public async Task RunAsync()
{
// Fetch file
var enclaveInfo = EnclaveInfo.CreateFromFile(this.fileName);
// Send to service for attestation
var maaService = new MaaService(this.attestDnsName);
var serviceJwtToken = await maaService.AttestOpenEnclaveAsync(enclaveInfo.GetMaaBody());
// Dump JWT only?
if (this.dumpJWTOnly)
{
var jwtBody = JoseHelper.ExtractJosePart(serviceJwtToken, 1);
Console.WriteLine($"{jwtBody.ToString()}");
Directory.CreateDirectory("./maa-jwt");
File.WriteAllText($"./maa-jwt/{DateTime.Now.Ticks}.json", jwtBody.ToString());
}
else
{
// Analyze results
Logger.WriteBanner("VALIDATING MAA JWT TOKEN - BASICS");
JwtValidationHelper.ValidateMaaJwt(attestDnsName, serviceJwtToken, this.includeDetails);
Logger.WriteBanner("VALIDATING MAA JWT TOKEN - MATCHES CLIENT ENCLAVE INFO");
enclaveInfo.CompareToMaaServiceJwtToken(serviceJwtToken, this.includeDetails);
}
Logger.WriteLine("\n\n");
}
public async Task RunAsync()
{
// Fetch file
var enclaveInfo = EnclaveInfo.CreateFromFile(this.fileName);
// Send to service for attestation
var maaService = new MaaService(this.attestDnsName);
var serviceJwtToken = await maaService.AttestOpenEnclaveAsync(enclaveInfo.GetMaaBody());
// Analyze results
Logger.WriteBanner("VALIDATING MAA JWT TOKEN - BASICS");
JwtValidationHelper.ValidateMaaJwt(attestDnsName, serviceJwtToken, this.includeDetails);
Logger.WriteBanner("VALIDATING MAA JWT TOKEN - MATCHES CLIENT ENCLAVE INFO");
enclaveInfo.CompareToMaaServiceJwtToken(serviceJwtToken, this.includeDetails);
Logger.WriteLine("\n\n");
}
public async Task RunAsync()
{
// Fetch file
var enclaveInfo = EnclaveInfo.CreateFromFile(this.fileName);
string endpoint = "https://" + this.attestDnsName;
// Send to service for attestation
var options = new AttestationClientOptions(tokenOptions: new AttestationTokenValidationOptions
{
ExpectedIssuer = endpoint,
ValidateIssuer = true,
});
options.TokenOptions.TokenValidated += (args) =>
{
// Analyze results
Logger.WriteBanner("IN VALIDATION CALLBACK, VALIDATING MAA JWT TOKEN - BASICS");
args.IsValid = JwtValidationHelper.ValidateMaaJwt(attestDnsName, args.Token, args.Signer, this.includeDetails);
return(Task.CompletedTask);
};
var maaService = new AttestationClient(new Uri(endpoint), new DefaultAzureCredential(), options);
BinaryData openEnclaveReport = BinaryData.FromBytes(HexHelper.ConvertHexToByteArray(enclaveInfo.QuoteHex));
BinaryData runtimeData = BinaryData.FromBytes(HexHelper.ConvertHexToByteArray(enclaveInfo.EnclaveHeldDataHex));
var serviceResponse = await maaService.AttestOpenEnclaveAsync(new AttestationRequest
{
Evidence = openEnclaveReport,
RuntimeData = new AttestationData(runtimeData, false),
});
// Analyze results
Logger.WriteBanner("VALIDATING MAA JWT TOKEN - CLAIMS MATCH CLIENT ENCLAVE INFO");
enclaveInfo.CompareToMaaServiceJwtToken(serviceResponse.Value, this.includeDetails);
Logger.WriteLine("\n\n");
}