general/occlum
4
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Update dcap demo to support dumping SGX KSS info

Browse Source 
Signed-off-by: Zheng, Qi <huaiqing.zq@antgroup.com>
This commit is contained in:
Zheng, Qi 2021-08-23 03:17:22 +00:00 committed by Zongmin.Gu
parent 7db9d9b955
commit a26a7627fe
2 changed files with 82 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

48
demos/remote_attestation/dcap/c_app/dcap_c_test.c
View File

@ -5,6 +5,46 @@
#include "sgx_quote_3.h" #include "sgx_quote_3.h"
#include "dcap_quote.h" #include "dcap_quote.h"
void dump_quote_info(sgx_quote3_t *p_quote)
{
unsigned int i;
sgx_report_body_t *p_rep_body;
sgx_report_data_t *p_rep_data;
sgx_ql_auth_data_t *p_auth_data;
sgx_ql_ecdsa_sig_data_t *p_sig_data;
sgx_ql_certification_data_t *p_cert_data;
uint64_t*pll;
p_rep_body = (sgx_report_body_t *)(&p_quote->report_body);
p_rep_data = (sgx_report_data_t *)(&p_rep_body->report_data);
p_sig_data = (sgx_ql_ecdsa_sig_data_t *)p_quote->signature_data;
p_auth_data = (sgx_ql_auth_data_t*)p_sig_data->auth_certification_data;
p_cert_data = (sgx_ql_certification_data_t *)((uint8_t *)p_auth_data + sizeof(*p_auth_data) + p_auth_data->size);
printf("cert_key_type = 0x%x\n", p_cert_data->cert_key_type);
printf("\nSGX ISV Family ID:\n");
pll = (uint64_t *)p_rep_body->isv_family_id;
printf("\tLow 8 bytes: \t0x%08lx\n", *pll++);
printf("\tHigh 8 bytes: \t0x%08lx\n", *pll);
printf("\nSGX ISV EXT Product ID:\n");
pll = (uint64_t *)p_rep_body->isv_ext_prod_id;
printf("\tLow 8 bytes: \t0x%08lx\n", *pll++);
printf("\tHigh 8 bytes: \t0x%08lx\n", *pll);
printf("\nSGX CONFIG ID:");
for (i = 0; i < SGX_CONFIGID_SIZE; i++) {
if (!(i % 16))
printf("\n\t");
printf("%02x ", p_rep_body->config_id[i]);
}
printf("\n\nSGX CONFIG SVN:\n");
printf("\t0x%04x\n", p_rep_body->config_svn);
}
void main() { void main() {
void *handle; void *handle;
uint32_t quote_size, supplemental_size; uint32_t quote_size, supplemental_size;
@ -12,9 +52,6 @@ void main() {
sgx_quote3_t *p_quote; sgx_quote3_t *p_quote;
sgx_report_body_t *p_rep_body; sgx_report_body_t *p_rep_body;
sgx_report_data_t *p_rep_data; sgx_report_data_t *p_rep_data;
sgx_ql_auth_data_t *p_auth_data;
sgx_ql_ecdsa_sig_data_t *p_sig_data;
sgx_ql_certification_data_t *p_cert_data;
int32_t ret; int32_t ret;
handle = dcap_quote_open(); handle = dcap_quote_open();
@ -44,16 +81,13 @@ void main() {
p_quote = (sgx_quote3_t *)p_quote_buffer; p_quote = (sgx_quote3_t *)p_quote_buffer;
p_rep_body = (sgx_report_body_t *)(&p_quote->report_body); p_rep_body = (sgx_report_body_t *)(&p_quote->report_body);
p_rep_data = (sgx_report_data_t *)(&p_rep_body->report_data); p_rep_data = (sgx_report_data_t *)(&p_rep_body->report_data);
p_sig_data = (sgx_ql_ecdsa_sig_data_t *)p_quote->signature_data;
p_auth_data = (sgx_ql_auth_data_t*)p_sig_data->auth_certification_data;
p_cert_data = (sgx_ql_certification_data_t *)((uint8_t *)p_auth_data + sizeof(*p_auth_data) + p_auth_data->size);
if (memcmp((void *)p_rep_data, (void *)&report_data, sizeof(sgx_report_data_t)) != 0) { if (memcmp((void *)p_rep_data, (void *)&report_data, sizeof(sgx_report_data_t)) != 0) {
printf("mismathced report data\n"); printf("mismathced report data\n");
goto CLEANUP; goto CLEANUP;
} }
printf("cert_key_type = 0x%x\n", p_cert_data->cert_key_type); dump_quote_info(p_quote);
supplemental_size = dcap_get_supplemental_data_size(handle); supplemental_size = dcap_get_supplemental_data_size(handle);
printf("supplemental_size size = %d\n", supplemental_size); printf("supplemental_size size = %d\n", supplemental_size);

41
demos/remote_attestation/dcap/dcap_lib/examples/dcap_test.rs
View File

@ -1,5 +1,6 @@
extern crate dcap_quote; extern crate dcap_quote;
use std::str; use std::str;
use std::convert::TryFrom;
use dcap_quote::*; use dcap_quote::*;
use sgx_types::{ use sgx_types::{
sgx_report_data_t, sgx_ql_qv_result_t, sgx_report_body_t, sgx_quote3_t sgx_report_data_t, sgx_ql_qv_result_t, sgx_report_body_t, sgx_quote3_t
@ -78,6 +79,44 @@ impl DcapDemo {
Ok( quote_verification_result ) Ok( quote_verification_result )
} }
fn dcap_dump_quote_info(&mut self) {
let report_body_ptr = self.dcap_quote_get_report_body().unwrap();
// Dump ISV FAMILY ID
let family_id = unsafe { (*report_body_ptr).isv_family_id };
let (fam_id_l, fam_id_h) = family_id.split_at(8);
let fam_id_l = <&[u8; 8]>::try_from(fam_id_l).unwrap();
let fam_id_l = u64::from_le_bytes(*fam_id_l);
let fam_id_h = <&[u8; 8]>::try_from(fam_id_h).unwrap();
let fam_id_h = u64::from_le_bytes(*fam_id_h);
println!("\nSGX ISV Family ID:");
println!("\t Low 8 bytes: 0x{:016x?}\t", fam_id_l);
println!("\t high 8 bytes: 0x{:016x?}\t", fam_id_h);
// Dump ISV EXT Product ID
let prod_id = unsafe { (*report_body_ptr).isv_ext_prod_id };
let (prod_id_l, prod_id_h) = prod_id.split_at(8);
let prod_id_l = <&[u8; 8]>::try_from(prod_id_l).unwrap();
let prod_id_l = u64::from_le_bytes(*prod_id_l);
let prod_id_h = <&[u8; 8]>::try_from(prod_id_h).unwrap();
let prod_id_h = u64::from_le_bytes(*prod_id_h);
println!("\nSGX ISV EXT Product ID:");
println!("\t Low 8 bytes: 0x{:016x?}\t", prod_id_l);
println!("\t high 8 bytes: 0x{:016x?}\t", prod_id_h);
// Dump CONFIG ID
let conf_id = unsafe { (*report_body_ptr).config_id };
println!("\nSGX CONFIG ID:");
println!("\t{:02x?}", &conf_id[..16]);
println!("\t{:02x?}", &conf_id[16..32]);
println!("\t{:02x?}", &conf_id[32..48]);
println!("\t{:02x?}", &conf_id[48..]);
// Dump CONFIG SVN
let conf_svn = unsafe { (*report_body_ptr).config_svn };
println!("\nSGX CONFIG SVN:\t {:04x?}", conf_svn);
}
} }
impl Drop for DcapDemo { impl Drop for DcapDemo {
@ -103,6 +142,8 @@ fn main() {
println!("Report data from Quote: '{}' doesn't match !!!", string); println!("Report data from Quote: '{}' doesn't match !!!", string);
} }
dcap_demo.dcap_dump_quote_info();
let result = dcap_demo.dcap_quote_ver().unwrap(); let result = dcap_demo.dcap_quote_ver().unwrap();
match result { match result {
sgx_ql_qv_result_t::SGX_QL_QV_RESULT_OK => { sgx_ql_qv_result_t::SGX_QL_QV_RESULT_OK => {