diff --git a/kuasar.spec b/kuasar.spec
index 90eacc642b88b025a387c4bafd70dc9639e2f9ce..50f2b7417eb7b6cfd9b9eafaf3c0490fcf481a2d 100644
--- a/kuasar.spec
+++ b/kuasar.spec
@@ -2,7 +2,7 @@
 
 Name: kuasar
 Version: 1.0.0
-Release: 23
+Release: 24
 Summary: Kuasar is an efficient container runtime that supports multiple sandbox techniques.
 License: Apache License 2.0
 URL: https://github.com/kuasar-io/kuasar
@@ -138,6 +138,9 @@ rm -rf %{buildroot}
 %endif
 
 %changelog
+* Sat May 17 liuxu <liuxu156@huawei.com> -1.0.0-24
+- cc:support kbc decrypt image
+
 * Tue May 06 liuxu <liuxu156@huawei.com> -1.0.0-23
 - Revert "coco: mount certs"
 
diff --git a/patch/0021-cc-support-kbc-decrypt-image.patch b/patch/0021-cc-support-kbc-decrypt-image.patch
new file mode 100644
index 0000000000000000000000000000000000000000..268889d8d00cf58819daeb1ed6cff3e30bd1f501
--- /dev/null
+++ b/patch/0021-cc-support-kbc-decrypt-image.patch
@@ -0,0 +1,2989 @@
+From 19c98033c8acb93aea2f6edf7ef61e56524318d1 Mon Sep 17 00:00:00 2001
+From: liuxu <liuxu156@huawei.com>
+Date: Thu, 24 Apr 2025 15:39:50 +0800
+Subject: [PATCH] cc:support kbc decrypt image
+
+Signed-off-by: liuxu <liuxu156@huawei.com>
+---
+ vmm/task/.cargo/config.toml |   10 +-
+ vmm/task/Cargo.lock         | 1232 +++++++++++++++++++++++------------
+ vmm/task/Cargo.toml         |    9 +-
+ vmm/task/src/config.rs      |    5 +
+ vmm/task/src/image_rpc.rs   |   61 +-
+ vmm/task/src/main.rs        |   28 +-
+ 6 files changed, 886 insertions(+), 459 deletions(-)
+
+diff --git a/vmm/task/.cargo/config.toml b/vmm/task/.cargo/config.toml
+index a5f920c4..7358d318 100644
+--- a/vmm/task/.cargo/config.toml
++++ b/vmm/task/.cargo/config.toml
+@@ -1,9 +1,9 @@
+ [source.crates-io]
+ replace-with = "vendored-sources"
+ 
+-[source."git+https://github.com/confidential-containers/guest-components?tag=v0.10.0"]
+-git = "https://github.com/confidential-containers/guest-components"
+-tag = "v0.10.0"
++[source."git+https://gitee.com/openeuler/guest-components?branch=master"]
++git = "https://gitee.com/openeuler/guest-components"
++branch = "master"
+ replace-with = "vendored-sources"
+ 
+ [source."git+https://github.com/kuasar-io/rust-extensions.git"]
+@@ -20,9 +20,9 @@ git = "https://github.com/mdaffin/loopdev"
+ rev = "c9f91e8f0326ce8a3364ac911e81eb32328a5f27"
+ replace-with = "vendored-sources"
+ 
+-[source."git+https://github.com/sigstore/sigstore-rs.git?rev=1b6ccf0f64d173350ec5515bd69ab48a26a9c0a3"]
++[source."git+https://github.com/sigstore/sigstore-rs.git?rev=c39c519"]
+ git = "https://github.com/sigstore/sigstore-rs.git"
+-rev = "1b6ccf0f64d173350ec5515bd69ab48a26a9c0a3"
++rev = "c39c519"
+ replace-with = "vendored-sources"
+ 
+ [source.vendored-sources]
+diff --git a/vmm/task/Cargo.lock b/vmm/task/Cargo.lock
+index 34d6da94..ba2006bd 100644
+--- a/vmm/task/Cargo.lock
++++ b/vmm/task/Cargo.lock
+@@ -30,7 +30,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
+ checksum = "d122413f284cf2d62fb1b7db97e02edb8cda96d769b16e443a4f6195e35662b0"
+ dependencies = [
+  "crypto-common",
+- "generic-array 0.14.7",
++ "generic-array",
+ ]
+ 
+ [[package]]
+@@ -65,7 +65,7 @@ version = "0.7.8"
+ source = "registry+https://github.com/rust-lang/crates.io-index"
+ checksum = "891477e0c6a8957309ee5c45a6368af3ae14bb510732d2684ffa19af310920f9"
+ dependencies = [
+- "getrandom",
++ "getrandom 0.2.10",
+  "once_cell",
+  "version_check",
+ ]
+@@ -124,6 +124,22 @@ dependencies = [
+  "term",
+ ]
+ 
++[[package]]
++name = "astral-tokio-tar"
++version = "0.5.2"
++source = "registry+https://github.com/rust-lang/crates.io-index"
++checksum = "1abb2bfba199d9ec4759b797115ba6ae435bdd920ce99783bb53aeff57ba919b"
++dependencies = [
++ "filetime",
++ "futures-core",
++ "libc",
++ "portable-atomic",
++ "rustc-hash 2.1.1",
++ "tokio",
++ "tokio-stream",
++ "xattr",
++]
++
+ [[package]]
+ name = "async-compression"
+ version = "0.4.18"
+@@ -164,23 +180,30 @@ dependencies = [
+ 
+ [[package]]
+ name = "async-trait"
+-version = "0.1.83"
++version = "0.1.88"
+ source = "registry+https://github.com/rust-lang/crates.io-index"
+-checksum = "721cae7de5c34fbb2acd27e21e6d2cf7b886dce0c27388d46c4e6c47ea4318dd"
++checksum = "e539d3fca749fcee5236ab05e93a52867dd549cc157c8cb7f99595f3cedffdb5"
+ dependencies = [
+  "proc-macro2",
+  "quote",
+  "syn 2.0.91",
+ ]
+ 
++[[package]]
++name = "atomic-waker"
++version = "1.1.2"
++source = "registry+https://github.com/rust-lang/crates.io-index"
++checksum = "1505bd5d3d116872e7271a6d4e16d81d0c8570876c8de68093a09ac269d8aac0"
++
+ [[package]]
+ name = "attester"
+ version = "0.1.0"
+-source = "git+https://github.com/confidential-containers/guest-components?tag=v0.10.0#075b9a9ee77227d9d92b6f3649ef69de5e72d204"
++source = "git+https://gitee.com/openeuler/guest-components?branch=master#9e2d92747ad80f05292d989f4e49c5743d6a32d3"
+ dependencies = [
+  "anyhow",
+  "async-trait",
+  "base64 0.22.1",
++ "cfg-if 1.0.0",
+  "hex",
+  "kbs-types",
+  "log",
+@@ -189,7 +212,7 @@ dependencies = [
+  "serde_with",
+  "sha2",
+  "strum",
+- "thiserror 1.0.65",
++ "thiserror 2.0.9",
+ ]
+ 
+ [[package]]
+@@ -216,7 +239,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
+ checksum = "acee9fd5073ab6b045a275b3e709c163dd36c90685219cb21804a147b58dba43"
+ dependencies = [
+  "async-trait",
+- "axum-core",
++ "axum-core 0.2.9",
+  "bitflags 1.3.2",
+  "bytes 1.9.0",
+  "futures-util",
+@@ -224,7 +247,7 @@ dependencies = [
+  "http-body 0.4.5",
+  "hyper 0.14.26",
+  "itoa",
+- "matchit",
++ "matchit 0.5.0",
+  "memchr",
+  "mime",
+  "percent-encoding",
+@@ -238,6 +261,33 @@ dependencies = [
+  "tower-service",
+ ]
+ 
++[[package]]
++name = "axum"
++version = "0.7.5"
++source = "registry+https://github.com/rust-lang/crates.io-index"
++checksum = "3a6c9af12842a67734c9a2e355436e5d03b22383ed60cf13cd0c18fbfe3dcbcf"
++dependencies = [
++ "async-trait",
++ "axum-core 0.4.5",
++ "bytes 1.9.0",
++ "futures-util",
++ "http 1.3.1",
++ "http-body 1.0.1",
++ "http-body-util",
++ "itoa",
++ "matchit 0.7.3",
++ "memchr",
++ "mime",
++ "percent-encoding",
++ "pin-project-lite",
++ "rustversion",
++ "serde",
++ "sync_wrapper 1.0.2",
++ "tower",
++ "tower-layer",
++ "tower-service",
++]
++
+ [[package]]
+ name = "axum-core"
+ version = "0.2.9"
+@@ -254,6 +304,26 @@ dependencies = [
+  "tower-service",
+ ]
+ 
++[[package]]
++name = "axum-core"
++version = "0.4.5"
++source = "registry+https://github.com/rust-lang/crates.io-index"
++checksum = "09f2bd6146b97ae3359fa0cc6d6b376d9539582c7b4220f041a33ec24c226199"
++dependencies = [
++ "async-trait",
++ "bytes 1.9.0",
++ "futures-util",
++ "http 1.3.1",
++ "http-body 1.0.1",
++ "http-body-util",
++ "mime",
++ "pin-project-lite",
++ "rustversion",
++ "sync_wrapper 1.0.2",
++ "tower-layer",
++ "tower-service",
++]
++
+ [[package]]
+ name = "backtrace"
+ version = "0.3.69"
+@@ -305,9 +375,9 @@ dependencies = [
+ 
+ [[package]]
+ name = "base64ct"
+-version = "1.6.0"
++version = "1.7.3"
+ source = "registry+https://github.com/rust-lang/crates.io-index"
+-checksum = "8c3c1a368f70d6cf7302d78f8f7093da241fb8e8807c05cc9e51a125895a6d5b"
++checksum = "89e25b6adfb930f02d1981565a6e5d9c547ac15a96606256d3b59040e5cd4ca3"
+ 
+ [[package]]
+ name = "bindgen"
+@@ -324,16 +394,16 @@ dependencies = [
+  "proc-macro2",
+  "quote",
+  "regex",
+- "rustc-hash",
++ "rustc-hash 1.1.0",
+  "shlex",
+  "syn 1.0.109",
+ ]
+ 
+ [[package]]
+ name = "binstring"
+-version = "0.1.2"
++version = "0.1.6"
+ source = "registry+https://github.com/rust-lang/crates.io-index"
+-checksum = "ed79c2a8151273c70956b5e3cdfdc1ff6c1a8b9779ba59c6807d281b32ee2f86"
++checksum = "9a3a3c2603413428303761fae99d4b6d936404208221a44eba47d7c1e6dd03a3"
+ 
+ [[package]]
+ name = "bit-set"
+@@ -364,9 +434,9 @@ checksum = "b048fb63fd8b5923fc5aa7b340d8e156aec7ec02f0c78fa8a6ddc2613f6f71de"
+ 
+ [[package]]
+ name = "blake2b_simd"
+-version = "1.0.2"
++version = "1.0.3"
+ source = "registry+https://github.com/rust-lang/crates.io-index"
+-checksum = "23285ad32269793932e830392f2fe2f83e26488fd3ec778883a93c8323735780"
++checksum = "06e903a20b159e944f91ec8499fe1e55651480c541ea0a584f5d967c49ad9d99"
+ dependencies = [
+  "arrayref",
+  "arrayvec",
+@@ -379,7 +449,7 @@ version = "0.10.4"
+ source = "registry+https://github.com/rust-lang/crates.io-index"
+ checksum = "3078c7629b62d3f0439517fa394996acacc5cbc91c5a20d8c658e77abd503a71"
+ dependencies = [
+- "generic-array 0.14.7",
++ "generic-array",
+ ]
+ 
+ [[package]]
+@@ -388,16 +458,7 @@ version = "0.3.3"
+ source = "registry+https://github.com/rust-lang/crates.io-index"
+ checksum = "a8894febbff9f758034a5b8e12d87918f56dfc64a8e1fe757d65e29041538d93"
+ dependencies = [
+- "generic-array 0.14.7",
+-]
+-
+-[[package]]
+-name = "block2"
+-version = "0.5.1"
+-source = "registry+https://github.com/rust-lang/crates.io-index"
+-checksum = "2c132eebf10f5cad5289222520a4a058514204aed6d791f1cf4fe8088b82d15f"
+-dependencies = [
+- "objc2",
++ "generic-array",
+ ]
+ 
+ [[package]]
+@@ -412,21 +473,20 @@ dependencies = [
+ 
+ [[package]]
+ name = "buffered-reader"
+-version = "1.3.2"
++version = "1.4.0"
+ source = "registry+https://github.com/rust-lang/crates.io-index"
+-checksum = "fabd1c5e55587a8e8526172d63ad2ba665fa18c8acb39ec9a77af1708c982b9b"
++checksum = "db26bf1f092fd5e05b5ab3be2f290915aeb6f3f20c4e9f86ce0f07f336c2412f"
+ dependencies = [
+  "bzip2",
+  "flate2",
+- "lazy_static",
+  "libc",
+ ]
+ 
+ [[package]]
+ name = "bumpalo"
+-version = "3.16.0"
++version = "3.17.0"
+ source = "registry+https://github.com/rust-lang/crates.io-index"
+-checksum = "79296716171880943b8470b5f8d03aa55eb2e645a4874bdbb28adb49162e012c"
++checksum = "1628fb46dfa0b37568d12e5edd512553eccf6a22a78e8bde00bb4aed84d5bdbf"
+ 
+ [[package]]
+ name = "byteorder"
+@@ -452,22 +512,20 @@ checksum = "325918d6fe32f23b19878fe4b34794ae41fc19ddbe53b10571a4874d44ffd39b"
+ 
+ [[package]]
+ name = "bzip2"
+-version = "0.5.0"
++version = "0.5.2"
+ source = "registry+https://github.com/rust-lang/crates.io-index"
+-checksum = "bafdbf26611df8c14810e268ddceda071c297570a5fb360ceddf617fe417ef58"
++checksum = "49ecfb22d906f800d4fe833b6282cf4dc1c298f5057ca0b5445e5c209735ca47"
+ dependencies = [
+  "bzip2-sys",
+- "libc",
+ ]
+ 
+ [[package]]
+ name = "bzip2-sys"
+-version = "0.1.11+1.0.8"
++version = "0.1.13+1.0.8"
+ source = "registry+https://github.com/rust-lang/crates.io-index"
+-checksum = "736a955f3fa7875102d57c82b8cac37ec45224a07fd32d58f9f7a186b6cd4cdc"
++checksum = "225bff33b2141874fe80d71e07d6eec4f85c5c216453dd96388240f96e1acc14"
+ dependencies = [
+  "cc",
+- "libc",
+  "pkg-config",
+ ]
+ 
+@@ -572,9 +630,9 @@ dependencies = [
+ 
+ [[package]]
+ name = "chrono"
+-version = "0.4.38"
++version = "0.4.41"
+ source = "registry+https://github.com/rust-lang/crates.io-index"
+-checksum = "a21f936df1771bf62b77f047b726c4625ff2e8aa607c01ec06e5a05bd8463401"
++checksum = "c469d952047f47f91b68d1cba3f10d63c11d73e4636f24f08daf0278abf01c4d"
+ dependencies = [
+  "android-tzdata",
+  "iana-time-zone",
+@@ -582,7 +640,7 @@ dependencies = [
+  "num-traits",
+  "serde",
+  "wasm-bindgen",
+- "windows-targets 0.52.6",
++ "windows-link",
+ ]
+ 
+ [[package]]
+@@ -629,9 +687,9 @@ dependencies = [
+ 
+ [[package]]
+ name = "coarsetime"
+-version = "0.1.35"
++version = "0.1.36"
+ source = "registry+https://github.com/rust-lang/crates.io-index"
+-checksum = "4252bf230cb600c19826a575b31c8c9c84c6f11acfab6dfcad2e941b10b6f8e2"
++checksum = "91849686042de1b41cd81490edc83afbcb0abe5a9b6f2c4114f23ce8cca1bcf4"
+ dependencies = [
+  "libc",
+  "wasix",
+@@ -695,8 +753,8 @@ dependencies = [
+  "time",
+  "tokio",
+  "tokio-stream",
+- "tonic",
+- "tonic-build",
++ "tonic 0.7.2",
++ "tonic-build 0.7.2",
+ ]
+ 
+ [[package]]
+@@ -736,8 +794,8 @@ version = "0.2.0"
+ source = "git+https://github.com/kuasar-io/rust-extensions.git#53b4ca86b3461efb22b881b891e41fb45e264c7f"
+ dependencies = [
+  "async-trait",
+- "protobuf 3.5.1",
+- "ttrpc 0.7.1",
++ "protobuf 3.7.1",
++ "ttrpc",
+  "ttrpc-codegen 0.4.2",
+ ]
+ 
+@@ -883,20 +941,20 @@ dependencies = [
+ 
+ [[package]]
+ name = "crunchy"
+-version = "0.2.2"
++version = "0.2.3"
+ source = "registry+https://github.com/rust-lang/crates.io-index"
+-checksum = "7a81dae078cea95a014a339291cec439d2f232ebe854a9d672b796c6afafa9b7"
++checksum = "43da5946c66ffcc7745f48db692ffbb10a83bfe0afd96235c5c2a4fb23994929"
+ 
+ [[package]]
+ name = "crypto"
+ version = "0.1.0"
+-source = "git+https://github.com/confidential-containers/guest-components?tag=v0.10.0#075b9a9ee77227d9d92b6f3649ef69de5e72d204"
++source = "git+https://gitee.com/openeuler/guest-components?branch=master#9e2d92747ad80f05292d989f4e49c5743d6a32d3"
+ dependencies = [
+  "anyhow",
+  "base64 0.22.1",
+  "kbs-types",
+  "openssl",
+- "rand",
++ "rand 0.9.1",
+  "serde",
+  "serde_json",
+  "sha2",
+@@ -910,8 +968,8 @@ version = "0.5.5"
+ source = "registry+https://github.com/rust-lang/crates.io-index"
+ checksum = "0dc92fb57ca44df6db8059111ab3af99a63d5d0f8375d9972e319a379c6bab76"
+ dependencies = [
+- "generic-array 0.14.7",
+- "rand_core",
++ "generic-array",
++ "rand_core 0.6.4",
+  "subtle",
+  "zeroize",
+ ]
+@@ -922,8 +980,8 @@ version = "0.1.6"
+ source = "registry+https://github.com/rust-lang/crates.io-index"
+ checksum = "1bfb12502f3fc46cca1bb51ac28df9d618d813cdc3d2f25b9fe775a34af26bb3"
+ dependencies = [
+- "generic-array 0.14.7",
+- "rand_core",
++ "generic-array",
++ "rand_core 0.6.4",
+  "typenum",
+ ]
+ 
+@@ -935,7 +993,7 @@ checksum = "b9d6cf87adf719ddf43a805e92c6870a531aedda35ff640442cbaf8674e141e1"
+ dependencies = [
+  "aead",
+  "cipher",
+- "generic-array 0.14.7",
++ "generic-array",
+  "poly1305",
+  "salsa20",
+  "subtle",
+@@ -944,9 +1002,9 @@ dependencies = [
+ 
+ [[package]]
+ name = "ct-codecs"
+-version = "1.1.3"
++version = "1.1.5"
+ source = "registry+https://github.com/rust-lang/crates.io-index"
+-checksum = "b916ba8ce9e4182696896f015e8a5ae6081b305f74690baa8465e35f5a142ea4"
++checksum = "dd0d274c65cbc1c34703d2fc2ce0fb892ff68f4516b677671a2f238a30b9b2b2"
+ 
+ [[package]]
+ name = "ctr"
+@@ -1095,7 +1153,7 @@ version = "0.3.2"
+ source = "registry+https://github.com/rust-lang/crates.io-index"
+ checksum = "bd2735a791158376708f9347fe8faba9667589d82427ef3aed6794a8981de3d9"
+ dependencies = [
+- "generic-array 0.14.7",
++ "generic-array",
+ ]
+ 
+ [[package]]
+@@ -1106,9 +1164,9 @@ checksum = "5440d1dc8ea7cae44cda3c64568db29bfa2434aba51ae66a50c00488841a65a3"
+ 
+ [[package]]
+ name = "der"
+-version = "0.7.9"
++version = "0.7.10"
+ source = "registry+https://github.com/rust-lang/crates.io-index"
+-checksum = "f55bf8e7b65898637379c1b74eb1551107c8294ed26d855ceb9fd1a09cfc9bc0"
++checksum = "e7c1832837b905bbfb5101e07cc24c8deddf52f93225eee6ead5f4d63d53ddcb"
+ dependencies = [
+  "const-oid",
+  "der_derive",
+@@ -1256,9 +1314,9 @@ dependencies = [
+ 
+ [[package]]
+ name = "document-features"
+-version = "0.2.10"
++version = "0.2.11"
+ source = "registry+https://github.com/rust-lang/crates.io-index"
+-checksum = "cb6969eaabd2421f8a2775cfd2471a2b634372b4a25d41e3bd647b79912850a0"
++checksum = "95249b50c6c185bee49034bcb378a49dc2b5dff0be90ff6616d31d64febab05d"
+ dependencies = [
+  "litrs",
+ ]
+@@ -1281,9 +1339,9 @@ dependencies = [
+ 
+ [[package]]
+ name = "dyn-clone"
+-version = "1.0.17"
++version = "1.0.19"
+ source = "registry+https://github.com/rust-lang/crates.io-index"
+-checksum = "0d6ef0072f8a535281e4876be788938b528e9a1d43900b82c2569af7da799125"
++checksum = "1c7a8fb8a9fbf66c1f703fe16184d10ca0ee9d23be5b4436400408ba54a95005"
+ 
+ [[package]]
+ name = "eax"
+@@ -1338,7 +1396,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
+ checksum = "e9b3460f44bea8cd47f45a0c70892f1eff856d97cd55358b2f73f663789f6190"
+ dependencies = [
+  "ct-codecs",
+- "getrandom",
++ "getrandom 0.2.10",
+ ]
+ 
+ [[package]]
+@@ -1349,7 +1407,7 @@ checksum = "4a3daa8e81a3963a60642bcc1f90a670680bd4a77535faa384e9d1c79d620871"
+ dependencies = [
+  "curve25519-dalek",
+  "ed25519",
+- "rand_core",
++ "rand_core 0.6.4",
+  "serde",
+  "sha2",
+  "subtle",
+@@ -1372,12 +1430,12 @@ dependencies = [
+  "crypto-bigint",
+  "digest",
+  "ff",
+- "generic-array 0.14.7",
++ "generic-array",
+  "group",
+  "hkdf",
+  "pem-rfc7468",
+  "pkcs8",
+- "rand_core",
++ "rand_core 0.6.4",
+  "sec1",
+  "subtle",
+  "zeroize",
+@@ -1453,11 +1511,11 @@ dependencies = [
+ 
+ [[package]]
+ name = "ff"
+-version = "0.13.0"
++version = "0.13.1"
+ source = "registry+https://github.com/rust-lang/crates.io-index"
+-checksum = "ded41244b729663b1e574f1b4fb731469f69f79c17667b5d776b16cda0479449"
++checksum = "c0b50bfb653653f9ca9095b427bed08ab8d75a137839d9ad64eb11810d5b6393"
+ dependencies = [
+- "rand_core",
++ "rand_core 0.6.4",
+  "subtle",
+ ]
+ 
+@@ -1493,18 +1551,18 @@ checksum = "0ce7134b9999ecaf8bcd65542e436736ef32ddca1b3e06094cb6ec5755203b80"
+ 
+ [[package]]
+ name = "flagset"
+-version = "0.4.6"
++version = "0.4.7"
+ source = "registry+https://github.com/rust-lang/crates.io-index"
+-checksum = "b3ea1ec5f8307826a5b71094dd91fc04d4ae75d5709b20ad351c7fb4815c86ec"
++checksum = "b7ac824320a75a52197e8f2d787f6a38b6718bb6897a35142d749af3c0e8f4fe"
+ 
+ [[package]]
+ name = "flate2"
+-version = "1.0.34"
++version = "1.1.1"
+ source = "registry+https://github.com/rust-lang/crates.io-index"
+-checksum = "a1b589b4dc103969ad3cf85c950899926ec64300a1a46d76c03a6072957036f0"
++checksum = "7ced92e76e966ca2fd84c8f7aa01a4aea65b0eb6648d72f7c8f3e2764a67fece"
+ dependencies = [
+  "crc32fast",
+- "miniz_oxide 0.8.0",
++ "miniz_oxide 0.8.8",
+ ]
+ 
+ [[package]]
+@@ -1539,9 +1597,9 @@ dependencies = [
+ 
+ [[package]]
+ name = "futures"
+-version = "0.3.28"
++version = "0.3.31"
+ source = "registry+https://github.com/rust-lang/crates.io-index"
+-checksum = "23342abe12aba583913b2e62f22225ff9c950774065e4bfb61a19cd9770fec40"
++checksum = "65bc07b1a8bc7c85c5f2e110c476c7389b4554ba72af57d8445ea63a576b0876"
+ dependencies = [
+  "futures-channel",
+  "futures-core",
+@@ -1554,9 +1612,9 @@ dependencies = [
+ 
+ [[package]]
+ name = "futures-channel"
+-version = "0.3.28"
++version = "0.3.31"
+ source = "registry+https://github.com/rust-lang/crates.io-index"
+-checksum = "955518d47e09b25bbebc7a18df10b81f0c766eaf4c4f1cccef2fca5f2a4fb5f2"
++checksum = "2dff15bf788c671c1934e366d07e30c1814a8ef514e1af724a602e8a2fbe1b10"
+ dependencies = [
+  "futures-core",
+  "futures-sink",
+@@ -1564,15 +1622,15 @@ dependencies = [
+ 
+ [[package]]
+ name = "futures-core"
+-version = "0.3.28"
++version = "0.3.31"
+ source = "registry+https://github.com/rust-lang/crates.io-index"
+-checksum = "4bca583b7e26f571124fe5b7561d49cb2868d79116cfa0eefce955557c6fee8c"
++checksum = "05f29059c0c2090612e8d742178b0580d2dc940c837851ad723096f87af6663e"
+ 
+ [[package]]
+ name = "futures-executor"
+-version = "0.3.28"
++version = "0.3.31"
+ source = "registry+https://github.com/rust-lang/crates.io-index"
+-checksum = "ccecee823288125bd88b4d7f565c9e58e41858e47ab72e8ea2d64e93624386e0"
++checksum = "1e28d1d997f585e54aebc3f97d39e72338912123a67330d723fdbb564d646c9f"
+ dependencies = [
+  "futures-core",
+  "futures-task",
+@@ -1581,15 +1639,15 @@ dependencies = [
+ 
+ [[package]]
+ name = "futures-io"
+-version = "0.3.28"
++version = "0.3.31"
+ source = "registry+https://github.com/rust-lang/crates.io-index"
+-checksum = "4fff74096e71ed47f8e023204cfd0aa1289cd54ae5430a9523be060cdb849964"
++checksum = "9e5c1b78ca4aae1ac06c48a526a655760685149f0d465d21f37abfe57ce075c6"
+ 
+ [[package]]
+ name = "futures-macro"
+-version = "0.3.28"
++version = "0.3.31"
+ source = "registry+https://github.com/rust-lang/crates.io-index"
+-checksum = "89ca545a94061b6365f2c7355b4b32bd20df3ff95f02da9329b34ccc3bd6ee72"
++checksum = "162ee34ebcb7c64a8abebc059ce0fee27c2262618d7b60ed8faf72fef13c3650"
+ dependencies = [
+  "proc-macro2",
+  "quote",
+@@ -1598,21 +1656,21 @@ dependencies = [
+ 
+ [[package]]
+ name = "futures-sink"
+-version = "0.3.28"
++version = "0.3.31"
+ source = "registry+https://github.com/rust-lang/crates.io-index"
+-checksum = "f43be4fe21a13b9781a69afa4985b0f6ee0e1afab2c6f454a8cf30e2b2237b6e"
++checksum = "e575fab7d1e0dcb8d0c7bcf9a63ee213816ab51902e6d244a95819acacf1d4f7"
+ 
+ [[package]]
+ name = "futures-task"
+-version = "0.3.28"
++version = "0.3.31"
+ source = "registry+https://github.com/rust-lang/crates.io-index"
+-checksum = "76d3d132be6c0e6aa1534069c705a74a5997a356c0dc2f86a47765e5617c5b65"
++checksum = "f90f7dce0722e95104fcb095585910c0977252f286e354b5e3bd38902cd99988"
+ 
+ [[package]]
+ name = "futures-util"
+-version = "0.3.28"
++version = "0.3.31"
+ source = "registry+https://github.com/rust-lang/crates.io-index"
+-checksum = "26b01e40b772d54cf6c6d721c1d1abd0647a0106a12ecaa1c186273392a69533"
++checksum = "9fa08315bb612088cc391249efdc3bc77536f16c91f6cf495e6fbe85b20a4a81"
+ dependencies = [
+  "futures-channel",
+  "futures-core",
+@@ -1638,24 +1696,29 @@ dependencies = [
+ ]
+ 
+ [[package]]
+-name = "generic-array"
+-version = "1.1.1"
++name = "getrandom"
++version = "0.2.10"
+ source = "registry+https://github.com/rust-lang/crates.io-index"
+-checksum = "2cb8bc4c28d15ade99c7e90b219f30da4be5c88e586277e8cbe886beeb868ab2"
++checksum = "be4136b2a15dd319360be1c07d9933517ccf0be8f16bf62a3bee4f0d618df427"
+ dependencies = [
+- "typenum",
++ "cfg-if 1.0.0",
++ "js-sys",
++ "libc",
++ "wasi 0.11.0+wasi-snapshot-preview1",
++ "wasm-bindgen",
+ ]
+ 
+ [[package]]
+ name = "getrandom"
+-version = "0.2.10"
++version = "0.3.3"
+ source = "registry+https://github.com/rust-lang/crates.io-index"
+-checksum = "be4136b2a15dd319360be1c07d9933517ccf0be8f16bf62a3bee4f0d618df427"
++checksum = "26145e563e54f2cadc477553f1ec5ee650b00862f0a58bcd12cbdc5f0ea2d2f4"
+ dependencies = [
+  "cfg-if 1.0.0",
+  "js-sys",
+  "libc",
+- "wasi",
++ "r-efi",
++ "wasi 0.14.2+wasi-0.2.4",
+  "wasm-bindgen",
+ ]
+ 
+@@ -1709,7 +1772,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
+ checksum = "f0f9ef7462f7c099f518d754361858f86d8a07af53ba9af0fe635bbccb151a63"
+ dependencies = [
+  "ff",
+- "rand_core",
++ "rand_core 0.6.4",
+  "subtle",
+ ]
+ 
+@@ -1732,6 +1795,25 @@ dependencies = [
+  "tracing",
+ ]
+ 
++[[package]]
++name = "h2"
++version = "0.4.10"
++source = "registry+https://github.com/rust-lang/crates.io-index"
++checksum = "a9421a676d1b147b16b82c9225157dc629087ef8ec4d5e2960f9437a90dac0a5"
++dependencies = [
++ "atomic-waker",
++ "bytes 1.9.0",
++ "fnv",
++ "futures-core",
++ "futures-sink",
++ "http 1.3.1",
++ "indexmap 2.7.0",
++ "slab",
++ "tokio",
++ "tokio-util",
++ "tracing",
++]
++
+ [[package]]
+ name = "hashbrown"
+ version = "0.12.3"
+@@ -1853,9 +1935,9 @@ dependencies = [
+ 
+ [[package]]
+ name = "http"
+-version = "1.2.0"
++version = "1.3.1"
+ source = "registry+https://github.com/rust-lang/crates.io-index"
+-checksum = "f16ca2af56261c99fba8bac40a10251ce8188205a4c448fbb745a2e4daa76fea"
++checksum = "f4a85d31aea989eead29a3aaf9e1115a180df8282431156e533de47660892565"
+ dependencies = [
+  "bytes 1.9.0",
+  "fnv",
+@@ -1889,18 +1971,18 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
+ checksum = "1efedce1fb8e6913f23e0c92de8e62cd5b772a67e7b3946df930a62566c93184"
+ dependencies = [
+  "bytes 1.9.0",
+- "http 1.2.0",
++ "http 1.3.1",
+ ]
+ 
+ [[package]]
+ name = "http-body-util"
+-version = "0.1.2"
++version = "0.1.3"
+ source = "registry+https://github.com/rust-lang/crates.io-index"
+-checksum = "793429d76616a256bcb62c2a2ec2bed781c8307e797e2598c50010f2bee2544f"
++checksum = "b021d93e26becf5dc7e1b75b1bed1fd93124b374ceb73f43d4d4eafec896a64a"
+ dependencies = [
+  "bytes 1.9.0",
+- "futures-util",
+- "http 1.2.0",
++ "futures-core",
++ "http 1.3.1",
+  "http-body 1.0.1",
+  "pin-project-lite",
+ ]
+@@ -1939,7 +2021,7 @@ dependencies = [
+  "futures-channel",
+  "futures-core",
+  "futures-util",
+- "h2",
++ "h2 0.3.19",
+  "http 0.2.9",
+  "http-body 0.4.5",
+  "httparse",
+@@ -1962,9 +2044,11 @@ dependencies = [
+  "bytes 1.9.0",
+  "futures-channel",
+  "futures-util",
+- "http 1.2.0",
++ "h2 0.4.10",
++ "http 1.3.1",
+  "http-body 1.0.1",
+  "httparse",
++ "httpdate",
+  "itoa",
+  "pin-project-lite",
+  "smallvec",
+@@ -1972,6 +2056,25 @@ dependencies = [
+  "want",
+ ]
+ 
++[[package]]
++name = "hyper-rustls"
++version = "0.27.5"
++source = "registry+https://github.com/rust-lang/crates.io-index"
++checksum = "2d191583f3da1305256f22463b9bb0471acad48a4e534a5218b9963e9c1f59b2"
++dependencies = [
++ "futures-util",
++ "http 1.3.1",
++ "hyper 1.5.2",
++ "hyper-util",
++ "rustls",
++ "rustls-native-certs",
++ "rustls-pki-types",
++ "tokio",
++ "tokio-rustls",
++ "tower-service",
++ "webpki-roots 0.26.11",
++]
++
+ [[package]]
+ name = "hyper-timeout"
+ version = "0.4.1"
+@@ -1984,6 +2087,19 @@ dependencies = [
+  "tokio-io-timeout",
+ ]
+ 
++[[package]]
++name = "hyper-timeout"
++version = "0.5.2"
++source = "registry+https://github.com/rust-lang/crates.io-index"
++checksum = "2b90d566bffbce6a75bd8b09a05aa8c2cb1fabb6cb348f8840c9e4c90a0d83b0"
++dependencies = [
++ "hyper 1.5.2",
++ "hyper-util",
++ "pin-project-lite",
++ "tokio",
++ "tower-service",
++]
++
+ [[package]]
+ name = "hyper-tls"
+ version = "0.6.0"
+@@ -2009,7 +2125,7 @@ dependencies = [
+  "bytes 1.9.0",
+  "futures-channel",
+  "futures-util",
+- "http 1.2.0",
++ "http 1.3.1",
+  "http-body 1.0.1",
+  "hyper 1.5.2",
+  "pin-project-lite",
+@@ -2021,14 +2137,15 @@ dependencies = [
+ 
+ [[package]]
+ name = "iana-time-zone"
+-version = "0.1.61"
++version = "0.1.63"
+ source = "registry+https://github.com/rust-lang/crates.io-index"
+-checksum = "235e081f3925a06703c2d0117ea8b91f042756fd6e7a6e5d901e8ca1a996b220"
++checksum = "b0c919e5debc312ad217002b8048a17b7d83f80703865bbfcfebb0458b0b27d8"
+ dependencies = [
+  "android_system_properties",
+  "core-foundation-sys",
+  "iana-time-zone-haiku",
+  "js-sys",
++ "log",
+  "wasm-bindgen",
+  "windows-core",
+ ]
+@@ -2199,9 +2316,10 @@ dependencies = [
+ [[package]]
+ name = "image-rs"
+ version = "0.1.0"
+-source = "git+https://github.com/confidential-containers/guest-components?tag=v0.10.0#075b9a9ee77227d9d92b6f3649ef69de5e72d204"
++source = "git+https://gitee.com/openeuler/guest-components?branch=master#9e2d92747ad80f05292d989f4e49c5743d6a32d3"
+ dependencies = [
+  "anyhow",
++ "astral-tokio-tar",
+  "async-compression",
+  "async-trait",
+  "base64 0.22.1",
+@@ -2212,15 +2330,13 @@ dependencies = [
+  "futures-util",
+  "hex",
+  "kbc",
+- "krata-tokio-tar",
+- "lazy_static",
+  "log",
+  "loopdev",
+  "nix 0.29.0",
+  "oci-client",
+- "oci-spec 0.6.7",
++ "oci-spec 0.7.1",
+  "ocicrypt-rs",
+- "protobuf 3.5.1",
++ "prost 0.13.5",
+  "reqwest",
+  "sequoia-openpgp",
+  "serde",
+@@ -2229,11 +2345,11 @@ dependencies = [
+  "sha2",
+  "sigstore",
+  "strum",
+- "strum_macros",
++ "strum_macros 0.27.1",
+  "tokio",
+  "tokio-util",
+- "ttrpc 0.8.2",
+- "ttrpc-codegen 0.4.2",
++ "tonic 0.12.2",
++ "tonic-build 0.12.3",
+  "url",
+  "walkdir",
+  "xattr",
+@@ -2262,12 +2378,12 @@ dependencies = [
+ 
+ [[package]]
+ name = "inout"
+-version = "0.1.3"
++version = "0.1.4"
+ source = "registry+https://github.com/rust-lang/crates.io-index"
+-checksum = "a0c10553d664a4d0bcff9f4215d0aac67a639cc68ef660840afe309b807bc9f5"
++checksum = "879f10e63c20629ecabbb64a8010319738c66a5cd0c29b02d63d272b03751d01"
+ dependencies = [
+  "block-padding",
+- "generic-array 0.14.7",
++ "generic-array",
+ ]
+ 
+ [[package]]
+@@ -2301,9 +2417,9 @@ dependencies = [
+ 
+ [[package]]
+ name = "ipnet"
+-version = "2.10.1"
++version = "2.11.0"
+ source = "registry+https://github.com/rust-lang/crates.io-index"
+-checksum = "ddc24109865250148c2e0f3d25d4f0f479571723792d3802153c60922a4fb708"
++checksum = "469fb0b9cefa57e3ef31275ee7cacb78f2fdca44e4765491884a2b119d4eb130"
+ 
+ [[package]]
+ name = "ipnetwork"
+@@ -2371,10 +2487,11 @@ dependencies = [
+ 
+ [[package]]
+ name = "js-sys"
+-version = "0.3.72"
++version = "0.3.77"
+ source = "registry+https://github.com/rust-lang/crates.io-index"
+-checksum = "6a88f1bda2bd75b0452a14784937d796722fdebfe50df998aeb3f0b7603019a9"
++checksum = "1cfaf33c695fc6e08064efbc1f72ec937429614f25eef83af942d0e227c3a28f"
+ dependencies = [
++ "once_cell",
+  "wasm-bindgen",
+ ]
+ 
+@@ -2442,7 +2559,7 @@ dependencies = [
+  "k256",
+  "p256",
+  "p384",
+- "rand",
++ "rand 0.8.5",
+  "serde",
+  "serde_json",
+  "superboring",
+@@ -2467,7 +2584,7 @@ dependencies = [
+ [[package]]
+ name = "kbc"
+ version = "0.1.0"
+-source = "git+https://github.com/confidential-containers/guest-components?tag=v0.10.0#075b9a9ee77227d9d92b6f3649ef69de5e72d204"
++source = "git+https://gitee.com/openeuler/guest-components?branch=master#9e2d92747ad80f05292d989f4e49c5743d6a32d3"
+ dependencies = [
+  "anyhow",
+  "async-trait",
+@@ -2485,18 +2602,20 @@ dependencies = [
+ 
+ [[package]]
+ name = "kbs-types"
+-version = "0.7.0"
++version = "0.10.0"
+ source = "registry+https://github.com/rust-lang/crates.io-index"
+-checksum = "9b6441ed73b0faa50707d4de41c6b45c76654b661b96aaf7b26a41331eedc0a5"
++checksum = "6db954f164e19a63a1eb7c04c46511167d68a5eb5025d4a435c1ba297f00dbf4"
+ dependencies = [
++ "base64 0.22.1",
+  "serde",
+  "serde_json",
++ "thiserror 2.0.9",
+ ]
+ 
+ [[package]]
+ name = "kbs_protocol"
+ version = "0.1.0"
+-source = "git+https://github.com/confidential-containers/guest-components?tag=v0.10.0#075b9a9ee77227d9d92b6f3649ef69de5e72d204"
++source = "git+https://gitee.com/openeuler/guest-components?branch=master#9e2d92747ad80f05292d989f4e49c5743d6a32d3"
+ dependencies = [
+  "anyhow",
+  "async-trait",
+@@ -2511,28 +2630,12 @@ dependencies = [
+  "serde",
+  "serde_json",
+  "sha2",
+- "thiserror 1.0.65",
++ "thiserror 2.0.9",
+  "tokio",
+  "url",
+  "zeroize",
+ ]
+ 
+-[[package]]
+-name = "krata-tokio-tar"
+-version = "0.4.2"
+-source = "registry+https://github.com/rust-lang/crates.io-index"
+-checksum = "e8bd5fee9b96acb5fc36b401896d601e6fdcce52b0e651ce24a3b21fb524e79f"
+-dependencies = [
+- "filetime",
+- "futures-core",
+- "libc",
+- "portable-atomic",
+- "redox_syscall 0.3.5",
+- "tokio",
+- "tokio-stream",
+- "xattr",
+-]
+-
+ [[package]]
+ name = "lalrpop"
+ version = "0.20.2"
+@@ -2653,9 +2756,9 @@ dependencies = [
+ 
+ [[package]]
+ name = "libc"
+-version = "0.2.161"
++version = "0.2.172"
+ source = "registry+https://github.com/rust-lang/crates.io-index"
+-checksum = "8e9489c2807c139ffd9c1794f4af0ebe86a828db53ecdc7fea2111d0fed085d1"
++checksum = "d750af042f7ef4f724306de029d18836c26c1765a54a6a3f094cbd23a7267ffa"
+ 
+ [[package]]
+ name = "libloading"
+@@ -2669,9 +2772,9 @@ dependencies = [
+ 
+ [[package]]
+ name = "libm"
+-version = "0.2.11"
++version = "0.2.15"
+ source = "registry+https://github.com/rust-lang/crates.io-index"
+-checksum = "8355be11b20d696c8f18f6cc018c4e372165b1fa8126cef092399c9951984ffa"
++checksum = "f9fbbcab51052fe104eb5e5d351cf728d30a5be1fe14d9be8a3b097481fb97de"
+ 
+ [[package]]
+ name = "libredox"
+@@ -2738,9 +2841,9 @@ dependencies = [
+ 
+ [[package]]
+ name = "log"
+-version = "0.4.22"
++version = "0.4.27"
+ source = "registry+https://github.com/rust-lang/crates.io-index"
+-checksum = "a7a70ba024b9dc04c27ea2f0c0548feb474ec5c54bba33a7f72f873a39d07b24"
++checksum = "13dc2df351e3202783a1fe0d44375f7295ffb4049267b0f3018346dc122a1d94"
+ 
+ [[package]]
+ name = "loopdev"
+@@ -2752,12 +2855,24 @@ dependencies = [
+  "libc",
+ ]
+ 
++[[package]]
++name = "lru-slab"
++version = "0.1.2"
++source = "registry+https://github.com/rust-lang/crates.io-index"
++checksum = "112b39cec0b298b6c1999fee3e31427f74f676e4cb9879ed1a121b43661a4154"
++
+ [[package]]
+ name = "matchit"
+ version = "0.5.0"
+ source = "registry+https://github.com/rust-lang/crates.io-index"
+ checksum = "73cbba799671b762df5a175adf59ce145165747bb891505c43d09aefbbf38beb"
+ 
++[[package]]
++name = "matchit"
++version = "0.7.3"
++source = "registry+https://github.com/rust-lang/crates.io-index"
++checksum = "0e7465ac9959cc2b1404e8e2367b43684a6d13790fe23056cc8c6c5a6b7bcb94"
++
+ [[package]]
+ name = "md-5"
+ version = "0.10.6"
+@@ -2783,15 +2898,6 @@ dependencies = [
+  "autocfg",
+ ]
+ 
+-[[package]]
+-name = "memoffset"
+-version = "0.7.1"
+-source = "registry+https://github.com/rust-lang/crates.io-index"
+-checksum = "5de893c32cde5f383baa4c04c5d6dbdd735cfd4a794b0debdb2bb1b421da5ff4"
+-dependencies = [
+- "autocfg",
+-]
+-
+ [[package]]
+ name = "memoffset"
+ version = "0.8.0"
+@@ -2839,9 +2945,9 @@ dependencies = [
+ 
+ [[package]]
+ name = "miniz_oxide"
+-version = "0.8.0"
++version = "0.8.8"
+ source = "registry+https://github.com/rust-lang/crates.io-index"
+-checksum = "e2d80299ef12ff69b16a84bb182e3b9df68b5a91574d3d4fa6e41b65deec4df1"
++checksum = "3be647b768db090acb35d5ec5db2b0e1f1de11133ca123b9eacf5137868f892a"
+ dependencies = [
+  "adler2",
+ ]
+@@ -2853,7 +2959,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
+ checksum = "2886843bf800fba2e3377cff24abf6379b4c4d5c6681eaf9ea5b0d15090450bd"
+ dependencies = [
+  "libc",
+- "wasi",
++ "wasi 0.11.0+wasi-snapshot-preview1",
+  "windows-sys 0.52.0",
+ ]
+ 
+@@ -2865,9 +2971,9 @@ checksum = "e5ce46fe64a9d73be07dcbe690a38ce1b293be448fd8ce1e6c1b8062c9f72c6a"
+ 
+ [[package]]
+ name = "native-tls"
+-version = "0.2.12"
++version = "0.2.14"
+ source = "registry+https://github.com/rust-lang/crates.io-index"
+-checksum = "a8614eb2c83d59d1c8cc974dd3f920198647674a0a035e1af1fa58707e317466"
++checksum = "87de3442987e9dbec73158d5c715e7ad9072fda936bb03d19d7fa10e00520f0e"
+ dependencies = [
+  "libc",
+  "log",
+@@ -2875,7 +2981,7 @@ dependencies = [
+  "openssl-probe",
+  "openssl-sys",
+  "schannel",
+- "security-framework",
++ "security-framework 2.11.1",
+  "security-framework-sys",
+  "tempfile",
+ ]
+@@ -3021,19 +3127,6 @@ dependencies = [
+  "pin-utils",
+ ]
+ 
+-[[package]]
+-name = "nix"
+-version = "0.26.4"
+-source = "registry+https://github.com/rust-lang/crates.io-index"
+-checksum = "598beaf3cc6fdd9a5dfb1630c2800c7acd31df7aaf0f565796fba2b53ca1af1b"
+-dependencies = [
+- "bitflags 1.3.2",
+- "cfg-if 1.0.0",
+- "libc",
+- "memoffset 0.7.1",
+- "pin-utils",
+-]
+-
+ [[package]]
+ name = "nix"
+ version = "0.27.1"
+@@ -3092,7 +3185,7 @@ dependencies = [
+  "num-integer",
+  "num-iter",
+  "num-traits",
+- "rand",
++ "rand 0.8.5",
+  "smallvec",
+  "zeroize",
+ ]
+@@ -3127,37 +3220,28 @@ dependencies = [
+  "libm",
+ ]
+ 
+-[[package]]
+-name = "objc-sys"
+-version = "0.3.5"
+-source = "registry+https://github.com/rust-lang/crates.io-index"
+-checksum = "cdb91bdd390c7ce1a8607f35f3ca7151b65afc0ff5ff3b34fa350f7d7c7e4310"
+-
+ [[package]]
+ name = "objc2"
+-version = "0.5.2"
++version = "0.6.1"
+ source = "registry+https://github.com/rust-lang/crates.io-index"
+-checksum = "46a785d4eeff09c14c487497c162e92766fbb3e4059a71840cecc03d9a50b804"
++checksum = "88c6597e14493ab2e44ce58f2fdecf095a51f12ca57bec060a11c57332520551"
+ dependencies = [
+- "objc-sys",
+  "objc2-encode",
+ ]
+ 
+ [[package]]
+ name = "objc2-encode"
+-version = "4.0.3"
++version = "4.1.0"
+ source = "registry+https://github.com/rust-lang/crates.io-index"
+-checksum = "7891e71393cd1f227313c9379a26a584ff3d7e6e7159e988851f0934c993f0f8"
++checksum = "ef25abbcd74fb2609453eb695bd2f860d389e457f67dc17cafc8b8cbc89d0c33"
+ 
+ [[package]]
+ name = "objc2-foundation"
+-version = "0.2.2"
++version = "0.3.1"
+ source = "registry+https://github.com/rust-lang/crates.io-index"
+-checksum = "0ee638a5da3799329310ad4cfa62fbf045d5f56e3ef5ba4149e7452dcf89d5a8"
++checksum = "900831247d2fe1a09a683278e5384cfb8c80c79fe6b166f9d14bfdde0ea1b03c"
+ dependencies = [
+  "bitflags 2.6.0",
+- "block2",
+- "libc",
+  "objc2",
+ ]
+ 
+@@ -3172,42 +3256,18 @@ dependencies = [
+ 
+ [[package]]
+ name = "oci-client"
+-version = "0.12.1"
+-source = "registry+https://github.com/rust-lang/crates.io-index"
+-checksum = "0f5098b86f972ac3484f7c9011bbbbd64aaa7e21d10d2c1a91fefb4ad0ba2ad9"
+-dependencies = [
+- "bytes 1.9.0",
+- "chrono",
+- "futures-util",
+- "http 1.2.0",
+- "http-auth",
+- "jwt",
+- "lazy_static",
+- "olpc-cjson",
+- "regex",
+- "reqwest",
+- "serde",
+- "serde_json",
+- "sha2",
+- "thiserror 1.0.65",
+- "tokio",
+- "tracing",
+- "unicase",
+-]
+-
+-[[package]]
+-name = "oci-distribution"
+-version = "0.11.0"
++version = "0.14.0"
+ source = "registry+https://github.com/rust-lang/crates.io-index"
+-checksum = "b95a2c51531af0cb93761f66094044ca6ea879320bccd35ab747ff3fcab3f422"
++checksum = "474675fdc023fbcc9dcf4782e938a3a1ae5fd469c728d8db40599bd25c77e1ba"
+ dependencies = [
+  "bytes 1.9.0",
+  "chrono",
+  "futures-util",
+- "http 1.2.0",
++ "http 1.3.1",
+  "http-auth",
+  "jwt",
+  "lazy_static",
++ "oci-spec 0.7.1",
+  "olpc-cjson",
+  "regex",
+  "reqwest",
+@@ -3235,23 +3295,24 @@ dependencies = [
+ 
+ [[package]]
+ name = "oci-spec"
+-version = "0.6.7"
++version = "0.7.1"
+ source = "registry+https://github.com/rust-lang/crates.io-index"
+-checksum = "bdf88ddc01cc6bccbe1044adb6a29057333f523deadcb4953c011a73158cfa5e"
++checksum = "da406e58efe2eb5986a6139626d611ce426e5324a824133d76367c765cf0b882"
+ dependencies = [
+  "derive_builder 0.20.2",
+  "getset",
++ "regex",
+  "serde",
+  "serde_json",
+  "strum",
+- "strum_macros",
+- "thiserror 1.0.65",
++ "strum_macros 0.26.4",
++ "thiserror 2.0.9",
+ ]
+ 
+ [[package]]
+ name = "ocicrypt-rs"
+ version = "0.1.0"
+-source = "git+https://github.com/confidential-containers/guest-components?tag=v0.10.0#075b9a9ee77227d9d92b6f3649ef69de5e72d204"
++source = "git+https://gitee.com/openeuler/guest-components?branch=master#9e2d92747ad80f05292d989f4e49c5743d6a32d3"
+ dependencies = [
+  "aes",
+  "anyhow",
+@@ -3262,15 +3323,15 @@ dependencies = [
+  "ctr",
+  "hmac",
+  "kbc",
+- "lazy_static",
+  "openssl",
+  "pin-project-lite",
+- "protobuf 3.5.1",
++ "prost 0.13.5",
++ "reqwest",
+  "serde",
+  "serde_json",
+  "sha2",
+  "tokio",
+- "ttrpc 0.8.2",
++ "tonic 0.12.2",
+ ]
+ 
+ [[package]]
+@@ -3298,9 +3359,9 @@ checksum = "c08d65885ee38876c4f86fa503fb49d7b507c2b62552df7c70b2fce627e06381"
+ 
+ [[package]]
+ name = "openssl"
+-version = "0.10.68"
++version = "0.10.72"
+ source = "registry+https://github.com/rust-lang/crates.io-index"
+-checksum = "6174bc48f102d208783c2c84bf931bb75927a617866870de8a4ea85597f871f5"
++checksum = "fedfea7d58a1f73118430a55da6a286e7b044961736ce96a16a17068ea25e5da"
+ dependencies = [
+  "bitflags 2.6.0",
+  "cfg-if 1.0.0",
+@@ -3324,24 +3385,24 @@ dependencies = [
+ 
+ [[package]]
+ name = "openssl-probe"
+-version = "0.1.5"
++version = "0.1.6"
+ source = "registry+https://github.com/rust-lang/crates.io-index"
+-checksum = "ff011a302c396a5197692431fc1948019154afc178baf7d8e37367442a4601cf"
++checksum = "d05e27ee213611ffe7d6348b942e8f942b37114c00cc03cec254295a4a17852e"
+ 
+ [[package]]
+ name = "openssl-src"
+-version = "300.4.1+3.4.0"
++version = "300.5.0+3.5.0"
+ source = "registry+https://github.com/rust-lang/crates.io-index"
+-checksum = "faa4eac4138c62414b5622d1b31c5c304f34b406b013c079c2bbc652fdd6678c"
++checksum = "e8ce546f549326b0e6052b649198487d91320875da901e7bd11a06d1ee3f9c2f"
+ dependencies = [
+  "cc",
+ ]
+ 
+ [[package]]
+ name = "openssl-sys"
+-version = "0.9.104"
++version = "0.9.108"
+ source = "registry+https://github.com/rust-lang/crates.io-index"
+-checksum = "45abf306cbf99debc8195b66b7346498d7b10c210de50418b5ccd7ceba08c741"
++checksum = "e145e1651e858e820e4860f7b9c5e169bc1d8ce1c86043be79fa7b7634821847"
+ dependencies = [
+  "cc",
+  "libc",
+@@ -3374,9 +3435,9 @@ dependencies = [
+ 
+ [[package]]
+ name = "p384"
+-version = "0.13.0"
++version = "0.13.1"
+ source = "registry+https://github.com/rust-lang/crates.io-index"
+-checksum = "70786f51bcc69f6a4c0360e063a4cac5419ef7c5cd5b3c99ad70f3be5ba79209"
++checksum = "fe42f1670a52a47d448f14b6a5c61dd78fce51856e68edaa38f7ae3a46b8d6b6"
+ dependencies = [
+  "ecdsa",
+  "elliptic-curve",
+@@ -3394,7 +3455,7 @@ dependencies = [
+  "ecdsa",
+  "elliptic-curve",
+  "primeorder",
+- "rand_core",
++ "rand_core 0.6.4",
+  "sha2",
+ ]
+ 
+@@ -3438,7 +3499,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
+ checksum = "346f04948ba92c43e8469c1ee6736c7563d71012b17d40745260fe106aac2166"
+ dependencies = [
+  "base64ct",
+- "rand_core",
++ "rand_core 0.6.4",
+  "subtle",
+ ]
+ 
+@@ -3484,9 +3545,9 @@ checksum = "19b17cddbe7ec3f8bc800887bab5e717348c95ea2ca0b1bf0837fb964dc67099"
+ 
+ [[package]]
+ name = "pem"
+-version = "3.0.4"
++version = "3.0.5"
+ source = "registry+https://github.com/rust-lang/crates.io-index"
+-checksum = "8e459365e590736a54c3fa561947c84837534b8e9af6fc5bf781307e82658fae"
++checksum = "38af38e8470ac9dee3ce1bae1af9c1671fffc44ddfd8bd1d0a3445bf349a8ef3"
+ dependencies = [
+  "base64 0.22.1",
+  "serde",
+@@ -3529,9 +3590,9 @@ dependencies = [
+ 
+ [[package]]
+ name = "phf_shared"
+-version = "0.10.0"
++version = "0.11.3"
+ source = "registry+https://github.com/rust-lang/crates.io-index"
+-checksum = "b6796ad771acdc0123d2a88dc428b5e38ef24456743ddb1744ed628f9815c096"
++checksum = "67eabc2ef2a60eb7faa00097bd1ffdb5bd28e62bf39990626a582201b7a754e5"
+ dependencies = [
+  "siphasher",
+ ]
+@@ -3558,9 +3619,9 @@ dependencies = [
+ 
+ [[package]]
+ name = "pin-project-lite"
+-version = "0.2.15"
++version = "0.2.16"
+ source = "registry+https://github.com/rust-lang/crates.io-index"
+-checksum = "915a1e146535de9163f3987b8944ed8cf49a18bb0056bcebcdcece385cece4ff"
++checksum = "3b3cff922bd51709b605d9ead9aa71031d81447142d828eb4a6eba76fe619f9b"
+ 
+ [[package]]
+ name = "pin-utils"
+@@ -3602,7 +3663,7 @@ checksum = "f950b2377845cebe5cf8b5165cb3cc1a5e0fa5cfa3e1f7f55707d8fd82e0a7b7"
+ dependencies = [
+  "der",
+  "pkcs5",
+- "rand_core",
++ "rand_core 0.6.4",
+  "spki",
+ ]
+ 
+@@ -3673,6 +3734,16 @@ dependencies = [
+  "syn 1.0.109",
+ ]
+ 
++[[package]]
++name = "prettyplease"
++version = "0.2.25"
++source = "registry+https://github.com/rust-lang/crates.io-index"
++checksum = "64d1ec885c64d0457d564db4ec299b2dae3f9c02808b8ad9c3a089c591b18033"
++dependencies = [
++ "proc-macro2",
++ "syn 2.0.91",
++]
++
+ [[package]]
+ name = "primeorder"
+ version = "0.13.6"
+@@ -3735,6 +3806,16 @@ dependencies = [
+  "prost-derive 0.10.1",
+ ]
+ 
++[[package]]
++name = "prost"
++version = "0.13.5"
++source = "registry+https://github.com/rust-lang/crates.io-index"
++checksum = "2796faa41db3ec313a31f7624d9286acf277b52de526150b7e69f3debf891ee5"
++dependencies = [
++ "bytes 1.9.0",
++ "prost-derive 0.13.5",
++]
++
+ [[package]]
+ name = "prost-build"
+ version = "0.8.0"
+@@ -3775,6 +3856,26 @@ dependencies = [
+  "which",
+ ]
+ 
++[[package]]
++name = "prost-build"
++version = "0.13.5"
++source = "registry+https://github.com/rust-lang/crates.io-index"
++checksum = "be769465445e8c1474e9c5dac2018218498557af32d9ed057325ec9a41ae81bf"
++dependencies = [
++ "heck 0.4.1",
++ "itertools 0.11.0",
++ "log",
++ "multimap",
++ "once_cell",
++ "petgraph 0.6.3",
++ "prettyplease 0.2.25",
++ "prost 0.13.5",
++ "prost-types 0.13.5",
++ "regex",
++ "syn 2.0.91",
++ "tempfile",
++]
++
+ [[package]]
+ name = "prost-derive"
+ version = "0.8.0"
+@@ -3801,6 +3902,19 @@ dependencies = [
+  "syn 1.0.109",
+ ]
+ 
++[[package]]
++name = "prost-derive"
++version = "0.13.5"
++source = "registry+https://github.com/rust-lang/crates.io-index"
++checksum = "8a56d757972c98b346a9b766e3f02746cde6dd1cd1d1d563472929fdd74bec4d"
++dependencies = [
++ "anyhow",
++ "itertools 0.11.0",
++ "proc-macro2",
++ "quote",
++ "syn 2.0.91",
++]
++
+ [[package]]
+ name = "prost-types"
+ version = "0.8.0"
+@@ -3821,6 +3935,15 @@ dependencies = [
+  "prost 0.10.4",
+ ]
+ 
++[[package]]
++name = "prost-types"
++version = "0.13.5"
++source = "registry+https://github.com/rust-lang/crates.io-index"
++checksum = "52c2c1bf36ddb1a1c396b3601a3cec27c2462e45f07c386894ec3ccf5332bd16"
++dependencies = [
++ "prost 0.13.5",
++]
++
+ [[package]]
+ name = "protobuf"
+ version = "2.28.0"
+@@ -3829,9 +3952,9 @@ checksum = "106dd99e98437432fed6519dedecfade6a06a73bb7b2a1e019fdd2bee5778d94"
+ 
+ [[package]]
+ name = "protobuf"
+-version = "3.5.1"
++version = "3.7.1"
+ source = "registry+https://github.com/rust-lang/crates.io-index"
+-checksum = "0bcc343da15609eaecd65f8aa76df8dc4209d325131d8219358c0aaaebab0bf6"
++checksum = "a3a7c64d9bf75b1b8d981124c14c179074e8caa7dfe7b6a12e6222ddcd0c8f72"
+ dependencies = [
+  "once_cell",
+  "protobuf-support",
+@@ -3849,13 +3972,13 @@ dependencies = [
+ 
+ [[package]]
+ name = "protobuf-codegen"
+-version = "3.5.1"
++version = "3.7.1"
+ source = "registry+https://github.com/rust-lang/crates.io-index"
+-checksum = "c4d0cde5642ea4df842b13eb9f59ea6fafa26dcb43e3e1ee49120e9757556189"
++checksum = "e26b833f144769a30e04b1db0146b2aaa53fd2fd83acf10a6b5f996606c18144"
+ dependencies = [
+  "anyhow",
+  "once_cell",
+- "protobuf 3.5.1",
++ "protobuf 3.7.1",
+  "protobuf-parse",
+  "regex",
+  "tempfile",
+@@ -3864,14 +3987,14 @@ dependencies = [
+ 
+ [[package]]
+ name = "protobuf-parse"
+-version = "3.5.1"
++version = "3.7.1"
+ source = "registry+https://github.com/rust-lang/crates.io-index"
+-checksum = "1b0e9b447d099ae2c4993c0cbb03c7a9d6c937b17f2d56cfc0b1550e6fcfdb76"
++checksum = "322330e133eab455718444b4e033ebfac7c6528972c784fcde28d2cc783c6257"
+ dependencies = [
+  "anyhow",
+  "indexmap 2.7.0",
+  "log",
+- "protobuf 3.5.1",
++ "protobuf 3.7.1",
+  "protobuf-support",
+  "tempfile",
+  "thiserror 1.0.65",
+@@ -3880,9 +4003,9 @@ dependencies = [
+ 
+ [[package]]
+ name = "protobuf-support"
+-version = "3.5.1"
++version = "3.7.1"
+ source = "registry+https://github.com/rust-lang/crates.io-index"
+-checksum = "f0766e3675a627c327e4b3964582594b0e8741305d628a98a5de75a1d15f99b9"
++checksum = "b088fd20b938a875ea00843b6faf48579462630015c3788d397ad6a786663252"
+ dependencies = [
+  "thiserror 1.0.65",
+ ]
+@@ -3903,6 +4026,61 @@ dependencies = [
+  "psl-types",
+ ]
+ 
++[[package]]
++name = "quinn"
++version = "0.11.8"
++source = "registry+https://github.com/rust-lang/crates.io-index"
++checksum = "626214629cda6781b6dc1d316ba307189c85ba657213ce642d9c77670f8202c8"
++dependencies = [
++ "bytes 1.9.0",
++ "cfg_aliases 0.2.1",
++ "pin-project-lite",
++ "quinn-proto",
++ "quinn-udp",
++ "rustc-hash 2.1.1",
++ "rustls",
++ "socket2 0.5.8",
++ "thiserror 2.0.9",
++ "tokio",
++ "tracing",
++ "web-time",
++]
++
++[[package]]
++name = "quinn-proto"
++version = "0.11.12"
++source = "registry+https://github.com/rust-lang/crates.io-index"
++checksum = "49df843a9161c85bb8aae55f101bc0bac8bcafd637a620d9122fd7e0b2f7422e"
++dependencies = [
++ "bytes 1.9.0",
++ "getrandom 0.3.3",
++ "lru-slab",
++ "rand 0.9.1",
++ "ring",
++ "rustc-hash 2.1.1",
++ "rustls",
++ "rustls-pki-types",
++ "slab",
++ "thiserror 2.0.9",
++ "tinyvec",
++ "tracing",
++ "web-time",
++]
++
++[[package]]
++name = "quinn-udp"
++version = "0.5.12"
++source = "registry+https://github.com/rust-lang/crates.io-index"
++checksum = "ee4e529991f949c5e25755532370b8af5d114acae52326361d68d47af64aa842"
++dependencies = [
++ "cfg_aliases 0.2.1",
++ "libc",
++ "once_cell",
++ "socket2 0.5.8",
++ "tracing",
++ "windows-sys 0.59.0",
++]
++
+ [[package]]
+ name = "quote"
+ version = "1.0.37"
+@@ -3912,6 +4090,12 @@ dependencies = [
+  "proc-macro2",
+ ]
+ 
++[[package]]
++name = "r-efi"
++version = "5.2.0"
++source = "registry+https://github.com/rust-lang/crates.io-index"
++checksum = "74765f6d916ee2faa39bc8e68e4f3ed8949b48cccdac59983d287a7cb71ce9c5"
++
+ [[package]]
+ name = "rand"
+ version = "0.8.5"
+@@ -3919,8 +4103,18 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
+ checksum = "34af8d1a0e25924bc5b7c43c079c942339d8f0a8b57c39049bef581b46327404"
+ dependencies = [
+  "libc",
+- "rand_chacha",
+- "rand_core",
++ "rand_chacha 0.3.1",
++ "rand_core 0.6.4",
++]
++
++[[package]]
++name = "rand"
++version = "0.9.1"
++source = "registry+https://github.com/rust-lang/crates.io-index"
++checksum = "9fbfd9d094a40bf3ae768db9361049ace4c0e04a4fd6b359518bd7b73a73dd97"
++dependencies = [
++ "rand_chacha 0.9.0",
++ "rand_core 0.9.3",
+ ]
+ 
+ [[package]]
+@@ -3930,7 +4124,17 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
+ checksum = "e6c10a63a0fa32252be49d21e7709d4d4baf8d231c2dbce1eaa8141b9b127d88"
+ dependencies = [
+  "ppv-lite86",
+- "rand_core",
++ "rand_core 0.6.4",
++]
++
++[[package]]
++name = "rand_chacha"
++version = "0.9.0"
++source = "registry+https://github.com/rust-lang/crates.io-index"
++checksum = "d3022b5f1df60f26e1ffddd6c66e8aa15de382ae63b3a0c1bfc0e4d3e3f325cb"
++dependencies = [
++ "ppv-lite86",
++ "rand_core 0.9.3",
+ ]
+ 
+ [[package]]
+@@ -3939,7 +4143,16 @@ version = "0.6.4"
+ source = "registry+https://github.com/rust-lang/crates.io-index"
+ checksum = "ec0be4795e2f6a28069bec0b5ff3e2ac9bafc99e6a9a7dc3547996c5c816922c"
+ dependencies = [
+- "getrandom",
++ "getrandom 0.2.10",
++]
++
++[[package]]
++name = "rand_core"
++version = "0.9.3"
++source = "registry+https://github.com/rust-lang/crates.io-index"
++checksum = "99d9a13982dcf210057a8a78572b2217b667c3beacbf3a0d8b454f6f82837d38"
++dependencies = [
++ "getrandom 0.3.3",
+ ]
+ 
+ [[package]]
+@@ -3966,7 +4179,7 @@ version = "0.4.6"
+ source = "registry+https://github.com/rust-lang/crates.io-index"
+ checksum = "ba009ff324d1fc1b900bd1fdb31564febe58a8ccc8a6fdbb93b543d33b13ca43"
+ dependencies = [
+- "getrandom",
++ "getrandom 0.2.10",
+  "libredox",
+  "thiserror 1.0.65",
+ ]
+@@ -4012,10 +4225,11 @@ dependencies = [
+  "cookie_store",
+  "futures-core",
+  "futures-util",
+- "http 1.2.0",
++ "http 1.3.1",
+  "http-body 1.0.1",
+  "http-body-util",
+  "hyper 1.5.2",
++ "hyper-rustls",
+  "hyper-tls",
+  "hyper-util",
+  "ipnet",
+@@ -4026,13 +4240,18 @@ dependencies = [
+  "once_cell",
+  "percent-encoding",
+  "pin-project-lite",
++ "quinn",
++ "rustls",
++ "rustls-native-certs",
+  "rustls-pemfile",
++ "rustls-pki-types",
+  "serde",
+  "serde_json",
+  "serde_urlencoded",
+  "sync_wrapper 1.0.2",
+  "tokio",
+  "tokio-native-tls",
++ "tokio-rustls",
+  "tokio-util",
+  "tower-service",
+  "url",
+@@ -4040,13 +4259,14 @@ dependencies = [
+  "wasm-bindgen-futures",
+  "wasm-streams",
+  "web-sys",
++ "webpki-roots 0.26.11",
+  "windows-registry",
+ ]
+ 
+ [[package]]
+ name = "resource_uri"
+ version = "0.1.0"
+-source = "git+https://github.com/confidential-containers/guest-components?tag=v0.10.0#075b9a9ee77227d9d92b6f3649ef69de5e72d204"
++source = "git+https://gitee.com/openeuler/guest-components?branch=master#9e2d92747ad80f05292d989f4e49c5743d6a32d3"
+ dependencies = [
+  "anyhow",
+  "serde",
+@@ -4066,15 +4286,14 @@ dependencies = [
+ 
+ [[package]]
+ name = "ring"
+-version = "0.17.8"
++version = "0.17.9"
+ source = "registry+https://github.com/rust-lang/crates.io-index"
+-checksum = "c17fa4cb658e3583423e915b9f3acc01cceaee1860e33d59ebae66adc3a2dc0d"
++checksum = "e75ec5e92c4d8aede845126adc388046234541629e76029599ed35a003c7ed24"
+ dependencies = [
+  "cc",
+  "cfg-if 1.0.0",
+- "getrandom",
++ "getrandom 0.2.10",
+  "libc",
+- "spin",
+  "untrusted",
+  "windows-sys 0.52.0",
+ ]
+@@ -4090,9 +4309,9 @@ dependencies = [
+ 
+ [[package]]
+ name = "rsa"
+-version = "0.9.7"
++version = "0.9.8"
+ source = "registry+https://github.com/rust-lang/crates.io-index"
+-checksum = "47c75d7c5c6b673e58bf54d8544a9f432e3a925b0e80f7cd3602ab5c50c55519"
++checksum = "78928ac1ed176a5ca1d17e578a1825f3d81ca54cf41053a592584b020cfd691b"
+ dependencies = [
+  "const-oid",
+  "digest",
+@@ -4101,7 +4320,7 @@ dependencies = [
+  "num-traits",
+  "pkcs1",
+  "pkcs8",
+- "rand_core",
++ "rand_core 0.6.4",
+  "sha2",
+  "signature",
+  "spki",
+@@ -4140,7 +4359,7 @@ dependencies = [
+  "oci-spec 0.5.8",
+  "os_pipe",
+  "path-absolutize",
+- "rand",
++ "rand 0.8.5",
+  "serde",
+  "serde_json",
+  "tempfile",
+@@ -4163,6 +4382,12 @@ version = "1.1.0"
+ source = "registry+https://github.com/rust-lang/crates.io-index"
+ checksum = "08d43f7aa6b08d49f382cde6a7982047c3426db949b1424bc4b7ec9ae12c6ce2"
+ 
++[[package]]
++name = "rustc-hash"
++version = "2.1.1"
++source = "registry+https://github.com/rust-lang/crates.io-index"
++checksum = "357703d41365b4b27c590e3ed91eabb1b663f07c4c084095e60cbed4362dff0d"
++
+ [[package]]
+ name = "rustc_version"
+ version = "0.4.1"
+@@ -4199,6 +4424,32 @@ dependencies = [
+  "windows-sys 0.59.0",
+ ]
+ 
++[[package]]
++name = "rustls"
++version = "0.23.27"
++source = "registry+https://github.com/rust-lang/crates.io-index"
++checksum = "730944ca083c1c233a75c09f199e973ca499344a2b7ba9e755c457e86fb4a321"
++dependencies = [
++ "once_cell",
++ "ring",
++ "rustls-pki-types",
++ "rustls-webpki 0.103.3",
++ "subtle",
++ "zeroize",
++]
++
++[[package]]
++name = "rustls-native-certs"
++version = "0.8.1"
++source = "registry+https://github.com/rust-lang/crates.io-index"
++checksum = "7fcff2dd52b58a8d98a70243663a0d234c4e2b79235637849d15913394a247d3"
++dependencies = [
++ "openssl-probe",
++ "rustls-pki-types",
++ "schannel",
++ "security-framework 3.2.0",
++]
++
+ [[package]]
+ name = "rustls-pemfile"
+ version = "2.2.0"
+@@ -4210,9 +4461,13 @@ dependencies = [
+ 
+ [[package]]
+ name = "rustls-pki-types"
+-version = "1.10.1"
++version = "1.12.0"
+ source = "registry+https://github.com/rust-lang/crates.io-index"
+-checksum = "d2bf47e6ff922db3825eb750c4e2ff784c6ff8fb9e13046ef6a1d1c5401b0b37"
++checksum = "229a4a4c221013e7e1f1a043678c5cc39fe5171437c88fb47151a21e6f5b5c79"
++dependencies = [
++ "web-time",
++ "zeroize",
++]
+ 
+ [[package]]
+ name = "rustls-webpki"
+@@ -4225,6 +4480,17 @@ dependencies = [
+  "untrusted",
+ ]
+ 
++[[package]]
++name = "rustls-webpki"
++version = "0.103.3"
++source = "registry+https://github.com/rust-lang/crates.io-index"
++checksum = "e4a72fe2bcf7a6ac6fd7d0b9e5cb68aeb7d4c0a0271730218b3e92d43b4eb435"
++dependencies = [
++ "ring",
++ "rustls-pki-types",
++ "untrusted",
++]
++
+ [[package]]
+ name = "rustversion"
+ version = "1.0.18"
+@@ -4296,7 +4562,7 @@ checksum = "d3e97a565f76233a6003f9f5c54be1d9c5bdfa3eccfb189469f11ec4901c47dc"
+ dependencies = [
+  "base16ct",
+  "der",
+- "generic-array 0.14.7",
++ "generic-array",
+  "pkcs8",
+  "subtle",
+  "zeroize",
+@@ -4315,11 +4581,24 @@ dependencies = [
+  "security-framework-sys",
+ ]
+ 
++[[package]]
++name = "security-framework"
++version = "3.2.0"
++source = "registry+https://github.com/rust-lang/crates.io-index"
++checksum = "271720403f46ca04f7ba6f55d438f8bd878d6b8ca0a1046e8228c4145bcbb316"
++dependencies = [
++ "bitflags 2.6.0",
++ "core-foundation 0.10.0",
++ "core-foundation-sys",
++ "libc",
++ "security-framework-sys",
++]
++
+ [[package]]
+ name = "security-framework-sys"
+-version = "2.13.0"
++version = "2.14.0"
+ source = "registry+https://github.com/rust-lang/crates.io-index"
+-checksum = "1863fd3768cd83c56a7f60faa4dc0d403f1b6df0a38c3c25f44b7894e45370d5"
++checksum = "49db231d56a190491cb4aeda9527f1ad45345af50b0851622a7adb8c03b01c32"
+ dependencies = [
+  "core-foundation-sys",
+  "libc",
+@@ -4327,9 +4606,9 @@ dependencies = [
+ 
+ [[package]]
+ name = "semver"
+-version = "1.0.24"
++version = "1.0.26"
+ source = "registry+https://github.com/rust-lang/crates.io-index"
+-checksum = "3cb6eb87a131f756572d7fb904f6e7b68633f09cca868c5df1c4b8d1a694bbba"
++checksum = "56e6fa9c48d24d85fb3de5ad847117517440f6beceb7798af16b4a87d616b8d0"
+ 
+ [[package]]
+ name = "sequoia-openpgp"
+@@ -4360,7 +4639,7 @@ dependencies = [
+  "ed25519",
+  "ed25519-dalek",
+  "flate2",
+- "getrandom",
++ "getrandom 0.2.10",
+  "idea",
+  "idna",
+  "lalrpop",
+@@ -4374,8 +4653,8 @@ dependencies = [
+  "p256",
+  "p384",
+  "p521",
+- "rand",
+- "rand_core",
++ "rand 0.8.5",
++ "rand_core 0.6.4",
+  "regex",
+  "regex-syntax",
+  "ripemd",
+@@ -4423,9 +4702,9 @@ dependencies = [
+ 
+ [[package]]
+ name = "serde_repr"
+-version = "0.1.19"
++version = "0.1.20"
+ source = "registry+https://github.com/rust-lang/crates.io-index"
+-checksum = "6c64451ba24fc7a6a2d60fc75dd9c83c90903b19028d4eff35e88fc1e86564e9"
++checksum = "175ee3e80ae9982737ca543e96133087cbd9a485eecc3bc4de9c1a37b47ea59c"
+ dependencies = [
+  "proc-macro2",
+  "quote",
+@@ -4499,7 +4778,7 @@ checksum = "1f606421e4a6012877e893c399822a4ed4b089164c5969424e1b9d1e66e6964b"
+ dependencies = [
+  "const-oid",
+  "digest",
+- "generic-array 1.1.1",
++ "generic-array",
+ ]
+ 
+ [[package]]
+@@ -4557,13 +4836,13 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
+ checksum = "77549399552de45a898a580c1b41d445bf730df867cc44e6c0233bbc4b8329de"
+ dependencies = [
+  "digest",
+- "rand_core",
++ "rand_core 0.6.4",
+ ]
+ 
+ [[package]]
+ name = "sigstore"
+-version = "0.9.0"
+-source = "git+https://github.com/sigstore/sigstore-rs.git?rev=1b6ccf0f64d173350ec5515bd69ab48a26a9c0a3#1b6ccf0f64d173350ec5515bd69ab48a26a9c0a3"
++version = "0.11.0"
++source = "git+https://github.com/sigstore/sigstore-rs.git?rev=c39c519#c39c519dd99be23f18e6143dd233b46bf2096e4d"
+ dependencies = [
+  "async-trait",
+  "base64 0.22.1",
+@@ -4577,28 +4856,29 @@ dependencies = [
+  "ed25519-dalek",
+  "elliptic-curve",
+  "futures",
+- "getrandom",
++ "getrandom 0.2.10",
+  "hex",
+  "json-syntax",
+  "lazy_static",
+- "oci-distribution",
++ "oci-client",
+  "olpc-cjson",
+  "p256",
+  "p384",
+  "pem",
+  "pkcs1",
+  "pkcs8",
+- "rand",
++ "rand 0.8.5",
++ "regex",
+  "ring",
+  "rsa",
+- "rustls-webpki",
++ "rustls-webpki 0.102.8",
+  "scrypt",
+  "serde",
+  "serde_json",
+  "serde_repr",
+  "sha2",
+  "signature",
+- "thiserror 1.0.65",
++ "thiserror 2.0.9",
+  "tls_codec",
+  "tokio",
+  "tokio-util",
+@@ -4611,9 +4891,9 @@ dependencies = [
+ 
+ [[package]]
+ name = "siphasher"
+-version = "0.3.11"
++version = "1.0.1"
+ source = "registry+https://github.com/rust-lang/crates.io-index"
+-checksum = "38b58827f4464d87d377d175e90bf58eb00fd8716ff0a62f80356b5e61555d0d"
++checksum = "56199f7ddabf13fe5074ce809e7d3f42b42ae711800501b5b16ea82ad029c39d"
+ 
+ [[package]]
+ name = "slab"
+@@ -4690,12 +4970,11 @@ checksum = "a2eb9349b6444b326872e140eb1cf5e7c522154d69e7a0ffb0fb81c06b37543f"
+ 
+ [[package]]
+ name = "string_cache"
+-version = "0.8.7"
++version = "0.8.9"
+ source = "registry+https://github.com/rust-lang/crates.io-index"
+-checksum = "f91138e76242f575eb1d3b38b4f1362f10d3a43f47d182a5b359af488a02293b"
++checksum = "bf776ba3fa74f83bf4b63c3dcbbf82173db2632ed8452cb2d891d33f459de70f"
+ dependencies = [
+  "new_debug_unreachable",
+- "once_cell",
+  "parking_lot",
+  "phf_shared",
+  "precomputed-hash",
+@@ -4719,7 +4998,7 @@ version = "0.26.3"
+ source = "registry+https://github.com/rust-lang/crates.io-index"
+ checksum = "8fec0f0aef304996cf250b31b5a10dee7980c85da9d759361292b8bca5a18f06"
+ dependencies = [
+- "strum_macros",
++ "strum_macros 0.26.4",
+ ]
+ 
+ [[package]]
+@@ -4735,6 +5014,19 @@ dependencies = [
+  "syn 2.0.91",
+ ]
+ 
++[[package]]
++name = "strum_macros"
++version = "0.27.1"
++source = "registry+https://github.com/rust-lang/crates.io-index"
++checksum = "c77a8c5abcaf0f9ce05d62342b7d298c346515365c36b673df4ebe3ced01fde8"
++dependencies = [
++ "heck 0.5.0",
++ "proc-macro2",
++ "quote",
++ "rustversion",
++ "syn 2.0.91",
++]
++
+ [[package]]
+ name = "subtle"
+ version = "2.6.1"
+@@ -4747,10 +5039,10 @@ version = "0.1.4"
+ source = "registry+https://github.com/rust-lang/crates.io-index"
+ checksum = "515cce34a781d7250b8a65706e0f2a5b99236ea605cb235d4baed6685820478f"
+ dependencies = [
+- "getrandom",
++ "getrandom 0.2.10",
+  "hmac-sha256",
+  "hmac-sha512",
+- "rand",
++ "rand 0.8.5",
+  "rsa",
+ ]
+ 
+@@ -4924,9 +5216,9 @@ dependencies = [
+ 
+ [[package]]
+ name = "tinyvec"
+-version = "1.8.1"
++version = "1.9.0"
+ source = "registry+https://github.com/rust-lang/crates.io-index"
+-checksum = "022db8904dfa342efe721985167e9fcd16c29b226db4397ed752a761cfce81e8"
++checksum = "09b3661f17e86524eccd4371ab0429194e0d7c008abb45f7a7495b1719463c71"
+ dependencies = [
+  "tinyvec_macros",
+ ]
+@@ -4939,9 +5231,9 @@ checksum = "1f3ccbac311fea05f86f61904b462b55fb3df8837a366dfc601a0161d0532f20"
+ 
+ [[package]]
+ name = "tls_codec"
+-version = "0.4.1"
++version = "0.4.2"
+ source = "registry+https://github.com/rust-lang/crates.io-index"
+-checksum = "b5e78c9c330f8c85b2bae7c8368f2739157db9991235123aa1b15ef9502bfb6a"
++checksum = "0de2e01245e2bb89d6f05801c564fa27624dbd7b1846859876c7dad82e90bf6b"
+ dependencies = [
+  "tls_codec_derive",
+  "zeroize",
+@@ -4949,9 +5241,9 @@ dependencies = [
+ 
+ [[package]]
+ name = "tls_codec_derive"
+-version = "0.4.1"
++version = "0.4.2"
+ source = "registry+https://github.com/rust-lang/crates.io-index"
+-checksum = "8d9ef545650e79f30233c0003bcc2504d7efac6dad25fca40744de773fe2049c"
++checksum = "2d2e76690929402faae40aebdda620a2c0e25dd6d3b9afe48867dfd95991f4bd"
+ dependencies = [
+  "proc-macro2",
+  "quote",
+@@ -4960,9 +5252,9 @@ dependencies = [
+ 
+ [[package]]
+ name = "tokio"
+-version = "1.42.0"
++version = "1.44.2"
+ source = "registry+https://github.com/rust-lang/crates.io-index"
+-checksum = "5cec9b21b0450273377fc97bd4c33a8acffc8c996c987a7c5b319a0083707551"
++checksum = "e6b88822cbe49de4185e3a4cbf8321dd487cf5fe0c5c65695fef6346371e9c48"
+ dependencies = [
+  "backtrace",
+  "bytes 1.9.0",
+@@ -4988,9 +5280,9 @@ dependencies = [
+ 
+ [[package]]
+ name = "tokio-macros"
+-version = "2.4.0"
++version = "2.5.0"
+ source = "registry+https://github.com/rust-lang/crates.io-index"
+-checksum = "693d596312e88961bc67d7f1f97af8a70227d9f90c31bba5806eec004978d752"
++checksum = "6e06d43f1345a3bcd39f6a56dbb7dcab2ba47e68e8ac134855e7e2bdbaf8cab8"
+ dependencies = [
+  "proc-macro2",
+  "quote",
+@@ -5017,6 +5309,16 @@ dependencies = [
+  "tokio",
+ ]
+ 
++[[package]]
++name = "tokio-rustls"
++version = "0.26.2"
++source = "registry+https://github.com/rust-lang/crates.io-index"
++checksum = "8e727b36a1a0e8b74c376ac2211e40c2c8af09fb4013c60d910495810f008e9b"
++dependencies = [
++ "rustls",
++ "tokio",
++]
++
+ [[package]]
+ name = "tokio-stream"
+ version = "0.1.14"
+@@ -5051,20 +5353,7 @@ dependencies = [
+  "futures",
+  "libc",
+  "tokio",
+- "vsock 0.2.6",
+-]
+-
+-[[package]]
+-name = "tokio-vsock"
+-version = "0.4.0"
+-source = "registry+https://github.com/rust-lang/crates.io-index"
+-checksum = "52a15c15b1bc91f90902347eff163b5b682643aff0c8e972912cca79bd9208dd"
+-dependencies = [
+- "bytes 1.9.0",
+- "futures",
+- "libc",
+- "tokio",
+- "vsock 0.3.0",
++ "vsock",
+ ]
+ 
+ [[package]]
+@@ -5075,16 +5364,16 @@ checksum = "5be9d60db39854b30b835107500cf0aca0b0d14d6e1c3de124217c23a29c2ddb"
+ dependencies = [
+  "async-stream",
+  "async-trait",
+- "axum",
++ "axum 0.5.17",
+  "base64 0.13.1",
+  "bytes 1.9.0",
+  "futures-core",
+  "futures-util",
+- "h2",
++ "h2 0.3.19",
+  "http 0.2.9",
+  "http-body 0.4.5",
+  "hyper 0.14.26",
+- "hyper-timeout",
++ "hyper-timeout 0.4.1",
+  "percent-encoding",
+  "pin-project",
+  "prost 0.10.4",
+@@ -5099,19 +5388,63 @@ dependencies = [
+  "tracing-futures",
+ ]
+ 
++[[package]]
++name = "tonic"
++version = "0.12.2"
++source = "registry+https://github.com/rust-lang/crates.io-index"
++checksum = "c6f6ba989e4b2c58ae83d862d3a3e27690b6e3ae630d0deb59f3697f32aa88ad"
++dependencies = [
++ "async-stream",
++ "async-trait",
++ "axum 0.7.5",
++ "base64 0.22.1",
++ "bytes 1.9.0",
++ "h2 0.4.10",
++ "http 1.3.1",
++ "http-body 1.0.1",
++ "http-body-util",
++ "hyper 1.5.2",
++ "hyper-timeout 0.5.2",
++ "hyper-util",
++ "percent-encoding",
++ "pin-project",
++ "prost 0.13.5",
++ "socket2 0.5.8",
++ "tokio",
++ "tokio-stream",
++ "tower",
++ "tower-layer",
++ "tower-service",
++ "tracing",
++]
++
+ [[package]]
+ name = "tonic-build"
+ version = "0.7.2"
+ source = "registry+https://github.com/rust-lang/crates.io-index"
+ checksum = "d9263bf4c9bfaae7317c1c2faf7f18491d2fe476f70c414b73bf5d445b00ffa1"
+ dependencies = [
+- "prettyplease",
++ "prettyplease 0.1.25",
+  "proc-macro2",
+  "prost-build 0.10.4",
+  "quote",
+  "syn 1.0.109",
+ ]
+ 
++[[package]]
++name = "tonic-build"
++version = "0.12.3"
++source = "registry+https://github.com/rust-lang/crates.io-index"
++checksum = "9557ce109ea773b399c9b9e5dca39294110b74f1f342cb347a80d1fce8c26a11"
++dependencies = [
++ "prettyplease 0.2.25",
++ "proc-macro2",
++ "prost-build 0.13.5",
++ "prost-types 0.13.5",
++ "quote",
++ "syn 2.0.91",
++]
++
+ [[package]]
+ name = "tower"
+ version = "0.4.13"
+@@ -5123,7 +5456,7 @@ dependencies = [
+  "indexmap 1.9.3",
+  "pin-project",
+  "pin-project-lite",
+- "rand",
++ "rand 0.8.5",
+  "slab",
+  "tokio",
+  "tokio-util",
+@@ -5214,7 +5547,7 @@ checksum = "3528ecfd12c466c6f163363caf2d02a71161dd5e1cc6ae7b34207ea2d42d81ed"
+ [[package]]
+ name = "ttrpc"
+ version = "0.7.1"
+-source = "git+https://github.com/kuasar-io/ttrpc-rust.git?branch=v0.7.1-kuasar#db83ba89c4e315a680860341080deec0aa400609"
++source = "git+https://github.com/kuasar-io/ttrpc-rust.git?branch=v0.7.1-kuasar#af54d8382d5f93f39ace9391a78cc36a467f9cb0"
+ dependencies = [
+  "async-trait",
+  "byteorder",
+@@ -5222,41 +5555,21 @@ dependencies = [
+  "libc",
+  "log",
+  "nix 0.23.2",
+- "protobuf 3.5.1",
+- "protobuf-codegen 3.5.1",
++ "protobuf 3.7.1",
++ "protobuf-codegen 3.7.1",
+  "thiserror 1.0.65",
+  "tokio",
+- "tokio-vsock 0.3.4",
+-]
+-
+-[[package]]
+-name = "ttrpc"
+-version = "0.8.2"
+-source = "registry+https://github.com/rust-lang/crates.io-index"
+-checksum = "e376927d4422245ae3e0a0d7df0e805f99652536999b5c671144de9fe4120d8c"
+-dependencies = [
+- "async-trait",
+- "byteorder",
+- "crossbeam",
+- "futures",
+- "libc",
+- "log",
+- "nix 0.26.4",
+- "protobuf 3.5.1",
+- "protobuf-codegen 3.5.1",
+- "thiserror 1.0.65",
+- "tokio",
+- "tokio-vsock 0.4.0",
+- "windows-sys 0.48.0",
++ "tokio-vsock",
++ "uuid",
+ ]
+ 
+ [[package]]
+ name = "ttrpc-codegen"
+ version = "0.4.1"
+-source = "git+https://github.com/kuasar-io/ttrpc-rust.git?branch=v0.7.1-kuasar#db83ba89c4e315a680860341080deec0aa400609"
++source = "git+https://github.com/kuasar-io/ttrpc-rust.git?branch=v0.7.1-kuasar#af54d8382d5f93f39ace9391a78cc36a467f9cb0"
+ dependencies = [
+  "protobuf 2.28.0",
+- "protobuf-codegen 3.5.1",
++ "protobuf-codegen 3.7.1",
+  "protobuf-support",
+  "ttrpc-compiler 0.6.1",
+ ]
+@@ -5268,7 +5581,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
+ checksum = "94d7f7631d7a9ebed715a47cd4cb6072cbc7ae1d4ec01598971bbec0024340c2"
+ dependencies = [
+  "protobuf 2.28.0",
+- "protobuf-codegen 3.5.1",
++ "protobuf-codegen 3.7.1",
+  "protobuf-support",
+  "ttrpc-compiler 0.6.2",
+ ]
+@@ -5276,7 +5589,7 @@ dependencies = [
+ [[package]]
+ name = "ttrpc-compiler"
+ version = "0.6.1"
+-source = "git+https://github.com/kuasar-io/ttrpc-rust.git?branch=v0.7.1-kuasar#db83ba89c4e315a680860341080deec0aa400609"
++source = "git+https://github.com/kuasar-io/ttrpc-rust.git?branch=v0.7.1-kuasar#af54d8382d5f93f39ace9391a78cc36a467f9cb0"
+ dependencies = [
+  "derive-new",
+  "prost 0.8.0",
+@@ -5407,7 +5720,7 @@ version = "1.3.3"
+ source = "registry+https://github.com/rust-lang/crates.io-index"
+ checksum = "345444e32442451b267fc254ae85a209c64be56d2890e601a0c37ff0c3c5ecd2"
+ dependencies = [
+- "getrandom",
++ "getrandom 0.2.10",
+ ]
+ 
+ [[package]]
+@@ -5432,11 +5745,11 @@ dependencies = [
+  "lazy_static",
+  "log",
+  "nix 0.24.3",
+- "protobuf 3.5.1",
++ "protobuf 3.7.1",
+  "regex",
+  "serde",
+- "tonic-build",
+- "ttrpc 0.7.1",
++ "tonic-build 0.7.2",
++ "ttrpc",
+  "ttrpc-codegen 0.4.1",
+ ]
+ 
+@@ -5462,7 +5775,7 @@ dependencies = [
+  "nix 0.28.0",
+  "oci-spec 0.5.8",
+  "pin-project-lite",
+- "protobuf 3.5.1",
++ "protobuf 3.7.1",
+  "rtnetlink",
+  "runc",
+  "serde",
+@@ -5470,8 +5783,8 @@ dependencies = [
+  "signal-hook-tokio",
+  "time",
+  "tokio",
+- "tokio-vsock 0.3.4",
+- "ttrpc 0.7.1",
++ "tokio-vsock",
++ "ttrpc",
+  "vmm-common",
+ ]
+ 
+@@ -5485,16 +5798,6 @@ dependencies = [
+  "nix 0.23.2",
+ ]
+ 
+-[[package]]
+-name = "vsock"
+-version = "0.3.0"
+-source = "registry+https://github.com/rust-lang/crates.io-index"
+-checksum = "4c8e1df0bf1e1b28095c24564d1b90acae64ca69b097ed73896e342fa6649c57"
+-dependencies = [
+- "libc",
+- "nix 0.24.3",
+-]
+-
+ [[package]]
+ name = "walkdir"
+ version = "2.5.0"
+@@ -5521,35 +5824,44 @@ version = "0.11.0+wasi-snapshot-preview1"
+ source = "registry+https://github.com/rust-lang/crates.io-index"
+ checksum = "9c8d87e72b64a3b4db28d11ce29237c246188f4f51057d65a7eab63b7987e423"
+ 
++[[package]]
++name = "wasi"
++version = "0.14.2+wasi-0.2.4"
++source = "registry+https://github.com/rust-lang/crates.io-index"
++checksum = "9683f9a5a998d873c0d21fcbe3c083009670149a8fab228644b8bd36b2c48cb3"
++dependencies = [
++ "wit-bindgen-rt",
++]
++
+ [[package]]
+ name = "wasix"
+ version = "0.12.21"
+ source = "registry+https://github.com/rust-lang/crates.io-index"
+ checksum = "c1fbb4ef9bbca0c1170e0b00dd28abc9e3b68669821600cad1caaed606583c6d"
+ dependencies = [
+- "wasi",
++ "wasi 0.11.0+wasi-snapshot-preview1",
+ ]
+ 
+ [[package]]
+ name = "wasm-bindgen"
+-version = "0.2.95"
++version = "0.2.100"
+ source = "registry+https://github.com/rust-lang/crates.io-index"
+-checksum = "128d1e363af62632b8eb57219c8fd7877144af57558fb2ef0368d0087bddeb2e"
++checksum = "1edc8929d7499fc4e8f0be2262a241556cfc54a0bea223790e71446f2aab1ef5"
+ dependencies = [
+  "cfg-if 1.0.0",
+  "once_cell",
++ "rustversion",
+  "wasm-bindgen-macro",
+ ]
+ 
+ [[package]]
+ name = "wasm-bindgen-backend"
+-version = "0.2.95"
++version = "0.2.100"
+ source = "registry+https://github.com/rust-lang/crates.io-index"
+-checksum = "cb6dd4d3ca0ddffd1dd1c9c04f94b868c37ff5fac97c30b97cff2d74fce3a358"
++checksum = "2f0a0651a5c2bc21487bde11ee802ccaf4c51935d0d3d42a6101f98161700bc6"
+ dependencies = [
+  "bumpalo",
+  "log",
+- "once_cell",
+  "proc-macro2",
+  "quote",
+  "syn 2.0.91",
+@@ -5558,21 +5870,22 @@ dependencies = [
+ 
+ [[package]]
+ name = "wasm-bindgen-futures"
+-version = "0.4.45"
++version = "0.4.50"
+ source = "registry+https://github.com/rust-lang/crates.io-index"
+-checksum = "cc7ec4f8827a71586374db3e87abdb5a2bb3a15afed140221307c3ec06b1f63b"
++checksum = "555d470ec0bc3bb57890405e5d4322cc9ea83cebb085523ced7be4144dac1e61"
+ dependencies = [
+  "cfg-if 1.0.0",
+  "js-sys",
++ "once_cell",
+  "wasm-bindgen",
+  "web-sys",
+ ]
+ 
+ [[package]]
+ name = "wasm-bindgen-macro"
+-version = "0.2.95"
++version = "0.2.100"
+ source = "registry+https://github.com/rust-lang/crates.io-index"
+-checksum = "e79384be7f8f5a9dd5d7167216f022090cf1f9ec128e6e6a482a2cb5c5422c56"
++checksum = "7fe63fc6d09ed3792bd0897b314f53de8e16568c2b3f7982f468c0bf9bd0b407"
+ dependencies = [
+  "quote",
+  "wasm-bindgen-macro-support",
+@@ -5580,9 +5893,9 @@ dependencies = [
+ 
+ [[package]]
+ name = "wasm-bindgen-macro-support"
+-version = "0.2.95"
++version = "0.2.100"
+ source = "registry+https://github.com/rust-lang/crates.io-index"
+-checksum = "26c6ab57572f7a24a4985830b120de1594465e5d500f24afe89e16b4e833ef68"
++checksum = "8ae87ea40c9f689fc23f209965b6fb8a99ad69aeeb0231408be24920604395de"
+ dependencies = [
+  "proc-macro2",
+  "quote",
+@@ -5593,15 +5906,18 @@ dependencies = [
+ 
+ [[package]]
+ name = "wasm-bindgen-shared"
+-version = "0.2.95"
++version = "0.2.100"
+ source = "registry+https://github.com/rust-lang/crates.io-index"
+-checksum = "65fc09f10666a9f147042251e0dda9c18f166ff7de300607007e96bdebc1068d"
++checksum = "1a05d73b933a847d6cccdda8f838a22ff101ad9bf93e33684f39c1f5f0eece3d"
++dependencies = [
++ "unicode-ident",
++]
+ 
+ [[package]]
+ name = "wasm-streams"
+-version = "0.4.1"
++version = "0.4.2"
+ source = "registry+https://github.com/rust-lang/crates.io-index"
+-checksum = "4e072d4e72f700fb3443d8fe94a39315df013eef1104903cdb0a2abd322bbecd"
++checksum = "15053d8d85c7eccdbefef60f06769760a563c7f0a9d6902a13d35c7800b0ad65"
+ dependencies = [
+  "futures-util",
+  "js-sys",
+@@ -5612,9 +5928,19 @@ dependencies = [
+ 
+ [[package]]
+ name = "web-sys"
+-version = "0.3.72"
++version = "0.3.77"
+ source = "registry+https://github.com/rust-lang/crates.io-index"
+-checksum = "f6488b90108c040df0fe62fa815cbdee25124641df01814dd7282749234c6112"
++checksum = "33b6dd2ef9186f1f2072e409e99cd22a975331a6b3591b12c764e0e55c60d5d2"
++dependencies = [
++ "js-sys",
++ "wasm-bindgen",
++]
++
++[[package]]
++name = "web-time"
++version = "1.1.0"
++source = "registry+https://github.com/rust-lang/crates.io-index"
++checksum = "5a6580f308b1fad9207618087a65c04e7a10bc77e02c8e84e9b00dd4b12fa0bb"
+ dependencies = [
+  "js-sys",
+  "wasm-bindgen",
+@@ -5622,11 +5948,10 @@ dependencies = [
+ 
+ [[package]]
+ name = "webbrowser"
+-version = "1.0.3"
++version = "1.0.4"
+ source = "registry+https://github.com/rust-lang/crates.io-index"
+-checksum = "ea9fe1ebb156110ff855242c1101df158b822487e4957b0556d9ffce9db0f535"
++checksum = "d5df295f8451142f1856b1bd86a606dfe9587d439bc036e319c827700dbd555e"
+ dependencies = [
+- "block2",
+  "core-foundation 0.10.0",
+  "home",
+  "jni",
+@@ -5638,6 +5963,24 @@ dependencies = [
+  "web-sys",
+ ]
+ 
++[[package]]
++name = "webpki-roots"
++version = "0.26.11"
++source = "registry+https://github.com/rust-lang/crates.io-index"
++checksum = "521bc38abb08001b01866da9f51eb7c5d647a19260e00054a8c7fd5f9e57f7a9"
++dependencies = [
++ "webpki-roots 1.0.0",
++]
++
++[[package]]
++name = "webpki-roots"
++version = "1.0.0"
++source = "registry+https://github.com/rust-lang/crates.io-index"
++checksum = "2853738d1cc4f2da3a225c18ec6c3721abb31961096e9dbf5ab35fa88b19cfdb"
++dependencies = [
++ "rustls-pki-types",
++]
++
+ [[package]]
+ name = "which"
+ version = "4.4.0"
+@@ -5682,21 +6025,53 @@ checksum = "712e227841d057c1ee1cd2fb22fa7e5a5461ae8e48fa2ca79ec42cfc1931183f"
+ 
+ [[package]]
+ name = "windows-core"
+-version = "0.52.0"
++version = "0.61.0"
+ source = "registry+https://github.com/rust-lang/crates.io-index"
+-checksum = "33ab640c8d7e35bf8ba19b884ba838ceb4fba93a4e8c65a9059d08afcfc683d9"
++checksum = "4763c1de310c86d75a878046489e2e5ba02c649d185f21c67d4cf8a56d098980"
+ dependencies = [
+- "windows-targets 0.52.6",
++ "windows-implement",
++ "windows-interface",
++ "windows-link",
++ "windows-result 0.3.2",
++ "windows-strings 0.4.0",
++]
++
++[[package]]
++name = "windows-implement"
++version = "0.60.0"
++source = "registry+https://github.com/rust-lang/crates.io-index"
++checksum = "a47fddd13af08290e67f4acabf4b459f647552718f683a7b415d290ac744a836"
++dependencies = [
++ "proc-macro2",
++ "quote",
++ "syn 2.0.91",
++]
++
++[[package]]
++name = "windows-interface"
++version = "0.59.1"
++source = "registry+https://github.com/rust-lang/crates.io-index"
++checksum = "bd9211b69f8dcdfa817bfd14bf1c97c9188afa36f4750130fcdf3f400eca9fa8"
++dependencies = [
++ "proc-macro2",
++ "quote",
++ "syn 2.0.91",
+ ]
+ 
++[[package]]
++name = "windows-link"
++version = "0.1.1"
++source = "registry+https://github.com/rust-lang/crates.io-index"
++checksum = "76840935b766e1b0a05c0066835fb9ec80071d4c09a16f6bd5f7e655e3c14c38"
++
+ [[package]]
+ name = "windows-registry"
+ version = "0.2.0"
+ source = "registry+https://github.com/rust-lang/crates.io-index"
+ checksum = "e400001bb720a623c1c69032f8e3e4cf09984deec740f007dd2b03ec864804b0"
+ dependencies = [
+- "windows-result",
+- "windows-strings",
++ "windows-result 0.2.0",
++ "windows-strings 0.1.0",
+  "windows-targets 0.52.6",
+ ]
+ 
+@@ -5709,16 +6084,34 @@ dependencies = [
+  "windows-targets 0.52.6",
+ ]
+ 
++[[package]]
++name = "windows-result"
++version = "0.3.2"
++source = "registry+https://github.com/rust-lang/crates.io-index"
++checksum = "c64fd11a4fd95df68efcfee5f44a294fe71b8bc6a91993e2791938abcc712252"
++dependencies = [
++ "windows-link",
++]
++
+ [[package]]
+ name = "windows-strings"
+ version = "0.1.0"
+ source = "registry+https://github.com/rust-lang/crates.io-index"
+ checksum = "4cd9b125c486025df0eabcb585e62173c6c9eddcec5d117d3b6e8c30e2ee4d10"
+ dependencies = [
+- "windows-result",
++ "windows-result 0.2.0",
+  "windows-targets 0.52.6",
+ ]
+ 
++[[package]]
++name = "windows-strings"
++version = "0.4.0"
++source = "registry+https://github.com/rust-lang/crates.io-index"
++checksum = "7a2ba9642430ee452d5a7aa78d72907ebe8cfda358e8cb7918a2050581322f97"
++dependencies = [
++ "windows-link",
++]
++
+ [[package]]
+ name = "windows-sys"
+ version = "0.45.0"
+@@ -5933,6 +6326,15 @@ version = "0.52.6"
+ source = "registry+https://github.com/rust-lang/crates.io-index"
+ checksum = "589f6da84c646204747d1270a2a5661ea66ed1cced2631d546fdfb155959f9ec"
+ 
++[[package]]
++name = "wit-bindgen-rt"
++version = "0.39.0"
++source = "registry+https://github.com/rust-lang/crates.io-index"
++checksum = "6f42320e61fe2cfd34354ecb597f86f413484a798ba44a8ca1165c58d42da6c1"
++dependencies = [
++ "bitflags 2.6.0",
++]
++
+ [[package]]
+ name = "write16"
+ version = "1.0.0"
+@@ -5952,7 +6354,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
+ checksum = "c7e468321c81fb07fa7f4c636c3972b9100f0346e5b6a9f2bd0603a52f7ed277"
+ dependencies = [
+  "curve25519-dalek",
+- "rand_core",
++ "rand_core 0.6.4",
+  "zeroize",
+ ]
+ 
+@@ -5983,9 +6385,9 @@ dependencies = [
+ 
+ [[package]]
+ name = "xxhash-rust"
+-version = "0.8.14"
++version = "0.8.15"
+ source = "registry+https://github.com/rust-lang/crates.io-index"
+-checksum = "d7d48f1b18be023c95e7b75f481cac649d74be7c507ff4a407c55cfb957f7934"
++checksum = "fdd20c5420375476fbd4394763288da7eb0cc0b8c11deed431a91562af7335d3"
+ 
+ [[package]]
+ name = "yoke"
+diff --git a/vmm/task/Cargo.toml b/vmm/task/Cargo.toml
+index adbb58b0..15ccf04a 100644
+--- a/vmm/task/Cargo.toml
++++ b/vmm/task/Cargo.toml
+@@ -25,12 +25,12 @@ netlink-packet-route = "0.19.0"
+ netlink-packet-core = "0.7.0"
+ ipnetwork = "0.20"
+ anyhow = { version = "1.0.66", default-features = false, features = ["std", "backtrace"] }
+-protobuf = { version = "=3.5.1"}
++protobuf = { version = "=3.7.1"}
+ 
+ # Async dependencies
+ async-trait = { version = "0.1.81" }
+ tokio = { version = "1.17.0", features = ["full"] }
+-futures = { version = "0.3.21" }
++futures = { version = "0.3.31" }
+ signal-hook-tokio = { version = "0.3.1", features = ["futures-v0_3"] }
+ tokio-vsock = "0.3.1"
+ pin-project-lite = "0.2.7"
+@@ -41,10 +41,7 @@ containerd-shim = { git = "https://github.com/kuasar-io/rust-extensions.git", fe
+ runc = { git = "https://github.com/kuasar-io/rust-extensions.git", features = ["async"] }
+ 
+ # Image pull/decrypt
+-image-rs = { git = "https://github.com/confidential-containers/guest-components", tag="v0.10.0", default-features = false, optional = true, features = [
+-    "kata-cc-native-tls",
+-    "signature-simple-xrss",
+-] }
++image-rs = { git = "https://gitee.com/openeuler/guest-components", branch = "master", optional = true}
+ 
+ [patch.crates-io]
+ ttrpc = { git = "https://github.com/kuasar-io/ttrpc-rust.git", branch = "v0.7.1-kuasar" }
+diff --git a/vmm/task/src/config.rs b/vmm/task/src/config.rs
+index 5152e91a..0abba816 100644
+--- a/vmm/task/src/config.rs
++++ b/vmm/task/src/config.rs
+@@ -25,6 +25,8 @@ const DEBUG_SHELL: &str = "task.debug_shell";
+ #[cfg(feature = "image-service")]
+ const AA_KBC_PARAMS: &str = "task.aa_kbc_params";
+ #[cfg(feature = "image-service")]
++const AA_KBC_KEY_PROVIDER: &str = "task.aa_kbc_key_provider";
++#[cfg(feature = "image-service")]
+ const HTTPS_PROXY: &str = "task.https_proxy";
+ #[cfg(feature = "image-service")]
+ const NO_PROXY: &str = "task.no_proxy";
+@@ -63,6 +65,7 @@ macro_rules! parse_cmdline {
+ #[derive(Debug)]
+ pub struct ImageConfig {
+     pub(crate) aa_kbc_params: String,
++    pub(crate) aa_kbc_key_provider: String,
+     pub(crate) https_proxy: String,
+     pub(crate) no_proxy: String,
+     pub(crate) enable_signature_verification: bool,
+@@ -100,6 +103,7 @@ impl Default for TaskConfig {
+             #[cfg(feature = "image-service")]
+             image_config: ImageConfig {
+                 aa_kbc_params: "".to_string(),
++                aa_kbc_key_provider: "".to_string(),
+                 https_proxy: "".to_string(),
+                 no_proxy: "".to_string(),
+                 enable_signature_verification: false,
+@@ -134,6 +138,7 @@ impl TaskConfig {
+             #[cfg(feature = "image-service")]
+             {
+                 parse_cmdline!(param, AA_KBC_PARAMS, config.image_config.aa_kbc_params, String::from);
++                parse_cmdline!(param, AA_KBC_KEY_PROVIDER, config.image_config.aa_kbc_key_provider, String::from);
+                 parse_cmdline!(param, HTTPS_PROXY, config.image_config.https_proxy, String::from);
+                 parse_cmdline!(param, NO_PROXY, config.image_config.no_proxy, String::from);
+                 parse_cmdline!(param, ENABLE_SIGNATURE_VERIFICATION, config.image_config.enable_signature_verification);
+diff --git a/vmm/task/src/image_rpc.rs b/vmm/task/src/image_rpc.rs
+index ca0ba4b3..8a6d883e 100644
+--- a/vmm/task/src/image_rpc.rs
++++ b/vmm/task/src/image_rpc.rs
+@@ -26,7 +26,7 @@ use containerd_shim::{
+     Error, Result,
+     other, other_error
+ };
+-use image_rs::{image::ImageClient, bundle::BUNDLE_ROOTFS};
++use image_rs::{image::ImageClient, bundle::BUNDLE_ROOTFS, builder::ClientBuilder};
+ use tokio::sync::Mutex;
+ use oci_spec::runtime::{Process, Spec};
+ 
+@@ -41,6 +41,8 @@ const CONFIG_JSON: &str = "config.json";
+ 
+ pub const CONTAINER_BASE: &str = "/run/kuasar-vmm";
+ 
++pub const OCICRYPT_CONFIG_PATH: &str = "/run/ocicrypt_config.json";
++
+ lazy_static! {
+     pub static ref KUASAR_IMAGE_CLIENT: Mutex<Option<KuasarImageClient>> = Mutex::new(None);
+ }
+@@ -50,6 +52,7 @@ pub struct KuasarImageClient {
+     image_client: Arc<Mutex<ImageClient>>,
+     images: Arc<Mutex<HashMap<String, String>>>,
+     aa_kbc_params: String,
++    aa_kbc_key_provider: String,
+     https_proxy: String,
+     no_proxy: String,
+ }
+@@ -68,39 +71,34 @@ impl Drop for ProxyDrop {
+ }
+ 
+ impl KuasarImageClient {
+-    pub fn new(task_config: &TaskConfig) -> Self {
+-        let mut image_client = ImageClient::default();
++    pub async fn new(task_config: &TaskConfig) -> Result<Self> {
++        let mut image_client_builder =
++            ClientBuilder::default().work_dir(KUASAR_CC_IMAGE_WORK_DIR.into());
+ 
+-        if !task_config.image_config.image_policy_file.is_empty() {
+-            image_client.config.file_paths.policy_path = task_config.image_config.image_policy_file.clone();
+-        }
+-        if !task_config.image_config.simple_signing_sigstore_config.is_empty() {
+-            image_client.config.file_paths.sigstore_config =
+-                task_config.image_config.simple_signing_sigstore_config.clone();
+-        }
+         if !task_config.image_config.image_registry_auth_file.is_empty() {
+-            image_client.config.file_paths.auth_file =
+-                task_config.image_config.image_registry_auth_file.clone();
++            debug!("Set registry auth file {:?}", task_config.image_config.image_registry_auth_file.clone());
++            image_client_builder = image_client_builder.authenticated_registry_credentials_uri(
++                task_config.image_config.image_registry_auth_file.clone());
+         }
+-        image_client.config.work_dir =
+-            std::path::PathBuf::from(KUASAR_CC_IMAGE_WORK_DIR.to_string());
+ 
+-        let aa_kbc_params = &task_config.image_config.aa_kbc_params;
+-        // If the attestation-agent is being used, then enable the authenticated credentials support
+-        info!("image_client.config.auth set to: {}", !aa_kbc_params.is_empty());
+-        image_client.config.auth = !aa_kbc_params.is_empty();
+-        
+-        // Read enable signature verification from the task config and set it in the image_client
+         let enable_signature_verification = &task_config.image_config.enable_signature_verification;
+-        info!("enable_signature_verification set to: {}", enable_signature_verification);
+-        image_client.config.security_validate = *enable_signature_verification;
+-
+-        Self {
+-            image_client: Arc::new(Mutex::new(image_client)),
+-            images: Arc::new(Mutex::new(HashMap::new())),
+-            https_proxy: task_config.image_config.https_proxy.clone(),
+-            no_proxy: task_config.image_config.no_proxy.clone(),
+-            aa_kbc_params: task_config.image_config.aa_kbc_params.clone(),
++        debug!("Enable image signature verification: {}", enable_signature_verification);
++        if !task_config.image_config.image_policy_file.is_empty() && *enable_signature_verification {
++            debug!("Use image policy file {:?}", task_config.image_config.image_policy_file.clone());
++            image_client_builder =
++                    image_client_builder.image_security_policy_uri(task_config.image_config.image_policy_file.clone());
++        }
++        let image_client = image_client_builder.build().await;
++        match image_client {
++            Ok(client) => Ok(Self {
++                image_client: Arc::new(Mutex::new(client)),
++                images: Arc::new(Mutex::new(HashMap::new())),
++                https_proxy: task_config.image_config.https_proxy.clone(),
++                no_proxy: task_config.image_config.no_proxy.clone(),
++                aa_kbc_params: task_config.image_config.aa_kbc_params.clone(),
++                aa_kbc_key_provider: task_config.image_config.aa_kbc_key_provider.clone(),
++            }),
++            Err(e) => Err(other!("Failed to initialize image service, {:?}.", e.to_string())),
+         }
+     }
+ 
+@@ -131,8 +129,9 @@ impl KuasarImageClient {
+     /// init decrypt config
+     async fn get_security_config(&self) -> Result<String> {
+         let aa_kbc_params = self.aa_kbc_params.clone();
+-        let decrypt_config = if !aa_kbc_params.is_empty() {
+-            format!("provider:attestation-agent:{}", aa_kbc_params)
++        let aa_kbc_key_provider = self.aa_kbc_key_provider.clone();
++        let decrypt_config = if !aa_kbc_key_provider.is_empty() {
++            format!("provider:{}:{}", aa_kbc_key_provider, aa_kbc_params)
+         } else {
+             "".to_string()
+         };
+diff --git a/vmm/task/src/main.rs b/vmm/task/src/main.rs
+index 22bd0d74..cec9a5ee 100644
+--- a/vmm/task/src/main.rs
++++ b/vmm/task/src/main.rs
+@@ -55,7 +55,7 @@ use crate::{
+ };
+ 
+ #[cfg(feature = "image-service")]
+-use crate::image_rpc::{KuasarImageClient, KUASAR_IMAGE_CLIENT};
++use crate::image_rpc::{KuasarImageClient, KUASAR_IMAGE_CLIENT, OCICRYPT_CONFIG_PATH};
+ 
+ mod config;
+ mod container;
+@@ -179,12 +179,16 @@ async fn initialize() -> anyhow::Result<()> {
+ 
+     #[cfg(feature = "image-service")]
+     {
+-        let image_client = image_rpc::KuasarImageClient::new(&config);
++        let image_client = image_rpc::KuasarImageClient::new(&config).await?;
+         *image_rpc::KUASAR_IMAGE_CLIENT.lock().await = Some(image_client.clone());
++        if config.image_config.aa_kbc_key_provider != "" {
++            init_attestation_agent(&config).await?;
++        }
+         if config.image_config.aa_kbc_params != "" {
+             let aa_pid = start_attestation_agent(&config).await?;
+             info!("start attestation_agent, pid is {}", aa_pid);
+         }
++    
+     }
+ 
+     late_init_call().await?;
+@@ -192,6 +196,26 @@ async fn initialize() -> anyhow::Result<()> {
+     Ok(())
+ }
+ 
++#[cfg(feature = "image-service")]
++async fn init_attestation_agent(task_config: &TaskConfig) -> Result<()> {
++    let ocicrypt_config = serde_json::json!({
++        "key-providers": {
++            task_config.image_config.aa_kbc_key_provider.clone() :{
++                // Currently, only secgear is supported.
++                "secgear": "secgear value"
++            }
++        }
++    });
++
++    tokio::fs::write(OCICRYPT_CONFIG_PATH, ocicrypt_config.to_string().as_bytes())
++        .await
++        .map_err(io_error!(e, "failed to write {}.", &OCICRYPT_CONFIG_PATH))?;
++
++    std::env::set_var("OCICRYPT_KEYPROVIDER_CONFIG", OCICRYPT_CONFIG_PATH);
++
++    Ok(())
++}
++
+ #[cfg(feature = "image-service")]
+ async fn start_attestation_agent(task_config: &TaskConfig) -> Result<u32> {
+     let child = match Command::new("/usr/bin/attestation-agent")
+-- 
+2.34.1
+
diff --git a/series.conf b/series.conf
index 45277c67a0377a8cc19a822f3acc8a8d78a7957a..1f879e9807ef1b9d3e60318b70cdb50be0e18743 100644
--- a/series.conf
+++ b/series.conf
@@ -18,3 +18,4 @@
 0018-start-attestation-agent-when-init-start-in-vm.patch
 0019-remove-the-secGear-feature-and-use-the-image-service.patch
 0020-Revert-coco-mount-certs.patch
+0021-cc-support-kbc-decrypt-image.patch
diff --git a/vendor.tar.gz b/vendor.tar.gz
index b26ec65eb5fdc6c9ce213509acd3d09e8881120e..98278b47a320cdd058b2bf30d8e202e6c2ac8335 100644
--- a/vendor.tar.gz
+++ b/vendor.tar.gz
@@ -1,3 +1,3 @@
 version https://git-lfs.github.com/spec/v1
-oid sha256:abd072f68da8dc89848fbd38d4b60410e364b1b85d17534073c08b415f31cc62
-size 229374684
+oid sha256:2969b92fd4bd5096c3e3cef40582c81d994308a66322bc511c3b1af24119735d
+size 229558394