...
- Fetches certificates used by EVC. e.g. X.509 certificate chain used in signing AuthContainers. If EVC is not reachable, goes with the cached copy of the certificates.
- Tries to retrieve UUID provisioned in the EVC for this EVE instance. If EVC is not reachable, goes with the cached copy of the UUID last received from EVC.
- Attempts to unseal the key in TPM. If unsuccessful, waits for encrypted Volume Storage Key from EVC, published post-attestation by EVC through configuration response.
- Whenever HTTP Error 403 is received from EVC, starts a new attestation cycle with EVC, by sending a request with . First EVE requests EVC for a nonce to include to include in the PCR quote, as a freshness proof. Then, it generates a random value to propose as the Integrity-Token. Finally sends attestation request with the following fields:
- The new Integrity-Token value
- PCR Quote
- TPM Event Log
- Image version (EVE and Firmware)
- Whenever attestation response is successful, populates the Integrity-Token (included in the EVC's reply to attestation request), in a memory mapped file (not on the disk). Since Integrity-Token is volatile, when the device reboots, this automatically triggers re-attestation.
- Configuration is requested in periodic intervals, with the Integrity-Token(or without that, which will trigger error 403).
- If config response contains attestation error (i.e. HTTP error 403), triggers attestation request immediately.
...