Snippet which uses NIST SP 800-108 KDF with Countermode
basically, this is an adaptation of github.com/hashicorp/vault/sdk/helper/kdf#CounterMode.
but with the HMAC operation using the TPM.
the sample below uses a swtpm where the hmac key is saved as a PEM encoded file.
First embed the key:
The following diff extracts the EKM value for a given TLS connection and then surfaces that to LUA (which emits the EKM as a header to the backend)
the LUA config will log the EKM in trace logs
# envoy -c envoy_server.yaml -l trace
[2025-04-04 08:36:29.396][3334775][info][lua] [source/extensions/filters/common/lua/lua.cc:26] script log: >>>>>>>>>>>> EKM: XGurfnlqXyjXphhJrrCmHRoKXAwC7CjrD7vixHdqOIo=
which has the same derived EKM value as a sample client app (eg, golang)
also see https://github.com/salrashid123/go_ekm_tls
$ gcc server.c -lcrypto -lssl -o server
$ ./server
Requires openssl-tpm2 provider
# export OPENSSL_MODULES=/usr/lib/x86_64-linux-gnu/ossl-modules/
#
# cat /etc/ssl/openssl.cnf
# [openssl_init]
| package main | |
| /* | |
| Authenticate to GCP using the GCP embedded vTPM AttestationKey | |
| this specific implementation acquires a JWTAccessToken with scopes | |
| https://github.com/salrashid123/gcp-vtpm-ek-ak/tree/main?tab=readme-ov-file#sign-jwt-with-tpm | |
| 1. first create a gce instance with confidentialcompute and vtpm enabled |
| #include <stdio.h> | |
| #include <unistd.h> | |
| #include <string.h> | |
| #include <sys/socket.h> | |
| #include <arpa/inet.h> | |
| #include <openssl/ssl.h> | |
| #include <openssl/err.h> | |
| #include <openssl/hmac.h> |
also see
$ gcc server.c -lcrypto -lssl -o server
k$ ./server
GCS CSEK with Object versioning
The following will upload a file into a bucket with object versioning.
The file will have a CSEK
Then encrypt it with another CSEK and recall the first version using its original CSEK
### create two cseks
| package main | |
| import ( | |
| "encoding/binary" | |
| "encoding/hex" | |
| "flag" | |
| "io" | |
| "log" | |
| "net" | |
| "os" |