Update dcap demo to support dumping SGX KSS info
Signed-off-by: Zheng, Qi <huaiqing.zq@antgroup.com>
This commit is contained in:
Zheng, Qi
Zongmin.Gu
parent
7db9d9b955
commit
a26a7627fe
@ -5,6 +5,46 @@
|
||||
#include "sgx_quote_3.h"
|
||||
#include "dcap_quote.h"
|
||||
|
||||
|
||||
void dump_quote_info(sgx_quote3_t *p_quote)
|
||||
{
|
||||
unsigned int i;
|
||||
sgx_report_body_t *p_rep_body;
|
||||
sgx_report_data_t *p_rep_data;
|
||||
sgx_ql_auth_data_t *p_auth_data;
|
||||
sgx_ql_ecdsa_sig_data_t *p_sig_data;
|
||||
sgx_ql_certification_data_t *p_cert_data;
|
||||
uint64_t*pll;
|
||||
|
||||
p_rep_body = (sgx_report_body_t *)(&p_quote->report_body);
|
||||
p_rep_data = (sgx_report_data_t *)(&p_rep_body->report_data);
|
||||
p_sig_data = (sgx_ql_ecdsa_sig_data_t *)p_quote->signature_data;
|
||||
p_auth_data = (sgx_ql_auth_data_t*)p_sig_data->auth_certification_data;
|
||||
p_cert_data = (sgx_ql_certification_data_t *)((uint8_t *)p_auth_data + sizeof(*p_auth_data) + p_auth_data->size);
|
||||
|
||||
printf("cert_key_type = 0x%x\n", p_cert_data->cert_key_type);
|
||||
|
||||
printf("\nSGX ISV Family ID:\n");
|
||||
pll = (uint64_t *)p_rep_body->isv_family_id;
|
||||
printf("\tLow 8 bytes: \t0x%08lx\n", *pll++);
|
||||
printf("\tHigh 8 bytes: \t0x%08lx\n", *pll);
|
||||
|
||||
printf("\nSGX ISV EXT Product ID:\n");
|
||||
pll = (uint64_t *)p_rep_body->isv_ext_prod_id;
|
||||
printf("\tLow 8 bytes: \t0x%08lx\n", *pll++);
|
||||
printf("\tHigh 8 bytes: \t0x%08lx\n", *pll);
|
||||
|
||||
printf("\nSGX CONFIG ID:");
|
||||
for (i = 0; i < SGX_CONFIGID_SIZE; i++) {
|
||||
if (!(i % 16))
|
||||
printf("\n\t");
|
||||
printf("%02x ", p_rep_body->config_id[i]);
|
||||
}
|
||||
|
||||
printf("\n\nSGX CONFIG SVN:\n");
|
||||
printf("\t0x%04x\n", p_rep_body->config_svn);
|
||||
}
|
||||
|
||||
void main() {
|
||||
void *handle;
|
||||
uint32_t quote_size, supplemental_size;
|
||||
@ -12,9 +52,6 @@ void main() {
|
||||
sgx_quote3_t *p_quote;
|
||||
sgx_report_body_t *p_rep_body;
|
||||
sgx_report_data_t *p_rep_data;
|
||||
sgx_ql_auth_data_t *p_auth_data;
|
||||
sgx_ql_ecdsa_sig_data_t *p_sig_data;
|
||||
sgx_ql_certification_data_t *p_cert_data;
|
||||
int32_t ret;
|
||||
|
||||
handle = dcap_quote_open();
|
||||
@ -44,16 +81,13 @@ void main() {
|
||||
p_quote = (sgx_quote3_t *)p_quote_buffer;
|
||||
p_rep_body = (sgx_report_body_t *)(&p_quote->report_body);
|
||||
p_rep_data = (sgx_report_data_t *)(&p_rep_body->report_data);
|
||||
p_sig_data = (sgx_ql_ecdsa_sig_data_t *)p_quote->signature_data;
|
||||
p_auth_data = (sgx_ql_auth_data_t*)p_sig_data->auth_certification_data;
|
||||
p_cert_data = (sgx_ql_certification_data_t *)((uint8_t *)p_auth_data + sizeof(*p_auth_data) + p_auth_data->size);
|
||||
|
||||
if (memcmp((void *)p_rep_data, (void *)&report_data, sizeof(sgx_report_data_t)) != 0) {
|
||||
printf("mismathced report data\n");
|
||||
goto CLEANUP;
|
||||
}
|
||||
|
||||
printf("cert_key_type = 0x%x\n", p_cert_data->cert_key_type);
|
||||
dump_quote_info(p_quote);
|
||||
|
||||
supplemental_size = dcap_get_supplemental_data_size(handle);
|
||||
printf("supplemental_size size = %d\n", supplemental_size);
|
||||
|
||||
@ -1,5 +1,6 @@
|
||||
extern crate dcap_quote;
|
||||
use std::str;
|
||||
use std::convert::TryFrom;
|
||||
use dcap_quote::*;
|
||||
use sgx_types::{
|
||||
sgx_report_data_t, sgx_ql_qv_result_t, sgx_report_body_t, sgx_quote3_t
|
||||
@ -78,6 +79,44 @@ impl DcapDemo {
|
||||
|
||||
Ok( quote_verification_result )
|
||||
}
|
||||
|
||||
fn dcap_dump_quote_info(&mut self) {
|
||||
let report_body_ptr = self.dcap_quote_get_report_body().unwrap();
|
||||
|
||||
// Dump ISV FAMILY ID
|
||||
let family_id = unsafe { (*report_body_ptr).isv_family_id };
|
||||
let (fam_id_l, fam_id_h) = family_id.split_at(8);
|
||||
let fam_id_l = <&[u8; 8]>::try_from(fam_id_l).unwrap();
|
||||
let fam_id_l = u64::from_le_bytes(*fam_id_l);
|
||||
let fam_id_h = <&[u8; 8]>::try_from(fam_id_h).unwrap();
|
||||
let fam_id_h = u64::from_le_bytes(*fam_id_h);
|
||||
println!("\nSGX ISV Family ID:");
|
||||
println!("\t Low 8 bytes: 0x{:016x?}\t", fam_id_l);
|
||||
println!("\t high 8 bytes: 0x{:016x?}\t", fam_id_h);
|
||||
|
||||
// Dump ISV EXT Product ID
|
||||
let prod_id = unsafe { (*report_body_ptr).isv_ext_prod_id };
|
||||
let (prod_id_l, prod_id_h) = prod_id.split_at(8);
|
||||
let prod_id_l = <&[u8; 8]>::try_from(prod_id_l).unwrap();
|
||||
let prod_id_l = u64::from_le_bytes(*prod_id_l);
|
||||
let prod_id_h = <&[u8; 8]>::try_from(prod_id_h).unwrap();
|
||||
let prod_id_h = u64::from_le_bytes(*prod_id_h);
|
||||
println!("\nSGX ISV EXT Product ID:");
|
||||
println!("\t Low 8 bytes: 0x{:016x?}\t", prod_id_l);
|
||||
println!("\t high 8 bytes: 0x{:016x?}\t", prod_id_h);
|
||||
|
||||
// Dump CONFIG ID
|
||||
let conf_id = unsafe { (*report_body_ptr).config_id };
|
||||
println!("\nSGX CONFIG ID:");
|
||||
println!("\t{:02x?}", &conf_id[..16]);
|
||||
println!("\t{:02x?}", &conf_id[16..32]);
|
||||
println!("\t{:02x?}", &conf_id[32..48]);
|
||||
println!("\t{:02x?}", &conf_id[48..]);
|
||||
|
||||
// Dump CONFIG SVN
|
||||
let conf_svn = unsafe { (*report_body_ptr).config_svn };
|
||||
println!("\nSGX CONFIG SVN:\t {:04x?}", conf_svn);
|
||||
}
|
||||
}
|
||||
|
||||
impl Drop for DcapDemo {
|
||||
@ -103,6 +142,8 @@ fn main() {
|
||||
println!("Report data from Quote: '{}' doesn't match !!!", string);
|
||||
}
|
||||
|
||||
dcap_demo.dcap_dump_quote_info();
|
||||
|
||||
let result = dcap_demo.dcap_quote_ver().unwrap();
|
||||
match result {
|
||||
sgx_ql_qv_result_t::SGX_QL_QV_RESULT_OK => {
|
||||
|
||||
Loading…
Reference in New Issue
Block a user