public AttestSgxEnclaveRequestBody GetMaaBody() { var maaBody = new AttestSgxEnclaveRequestBody { Quote = HexHelper.ConvertHexToBase64Url(QuoteHex), EnclaveHeldData = HexHelper.ConvertHexToBase64Url(EnclaveHeldDataHex) }; return(maaBody); }
public void CompareToMaaServiceJwtToken(string serviceJwtToken, bool includeDetails) { var jwtBody = JoseHelper.ExtractJosePart(serviceJwtToken, 1); //if (includeDetails) //{ // Logger.WriteLine(""); // Logger.WriteLine("Claims in MAA Service JWT Token"); // Logger.WriteLine($"{jwtBody.ToString()}"); // Logger.WriteLine(""); //} var isDebuggable = (Attributes & 2) != 0; // In SGX DEBUG flag is equal to 0x0000000000000002ULL // See https://github.com/intel/linux-sgx/blob/master/common/inc/sgx_attributes.h#L39 var isd = jwtBody["is-debuggable"]; var isdpassed = isDebuggable == (bool)isd; Logger.WriteLine($"IsDebuggable match : {isdpassed}"); if (includeDetails) { Logger.WriteLine($" We think : {isDebuggable}"); Logger.WriteLine($" MAA service: {isd}"); } var mre = jwtBody["sgx-mrenclave"]; var mrepassed = MrEnclaveHex.ToLower().Equals((string)mre); Logger.WriteLine($"MRENCLAVE match : {mrepassed}"); if (includeDetails) { Logger.WriteLine($" We think : {MrEnclaveHex.ToLower()}"); Logger.WriteLine($" MAA service: {mre}"); } var mrs = jwtBody["sgx-mrsigner"]; var mrspassed = MrSignerHex.ToLower().Equals(((string)mrs).ToLower()); Logger.WriteLine($"MRSIGNER match : {mrspassed}"); if (includeDetails) { Logger.WriteLine($" We think : {MrSignerHex.ToLower()}"); Logger.WriteLine($" MAA service: {mrs}"); } var pid = jwtBody["product-id"]; var pidpassed = BitConverter.ToUInt64(HexHelper.ConvertHexToByteArray(ProductIdHex), 0) == (ulong)pid; Logger.WriteLine($"ProductID match : {pidpassed}"); if (includeDetails) { Logger.WriteLine($" We think : {BitConverter.ToUInt64(HexHelper.ConvertHexToByteArray(ProductIdHex), 0)}"); Logger.WriteLine($" MAA service: {pid}"); } var svn = jwtBody["svn"]; var svnPassed = SecurityVersion == (uint)svn; Logger.WriteLine($"Security Version match : {svnPassed}"); if (includeDetails) { Logger.WriteLine($" We think : {SecurityVersion}"); Logger.WriteLine($" MAA service: {svn}"); } var ehd = jwtBody["maa-ehd"]; var ehdPassed = HexHelper.ConvertHexToBase64Url(EnclaveHeldDataHex).Equals((string)ehd); Logger.WriteLine($"Enclave Held Data match : {ehdPassed}"); if (includeDetails) { Logger.WriteLine(17, 100, " We think : ", HexHelper.ConvertHexToBase64Url(EnclaveHeldDataHex)); Logger.WriteLine(17, 100, " MAA service: ", ehd.ToString()); } Logger.WriteLine(""); }
public void CompareToMaaServiceJwtToken(string serviceJwtToken, bool includeDetails) { var jwtBody = JoseHelper.ExtractJosePart(serviceJwtToken, 1); //if (includeDetails) //{ // Logger.WriteLine(""); // Logger.WriteLine("Claims in MAA Service JWT Token"); // Logger.WriteLine($"{jwtBody.ToString()}"); // Logger.WriteLine(""); //} var isDebuggable = (Attributes & 1) == 1; var isd = jwtBody["is-debuggable"]; var isdpassed = isDebuggable == (bool)isd; Logger.WriteLine($"IsDebuggable match : {isdpassed}"); if (includeDetails) { Logger.WriteLine($" We think : {isDebuggable}"); Logger.WriteLine($" MAA service: {isd}"); } var mre = jwtBody["sgx-mrenclave"]; var mrepassed = MrEnclaveHex.ToLower().Equals((string)mre); Logger.WriteLine($"MRENCLAVE match : {mrepassed}"); if (includeDetails) { Logger.WriteLine($" We think : {MrEnclaveHex.ToLower()}"); Logger.WriteLine($" MAA service: {mre}"); } var mrs = jwtBody["sgx-mrsigner"]; var mrspassed = MrSignerHex.ToLower().Equals(((string)mrs).ToLower()); Logger.WriteLine($"MRSIGNER match : {mrspassed}"); if (includeDetails) { Logger.WriteLine($" We think : {MrSignerHex.ToLower()}"); Logger.WriteLine($" MAA service: {mrs}"); } var pid = jwtBody["product-id"]; var pidpassed = BitConverter.ToUInt64(HexHelper.ConvertHexToByteArray(ProductIdHex), 0) == (ulong)pid; Logger.WriteLine($"ProductID match : {pidpassed}"); if (includeDetails) { Logger.WriteLine($" We think : {BitConverter.ToUInt64(HexHelper.ConvertHexToByteArray(ProductIdHex), 0)}"); Logger.WriteLine($" MAA service: {pid}"); } var svn = jwtBody["svn"]; var svnPassed = SecurityVersion == (uint)svn; Logger.WriteLine($"Security Version match : {svnPassed}"); if (includeDetails) { Logger.WriteLine($" We think : {SecurityVersion}"); Logger.WriteLine($" MAA service: {svn}"); } var ehd = jwtBody["maa-ehd"]; var ehdPassed = HexHelper.ConvertHexToBase64Url(EnclaveHeldDataHex).Equals((string)ehd); Logger.WriteLine($"Enclave Held Data match : {ehdPassed}"); if (includeDetails) { Logger.WriteLine(17, 124, " We think : ", EnclaveHeldDataHex); Logger.WriteLine(17, 124, " MAA service: ", BitConverter.ToString(Base64Url.DecodeBytes(ehd.ToString())).Replace("-", "")); } Logger.WriteLine(""); }