Verify the report

Learn to verify the attestation report that was generated by the provider.

The verifier checks the authenticity and freshness of the report using the session UUID and the base64-encoded report.

Verify the report

Verify the report for the workload using the encoded report:

Example:

vhsm nitride attestation verify f43042c2-3ac6-43fd-be0a-efbfd2c5b419 [email protected]

This command uses the report from the attester.

Output:

Key                       Value
---                       -----
token                     hvs.CAESIOyvGir7sPktjKgCsaL4NZSdf3jWiFtoAFQNC_Wb5L39Gh4KHGh2cy4yQnJUOEx5djcxbW4wd000b0QzamNUWm8
token_accessor            DH9YcdCJkJw6stqC8ochAFai
token_duration            768h
token_renewable           false
token_policies            ["default" "enclaive-attested"]
identity_policies         []
policies                  ["default" "enclaive-attested"]
token_meta_namespace      n/a
token_meta_workload       f43042c2-3ac6-43fd-be0a-efbfd2c5b419
token_meta_measurement    0e3b01f2f08a3e4cead3d075d0e2da32778a18b612919b4108d8201fd9ba811ff151af90615383fb4a8fa9a464b79600
created                   1752752829
description               A small Azure VM running MariaDB
events                    http://localhost:8000
name                      Azure MariaDB
namespace                 n/a
nonce                     n/a
policy                    azure-dc2asv5-raw
updated                   1752753927
uuid                      f43042c2-3ac6-43fd-be0a-efbfd2c5b419

Detailed explanation

Successful Attestation: The presence of a token and associated policies means the workload Azure MariaDB VM has successfully passed remote attestation.
Token Usage: The token can now be used by the workload to authenticate itself to other services such as secret stores, APIs, or policy engines that require proof of attestation.
Workload Identity: The uuid and token_meta_workload uniquely identify the attested workload. The token_meta_measurement is a cryptographic hash of the workload’s environment, ensuring integrity.
Policy Enforcement: The attached policies are enclaive-attested, by default and define what the workload is allowed to do after attestation.
Security Properties: The attestation is bound to a specific workload and its measured state. The token is time-limited and not renewable, enforcing periodic re-attestation for continued trust.
Auditability: The output includes timestamps and references for auditing when and how the attestation was performed.

Troubleshooting

Wrong Identity

Error message:

"failed attestation: azure-sev-snp-vtpm: measurement did not match, found: 0e3b01f2f08a3e4cead3d075d0e2da32778a18b612919b4108d8201fd9ba811ff151af90615383fb4a8fa9a464b79600, expected: 036fc22b517981a791f7f8b89d634a00e964f6b0dfabc568090eb4393d6026f96aa6b7cca2759f29e521469f1189c00c"

Explanation:

When you enable remote attestation using the vhsm nitride init command, it creates essential Nitride identities, including: platform, firmware, and workload. The measurement in the default identities would not match the measurement on the VM. Hence, the attestation fails. Solution: Update the measurement of the identity with the measurement that the error message reads. In this example, you need to update the identity named azure-dc2asv5.

Last updated 2 days ago

Was this helpful?