feat: Add a new field tee_attestation to VerifyAttestationRequest…

… message proto for SEV SNP and TDX attestations (#26440)

chore: remove backend configuration from the service config

google-cloud-confidential_computing-v1/lib/google/cloud/confidential_computing/v1/confidential_computing/client.rb

@@ -293,11 +293,15 @@ def create_challenge request, options = nil
  # @param options [::Gapic::CallOptions, ::Hash]
  # Overrides the default settings for this call, e.g, timeout, retries, etc. Optional.
  #
- # @overload verify_attestation(challenge: nil, gcp_credentials: nil, tpm_attestation: nil, confidential_space_info: nil, token_options: nil)
+ # @overload verify_attestation(td_ccel: nil, sev_snp_attestation: nil, challenge: nil, gcp_credentials: nil, tpm_attestation: nil, confidential_space_info: nil, token_options: nil)
  # Pass arguments to `verify_attestation` via keyword arguments. Note that at
  # least one keyword argument is required. To specify no parameters, or to keep all
  # the default parameter values, pass an empty Hash as a request object (see above).
  #
+ # @param td_ccel [::Google::Cloud::ConfidentialComputing::V1::TdxCcelAttestation, ::Hash]
+ # Optional. A TDX with CCEL and RTMR Attestation Quote.
+ # @param sev_snp_attestation [::Google::Cloud::ConfidentialComputing::V1::SevSnpAttestation, ::Hash]
+ # Optional. An SEV-SNP Attestation Report.
  # @param challenge [::String]
  # Required. The name of the Challenge whose nonce was used to generate the
  # attestation, in the format `projects/*/locations/*/challenges/*`. The

google-cloud-confidential_computing-v1/lib/google/cloud/confidential_computing/v1/confidential_computing/rest/client.rb

@@ -280,11 +280,15 @@ def create_challenge request, options = nil
  # @param options [::Gapic::CallOptions, ::Hash]
  # Overrides the default settings for this call, e.g, timeout, retries etc. Optional.
  #
- # @overload verify_attestation(challenge: nil, gcp_credentials: nil, tpm_attestation: nil, confidential_space_info: nil, token_options: nil)
+ # @overload verify_attestation(td_ccel: nil, sev_snp_attestation: nil, challenge: nil, gcp_credentials: nil, tpm_attestation: nil, confidential_space_info: nil, token_options: nil)
  # Pass arguments to `verify_attestation` via keyword arguments. Note that at
  # least one keyword argument is required. To specify no parameters, or to keep all
  # the default parameter values, pass an empty Hash as a request object (see above).
  #
+ # @param td_ccel [::Google::Cloud::ConfidentialComputing::V1::TdxCcelAttestation, ::Hash]
+ # Optional. A TDX with CCEL and RTMR Attestation Quote.
+ # @param sev_snp_attestation [::Google::Cloud::ConfidentialComputing::V1::SevSnpAttestation, ::Hash]
+ # Optional. An SEV-SNP Attestation Report.
  # @param challenge [::String]
  # Required. The name of the Challenge whose nonce was used to generate the
  # attestation, in the format `projects/*/locations/*/challenges/*`. The

google-cloud-confidential_computing-v1/proto_docs/google/cloud/confidentialcomputing/v1/service.rb

@@ -60,6 +60,12 @@ class CreateChallengeRequest
 
  # A request for an OIDC token, providing all the necessary information needed
  # for this service to verify the plaform state of the requestor.
+ # @!attribute [rw] td_ccel
+ # @return [::Google::Cloud::ConfidentialComputing::V1::TdxCcelAttestation]
+ # Optional. A TDX with CCEL and RTMR Attestation Quote.
+ # @!attribute [rw] sev_snp_attestation
+ # @return [::Google::Cloud::ConfidentialComputing::V1::SevSnpAttestation]
+ # Optional. An SEV-SNP Attestation Report.
  # @!attribute [rw] challenge
  # @return [::String]
  # Required. The name of the Challenge whose nonce was used to generate the
@@ -85,6 +91,47 @@ class VerifyAttestationRequest
  extend ::Google::Protobuf::MessageExts::ClassMethods
  end
 
+ # A TDX Attestation quote.
+ # @!attribute [rw] ccel_acpi_table
+ # @return [::String]
+ # Optional. The Confidential Computing Event Log (CCEL) ACPI table. Formatted
+ # as described in the ACPI Specification 6.5.
+ # @!attribute [rw] ccel_data
+ # @return [::String]
+ # Optional. The CCEL event log. Formatted as described in the UEFI 2.10.
+ # @!attribute [rw] canonical_event_log
+ # @return [::String]
+ # Optional. An Event Log containing additional events measured into the RTMR
+ # that are not already present in the CCEL.
+ # @!attribute [rw] td_quote
+ # @return [::String]
+ # Optional. The TDX attestation quote from the guest. It contains the RTMR
+ # values.
+ class TdxCcelAttestation
+ include ::Google::Protobuf::MessageExts
+ extend ::Google::Protobuf::MessageExts::ClassMethods
+ end
+
+ # An SEV-SNP Attestation Report.
+ # Contains the attestation report and the certificate bundle that the client
+ # collects.
+ # @!attribute [rw] report
+ # @return [::String]
+ # Optional. The SEV-SNP Attestation Report
+ # Format is in revision 1.55, §7.3 Attestation, Table 22. ATTESTATION_REPORT
+ # Structure in this document:
+ # https://www.amd.com/content/dam/amd/en/documents/epyc-technical-docs/specifications/56860.pdf
+ # @!attribute [rw] aux_blob
+ # @return [::String]
+ # Optional. Certificate bundle defined in the GHCB protocol definition
+ # Format is documented in GHCB revision 2.03, section 4.1.8.1 struct
+ # cert_table in this document:
+ # https://www.amd.com/content/dam/amd/en/documents/epyc-technical-docs/specifications/56421.pdf
+ class SevSnpAttestation
+ include ::Google::Protobuf::MessageExts
+ extend ::Google::Protobuf::MessageExts::ClassMethods
+ end
+
  # A response once an attestation has been successfully verified, containing a
  # signed OIDC token.
  # @!attribute [r] oidc_claims_token