Exemplo n.º 1
0
        public async Task RunAsync()
        {
            // Fetch file
            var enclaveInfo = EnclaveInfo.CreateFromFile(this.fileName);

            // Send to service for attestation
            var maaService      = new MaaService(this.attestDnsName);
            var serviceJwtToken = await maaService.AttestOpenEnclaveAsync(enclaveInfo.GetMaaBody());

            // Dump JWT only?
            if (this.dumpJWTOnly)
            {
                var jwtBody = JoseHelper.ExtractJosePart(serviceJwtToken, 1);
                Console.WriteLine($"{jwtBody.ToString()}");
                Directory.CreateDirectory("./maa-jwt");
                File.WriteAllText($"./maa-jwt/{DateTime.Now.Ticks}.json", jwtBody.ToString());
            }
            else
            {
                // Analyze results
                Logger.WriteBanner("VALIDATING MAA JWT TOKEN - BASICS");
                JwtValidationHelper.ValidateMaaJwt(attestDnsName, serviceJwtToken, this.includeDetails);

                Logger.WriteBanner("VALIDATING MAA JWT TOKEN - MATCHES CLIENT ENCLAVE INFO");
                enclaveInfo.CompareToMaaServiceJwtToken(serviceJwtToken, this.includeDetails);
            }

            Logger.WriteLine("\n\n");
        }
        public async Task RunAsync()
        {
            // Fetch file
            var enclaveInfo = await EnclaveInfo.CreateFromFileAsync(this.fileName);

            // Send to service for attestation

            string endpoint = "https://" + this.attestDnsName;

            // Send to service for attestation
            var options = new AttestationClientOptions(tokenOptions: new AttestationTokenValidationOptions
            {
                ExpectedIssuer = endpoint,
                ValidateIssuer = true,
            }
                                                       );

            options.TokenOptions.TokenValidated += (args) =>
            {
                // Analyze results
                Logger.WriteBanner("IN VALIDATION CALLBACK, VALIDATING MAA JWT TOKEN - BASICS");
                JwtValidationHelper.ValidateMaaJwt(attestDnsName, args.Token, args.Signer, this.includeDetails);
                args.IsValid = true;
                return(Task.CompletedTask);
            };

            var maaService = new AttestationClient(new Uri(endpoint), new DefaultAzureCredential(), options);

            BinaryData openEnclaveReport = BinaryData.FromBytes(HexHelper.ConvertHexToByteArray(enclaveInfo.QuoteHex));

            BinaryData runtimeData = BinaryData.FromBytes(HexHelper.ConvertHexToByteArray(enclaveInfo.EnclaveHeldDataHex));

            var serviceResponse = await maaService.AttestOpenEnclaveAsync(
                new AttestationRequest
            {
                Evidence    = openEnclaveReport,
                RuntimeData = new AttestationData(runtimeData, false),
            });

            var serviceJwtToken = serviceResponse.Token.ToString();



            Logger.WriteBanner("VALIDATING MAA JWT TOKEN - MATCHES CLIENT ENCLAVE INFO");
            enclaveInfo.CompareToMaaServiceJwtToken(serviceResponse.Value, this.includeDetails);
        }
        public async Task RunAsync()
        {
            // Fetch file
            var enclaveInfo = EnclaveInfo.CreateFromFile(this.fileName);

            // Send to service for attestation
            var maaService      = new MaaService(this.attestDnsName);
            var serviceJwtToken = await maaService.AttestOpenEnclaveAsync(enclaveInfo.GetMaaBody());

            // Analyze results
            Logger.WriteBanner("VALIDATING MAA JWT TOKEN - BASICS");
            JwtValidationHelper.ValidateMaaJwt(attestDnsName, serviceJwtToken, this.includeDetails);

            Logger.WriteBanner("VALIDATING MAA JWT TOKEN - MATCHES CLIENT ENCLAVE INFO");
            enclaveInfo.CompareToMaaServiceJwtToken(serviceJwtToken, this.includeDetails);

            Logger.WriteLine("\n\n");
        }