public static async Task <RemoteAttestation> GetAndVerifyRemoteAttestationAsync(PushServiceSocket socket,
PushServiceSocket.ClientSet clientSet,
string enclaveName,
string mrenclave,
string authorization)
{
Curve25519KeyPair keyPair = BuildKeyPair();
ResponsePair result = await MakeAttestationRequestAsync(socket, clientSet, authorization, enclaveName, keyPair);
RemoteAttestationResponse response = JsonUtil.FromJson <RemoteAttestationResponse>(result.body);
return(ValidateAndBuildRemoteAttestation(response, result.cookies, keyPair, mrenclave));
}
private static RemoteAttestation ValidateAndBuildRemoteAttestation(RemoteAttestationResponse response,
List <string> cookies,
Curve25519KeyPair keyPair,
string mrenclave)
{
RemoteAttestationKeys keys = new RemoteAttestationKeys(keyPair, response.ServerEphemeralPublic, response.ServerStaticPublic);
Quote quote = new Quote(response.Quote);
byte[] requestId = RemoteAttestationCipher.GetRequestId(keys, response);
RemoteAttestationCipher.VerifyServerQuote(quote, response.ServerStaticPublic, mrenclave);
RemoteAttestationCipher.VerifyIasSignature(response.Certificates, response.SignatureBody, response.Signature, quote);
return(new RemoteAttestation(requestId, keys, cookies));
}
public static byte[] GetRequestId(RemoteAttestationKeys keys, RemoteAttestationResponse response)
{
return(AesCipher.Decrypt(keys.ServerKey, response.Iv, response.Ciphertext, response.Tag));
}
