NVIDIA
diff --git a/‎README.md‎
Lines changed: 17 additions & 30 deletions b/‎README.md‎
Lines changed: 17 additions & 30 deletions
diff --git a/‎guest_tools/README.md‎
Lines changed: 126 additions & 0 deletions b/‎guest_tools/README.md‎
Lines changed: 126 additions & 0 deletions
diff --git a/‎guest_tools/attestation_sdk/README.md‎
Lines changed: 8 additions & 4 deletions b/‎guest_tools/attestation_sdk/README.md‎
Lines changed: 8 additions & 4 deletions
diff --git a/‎guest_tools/attestation_sdk/pyproject.toml‎
Lines changed: 2 additions & 2 deletions b/‎guest_tools/attestation_sdk/pyproject.toml‎
Lines changed: 2 additions & 2 deletions
diff --git a/‎guest_tools/attestation_sdk/src/nv_attestation_sdk/attestation.py‎
Lines changed: 47 additions & 8 deletions b/‎guest_tools/attestation_sdk/src/nv_attestation_sdk/attestation.py‎
Lines changed: 47 additions & 8 deletions
@@ -1,38 +1,25 @@
-# nvTrust: NVIDIA Confidential Computing Ancillary Software
+# nvTrust: Ancillary Software for NVIDIA Trusted Computing Solutions
 
-nvTrust is a repository which contains much of the utilities & tools, open-source code,
-and SDKs leveraged when using NVIDIA solutions in trusted environments, such as Confidential Computing.
+This repository provides essential resources for implementing and validating Trusted Computing Solutions on NVIDIA hardware. It focuses on attestation, a crucial aspect of ensuring the integrity and security of confidential computing environments.
 
-For more information, including documentation, white papers, and videos regarding the Hopper Confidential Computing story, please visit [docs.nvidia.com/confidential-computing/index.html]()
+For more information, including documentation, white papers, and videos regarding NVIDIA Confidential Computing, please visit [NVIDIA docs](https://docs.nvidia.com/confidential-computing/index.html).
 
-## Early Access Considerations
-This branch of nvTrust is currently considered `General Access`. 
+## Getting Started with Attestation
 
-This software release features a software stack targeting a single H100 GPU in passthrough mode with a single session key for encryption and authentication and basic use of the Developer Tools. 
+To begin using NVIDIA GPU attestation, please refer to [this documentation](./guest_tools/README.md). This guide will walk you through:
 
-Code and data will be confidential up to the limits of the NIST SP800-38D AES-GCM standard, after which the VM should be restarted, which causes a fresh session key to be created.
+- Setting up the necessary environment
+- Implementing attestation in your applications
+- Validating the attestation process
 
-## Release Notes
-- Hopper Confidential Compute early access features are supported on NVIDIA Driver Version `550` and later only
-- Release Notes may be found [here](https://docs.nvidia.com/confidential-computing/#release-notes).
+## Confidential Computing
+
+NVIDIA Confidential Computing offers a solution for securely processing data and code in use, preventing unauthorized users from both access and modification. When running AI training or inference, the data and the code must be protected. Often the input data includes personally identifiable information (PII) or enterprise secrets, and the trained model is highly valuable intellectual property (IP). Confidential computing is the ideal solution to protect both AI models and data.
+
+NVIDIA is at the forefront of confidential computing, collaborating with CPU partners, cloud providers, and independent software vendors (ISVs) to ensure that the change from traditional, accelerated workloads to confidential, accelerated workloads will be smooth and transparent.
+
+For more information, including documentation, white papers, and videos regarding the Hopper Confidential Computing story, please visit [NVIDIA docs](https://docs.nvidia.com/confidential-computing/index.html).
 
 ## License
-The license for this repository is Apache v2 except where otherwise noted.
-## Folder Structure
-- **docs** - Collateral relating to Confidential Computing with NVIDIA GPUs
-    - Release Notes
-    - Deployment Guide (Walkthrough)
-    - Hopper Confidential Computing Whitepaper
-    - Local Verifier Application User Guide
-- **guest_tools** - Contains utilities specific to running _within_ a Confidential VM
-    - Attestation SDK
-    - Local Attestation Verifiers
-    - RIM Acquisition Service
-- **host_tools** - Contains utilities specific to configuring the GPU's Confidential Computing Modes, as well as sample scripts to create and run a Confidential VM from within the _host_
-    - GPU CC Mode Setting scripts
-    - KVM Sample Scripts for launching a CVM
-    - Staging folders for Deployment Guide found under docs/
-- **infrastructure** - Contains the open source, third-party code that was used for validation of our Hopper Confidential Computing Solutions
-    - KVM source code, including OVMF and QEMU
-    - Linux source code, along with appropriate GPU-specific patches
-    - Pointers to original GitHub sources.
+
+This repository is licensed under Apache License v2.0 except where otherwise noted.
@@ -0,0 +1,126 @@
+# NVIDIA GPU Attestation Guide
+
+This guide provides a comprehensive overview of NVIDIA GPU Attestation and outlines the steps to implement it in your environment.
+
+## Table of Contents
+
+- [NVIDIA GPU Attestation Guide](#nvidia-gpu-attestation-guide)
+  - [Table of Contents](#table-of-contents)
+  - [Pre-requisites](#pre-requisites)
+  - [Attestation Using SDK - A Primer](#attestation-using-sdk---a-primer)
+  - [Quick Start](#quick-start)
+  - [NVIDIA Attestation Service Integration Options](#nvidia-attestation-service-integration-options)
+    - [Option 1: NVIDIA-Managed Attestation (Most Secure)](#option-1-nvidia-managed-attestation-most-secure)
+    - [Option 2: Hybrid Attestation](#option-2-hybrid-attestation)
+    - [Option 3: Customer-Managed Attestation](#option-3-customer-managed-attestation)
+  - [Comparison of Options](#comparison-of-options)
+  - [License](#license)
+- [Support](#support)
+
+## Pre-requisites
+
+1. Install Attestation SDK using [this guide](./attestation_sdk/README.md). This in turn installs Local GPU Verifier.
+2. [Optional] Review the [NVIDIA NGC Status Page](https://status.ngc.nvidia.com/) to ensure NVIDIA Remote Attestation Service (NRAS), RIM Service, and OCSP Service are functional.
+
+## Attestation Using SDK - A Primer
+
+Attestation using the SDK involves three main steps:
+
+1. Add a verifier
+
+    ```python
+    client = attestation.Attestation()
+    client.add_verifier(attestation.Devices.GPU, attestation.Environment.REMOTE, NRAS_URL, "")
+    ```
+2. Get GPU Evidence
+
+    ```python
+    evidence_list = client.get_evidence()
+    ```
+3. Perform Attestation and optionally validate results using a JSON-based Relying Party policy
+
+    ```python
+    client.validate_token(JSON_POLICY)
+    ```
+
+## Quick Start
+
+1. Navigate to the `nvtrust/guest_tools/attestation_sdk/tests/end_to_end/hardware` directory.
+  
+    ```bash
+    cd nvtrust/guest_tools/attestation_sdk/tests/end_to_end/hardware
+    ```
+2. Run `RemoteGPUTest.py` or `LocalGPUTest.py`
+
+    ```bash
+    python LocalGPUTest.py
+    # or
+    python RemoteGPUTest.py
+    ```
+
+## NVIDIA Attestation Service Integration Options
+
+### Option 1: NVIDIA-Managed Attestation (Most Secure)
+
+![Workflow](./docs/images/nras.png)
+
+This model offers the highest level of security and operational simplicity, leveraging NVIDIA's cloud-based attestation services for comprehensive verification.
+
+**Key Components:**
+- Local GPU Verifier: Collects evidence from the GPU
+- NVIDIA Cloud Services: Remote Attestation, RIM, and OCSP services
+
+**Example:**
+```python
+# Code snippet from nvtrust/guest_tools/attestation_sdk/tests/end_to_end/hardware/RemoteGPUTest.py
+#
+client = attestation.Attestation()
+client.add_verifier(attestation.Devices.GPU, attestation.Environment.REMOTE, NRAS_URL, "")
+evidence_list = client.get_evidence()
+client.attest(evidence_list)
+```
+
+### Option 2: Hybrid Attestation
+
+![Workflow](./docs/images/hybrid.png)
+
+This model balances local control with cloud-based support, allowing for local comparison & verification of values while still utilizing  NVIDIA cloud services.
+
+**Key Components:**
+- Local GPU Verifier: Handles both evidence collection and verification
+- NVIDIA Cloud Services: NVIDIA RIM and OCSP services 
+
+**Example:**
+```python
+# Code snippet from nvtrust/guest_tools/attestation_sdk/tests/end_to_end/hardware/LocalGPUTest.py
+#
+client = attestation.Attestation()
+client.add_verifier(attestation.Devices.GPU, attestation.Environment.LOCAL, "", "", OCSP_URL, RIM_URL)
+evidence_list = client.get_evidence()
+client.attest(evidence_list)
+```
+
+### Option 3: Customer-Managed Attestation
+
+NVIDIA also offers Trust Outpost, a comprehensive GPU attestation solution for end-to-end GPU attestation designed for high-scale deployments and organizations needing enhanced local control. This on-premises implementation efficiently caches RIM and OCSP data, ideal for environments with strict data sovereignty or air-gapped systems. Access requires appropriate agreements with NVIDIA - please contact [attestation-support@nvidia.com](mailto:attestation-support@nvidia.com) to request participation in the program.
+
+![Workflow](./docs/images/outpost.png)
+
+## Comparison of Options
+
+| Feature | Cloud-Managed | Hybrid | Trust Outpost |
+|---------|---------------|--------|-----------------|
+| Security Level | Highest | High | High |
+| Operational Complexity | Lowest | Moderate | Highest |
+| Local Control | Lowest | Moderate | Highest |
+| Cloud Dependency | Highest | Moderate | Lowest |
+| Best For | Maximum security and simplicity | Balanced approach | Strict control requirements |
+
+## License
+
+This project is licensed under the Apache License 2.0.
+
+# Support
+
+For issues or questions, please [file a bug](https://github.com/NVIDIA/nvtrust/issues). For additional support, contact us at [attestation-support@nvidia.com](mailto:attestation-support@nvidia.com)
+
@@ -80,11 +80,11 @@ Please execute the following commands to clean up packages that were not install
 
 - Local GPU Attestation
 
-  Refer to the [sample implementation](https://github.com/NVIDIA/nvtrust/blob/main/guest_tools/attestation_sdk/tests/LocalGPUTest.py)
+  Refer to the [sample implementation](https://github.com/NVIDIA/nvtrust/blob/main/guest_tools/attestation_sdk/tests/end_to_end/hardware/LocalGPUTest.py)
 
 - Remote GPU Attestation
 
-  Refer to the [sample implementation](https://github.com/NVIDIA/nvtrust/blob/main/guest_tools/attestation_sdk/tests/RemoteGPUTest.py)
+  Refer to the [sample implementation](https://github.com/NVIDIA/nvtrust/blob/main/guest_tools/attestation_sdk/tests/end_to_end/hardware/RemoteGPUTest.py)
 
 ## Switch Attestation
 
@@ -101,11 +101,11 @@ Please execute the following commands to clean up packages that were not install
 
 - Local nvSwitch Attestation
 
-  Refer to the [sample implementation](tests/LocalSwitchTest.py)
+  Refer to the [sample implementation](https://github.com/NVIDIA/nvtrust/blob/main/guest_tools/attestation_sdk/tests/end_to_end/hardware/LocalSwitchTest.py)
 
 - Remote nvSwitch Attestation
 
-  Refer to the [sample implementation](tests/RemoteSwitchTest_v3.py)
+  Refer to the [sample implementation](https://github.com/NVIDIA/nvtrust/blob/main/guest_tools/attestation_sdk/tests/end_to_end/hardware/RemoteSwitchTest.py)
 
 ## Claims and Troubleshooting information
 
@@ -135,6 +135,8 @@ v2.1.0          | v3              | 2.0
 v2.1.1          | v3              | 2.0
 v2.1.2          | v3              | 2.0
 v2.1.3          | v3              | 2.0
+v2.1.4          | v3              | 2.0
+v2.3.0          | v3              | 2.0
 
 More information on claims can be found [here](https://github.com/NVIDIA/nvtrust/blob/main/guest_tools/attestation_troubleshooting_guide.md)
 
@@ -146,11 +148,13 @@ More information on claims can be found [here](https://github.com/NVIDIA/nvtrust
 | Attestation(<-name->)                                                                                                           | Create a new Attestation Object used to call other Attestation methods.                                                               |
 | set_name(<-name->)                                                                                                              | Set a name for the Attestation SDK client                                                                                             |
 | set_nonce(<-nonce->)                                                                                                            | Set a nonce for Attestation                                                                                                           |
+| set_ocsp_nonce_disabled(<-bool->)                                                                                               | Flag which indicates whether to include a nonce when calling OCSP. Only applicable for local GPU attestation. False by default        |
 | add_verifier(<-attestation-device-type->, <-local/remote->, <-remote-attestation-service-url->, <-attestation-results-policy->) | Add a specific type of verifier for the client object. The verifier will be invoked during the attest operation                       |
 | get_verifiers()                                                                                                                 | Retrieves the list of verifiers added to the client object.                                                                              |
 | get_evidence()                                                                                                                  | Retrieves the list of evidence based on the attestation device (e.g., GPU, switch) and the type of attestation (e.g., local, remote). |
 | attest()                                                                                                                        | Trigger the Attestation for the client object, This uses the Attestation type configured in the add_verifier method                           |
 | get_token()                                                                                                                     | Retrieves the Attestation token that contains claims corresponding to the Attestation result.                                             |
+| get_ocsp_nonce_disabled()                                                                                                       | Retrieves the flag which indicates whether a nonce is included when calling OCSP.                                                     |
 | validate_token(<-attestation-results-policy->)                                                                                  | Validate the Attestation Claims against a policy                                                                                      |
 | decode_token(<-jwt-token->)                                                                                                     | Decodes the JWT token to claims received by the verifier                                                                              |
 ## Attestation SDK configuration
 
@@ -1,6 +1,6 @@
 [tool.poetry]
 name = "nv-attestation-sdk"
-version = "2.1.3"
+version = "2.3.0"
 description = "The Attestation SDK provides developers with a easy to use APIs for implementing attestation capabilities into their applications."
 authors = ["Karthik Jayaraman <kjayaraman@nvidia.com>"]
 readme = "README.md"
@@ -22,7 +22,7 @@ xmlschema = "==2.2.3"
 pyOpenSSL = "==24.2.1"
 PyJWT = "==2.7.0"
 nvidia-ml-py = ">=12.535.77"
-nv-local-gpu-verifier = "2.1.1"
+nv-local-gpu-verifier = "2.3.0"
 build = ">=0.7.0"
 twine = ">=3.7.1"
 pylint = ">=2.9.6"
 
@@ -14,6 +14,7 @@
 import jwt
 
 from nv_attestation_sdk.utils.logging_config import setup_logging, get_logger
+from nv_attestation_sdk.utils.config import RIM_SERVICE_URL, OCSP_SERVICE_URL
 from .gpu import attest_gpu_local, attest_gpu_remote
 from .nvswitch import attest_nvswitch_local, attest_nvswitch_remote
 from .utils import claim_utils, local_utils, nras_utils
@@ -80,7 +81,8 @@ class VerifierFields(IntEnum):
     URL = 3
     POLICY = 4
     JWT_TOKEN = 5
-
+    OCSP_URL = 6
+    RIM_URL = 7
 
 class Attestation:
     """
@@ -93,6 +95,8 @@ class Attestation:
     _tokens = None
     _verifiers = []
     _instance = None
+    _ocsp_nonce_disabled = False
+    _no_gpu_mode = False
 
     def __new__(cls, name=None):
         if cls._instance is None:
@@ -139,10 +143,31 @@ def get_nonce_server(cls) -> str:
             str: URL of the nonce server
         """
         return cls._nonceServer
+    
+    @classmethod
+    def set_ocsp_nonce_disabled(cls, ocsp_nonce_disabled: bool) -> None:
+        """Flag which indicates whether to include a nonce when calling OCSP.  False by default
+
+        Args:
+            ocsp_nonce_disabled (bool): Flag which indicates whether to include a nonce when calling OCSP
+        """
+        if not isinstance(ocsp_nonce_disabled, bool):
+            raise ValueError("Incorrect data type for ocsp_nonce_disabled.")
+        cls._ocsp_nonce_disabled = ocsp_nonce_disabled
+
+    @classmethod
+    def get_ocsp_nonce_disabled(cls) -> bool:
+        """Get the flag which indicates whether a nonce is included when calling OCSP.
+
+        Returns:
+            bool: Flag which indicates whether a nonce is included when calling OCSP
+        """
+        return cls._ocsp_nonce_disabled
+
 
     @classmethod
     def add_verifier(
-        cls, dev: Devices, env: Environment, url: str, evidence: str
+        cls, dev: Devices, env: Environment, url: str, evidence: str, ocsp_url: str=OCSP_SERVICE_URL, rim_url: str=RIM_SERVICE_URL
     ) -> None:
         """Add a new verifier for Attestation
 
@@ -151,6 +176,8 @@ def add_verifier(
             env (Environment): Type of Attestation - local, remote etc.
             url (str): URL of the Attestation Server for Remote Attestation use cases.
             evidence (str): Attestation evidence
+            ocsp_url (str): URL of the OCSP service to check the revocation status of a certificate
+            rim_url (str): URL of the RIM service for fetching driver and VBIOS RIM files
         """
         verifier_name_mapping = {
             (Devices.GPU, Environment.LOCAL): "LOCAL_GPU_CLAIMS",
@@ -161,8 +188,7 @@ def add_verifier(
         }
 
         name = verifier_name_mapping.get((dev, env), "UNKNOWN_CLAIMS")
-
-        lst = [name, dev, env, url, evidence, ""]
+        lst = [name, dev, env, url, evidence, "", ocsp_url, rim_url]
         cls._verifiers.append(lst)
 
     @classmethod
@@ -182,10 +208,13 @@ def get_verifiers(cls) -> list:
         return cls._verifiers
 
     @classmethod
-    def get_evidence(cls, ppcie_mode: bool = True) -> Tuple[str, List]:
+    def get_evidence(cls, options=None) -> Tuple[str, List]:
         """
         A class method to get evidence for attestation. Returns evidence for the specified verifier.
         """
+        if options == None:
+            options = {}
+        
         decorative_logger.info("Attestation SDK: Getting Evidence")
         nonce = cls.get_nonce() or cls._generate_nonce()
         logger.info("Nonce generated: %s", nonce)
@@ -196,14 +225,18 @@ def get_evidence(cls, ppcie_mode: bool = True) -> Tuple[str, List]:
             (Devices.SWITCH, Environment.LOCAL): attest_nvswitch_local.get_evidence,
             (Devices.SWITCH, Environment.REMOTE): attest_nvswitch_remote.get_evidence,
         }
-
+        # TODO Add support for no_switch_mode
+        evidence_options = {
+            "ppcie_mode": options.get("ppcie_mode", True),
+            "no_gpu_mode": options.get("no_gpu_mode", False)
+        }
         for verifier in cls._verifiers:
             device = verifier[VerifierFields.DEVICE]
             environment = verifier[VerifierFields.ENVIRONMENT]
             evidence_func = evidence_mapping.get(
                 (device, environment), cls._unknown_verifier
             )
-            return evidence_func(nonce, ppcie_mode)
+            return evidence_func(nonce, evidence_options)
 
         logger.error("Unknown verifier - Assuming all is good")
         return nonce, []
@@ -245,8 +278,14 @@ def attest(cls, evidence_list) -> bool:
                     nonce, evidence_list, verifier_url
                 )
             else:
+                attestation_options = {
+                    "ocsp_nonce_disabled": cls._ocsp_nonce_disabled,
+                    "rim_service_url": verifier[VerifierFields.RIM_URL],
+                    "ocsp_url": verifier[VerifierFields.OCSP_URL]
+                }
+
                 this_result, jwt_token = attestation_func(
-                    nonce, evidence_list
+                    nonce, evidence_list, attestation_options
                 )
             verifier[VerifierFields.JWT_TOKEN] = jwt_token
             attest_result = attest_result and this_result