Skip to content

Commit 4d46c22

Browse files
aamirrasheedaamirrasheed
authored
Merge pull request #3 from lunal-dev/fix/phase-1b-correction-header-names
fix: use X-Orchestrator-Attestation-Report header (Phase 1B correction)
2 parents d691a7d + 1d9e53f commit 4d46c22

File tree

1 file changed

+48
-42
lines changed

1 file changed

+48
-42
lines changed

privateclaw

Lines changed: 48 additions & 42 deletions
Original file line numberDiff line numberDiff line change
@@ -377,79 +377,85 @@ cmd_verify() {
377377

378378
INF_PROVIDER=$(echo "$INF_HEADERS" | grep -i "^x-inference-provider:" | sed 's/[^:]*: *//' | tr -d '\r\n')
379379
ATTESTATION=$(echo "$INF_HEADERS" | grep -i "^attestation-report:" | sed 's/[^:]*: *//' | tr -d '\r\n')
380-
UPSTREAM_ATTESTATION=$(echo "$INF_HEADERS" | grep -i "^x-upstream-attestation-report:" | sed 's/[^:]*: *//' | tr -d '\r\n')
380+
ORCH_ATTESTATION=$(echo "$INF_HEADERS" | grep -i "^x-orchestrator-attestation-report:" | sed 's/[^:]*: *//' | tr -d '\r\n')
381381

382382
if [ "$INF_PROVIDER" = "redpill" ]; then
383383
echo " Provider: redpill (failover)"
384384
echo " Attestation: not available (confidential model, attestation via separate endpoint)"
385385
echo " Status: WARN"
386386
FAIL_COUNT=$((FAIL_COUNT + 1))
387-
elif [ -n "$ATTESTATION" ]; then
387+
elif [ -n "$ATTESTATION" ] || [ -n "$ORCH_ATTESTATION" ]; then
388388
echo " Provider: ${INF_PROVIDER:-lunal}"
389389

390-
# --- Orchestrator-side attestation (tee-proxy Attestation-Report) ---
390+
# --- Lunal upstream attestation (Attestation-Report, passed through untouched by our tee-proxy) ---
391391
INF_ATTEST_OK=false
392-
INF_EVIDENCE_FILE=$(mktemp /tmp/inference_attestation_XXXXXX.json)
393-
if echo "$ATTESTATION" | base64 -d 2>/dev/null | gunzip > "$INF_EVIDENCE_FILE" 2>/dev/null; then
394-
# Verify with attestation-cli if available
395-
if [ -n "$ATTESTATION_CLI" ]; then
396-
INF_VERIFY_RESULT=$($ATTESTATION_CLI verify -e "$INF_EVIDENCE_FILE" 2>/dev/null) || true
397-
if [ -n "$INF_VERIFY_RESULT" ] && echo "$INF_VERIFY_RESULT" | jq -e . &>/dev/null; then
398-
INF_SIG_VALID=$(echo "$INF_VERIFY_RESULT" | jq -r '.signature_valid // false')
399-
INF_PLATFORM=$(echo "$INF_VERIFY_RESULT" | jq -r '.platform // "unknown"')
400-
echo " Platform: $INF_PLATFORM (via tee-proxy)"
401-
if [ "$INF_SIG_VALID" = "true" ]; then
402-
echo " Attestation: valid (signature verified)"
403-
echo " VCEK Chain: VALID (AMD root CA -> VCEK -> SNP report)"
404-
INF_ATTEST_OK=true
392+
if [ -n "$ATTESTATION" ]; then
393+
INF_EVIDENCE_FILE=$(mktemp /tmp/inference_attestation_XXXXXX.json)
394+
if echo "$ATTESTATION" | base64 -d 2>/dev/null | gunzip > "$INF_EVIDENCE_FILE" 2>/dev/null; then
395+
# Verify with attestation-cli if available
396+
if [ -n "$ATTESTATION_CLI" ]; then
397+
INF_VERIFY_RESULT=$($ATTESTATION_CLI verify -e "$INF_EVIDENCE_FILE" 2>/dev/null) || true
398+
if [ -n "$INF_VERIFY_RESULT" ] && echo "$INF_VERIFY_RESULT" | jq -e . &>/dev/null; then
399+
INF_SIG_VALID=$(echo "$INF_VERIFY_RESULT" | jq -r '.signature_valid // false')
400+
INF_PLATFORM=$(echo "$INF_VERIFY_RESULT" | jq -r '.platform // "unknown"')
401+
echo " Lunal Platform: $INF_PLATFORM (upstream inference cluster)"
402+
if [ "$INF_SIG_VALID" = "true" ]; then
403+
echo " Lunal Upstream VCEK Chain: VALID (AMD root CA -> VCEK -> SNP report)"
404+
INF_ATTEST_OK=true
405+
else
406+
echo " Lunal Upstream Attestation: INVALID (signature verification failed)"
407+
fi
405408
else
406-
echo " Attestation: INVALID (signature verification failed)"
409+
echo " Lunal Upstream Attestation: present but verification failed"
407410
fi
408411
else
409-
echo " Attestation: present but verification failed"
412+
echo " Lunal Upstream Attestation: present but no verifier (attestation-cli not found)"
413+
INF_ATTEST_OK=true # don't fail if CLI is missing
410414
fi
411415
else
412-
echo " Attestation: present but no verifier (attestation-cli not found)"
416+
echo " Lunal Upstream Attestation: present but could not decode (base64+gzip)"
413417
fi
418+
rm -f "$INF_EVIDENCE_FILE"
414419
else
415-
echo " Attestation: present but could not decode (base64+gzip)"
420+
echo " Lunal Upstream Attestation: WARN — Attestation-Report header absent"
416421
fi
417-
rm -f "$INF_EVIDENCE_FILE"
418422

419-
# --- Upstream (Lunal) attestation (X-Upstream-Attestation-Report, tee-proxy v0.3.0+) ---
420-
if [ -n "$UPSTREAM_ATTESTATION" ]; then
421-
UPSTREAM_ATTEST_OK=false
422-
UPSTREAM_EVIDENCE_FILE=$(mktemp /tmp/upstream_attestation_XXXXXX.json)
423-
if echo "$UPSTREAM_ATTESTATION" | base64 -d 2>/dev/null | gunzip > "$UPSTREAM_EVIDENCE_FILE" 2>/dev/null; then
423+
# --- Orchestrator attestation (X-Orchestrator-Attestation-Report, set by our tee-proxy via --header-name) ---
424+
if [ -n "$ORCH_ATTESTATION" ]; then
425+
ORCH_ATTEST_OK=false
426+
ORCH_EVIDENCE_FILE=$(mktemp /tmp/orch_attestation_XXXXXX.json)
427+
if echo "$ORCH_ATTESTATION" | base64 -d 2>/dev/null | gunzip > "$ORCH_EVIDENCE_FILE" 2>/dev/null; then
424428
if [ -n "$ATTESTATION_CLI" ]; then
425-
UPSTREAM_VERIFY_RESULT=$($ATTESTATION_CLI verify -e "$UPSTREAM_EVIDENCE_FILE" 2>/dev/null) || true
426-
if [ -n "$UPSTREAM_VERIFY_RESULT" ] && echo "$UPSTREAM_VERIFY_RESULT" | jq -e . &>/dev/null; then
427-
UPSTREAM_SIG_VALID=$(echo "$UPSTREAM_VERIFY_RESULT" | jq -r '.signature_valid // false')
428-
if [ "$UPSTREAM_SIG_VALID" = "true" ]; then
429-
echo " Upstream (Lunal) VCEK Chain: VALID"
430-
UPSTREAM_ATTEST_OK=true
429+
ORCH_VERIFY_RESULT=$($ATTESTATION_CLI verify -e "$ORCH_EVIDENCE_FILE" 2>/dev/null) || true
430+
if [ -n "$ORCH_VERIFY_RESULT" ] && echo "$ORCH_VERIFY_RESULT" | jq -e . &>/dev/null; then
431+
ORCH_SIG_VALID=$(echo "$ORCH_VERIFY_RESULT" | jq -r '.signature_valid // false')
432+
ORCH_PLATFORM=$(echo "$ORCH_VERIFY_RESULT" | jq -r '.platform // "unknown"')
433+
echo " Orchestrator Platform: $ORCH_PLATFORM (our tee-proxy)"
434+
if [ "$ORCH_SIG_VALID" = "true" ]; then
435+
echo " Orchestrator VCEK Chain: VALID (AMD root CA -> VCEK -> SNP report)"
436+
ORCH_ATTEST_OK=true
431437
else
432-
echo " Upstream (Lunal) Attestation: INVALID (signature verification failed)"
438+
echo " Orchestrator Attestation: INVALID (signature verification failed)"
433439
fi
434440
else
435-
echo " Upstream (Lunal) Attestation: present but verification failed"
441+
echo " Orchestrator Attestation: present but verification failed"
436442
fi
437443
else
438-
echo " Upstream (Lunal) Attestation: present but no verifier (attestation-cli not found)"
439-
UPSTREAM_ATTEST_OK=true # don't fail if CLI is missing, just note it
444+
echo " Orchestrator Attestation: present but no verifier (attestation-cli not found)"
445+
ORCH_ATTEST_OK=true # don't fail if CLI is missing, just note it
440446
fi
441447
else
442-
echo " Upstream (Lunal) Attestation: present but could not decode (base64+gzip)"
448+
echo " Orchestrator Attestation: present but could not decode (base64+gzip)"
443449
fi
444-
rm -f "$UPSTREAM_EVIDENCE_FILE"
450+
rm -f "$ORCH_EVIDENCE_FILE"
445451
# Both layers must pass for step [4/5] to succeed
446-
if [ "$UPSTREAM_ATTEST_OK" != "true" ]; then
452+
if [ "$ORCH_ATTEST_OK" != "true" ]; then
447453
INF_ATTEST_OK=false
448454
fi
449455
else
450-
# Upstream header absent — backward-compat WARN (tee-proxy may be pre-v0.3.0, or Lunal not sending)
451-
echo " Upstream (Lunal) Attestation: WARN — header absent (tee-proxy pre-v0.3.0 or Lunal not sending)"
452-
echo " Using orchestrator-only attestation."
456+
# Orchestrator header absent — tee-proxy may not be configured with --header-name yet
457+
echo " Orchestrator Attestation: WARN — X-Orchestrator-Attestation-Report absent (tee-proxy may need --header-name=X-Orchestrator-Attestation-Report)"
458+
echo " Using Lunal upstream attestation only."
453459
fi
454460

455461
if [ "$INF_ATTEST_OK" = "true" ]; then

0 commit comments

Comments
 (0)