validate PCR digest as signed by the -validated AK. Verify the digest matches with one of the allowed ones. Lastly, -validate the CSR by its AK signature, and then process and extract the public -key. - -Get a new certificate issued by a trusted CA using the public key. Then -`Certz.Rotate` as normal. +`Certz.ReferenceIntegritySpec`. Using the returned `Certz.GenerateCSRResponse` +and the `MBMData` within, do the following: + +* Verify the `ek_leaf_cert` using the `ek_cert_chain` and your trust anchor. +* Validate the `ak_signature` over the `ak_attestation` struct which was + certified by the EK, and validate its contents. This verifies the AK. +* Validate the `signature` over `quoted` by the AK. Then validate that the PCRs + match one of the allowed ones. +* Validate the `csr_signature` over the `certificate_signing_request` by the AK. + This verifies the CSR. + +Get a new certificate issued by a trusted CA using the CSR. Then `Certz.Rotate` +as normal. ### Open Questions/Considerations