Update go-sev-guest version and API use

go-sev-guest is using a similar QuoteProvider api as go-tdx-guest.
The updated version contains better support for providing extra
certificates that are present in the data pages from the VMM in
extended requests.

Signed-off-by: Dionna Glaze <dionnaglaze@google.com>

client/attest.go

@@ -137,10 +137,10 @@ func (k *Key) getCertificateChain(client *http.Client) ([][]byte, error) {
 	return nil, fmt.Errorf("max certificate chain length (%v) exceeded", maxCertChainLength)
 }
 
-// SevSnpDevice encapsulates the SEV-SNP attestation device to add its attestation report
+// SevSnpQuoteProvider encapsulates the SEV-SNP attestation device to add its attestation report
 // to a pb.Attestation.
-type SevSnpDevice struct {
-	Device sg.Device
+type SevSnpQuoteProvider struct {
+	QuoteProvider sg.QuoteProvider
 }
 
 // TdxDevice encapsulates the TDX attestation device to add its attestation quote
@@ -156,20 +156,10 @@ type TdxQuoteProvider struct {
 	QuoteProvider tg.QuoteProvider
 }
 
-// CreateSevSnpDevice opens the SEV-SNP attestation driver and wraps it with behavior
-// that allows it to add an attestation report to pb.Attestation.
-func CreateSevSnpDevice() (*SevSnpDevice, error) {
-	d, err := sg.OpenDevice()
-	if err != nil {
-		return nil, err
-	}
-	return &SevSnpDevice{Device: d}, nil
-}
-
 // AddAttestation will get the SEV-SNP attestation report given opts.TEENonce with
 // associated certificates and add them to `attestation`. If opts.TEENonce is empty,
 // then uses contents of opts.Nonce.
-func (d *SevSnpDevice) AddAttestation(attestation *pb.Attestation, opts AttestOpts) error {
+func (d *SevSnpQuoteProvider) AddAttestation(attestation *pb.Attestation, opts AttestOpts) error {
 	var snpNonce [sabi.ReportDataSize]byte
 	if len(opts.TEENonce) == 0 {
 		copy(snpNonce[:], opts.Nonce)
@@ -178,7 +168,11 @@ func (d *SevSnpDevice) AddAttestation(attestation *pb.Attestation, opts AttestOp
 	} else {
 		copy(snpNonce[:], opts.TEENonce)
 	}
-	extReport, err := sg.GetExtendedReport(d.Device, snpNonce)
+	raw, err := d.QuoteProvider.GetRawQuote(snpNonce)
+	if err != nil {
+		return err
+	}
+	extReport, err := sabi.ReportCertsToProto(raw)
 	if err != nil {
 		return err
 	}
@@ -188,17 +182,24 @@ func (d *SevSnpDevice) AddAttestation(attestation *pb.Attestation, opts AttestOp
 	return nil
 }
 
-// Close will free the device handle held by the SevSnpDevice. Calling more
-// than once has no effect.
-func (d *SevSnpDevice) Close() error {
-	if d.Device != nil {
-		err := d.Device.Close()
-		d.Device = nil
-		return err
-	}
+// Close is a no-op.
+func (d *SevSnpQuoteProvider) Close() error {
 	return nil
 }
 
+// CreateSevSnpQuoteProvider creates the SEV-SNP quote provider and wraps it with behavior
+// that allows it to add an attestation quote to pb.Attestation.
+func CreateSevSnpQuoteProvider() (TEEDevice, error) {
+	qp, err := sg.GetQuoteProvider()
+	if err != nil {
+		return nil, err
+	}
+	if !qp.IsSupported() {
+		return nil, fmt.Errorf("sev-snp attestation reports not available")
+	}
+	return &SevSnpQuoteProvider{QuoteProvider: qp}, nil
+}
+
 // CreateTdxDevice opens the TDX attestation driver and wraps it with behavior
 // that allows it to add an attestation quote to pb.Attestation.
 // Deprecated: TdxDevice is deprecated, and use of CreateTdxQuoteProvider is
@@ -319,11 +320,10 @@ func getTEEAttestationReport(attestation *pb.Attestation, opts AttestOpts) error
 	}
 
 	// Try SEV-SNP.
-	if device, err := CreateSevSnpDevice(); err == nil {
+	if sevqp, err := CreateSevSnpQuoteProvider(); err == nil {
 		// Don't return errors if the attestation collection fails, since
 		// the user didn't specify a TEEDevice.
-		device.AddAttestation(attestation, opts)
-		device.Close()
+		sevqp.AddAttestation(attestation, opts)
 		return nil
 	}
 

client/attest_test.go

@@ -213,7 +213,7 @@ func TestKeyAttestGetCertificateChainConditions(t *testing.T) {
 	}
 }
 
-func TestSevSnpDevice(t *testing.T) {
+func TestSevSnpQuoteProvider(t *testing.T) {
 	rwc := test.GetTPM(t)
 	defer CheckedClose(t, rwc)
 
@@ -227,7 +227,7 @@ func TestSevSnpDevice(t *testing.T) {
 	copy(someNonce64[:], someNonce)
 	var nonce64 [64]byte
 	copy(nonce64[:], []byte("noncey business"))
-	sevTestDevice, _, _, _ := testclient.GetSevGuest([]sgtest.TestCase{
+	sevTestQp, _, _, _ := testclient.GetSevQuoteProvider([]sgtest.TestCase{
 		{
 			Input:  someNonce64,
 			Output: sgtest.TestRawReport(someNonce64),
@@ -237,7 +237,6 @@ func TestSevSnpDevice(t *testing.T) {
 			Output: sgtest.TestRawReport(nonce64),
 		},
 	}, &sgtest.DeviceOptions{Now: time.Now()}, t)
-	defer sevTestDevice.Close()
 
 	testcases := []struct {
 		name           string
@@ -250,7 +249,7 @@ func TestSevSnpDevice(t *testing.T) {
 			opts: AttestOpts{
 				Nonce:            someNonce,
 				CertChainFetcher: localClient,
-				TEEDevice:        &SevSnpDevice{sevTestDevice},
+				TEEDevice:        &SevSnpQuoteProvider{sevTestQp},
 			},
 			wantReportData: someNonce64,
 		},
@@ -259,7 +258,7 @@ func TestSevSnpDevice(t *testing.T) {
 			opts: AttestOpts{
 				Nonce:            someNonce,
 				CertChainFetcher: localClient,
-				TEEDevice:        &SevSnpDevice{sevTestDevice},
+				TEEDevice:        &SevSnpQuoteProvider{sevTestQp},
 				TEENonce:         nonce64[:],
 			},
 			wantReportData: nonce64,

cmd/attest.go

@@ -82,7 +82,7 @@ hardware and guarantees a fresh quote.
 		// Add logic to open other hardware devices when required.
 		switch teeTechnology {
 		case SevSnp:
-			attestOpts.TEEDevice, err = client.CreateSevSnpDevice()
+			attestOpts.TEEDevice, err = client.CreateSevSnpQuoteProvider()
 			if err != nil {
 				return fmt.Errorf("failed to open %s device: %v", SevSnp, err)
 			}

go.mod

@@ -1,26 +1,59 @@
 module github.com/google/go-tpm-tools
 
-go 1.20
+go 1.21
 
 require (
+	cloud.google.com/go/compute/metadata v0.3.0
+	cloud.google.com/go/confidentialcomputing v1.5.1
+	github.com/containerd/containerd v1.7.16
+	github.com/golang-jwt/jwt/v4 v4.5.0
 	github.com/google/go-attestation v0.5.0
-	github.com/google/go-cmp v0.5.9
-	github.com/google/go-sev-guest v0.9.3
+	github.com/google/go-cmp v0.6.0
+	github.com/google/go-sev-guest v0.11.1
 	github.com/google/go-tdx-guest v0.3.1
 	github.com/google/go-tpm v0.9.0
 	github.com/google/logger v1.1.1
-	google.golang.org/protobuf v1.31.0
+	github.com/opencontainers/go-digest v1.0.0
+	github.com/opencontainers/image-spec v1.1.0
+	go.uber.org/multierr v1.11.0
+	golang.org/x/net v0.24.0
+	golang.org/x/oauth2 v0.19.0
+	google.golang.org/api v0.177.0
+	google.golang.org/genproto v0.0.0-20240401170217-c3f982113cda
+	google.golang.org/genproto/googleapis/rpc v0.0.0-20240429193739-8cf5692501f6
+	google.golang.org/protobuf v1.34.0
 )
 
 require (
-	github.com/golang/protobuf v1.5.3 // indirect
+	cloud.google.com/go/auth v0.3.0 // indirect
+	cloud.google.com/go/auth/oauth2adapt v0.2.2 // indirect
+	github.com/containerd/ttrpc v1.2.3 // indirect
+	github.com/felixge/httpsnoop v1.0.4 // indirect
+	github.com/go-logr/logr v1.4.1 // indirect
+	github.com/go-logr/stdr v1.2.2 // indirect
+	github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da // indirect
+	github.com/golang/protobuf v1.5.4 // indirect
 	github.com/google/certificate-transparency-go v1.1.2 // indirect
+	github.com/google/go-configfs-tsm v0.2.2 // indirect
 	github.com/google/go-tspi v0.3.0 // indirect
-	github.com/google/uuid v1.3.1 // indirect
+	github.com/google/s2a-go v0.1.7 // indirect
+	github.com/google/uuid v1.6.0 // indirect
+	github.com/googleapis/enterprise-certificate-proxy v0.3.2 // indirect
+	github.com/googleapis/gax-go/v2 v2.12.3 // indirect
 	github.com/pborman/uuid v1.2.1 // indirect
 	github.com/pkg/errors v0.9.1 // indirect
-	github.com/stretchr/testify v1.8.3 // indirect
-	go.uber.org/multierr v1.11.0 // indirect
-	golang.org/x/crypto v0.17.0 // indirect
-	golang.org/x/sys v0.15.0 // indirect
+	github.com/sirupsen/logrus v1.9.3 // indirect
+	go.opencensus.io v0.24.0 // indirect
+	go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.49.0 // indirect
+	go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.49.0 // indirect
+	go.opentelemetry.io/otel v1.24.0 // indirect
+	go.opentelemetry.io/otel/metric v1.24.0 // indirect
+	go.opentelemetry.io/otel/trace v1.24.0 // indirect
+	golang.org/x/crypto v0.22.0 // indirect
+	golang.org/x/sync v0.7.0 // indirect
+	golang.org/x/sys v0.19.0 // indirect
+	golang.org/x/text v0.14.0 // indirect
+	golang.org/x/time v0.5.0 // indirect
+	google.golang.org/genproto/googleapis/api v0.0.0-20240429193739-8cf5692501f6 // indirect
+	google.golang.org/grpc v1.63.2 // indirect
 )