Switch things around for PCK cert chain verification happenning as pa…

…rt of quote verification

crates/threshold-signature-server/Cargo.toml

@@ -58,36 +58,40 @@ uuid                    ={ version="1.11.0", features=["v4"] }
 
 # Misc
 tokio-tungstenite="0.24.0"
-bincode          ="1.3.3"
-bip32            ={ version="0.5.2" }
-bip39            ={ version="2.1.0", features=["zeroize"] }
-bytes            ={ version="1.9", default-features=false, features=["serde"] }
-base64           ="0.22.1"
-clap             ={ version="4.5.23", features=["derive"] }
-num              ="0.4.3"
-snow             ="0.9.6"
-sha3             ="0.10.8"
-hostname         ="0.4"
-sha1             ="0.10.6"
-sha2             ="0.10.8"
-hkdf             ="0.12.4"
-project-root     ={ version="0.2.2", optional=true }
-tdx-quote        ={ version="0.0.1", optional=true, features=["mock"] }
-configfs-tsm     ={ version="0.0.1", optional=true }
+bincode="1.3.3"
+bip32={ version="0.5.2" }
+bip39={ version="2.1.0", features=["zeroize"] }
+bytes={ version="1.9", default-features=false, features=["serde"] }
+base64="0.22.1"
+clap={ version="4.5.23", features=["derive"] }
+num="0.4.3"
+snow="0.9.6"
+sha3="0.10.8"
+hostname="0.4"
+sha1="0.10.6"
+sha2="0.10.8"
+hkdf="0.12.4"
+project-root={ version="0.2.2", optional=true }
+tdx-quote={ git="https://github.com/entropyxyz/tdx-quote.git", branch="peg/cert-chain-parse", optional=true, features=[
+  "mock",
+] }
+configfs-tsm={ version="0.0.1", optional=true }
 
 [dev-dependencies]
-serial_test ="3.2.0"
-hex-literal ="0.4.1"
+serial_test="3.2.0"
+hex-literal="0.4.1"
 project-root="0.2.2"
-sp-keyring  ="34.0.0"
+sp-keyring="34.0.0"
 more-asserts="0.3.1"
-lazy_static ="1.5.0"
-blake3      ="1.5.5"
-ethers-core ="2.0.14"
-schnorrkel  ={ version="0.11.4", default-features=false, features=["std"] }
-schemars    ={ version="0.8.21" }
+lazy_static="1.5.0"
+blake3="1.5.5"
+ethers-core="2.0.14"
+schnorrkel={ version="0.11.4", default-features=false, features=["std"] }
+schemars={ version="0.8.21" }
 subxt-signer="0.35.3"
-tdx-quote   ={ version="0.0.1", features=["mock"] }
+tdx-quote={ git="https://github.com/entropyxyz/tdx-quote.git", branch="peg/cert-chain-parse", features=[
+  "mock",
+] }
 
 # Note: We don't specify versions here because otherwise we run into a cyclical dependency between
 # `entropy-tss` and `entropy-testing-utils` when we try and publish the `entropy-tss` crate.

crates/threshold-signature-server/src/attestation/api.rs

@@ -136,7 +136,10 @@ pub async fn create_quote(
     let mut pck_seeder = StdRng::from_seed(signer.signer().public().0);
     let pck = tdx_quote::SigningKey::random(&mut pck_seeder);
 
-    let quote = tdx_quote::Quote::mock(signing_key.clone(), pck, input_data.0).as_bytes().to_vec();
+    let pck_encoded = tdx_quote::encode_verifying_key(pck.verifying_key()).to_vec();
+    let quote = tdx_quote::Quote::mock(signing_key.clone(), pck, input_data.0, pck_encoded)
+        .as_bytes()
+        .to_vec();
     Ok(quote)
 }
 

node/cli/Cargo.toml

@@ -119,3 +119,6 @@ runtime-benchmarks=[
 # Enable features that allow the runtime to be tried and debugged. Name might be subject to change
 # in the near future.
 try-runtime=["entropy-runtime/try-runtime", "try-runtime-cli/try-runtime"]
+# Enables real PCK certificate chain verification - which means TSS nodes much be runnning on TDX
+# hardware
+production=["entropy-runtime/production"]

pallets/attestation/Cargo.toml

@@ -28,22 +28,21 @@ entropy-shared={ version="0.3.0", path="../../crates/shared", features=[
   "wasm-no-std",
 ], default-features=false }
 pallet-staking-extension={ version="0.3.0", path="../staking", default-features=false }
-tdx-quote={ git="https://github.com/entropyxyz/tdx-quote.git", branch="peg/cert-chain-getter" }
-x509-verify       ={ version="0.4.6", features=["x509"] }
-spki              ="0.7.3"
-p256              ={ version="0.13.2", default-features=false, features=["ecdsa"] }
+tdx-quote={ git="https://github.com/entropyxyz/tdx-quote.git", branch="peg/cert-chain-parse" }
 
 [dev-dependencies]
-pallet-session                 ={ version="29.0.0", default-features=false }
-pallet-staking                 ={ version="29.0.0", default-features=false }
-pallet-balances                ={ version="29.0.0", default-features=false }
-pallet-bags-list               ={ version="28.0.0", default-features=false }
-pallet-timestamp               ={ version="28.0.0", default-features=false }
-sp-npos-elections              ={ version="27.0.0", default-features=false }
+pallet-session={ version="29.0.0", default-features=false }
+pallet-staking={ version="29.0.0", default-features=false }
+pallet-balances={ version="29.0.0", default-features=false }
+pallet-bags-list={ version="28.0.0", default-features=false }
+pallet-timestamp={ version="28.0.0", default-features=false }
+sp-npos-elections={ version="27.0.0", default-features=false }
 frame-election-provider-support={ version="29.0.0", default-features=false }
-pallet-staking-reward-curve    ={ version="11.0.0" }
-tdx-quote={ git="https://github.com/entropyxyz/tdx-quote.git", branch="peg/cert-chain-getter", features=["mock"] }
-rand_core                      ="0.6.4"
+pallet-staking-reward-curve={ version="11.0.0" }
+tdx-quote={ git="https://github.com/entropyxyz/tdx-quote.git", branch="peg/cert-chain-parse", features=[
+  "mock",
+] }
+rand_core="0.6.4"
 
 [features]
 default=['std']
@@ -61,3 +60,5 @@ std=[
   "rand_chacha/std",
 ]
 try-runtime=['frame-support/try-runtime']
+# When enabled, use real PCK certificate chain verification
+production=[]

pallets/attestation/src/lib.rs

@@ -39,8 +39,6 @@ pub mod benchmarking;
 
 pub mod weights;
 
-mod pck;
-
 #[cfg(test)]
 mod mock;
 
@@ -56,12 +54,11 @@ pub mod pallet {
     use sp_runtime::traits::TrailingZeroInput;
     use sp_std::vec::Vec;
 
-    use pck::PckCertChainVerifier;
     use rand_chacha::{
         rand_core::{RngCore, SeedableRng},
         ChaCha20Rng, ChaChaRng,
     };
-    use tdx_quote::{decode_verifying_key, Quote};
+    use tdx_quote::{encode_verifying_key, Quote, VerifyingKey};
 
     pub use crate::weights::WeightInfo;
 
@@ -80,8 +77,6 @@ pub mod pallet {
         type WeightInfo: WeightInfo;
         /// Something that provides randomness in the runtime.
         type Randomness: Randomness<Self::Hash, BlockNumberFor<Self>>;
-        /// A type that verifies a provisioning certification key (PCK) certificate chain.
-        type PckCertChainVerifier: PckCertChainVerifier;
     }
 
     #[pallet::genesis_config]
@@ -144,6 +139,8 @@ pub mod pallet {
         PckVerification,
         /// There's an existing attestation request for this account ID.
         OutstandingAttestationRequest,
+        /// PCK certificate chain cannot be extracted from quote
+        NoPckCertChain,
     }
 
     #[pallet::call]
@@ -234,36 +231,36 @@ pub mod pallet {
             let accepted_mrtd_values = pallet_parameters::Pallet::<T>::accepted_mrtd_values();
             ensure!(accepted_mrtd_values.contains(&mrtd_value), Error::<T>::BadMrtdValue);
 
-            let pck_certificate_chain = quote.pck_cert_chain().ok_or(Error::<T>::NoPckCertChain)?;
-            let provisioning_certification_key =
-                T::PckCertChainVerifier::verify_pck_certificate_chain(pck_certificate_chain)
-                    .map_err(|error| {
-                        let e: Error<T> = error.into();
-                        e
-                    })?;
-
-            // Check that the attestation public key is signed with the PCK
-            let provisioning_certification_key = decode_verifying_key(
-                &provisioning_certification_key
-                    .to_vec()
-                    .try_into()
-                    .map_err(|_| Error::<T>::CannotDecodeVerifyingKey)?,
-            )
-            .map_err(|_| Error::<T>::CannotDecodeVerifyingKey)?;
-
-            quote
-                .verify_with_pck(provisioning_certification_key)
-                .map_err(|_| Error::<T>::PckVerification)?;
+            let pck = verify_pck_certificate_chain::<T>(&quote).unwrap();
 
             PendingAttestations::<T>::remove(attestee);
 
             // TODO #982 If anything fails, don't just return an error - do something mean
 
-            Ok(())
+            Ok(BoundedVec::try_from(encode_verifying_key(&pck).unwrap().to_vec()).unwrap())
         }
 
         fn request_quote(who: &T::AccountId, nonce: [u8; 32]) {
             PendingAttestations::<T>::insert(who, nonce)
         }
     }
+
+    #[cfg(feature = "production")]
+    fn verify_pck_certificate_chain<T: Config>(
+        quote: &Quote,
+    ) -> Result<VerifyingKey, DispatchError> {
+        Ok(quote.verify().map_err(|_| Error::<T>::PckVerification)?)
+    }
+
+    #[cfg(not(feature = "production"))]
+    fn verify_pck_certificate_chain<T: Config>(
+        quote: &Quote,
+    ) -> Result<VerifyingKey, DispatchError> {
+        let provisioning_certification_key =
+            quote.pck_cert_chain().map_err(|_| Error::<T>::NoPckCertChain)?;
+        let provisioning_certification_key =
+            tdx_quote::decode_verifying_key(&provisioning_certification_key.try_into().unwrap())
+                .unwrap();
+        Ok(provisioning_certification_key)
+    }
 }

pallets/attestation/src/mock.rs

@@ -315,7 +315,6 @@ impl pallet_staking_extension::Config for Test {
     type AttestationHandler = ();
     type Currency = Balances;
     type MaxEndpointLength = MaxEndpointLength;
-    type PckCertChainVerifier = pallet_staking_extension::pck::MockPckCertChainVerifier;
     type Randomness = TestPastRandomness;
     type RuntimeEvent = RuntimeEvent;
     type WeightInfo = ();