Azure Confidential VM code integrity

Giovanni Magoga 0 Reputation points
2023-12-07T18:39:22.9366667+00:00

Hi, I am building an application that needs to verify the code integrity of a Confidential VM.

In the attestation JWT there's a field x-ms-sevsnpvm-launchmeasurement with the hash of the CVM image, but in the documentation its use is discouraged:

With CVMs, can I use the claim ‘x-ms-sevsnpvm-launchmeasurement’ to prove code integrity over the initial state of a CVM? This claim will change often, and it is not recommended to use this as a basis for code integrity assurance.

Source: https://github.com/Azure/confidential-computing-cvm-guest-attestation/blob/main/cvm-guest-attestation.md#with-cvms-can-i-use-the-claim-x-ms-sevsnpvm-launchmeasurement-to-prove-code-integrity-over-the-initial-state-of-a-cvm

Which field should be then used to ensure that the CVM is running a given image?

Azure Virtual Machines
Azure Virtual Machines
An Azure service that is used to provision Windows and Linux virtual machines.
8,250 questions
{count} votes

1 answer

Sort by: Most helpful
  1. kobulloc-MSFT 26,306 Reputation points Microsoft Employee
    2023-12-13T22:19:38.82+00:00

    Hello, @Giovanni Magoga !

    If it's not recommended to use x-ms-sevsnpvm-launchmeasurement to prove code integrity over the initial state of a CVM, what should I use?

    The claim x-ms-sevsnpvm-launchmeasurement is a measurement of the launched guest image that can be used to prove code integrity over the initial state of an Azure confidential VM (CVM) however this claim is not recommended for use with CVMs as it may not be stable or consistent across several versions of the HCL firmware. 

    Instead, the suggestion is to use the claim x-ms-sevsnpvm-idkeydigest, which is a hash of the identification signing key that is associated with the vTPM. This claim does not depend on the guest image or the HCL firmware version.


    I hope this has been helpful! Your feedback is important so please take a moment to accept answers.

    If you still have questions, please let us know what is needed in the comments so the question can be answered. Thank you for helping to improve Microsoft Q&A!

    User's image

    0 comments No comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.