Skip to content

Platform KMS#910

Merged
maraino merged 29 commits intomasterfrom
mariano/new-platform-kms
Mar 3, 2026
Merged

Platform KMS#910
maraino merged 29 commits intomasterfrom
mariano/new-platform-kms

Conversation

@maraino
Copy link
Contributor

@maraino maraino commented Dec 13, 2025
edited
Loading

This is a first attempt to create a platform KMS. This KMS is supports mackms, tpmkms, softkms, and capikms.

There's a couple of things that I'll like to consider:

  1. Is hw the right argument, or should we use ak?
  2. Should we fail if hw (or ak) is set for softkms and capikms?

@maraino maraino force-pushed the mariano/new-platform-kms branch 2 times, most recently from 5e32cfd to 28c3d96 Compare December 19, 2025 02:51
@maraino maraino force-pushed the mariano/new-platform-kms branch from ccdf027 to 6d85f02 Compare February 19, 2026 20:18
@maraino maraino marked this pull request as ready for review February 26, 2026 05:06
@hslatman
Copy link
Member

hslatman commented Feb 26, 2026

  • Is hw the right argument, or should we use ak?

hw and ak must not be considered to mean the same thing. All AKs are hardware-bound (currently, at least; especially in the context of TPMs); not all hardware-bound keys are AKs. Using those interchangeably will cause confusion. In general I would say hw is thus the right term to use. Only use ak when it's specifically about an attestation key. At the moment, using ak=true implies hw=true, but not vice versa.

  • Should we fail if hw (or ak) is set for softkms and capikms?

I think that's OK. In general, when a specific backing KMS doesn't support a certain functionality, and still instructed to do so, it should fail. Technically, the capikms with Microsoft Platform Crypto Provider set as the provider, will have its keys backed by the TPM, so we could take that into account when hw=true is provided to capikms with the provider set. It might also be possible to manage AKs through capikms, but I don't recall having seen functionality related to that before.

hslatman
hslatman reviewed Feb 26, 2026
View reviewed changes
kms/platform/kms_windows.go Outdated
Comment on lines +59 to +61
// When storing certificate skip key validation.
// This avoid a prompt looking for an SmartCard.
uv.Set("skip-find-certificate-key", "true")
Copy link
Member

@hslatman hslatman Feb 26, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Should this happen for all calls? It is now done unconditionally.

Copy link
Contributor Author

@maraino maraino Feb 26, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Only for those that store certificates, but right now I don't have different methods or an argument indicating which kind of transformation we want. This could be an improvement but I think this is the only use case for it.

@maraino
Copy link
Contributor Author

maraino commented Feb 26, 2026

@hslatman I've fixed most of your comments except the ones related to hw and ak. I see a few options:

  1. Change hw with ak and use se=true if ak=true (we're doing this in other places)
  2. Keep hw and add ak. hw will be ignored in TPMKMS, but will be used in mackms for se=true and capikms for provider=Microsoft+Platform+Crypto+Provider
  3. My least favorite, remove hw and add ak on TPMKMS. And use backend parameters se and provider.

@maraino
Add custom attestation using the attestation client
f1076d3 
This commit adds support for custom attestation using the attestation
client and adds CreateAttestation tests.
@maraino
Copy link
Contributor Author

maraino commented Feb 27, 2026

@hslatman What do you think about the custom attestation using the AttestationClient in f1076d3

@maraino maraino requested a review from hslatman February 27, 2026 03:11
@hslatman
Copy link
Member

hslatman commented Feb 27, 2026
edited
Loading

@hslatman I've fixed most of your comments except the ones related to hw and ak. I see a few options:

1. Change `hw` with `ak` and use `se=true` if `ak=true` (we're doing this in other places)

2. Keep `hw` and add `ak`. `hw` will be ignored in TPMKMS, but will be used in `mackms` for `se=true` and `capikms` for `provider=Microsoft+Platform+Crypto+Provider`

3. My least favorite, remove `hw` and add `ak` on TPMKMS. And use backend parameters `se` and `provider`.

Options 1 and 3 both don't result in hw meaning something different than ak, so those will most likely not result in behavior that we need. Keep in mind that the AK on macOS is the special case; not the other way around.

Option 2 sounds good to me. The creation of an AK with ak=true is (generally) up to the importer/caller of the package, and is independent of whether or not hw=true (although it will always be hardware backed in TPMKMS). I think that's reasonable, as the caller knows, or at least ought to know, whether or not it is about the create/use an attestation key vs. an application key.

@hslatman
Copy link
Member

hslatman commented Feb 27, 2026
edited
Loading

@hslatman What do you think about the custom attestation using the AttestationClient in f1076d3

It looks OK. Given the current interfaces and existing implementation, I think it can be added like that.

The way the AttestationClient is passed in the request and then the signer using the context, with the AttestationClient depending on retrieving the signer from that ctx again can be a bit confusing. Maybe we can think of something that lets us do that in one go, but it might result in something close to the current Attester interface.

@maraino
Add helper uri.Values
efdd0bf 
This commit adds the helper uri.Values which returns url.Values merging
the ones in the opaque and query strings.
@maraino
Remove hw to ak on tpmkms and add tests
3131fc6
@maraino
fix linter errors
ef3550d
@maraino
Copy link
Contributor Author

maraino commented Feb 28, 2026

@hslatman I've pushed the changes for hw. Now it only sets se=true (on mackms) and provider=Microsoft+Platform+Crypto+Provider on capi. It is totally ignored on tpmkms.

As it is I think the only thing missing would be to error on softens if hw is set, I will need to refactor all the transformToURI and related tests to return an error. And optionally add a type (keyType, certType, attesterType) to those methods so we can skip one value on capi.

@hslatman hslatman changed the title Platform KMS (WIP) Platform KMS Mar 3, 2026
hslatman
hslatman reviewed Mar 3, 2026
View reviewed changes
Copy link
Member

@hslatman hslatman left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Some small ones

@maraino maraino requested a review from hslatman March 3, 2026 20:26
@hslatman
Copy link
Member

hslatman commented Mar 3, 2026

Let's see how it goes :D

@maraino maraino merged commit 0655274 into master Mar 3, 2026
11 of 12 checks passed
@maraino maraino deleted the mariano/new-platform-kms branch March 3, 2026 21:51
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@hslatman hslatman hslatman approved these changes

@joshdrake joshdrake Awaiting requested review from joshdrake

Assignees

No one assigned

Labels

needs triage

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@maraino @hslatman