def _create_signup_info(self, ex_data): """ Create enclave signup data Parameters : @param ex_data - Ex_data containing the public verification key generated by KME Returns : @returns signup_info_obj - Signup info data """ signup_cpp_obj = enclave.SignupInfoWPE() # @TODO : Passing in_ext_data_signature & in_kme_attestation as # empty string "" as of now signup_data = signup_cpp_obj.CreateEnclaveData(ex_data, "", "") if signup_data is None: return None signup_info = self._get_signup_info(signup_data, signup_cpp_obj) # Now we can finally serialize the signup info and create a # corresponding signup info object. signup_info_obj = signup_cpp_obj.DeserializeSignupInfo( json.dumps(signup_info)) # Now we can return the real object return signup_info_obj
def _create_signup_data(self): """ Create WPE signup data. Returns : signup_data - Relevant signup data to be used for requests to the enclave """ # Instantiate enclaveinfo & initialize enclave in the process signup_data = enclave_info.WorkOrderProcessorEnclaveInfo( self._config.get("EnclaveModule")) self._wpe_requester = WPERequester(self._config) signup_cpp_obj = enclave.SignupInfoWPE() # Generate a nonce in trusted code verification_key_nonce = signup_cpp_obj.GenerateNonce(32) logger.info("Nonce generated by requester WPE : %s", verification_key_nonce) response = self._wpe_requester.get_unique_verification_key( verification_key_nonce) # Received response contains result,verification_key and # verification_key_signature delimited by ' ' self._unique_verification_key = response.split(' ')[1] # signup enclave signup_data.create_enclave_signup_data(self._unique_verification_key) # return signup data logger.info("WPE signup data {}".format(signup_data.proof_data)) return signup_data
def _create_signup_info(self, ias_nonce, ex_data): """ Create enclave signup data Parameters : @param ias_nonce - Used in IAS request to verify attestation as a distinguishing factor @param ex_data - Ex_data containing the public verification key generated by KME Returns : @returns signup_info_obj - Signup info data """ # Part of what is returned with the signup data is an enclave quote, we # want to update the revocation list first. self._update_sig_rl() # Now, let the enclave create the signup data signup_cpp_obj = enclave.SignupInfoWPE() # @TODO : Passing in_ext_data_signature & in_kme_attestation as # empty string "" as of now signup_data = signup_cpp_obj.CreateEnclaveData(ex_data, "", "") if signup_data is None: return None signup_info = self._get_signup_info(signup_data, signup_cpp_obj, ias_nonce) # Now we can finally serialize the signup info and create a # corresponding signup info object. signup_info_obj = signup_cpp_obj.DeserializeSignupInfo( json.dumps(signup_info)) # Now we can return the real object return signup_info_obj
def get_enclave_public_info(self): """ Return information about the enclave Returns : @returns A dict of sealed data """ signup_cpp_obj = enclave.SignupInfoWPE() return signup_cpp_obj.UnsealEnclaveData()
def _create_signup_data(self): """ Create WPE signup data. Returns : signup_data - Relevant signup data to be used for requests to the enclave """ self._wpe_requester = WPERequester(self._config) # Instantiate enclaveinfo & initialize enclave in the process signup_data = enclave_info.WorkOrderProcessorEnclaveInfo( self._config, EnclaveType.WPE) signup_cpp_obj = enclave.SignupInfoWPE() # Generate a nonce in trusted code verification_key_nonce = signup_cpp_obj.GenerateNonce(32) logger.info("Nonce generated by requester WPE : %s", verification_key_nonce) response = self._wpe_requester.get_unique_verification_key( verification_key_nonce) if response is None: logger.error("Failed to get Unique ID from KME") return None # Received response contains result,verification_key and # verification_key_signature delimited by ' ' self._unique_verification_key = response.split(' ')[1] self._unique_verification_key_signature = response.split(' ')[2] # Verify unique verification key signature using unique id result = signup_cpp_obj.VerifyUniqueIdSignature( self._unique_verification_key, self._unique_verification_key_signature) if result != 0: logger.error("Failed to verify unique id signature") return None self.mr_enclave = signup_data.get_enclave_measurement() # signup enclave signup_data.create_enclave_signup_data(self._unique_verification_key) # return signup data logger.info("WPE signup data {}".format(signup_data.proof_data)) return signup_data