def _test_attest_sgx_enclave(self, base_uri): #type: (str) -> None attest_client = self.create_client(base_uri) oe_report = Base64Url.decode(_open_enclave_report) # Convert the OE report into an SGX quote by stripping off the first 16 bytes. quote = oe_report[16:] runtime_data = Base64Url.decode(_runtime_data) response = attest_client.attest_sgx_enclave( quote, runtime_data=AttestationData(runtime_data, is_json=False)) assert response.value.enclave_held_data == runtime_data assert response.value.sgx_collateral is not None #Now do the validation again, this time specifying runtime data as JSON. response = attest_client.attest_sgx_enclave( quote, runtime_data=AttestationData(runtime_data, is_json=True)) # Because the runtime data is JSON, enclave_held_data will be empty. assert response.value.enclave_held_data == None assert response.value.runtime_claims.get('jwk') is not None assert response.value.runtime_claims['jwk']['crv'] == 'P-256' assert response.value.sgx_collateral is not None #And try #3, this time letting the AttestationData type figure it out. response = attest_client.attest_sgx_enclave( quote, runtime_data=AttestationData(runtime_data)) # Because the runtime data is JSON, enclave_held_data will be empty. assert response.value.enclave_held_data == None assert response.value.runtime_claims.get('jwk') is not None assert response.value.runtime_claims['jwk']['crv'] == 'P-256' assert response.value.sgx_collateral is not None
def _test_attest_open_enclave(self, client_uri): #type: (str) -> None attest_client = self.create_client(client_uri) oe_report = Base64Url.decode(_open_enclave_report) runtime_data = Base64Url.decode(_runtime_data) response = attest_client.attest_open_enclave( oe_report, runtime_data=AttestationData(runtime_data, is_json=False)) assert response.value.enclave_held_data == runtime_data assert response.value.sgx_collateral is not None #Now do the validation again, this time specifying runtime data as JSON. response = attest_client.attest_open_enclave( oe_report, runtime_data=AttestationData(runtime_data, is_json=True)) # Because the runtime data is JSON, enclave_held_data will be empty. assert response.value.enclave_held_data == None assert response.value.runtime_claims.get('jwk') is not None assert response.value.runtime_claims['jwk']['crv'] == 'P-256' assert response.value.sgx_collateral is not None