cdh: add sealed secret signing

Add mechanism to serialize and deserialize secrets with signatures.

When deserializing, use the KID in the JWS header to find the signing
key. The signing key will either be retrieved from the KBS (if it is a
resource URI) or it will be treated as a local credential. The second
approach is used for testing (although sadly the tests do require sudo
or some fiddling).

The key should be an EC PS256 JWK. There are hooks to support more key
types in the future.

When serializing, a signature will be created. The JWK and KID must be
provided. Note that the JWK has a KID field of its own, but we don't
care about this. The KID in the JWS is what matters.

Also update the secret_cli. Note that the CLI will no longer let you
create a secret without a signature.

Signed-off-by: Tobin Feldman-Fitzthum <tfeldmanfitz@nvidia.com>

Author: fitzthum

Cargo.lock

@@ -45,8 +45,13 @@ env_logger = { workspace = true, optional = true }
 image-rs = { path = "../../image-rs", default-features = false, features = [
     "kata-cc-rustls-tls",
 ] }
+jose-b64 = "0.1.2"
+jose-jwa = "0.1.2"
+jose-jwk = "0.1.2"
+jose-jws = "0.1.2"
 kms = { path = "../kms", default-features = false }
 log.workspace = true
+p256 = "0.13.2"
 prost = { workspace = true, optional = true }
 protos = { path = "../../protos", default-features = false, optional = true }
 rand.workspace = true

confidential-data-hub/hub/Cargo.toml

@@ -3,6 +3,7 @@
 // SPDX-License-Identifier: Apache-2.0
 //
 
+use jose_jwk::Jwk;
 use std::{env, path::Path};
 
 use base64::{engine::general_purpose::STANDARD, Engine};
@@ -41,6 +42,16 @@ struct SealArgs {
     /// Type of the Secret, i.e. `vault` or `envelope`
     #[command(subcommand)]
     r#type: TypeArgs,
+
+    /// The kid of the signing key. This will be used when unsealing
+    /// to find the key.
+    #[arg(short, long)]
+    signing_kid: String,
+
+    /// A path to a file containing a JWK (with a private component)
+    /// for signing the sealed secret.
+    #[arg(short, long)]
+    signing_jwk_path: String,
 }
 
 #[derive(Args)]
@@ -57,6 +68,10 @@ struct UnsealArgs {
     /// configuration for connecting to KBS provider
     #[arg(short, long)]
     aa_kbc_params: Option<String>,
+
+    /// Skip validating the signature of the sealed secret.
+    #[arg(short, long)]
+    skip_verification: Option<bool>,
 }
 
 #[derive(Subcommand)]
@@ -164,7 +179,11 @@ async fn unseal_secret(unseal_args: &UnsealArgs) {
     let secret_string = fs::read_to_string(&unseal_args.file_path)
         .await
         .expect("failed to read sealed secret");
-    let secret = Secret::from_signed_base64_string(secret_string).expect("Failed to parse secret.");
+    let skip_verification = unseal_args.skip_verification.unwrap_or(false);
+
+    let secret = Secret::from_signed_base64_string(secret_string, skip_verification)
+        .await
+        .expect("Failed to parse secret.");
 
     // Setup secret provider
     let secret_provider = match secret.r#type {
@@ -277,12 +296,16 @@ async fn seal_secret(seal_args: &SealArgs) {
         }
     };
 
+    let signing_jwk =
+        std::fs::read_to_string(&seal_args.signing_jwk_path).expect("Could not find signing JWK");
+    let signing_jwk: Jwk = serde_json::from_str(&signing_jwk).expect("Could not parse signing JWK");
+
     let secret = Secret {
         version: VERSION.into(),
         r#type: sc,
     };
     let secret_string = secret
-        .to_signed_base64_string()
+        .to_signed_base64_string(signing_jwk, seal_args.signing_kid.clone())
         .expect("failed to serialize secret");
     println!("{secret_string}");
 }

confidential-data-hub/hub/src/bin/secret_cli.rs

@@ -25,4 +25,19 @@ pub enum SecretError {
 
     #[error("parse SealedSecret failed: {0}")]
     ParseFailed(&'static str),
+
+    #[error("Signature Error: {0}")]
+    SignatureError(#[from] p256::ecdsa::Error),
+
+    #[error("JSON Parsing Error: {0}")]
+    JsonError(#[from] serde_json::Error),
+
+    #[error("Signing key error: {0}")]
+    BadSigningKey(&'static str),
+
+    #[error("Failed to get key from KMS: {0}")]
+    KmsError(#[from] kms::Error),
+
+    #[error("IO Operation Failed: {0}")]
+    IoError(#[from] std::io::Error),
 }