public void CompareToMaaServiceJwtToken(AttestationResult serviceResult, bool includeDetails)
{
//if (includeDetails)
//{
// Logger.WriteLine("");
// Logger.WriteLine("Claims in MAA Service JWT Token");
// Logger.WriteLine($"{jwtBody.ToString()}");
// Logger.WriteLine("");
//}
var isDebuggable = (Attributes & 1) == 1;
var isdpassed = isDebuggable == serviceResult.IsDebuggable;
Logger.WriteLine($"IsDebuggable match : {isdpassed}");
if (includeDetails)
{
Logger.WriteLine($" We think : {isDebuggable}");
Logger.WriteLine($" MAA service: {serviceResult.IsDebuggable}");
}
var mrepassed = MrEnclaveHex.ToLower().Equals(serviceResult.MrEnclave);
Logger.WriteLine($"MRENCLAVE match : {mrepassed}");
if (includeDetails)
{
Logger.WriteLine($" We think : {MrEnclaveHex.ToLower()}");
Logger.WriteLine($" MAA service: {serviceResult.MrEnclave}");
}
var mrspassed = MrSignerHex.ToLower().Equals(serviceResult.MrSigner.ToLower());
Logger.WriteLine($"MRSIGNER match : {mrspassed}");
if (includeDetails)
{
Logger.WriteLine($" We think : {MrSignerHex.ToLower()}");
Logger.WriteLine($" MAA service: {serviceResult.MrSigner}");
}
var pidpassed = BitConverter.ToUInt64(HexHelper.ConvertHexToByteArray(ProductIdHex), 0) == (ulong)serviceResult.ProductId;
Logger.WriteLine($"ProductID match : {pidpassed}");
if (includeDetails)
{
Logger.WriteLine($" We think : {BitConverter.ToUInt64(HexHelper.ConvertHexToByteArray(ProductIdHex), 0)}");
Logger.WriteLine($" MAA service: {serviceResult.ProductId}");
}
var svnPassed = SecurityVersion == (uint)serviceResult.Svn;
Logger.WriteLine($"Security Version match : {svnPassed}");
if (includeDetails)
{
Logger.WriteLine($" We think : {SecurityVersion}");
Logger.WriteLine($" MAA service: {serviceResult.Svn}");
}
var ehdExpected = HexHelper.ConvertHexToByteArray(EnclaveHeldDataHex);
var ehdActual = serviceResult.EnclaveHeldData;
var ehdPassed = ehdExpected.SequenceEqual(ehdActual.ToArray());
Logger.WriteLine($"Enclave Held Data match : {ehdPassed}");
if (includeDetails)
{
Logger.WriteLine(17, 100, " We think : ", Convert.ToBase64String(ehdExpected));
Logger.WriteLine(17, 100, " MAA service: ", Convert.ToBase64String(serviceResult.EnclaveHeldData));
}
Logger.WriteLine("");
}
public void CompareToMaaServiceJwtToken(string serviceJwtToken, bool includeDetails)
{
var jwtBody = JoseHelper.ExtractJosePart(serviceJwtToken, 1);
//if (includeDetails)
//{
// Logger.WriteLine("");
// Logger.WriteLine("Claims in MAA Service JWT Token");
// Logger.WriteLine($"{jwtBody.ToString()}");
// Logger.WriteLine("");
//}
var isDebuggable = (Attributes & 2) != 0;
// In SGX DEBUG flag is equal to 0x0000000000000002ULL
// See https://github.com/intel/linux-sgx/blob/master/common/inc/sgx_attributes.h#L39
var isd = jwtBody["is-debuggable"];
var isdpassed = isDebuggable == (bool)isd;
Logger.WriteLine($"IsDebuggable match : {isdpassed}");
if (includeDetails)
{
Logger.WriteLine($" We think : {isDebuggable}");
Logger.WriteLine($" MAA service: {isd}");
}
var mre = jwtBody["sgx-mrenclave"];
var mrepassed = MrEnclaveHex.ToLower().Equals((string)mre);
Logger.WriteLine($"MRENCLAVE match : {mrepassed}");
if (includeDetails)
{
Logger.WriteLine($" We think : {MrEnclaveHex.ToLower()}");
Logger.WriteLine($" MAA service: {mre}");
}
var mrs = jwtBody["sgx-mrsigner"];
var mrspassed = MrSignerHex.ToLower().Equals(((string)mrs).ToLower());
Logger.WriteLine($"MRSIGNER match : {mrspassed}");
if (includeDetails)
{
Logger.WriteLine($" We think : {MrSignerHex.ToLower()}");
Logger.WriteLine($" MAA service: {mrs}");
}
var pid = jwtBody["product-id"];
var pidpassed = BitConverter.ToUInt64(HexHelper.ConvertHexToByteArray(ProductIdHex), 0) == (ulong)pid;
Logger.WriteLine($"ProductID match : {pidpassed}");
if (includeDetails)
{
Logger.WriteLine($" We think : {BitConverter.ToUInt64(HexHelper.ConvertHexToByteArray(ProductIdHex), 0)}");
Logger.WriteLine($" MAA service: {pid}");
}
var svn = jwtBody["svn"];
var svnPassed = SecurityVersion == (uint)svn;
Logger.WriteLine($"Security Version match : {svnPassed}");
if (includeDetails)
{
Logger.WriteLine($" We think : {SecurityVersion}");
Logger.WriteLine($" MAA service: {svn}");
}
var ehd = jwtBody["maa-ehd"];
var ehdPassed = HexHelper.ConvertHexToBase64Url(EnclaveHeldDataHex).Equals((string)ehd);
Logger.WriteLine($"Enclave Held Data match : {ehdPassed}");
if (includeDetails)
{
Logger.WriteLine(17, 100, " We think : ", HexHelper.ConvertHexToBase64Url(EnclaveHeldDataHex));
Logger.WriteLine(17, 100, " MAA service: ", ehd.ToString());
}
Logger.WriteLine("");
}
public void CompareToMaaServiceJwtToken(string serviceJwtToken, bool includeDetails)
{
var jwtBody = JoseHelper.ExtractJosePart(serviceJwtToken, 1);
//if (includeDetails)
//{
// Logger.WriteLine("");
// Logger.WriteLine("Claims in MAA Service JWT Token");
// Logger.WriteLine($"{jwtBody.ToString()}");
// Logger.WriteLine("");
//}
var isDebuggable = (Attributes & 1) == 1;
var isd = jwtBody["is-debuggable"];
var isdpassed = isDebuggable == (bool)isd;
Logger.WriteLine($"IsDebuggable match : {isdpassed}");
if (includeDetails)
{
Logger.WriteLine($" We think : {isDebuggable}");
Logger.WriteLine($" MAA service: {isd}");
}
var mre = jwtBody["sgx-mrenclave"];
var mrepassed = MrEnclaveHex.ToLower().Equals((string)mre);
Logger.WriteLine($"MRENCLAVE match : {mrepassed}");
if (includeDetails)
{
Logger.WriteLine($" We think : {MrEnclaveHex.ToLower()}");
Logger.WriteLine($" MAA service: {mre}");
}
var mrs = jwtBody["sgx-mrsigner"];
var mrspassed = MrSignerHex.ToLower().Equals(((string)mrs).ToLower());
Logger.WriteLine($"MRSIGNER match : {mrspassed}");
if (includeDetails)
{
Logger.WriteLine($" We think : {MrSignerHex.ToLower()}");
Logger.WriteLine($" MAA service: {mrs}");
}
var pid = jwtBody["product-id"];
var pidpassed = BitConverter.ToUInt64(HexHelper.ConvertHexToByteArray(ProductIdHex), 0) == (ulong)pid;
Logger.WriteLine($"ProductID match : {pidpassed}");
if (includeDetails)
{
Logger.WriteLine($" We think : {BitConverter.ToUInt64(HexHelper.ConvertHexToByteArray(ProductIdHex), 0)}");
Logger.WriteLine($" MAA service: {pid}");
}
var svn = jwtBody["svn"];
var svnPassed = SecurityVersion == (uint)svn;
Logger.WriteLine($"Security Version match : {svnPassed}");
if (includeDetails)
{
Logger.WriteLine($" We think : {SecurityVersion}");
Logger.WriteLine($" MAA service: {svn}");
}
var ehd = jwtBody["maa-ehd"];
var ehdPassed = HexHelper.ConvertHexToBase64Url(EnclaveHeldDataHex).Equals((string)ehd);
Logger.WriteLine($"Enclave Held Data match : {ehdPassed}");
if (includeDetails)
{
Logger.WriteLine(17, 124, " We think : ", EnclaveHeldDataHex);
Logger.WriteLine(17, 124, " MAA service: ", BitConverter.ToString(Base64Url.DecodeBytes(ehd.ToString())).Replace("-", ""));
}
Logger.WriteLine("");
}