From f83f25b81f7bb629e2fd14c212f077cbc2fb8e7f Mon Sep 17 00:00:00 2001 From: Qiucheng Wang Date: Sun, 15 Nov 2020 23:19:12 +0000 Subject: [PATCH] verify oe report with null format id Signed-off-by: Qiucheng Wang --- common/attest_plugin.c | 109 ++--- .../AttestationEvidenceFormatSupport.md | 20 +- docs/DesignDocs/Attestation_API_Proposal.md | 12 +- include/openenclave/attestation/verifier.h | 7 +- tests/attestation_plugin/plugin/tests.c | 388 +++++++++++------- 5 files changed, 312 insertions(+), 224 deletions(-) diff --git a/common/attest_plugin.c b/common/attest_plugin.c index fd7a61fab5..c10ebb7d36 100644 --- a/common/attest_plugin.c +++ b/common/attest_plugin.c @@ -301,61 +301,78 @@ oe_result_t oe_verify_evidence( if (!format_id) { - oe_attestation_header_t* evidence = - (oe_attestation_header_t*)evidence_buffer; + // check whether evidence buffer structure is oe_report + oe_report_header_t* report = (oe_report_header_t*)evidence_buffer; - if (evidence_buffer_size < sizeof(oe_attestation_header_t) || - evidence->version != OE_ATTESTATION_HEADER_VERSION) - OE_RAISE_MSG( - OE_INVALID_PARAMETER, - "Invalid attestation header version %d, expected %d", - evidence->version, - OE_ATTESTATION_HEADER_VERSION); - - if (evidence_buffer_size != - (evidence->data_size + sizeof(oe_attestation_header_t))) - OE_RAISE_MSG( - OE_INVALID_PARAMETER, - "Evidence size is invalid. " - "Header data size: %d bytes, evidence buffer size: %d", - evidence->data_size, - evidence_buffer_size); - - if (endorsements_buffer) + if (evidence_buffer_size >= sizeof(oe_report_header_t) && + report->version == OE_REPORT_HEADER_VERSION) { - oe_attestation_header_t* endorsements = - (oe_attestation_header_t*)endorsements_buffer; + format_id = &_uuid_legacy_report_remote; + plugin_evidence = evidence_buffer; + plugin_evidence_size = evidence_buffer_size; + plugin_endorsements = endorsements_buffer; + plugin_endorsements_size = endorsements_buffer_size; + } + else + { + oe_attestation_header_t* evidence = + (oe_attestation_header_t*)evidence_buffer; - if (endorsements_buffer_size < sizeof(oe_attestation_header_t) || - endorsements->version != OE_ATTESTATION_HEADER_VERSION) + if (evidence_buffer_size < sizeof(oe_attestation_header_t) || + evidence->version != OE_ATTESTATION_HEADER_VERSION) OE_RAISE_MSG( OE_INVALID_PARAMETER, "Invalid attestation header version %d, expected %d", - endorsements->version, + evidence->version, OE_ATTESTATION_HEADER_VERSION); - if (endorsements_buffer_size != - (endorsements->data_size + sizeof(oe_attestation_header_t))) + if (evidence_buffer_size != + (evidence->data_size + sizeof(oe_attestation_header_t))) OE_RAISE_MSG( OE_INVALID_PARAMETER, - "Endorsements buffer size is invalid. " - "Header data size: %d bytes, endorsements buffer size: %d", - endorsements->data_size, - endorsements_buffer_size); - - if (memcmp( - &evidence->format_id, - &endorsements->format_id, - sizeof(evidence->format_id)) != 0) - OE_RAISE(OE_CONSTRAINT_FAILED); - - plugin_endorsements = endorsements->data; - plugin_endorsements_size = endorsements->data_size; - } + "Evidence size is invalid. " + "Header data size: %d bytes, evidence buffer size: %d", + evidence->data_size, + evidence_buffer_size); - plugin_evidence = evidence->data; - plugin_evidence_size = evidence->data_size; - format_id = &evidence->format_id; + if (endorsements_buffer) + { + oe_attestation_header_t* endorsements = + (oe_attestation_header_t*)endorsements_buffer; + + if (endorsements_buffer_size < + sizeof(oe_attestation_header_t) || + endorsements->version != OE_ATTESTATION_HEADER_VERSION) + OE_RAISE_MSG( + OE_INVALID_PARAMETER, + "Invalid attestation header version %d, expected %d", + endorsements->version, + OE_ATTESTATION_HEADER_VERSION); + + if (endorsements_buffer_size != + (endorsements->data_size + sizeof(oe_attestation_header_t))) + OE_RAISE_MSG( + OE_INVALID_PARAMETER, + "Endorsements buffer size is invalid. " + "Header data size: %d bytes, endorsements buffer size: " + "%d", + endorsements->data_size, + endorsements_buffer_size); + + if (memcmp( + &evidence->format_id, + &endorsements->format_id, + sizeof(evidence->format_id)) != 0) + OE_RAISE(OE_CONSTRAINT_FAILED); + + plugin_endorsements = endorsements->data; + plugin_endorsements_size = endorsements->data_size; + } + + plugin_evidence = evidence->data; + plugin_evidence_size = evidence->data_size; + format_id = &evidence->format_id; + } } else { @@ -405,7 +422,7 @@ oe_result_t oe_verify_attestation_certificate_with_evidence( oe_cert_t cert = {0}; uint8_t* report = NULL; size_t report_size = 0; - oe_report_header_t* header = NULL; + oe_attestation_header_t* header = NULL; uint8_t* pub_key_buff = NULL; size_t pub_key_buff_size = KEY_BUFF_SIZE; oe_claim_t* claims = NULL; @@ -472,7 +489,7 @@ oe_result_t oe_verify_attestation_certificate_with_evidence( if (oid_array_index >= 2) // oid_oe_evidence or oid_new_oe_evidence { // find the report version - header = (oe_report_header_t*)report; + header = (oe_attestation_header_t*)report; if (header->version != OE_ATTESTATION_HEADER_VERSION) OE_RAISE_MSG( OE_INVALID_PARAMETER, diff --git a/docs/DesignDocs/AttestationEvidenceFormatSupport.md b/docs/DesignDocs/AttestationEvidenceFormatSupport.md index a210a746a5..0b24758482 100644 --- a/docs/DesignDocs/AttestationEvidenceFormatSupport.md +++ b/docs/DesignDocs/AttestationEvidenceFormatSupport.md @@ -15,7 +15,7 @@ Goals: User Experience --------------- -New parameter `format_id` will be added to `oe_verify_evidence` to verify various evidences other than the ones generated by `oe_get_evidence()`, such as a raw SGX quote. To verify an evidence generated by `oe_get_evidence()`, `format_id` should be `null`. +New parameter `format_id` will be added to `oe_verify_evidence()` to verify various evidences other than the ones generated by `oe_get_evidence()`, such as a raw SGX quote. To verify an evidence generated by `oe_get_evidence()`, `format_id` should be `null`. To verify an evidence generated by the legacy API `oe_get_report()`, the `format_id` can be `null` optionally so that `oe_verify_evidence()` could handle both evidence formats with the same input parameters. Scenario 1 - Verifier verifies a raw evidence (not generated by `oe_get_evidence()`) of known format id: @@ -23,16 +23,16 @@ Scenario 1 - Verifier verifies a raw evidence (not generated by `oe_get_evidence 2. Get the raw evidence and its format id from an attester, such as get a raw sgx quote from Intel SGX SDK. 3. Call the new API with the evidence and the format id to verify the evidence. -Scenario 2 - Verifier verifies an evidence generated by `oe_get_evidence()`: +Scenario 2 - Verifier verifies an evidence generated by `oe_get_evidence()` or legacy `oe_get_report()`: 1. Call OE SDK public API to initialize verifier plugins. -2. Call the new API to verify the evidence. The format id is not required because it is contained in the evidence buffer. +2. Call the new API to verify the evidence. The format id is not required. Scenario 1 is for users who provide their own evidence structures (like #2999, user hopes to verify a raw sgx quote). -Scenario 2 is for users use the existing OESDK everywhere. They can use oe_generate_evidence to generate an oe_evidence structure and verify it by oe_verify_evidence. +Scenario 2 is for users use the existing OESDK everywhere. They can use `oe_get_evidence()` to generate an oe_evidence structure and verify it by `oe_verify_evidence()`. -In scenario 2, users should pass a `null` format id so that new `oe_get_evidence()` avoids guessing the provided evidence is a raw evidence or an oe_evidence, and the cases that the provided format id is not consistent with the id contained in the oe_evidence buffer. +In scenario 2, users should pass a `null` format id so that new `oe_verify_evidence()` avoids guessing the provided evidence is generated by an OESDK API (`oe_get_evidence()` or legacy `oe_get_report()`) or not, and the cases that the provided format id is not consistent with the id contained in the oe_evidence buffer. ``` Attester Verifier --------- ---------- @@ -64,17 +64,17 @@ oe_result_t oe_verify_evidence( oe_claim_t** claims, size_t* claims_length); ``` -This API is used to verify both evidences whose format id is provided by verifier and who is generated by `oe_get_evidence()`. When actual format_id is provided, it decouples evidence format ID and raw evidence buffer. When format_id is `null`, the API acts the same as previous `oe_get_evidence()`. This new design will provide more flexibility. +This API is used to verify both evidences whose format id is provided by verifier and who is generated by `oe_get_evidence()`. When actual format_id is provided, it decouples evidence format ID and raw evidence buffer. When format_id is `null`, the API acts the same as previous `oe_verify_evidence()`. This new design will provide more flexibility. ### New Format ID -According to issue #2999 reported by attestation service, it has to support two new evidence formats: the raw evidence generated by SGX quote generation and `oe_get_report()`. Thus, two new id need to be defined for evidence generated by `oe_get_report()`. +According to issue #2999 reported by attestation service, it has to support two new evidence formats: the raw evidence generated by SGX quote generation and `oe_get_report()`. Thus, two new id were defined. ``` -#define OE_FORMAT_UUID_SGX_ECDSA_P256_QUOTE { _uuid_ } -#define OE_FORMAT_UUID_SGX_ECDSA_P256_REPORT { _uuid_ } +#define OE_FORMAT_UUID_RAW_SGX_QUOTE_ECDSA { _uuid_ } +#define OE_FORMAT_UUID_LEGACY_REPORT_REMOTE { _uuid_ } ``` -Current `OE_FORMAT_UUID_SGX_ECDSA_P256` format id is still used to identify the SGX ECDSA-p256 evidence generated by `oe_get_evidence()`. +`OE_FORMAT_UUID_SGX_ECDSA` format id is still used to identify the SGX ECDSA-p256 evidence generated by `oe_get_evidence()`. ### Additional Claims diff --git a/docs/DesignDocs/Attestation_API_Proposal.md b/docs/DesignDocs/Attestation_API_Proposal.md index f7315eaf71..507fc65f17 100644 --- a/docs/DesignDocs/Attestation_API_Proposal.md +++ b/docs/DesignDocs/Attestation_API_Proposal.md @@ -250,13 +250,9 @@ Use cases for evidence verification: - Verify evidence, optionally with a set of endorsements and policies. - Function `oe_result_t oe_verify_evidence(const oe_uuid_t* format_id, const uint8_t* evidence_buffer, size_t evidence_buffer_size, const uint8_t* endorsements_buffer, size_t endorsements_buffer_size, const oe_policy_t* policies, size_t policies_size, oe_claim_t** claims, size_t* claims_length)`. - The optional parameter `format_id` is added. - - If it is `NULL`, the `evidence_buffer` and `endorsements_buffer` - must be wrapped with an attestation header that contains a valid - format ID. - - Otherwise, it must hold a valid format ID that identifies the - type of evidence and endorsements data in the `evidence_buffer` and - `endorsements_buffer` parameters. The data in these two buffers must not - be wrapped with an attestation header. + - If the `evidence_buffer` is generated by the legacy API `oe_get_report()`, the `format_id` could optionally be `NULL` and it will then be assigned to `OE_FORMAT_UUID_LEGACY_REPORT_REMOTE`. + - Otherwise, if the `format_id` is `NULL`, the `evidence_buffer` and `endorsements_buffer` must be wrapped with an attestation header that contains a valid format ID. + - If the `format_id` is not `NULL`, it must hold a valid format ID that identifies the type of evidence and endorsements data in the `evidence_buffer` and `endorsements_buffer` parameters. The data in these two buffers must not be wrapped with an attestation header. - Otherwise, this function has the same definition as in the OE SDK V0.9 release. - Free a dynamically allocated claims list buffer. @@ -659,6 +655,8 @@ The API function `oe_verify_evidence()` supports the values listed below in its * `NULL`: * The input evidence is generated by `oe_get_evidence()`, with the `OE_EVIDENCE_FLAGS_EMBED_FORMAT_ID` bit set in its `flags` parameter. + * The input evidence is an OE report generated by the legacy API function + `oe_get_report()` with the `OE_REPORT_FLAGS_REMOTE_ATTESTATION` flag. * `OE_FORMAT_UUID_SGX_LOCAL_ATTESTATION`: * The input evidence is generated by `oe_get_evidence()` for format `OE_FORMAT_UUID_SGX_LOCAL_ATTESTATION`, with the diff --git a/include/openenclave/attestation/verifier.h b/include/openenclave/attestation/verifier.h index 7360d227eb..3ffa66576c 100644 --- a/include/openenclave/attestation/verifier.h +++ b/include/openenclave/attestation/verifier.h @@ -139,9 +139,10 @@ oe_result_t oe_verifier_free_format_settings(uint8_t* settings); * * @param[in] format_id The optional format id of the evidence to be verified. * If this parameter is NULL, the evidence_buffer (and endorsement_buffer if - * not NULL) must contain data with an attestation header holding a valid - * format id. Otherwise, this parameter must hold a valid format id, and the - * envidence and endorsements data must not be wrapped with an attestation + * not NULL) must either contain data with an attestation header holding a valid + * format id, or be an oe report generated by the legacy API function + * oe_get_report(). Otherwise, this parameter must hold a valid format id, and + * the envidence and endorsements data must not be wrapped with an attestation * header. * @param[in] evidence_buffer The evidence buffer. * @param[in] evidence_buffer_size The size of evidence_buffer in bytes. diff --git a/tests/attestation_plugin/plugin/tests.c b/tests/attestation_plugin/plugin/tests.c index 5e830f54eb..39c5352fb7 100644 --- a/tests/attestation_plugin/plugin/tests.c +++ b/tests/attestation_plugin/plugin/tests.c @@ -402,6 +402,175 @@ static void* _find_claim( return NULL; } +static void _test_claims( + const oe_claim_t* claims, + size_t claims_size, + sgx_evidence_format_type_t format_type, + bool is_local, + const uint8_t* report_body, + const oe_uuid_t* format_id, + const oe_sgx_endorsements_t* sgx_endorsements, + const uint8_t* custom_claims_buffer, + size_t custom_claims_buffer_size) +{ + oe_report_t report; + const sgx_report_body_t* sgx_report_body; + void* value; + bool flag; + + // Check SGX report identity and OE claims + sgx_report_body = format_type == SGX_FORMAT_TYPE_LOCAL + ? &((sgx_report_t*)report_body)->body + : &((sgx_quote_t*)report_body)->report_body; + + // Make sure that the identity info matches with the regular oe report. + OE_TEST_CODE( + oe_parse_sgx_report_body(sgx_report_body, !is_local, &report), OE_OK); + + // Check id version. + value = _find_claim(claims, claims_size, OE_CLAIM_ID_VERSION); + OE_TEST(value != NULL && *((uint32_t*)value) == report.identity.id_version); + + // Check security version. + value = _find_claim(claims, claims_size, OE_CLAIM_SECURITY_VERSION); + OE_TEST( + value != NULL && + *((uint32_t*)value) == report.identity.security_version); + + // Check attributes + value = _find_claim(claims, claims_size, OE_CLAIM_ATTRIBUTES); + OE_TEST(value != NULL && *((uint64_t*)value) == report.identity.attributes); + + // Check unique ID + value = _find_claim(claims, claims_size, OE_CLAIM_UNIQUE_ID); + OE_TEST( + value != NULL && memcmp( + value, + &report.identity.unique_id, + sizeof(report.identity.unique_id)) == 0); + + // Check signer ID + value = _find_claim(claims, claims_size, OE_CLAIM_SIGNER_ID); + OE_TEST( + value != NULL && memcmp( + value, + &report.identity.signer_id, + sizeof(report.identity.signer_id)) == 0); + + // Check product ID + value = _find_claim(claims, claims_size, OE_CLAIM_PRODUCT_ID); + OE_TEST( + value != NULL && memcmp( + value, + &report.identity.product_id, + sizeof(report.identity.product_id)) == 0); + + // Check UUID. + value = _find_claim(claims, claims_size, OE_CLAIM_FORMAT_UUID); + OE_TEST(value != NULL && memcmp(value, format_id, sizeof(*format_id)) == 0); + + // Check SGX Page Fault, General Protection Exception Reported to an SSA + // Frame or Not + flag = !!(sgx_report_body->miscselect & SGX_MISC_FLAGS_PF_GP_EXIT_INFO); + value = _find_claim(claims, claims_size, OE_CLAIM_SGX_PF_GP_EXINFO_ENABLED); + OE_TEST(value != NULL && memcmp(value, &flag, sizeof(flag)) == 0); + + // Check SGX Report ISV Extended Product ID + value = + _find_claim(claims, claims_size, OE_CLAIM_SGX_ISV_EXTENDED_PRODUCT_ID); + OE_TEST( + value != NULL && memcmp( + value, + sgx_report_body->isvextprodid, + sizeof(sgx_report_body->isvextprodid)) == 0); + + // Check whether the SGX Report is Mode 64bit or not. + flag = !!(sgx_report_body->attributes.flags & SGX_FLAGS_MODE64BIT); + value = _find_claim(claims, claims_size, OE_CLAIM_SGX_IS_MODE64BIT); + OE_TEST(value != NULL && memcmp(value, &flag, sizeof(flag)) == 0); + + // Check SGX Report Has Provision Key or Not + flag = !!(sgx_report_body->attributes.flags & SGX_FLAGS_PROVISION_KEY); + value = _find_claim(claims, claims_size, OE_CLAIM_SGX_HAS_PROVISION_KEY); + OE_TEST(value != NULL && memcmp(value, &flag, sizeof(flag)) == 0); + + // Check SGX Report Has Einittoken Key or Not + flag = !!(sgx_report_body->attributes.flags & SGX_FLAGS_EINITTOKEN_KEY); + value = _find_claim(claims, claims_size, OE_CLAIM_SGX_HAS_EINITTOKEN_KEY); + OE_TEST(value != NULL && memcmp(value, &flag, sizeof(flag)) == 0); + + // Check SGX Use KSS or Not + flag = !!(sgx_report_body->attributes.flags & SGX_FLAGS_KSS); + value = _find_claim(claims, claims_size, OE_CLAIM_SGX_USES_KSS); + OE_TEST(value != NULL && memcmp(value, &flag, sizeof(flag)) == 0); + + // Check SGX Report Configuration ID + value = _find_claim(claims, claims_size, OE_CLAIM_SGX_CONFIG_ID); + OE_TEST( + value != NULL && memcmp( + value, + sgx_report_body->configid, + sizeof(sgx_report_body->configid)) == 0); + + // Check SGX Report Configuration Security Version + value = _find_claim(claims, claims_size, OE_CLAIM_SGX_CONFIG_SVN); + OE_TEST( + value != NULL && memcmp( + value, + &sgx_report_body->configsvn, + sizeof(sgx_report_body->configsvn)) == 0); + + // Check SGX Report ISV Family ID + value = _find_claim(claims, claims_size, OE_CLAIM_SGX_ISV_FAMILY_ID); + OE_TEST( + value != NULL && memcmp( + value, + sgx_report_body->isvfamilyid, + sizeof(sgx_report_body->isvfamilyid)) == 0); + + // Check date time. Date time testing will be performed in _test_time() and + // _test_time_policy() + value = _find_claim(claims, claims_size, OE_CLAIM_VALIDITY_FROM); + OE_TEST(is_local || value != NULL); + + value = _find_claim(claims, claims_size, OE_CLAIM_VALIDITY_UNTIL); + OE_TEST(is_local || value != NULL); + + // Check SGX optional claims: + if (sgx_endorsements) + { + for (uint32_t i = OE_REQUIRED_CLAIMS_COUNT + + OE_SGX_REQUIRED_CLAIMS_COUNT + + OE_OPTIONAL_CLAIMS_COUNT, + j = 1; + j <= OE_SGX_OPTIONAL_CLAIMS_COUNT; + i++, j++) + { + value = claims[i].value; + OE_TEST( + value != NULL && memcmp( + value, + sgx_endorsements->items[j].data, + sgx_endorsements->items[j].size) == 0); + } + } + + // Check custom claims / sgx_report_data. + // For SGX report or quote, this is captured in SGX report data. + if (custom_claims_buffer) + { + if (format_type == SGX_FORMAT_TYPE_LOCAL || + format_type == SGX_FORMAT_TYPE_REMOTE) + value = + _find_claim(claims, claims_size, OE_CLAIM_CUSTOM_CLAIMS_BUFFER); + else + value = _find_claim(claims, claims_size, OE_CLAIM_SGX_REPORT_DATA); + OE_TEST( + value != NULL && + !memcmp(custom_claims_buffer, value, custom_claims_buffer_size)); + } +} + static void _process_endorsements( const uint8_t* endorsements, size_t endorsements_size, @@ -567,20 +736,16 @@ void verify_sgx_evidence( oe_attestation_header_t* evidence_header = (oe_attestation_header_t*)evidence; - oe_report_t report; oe_claim_t* claims = NULL; size_t claims_size = 0; oe_sgx_endorsements_t sgx_endorsements; - void* value; void* from; void* until; bool is_local; - bool flag; sgx_evidence_format_type_t format_type = SGX_FORMAT_TYPE_UNKNOWN; const uint8_t* report_body = NULL; size_t report_body_size = 0; - const sgx_report_body_t* sgx_report_body = NULL; const uint8_t* endorsements_body = NULL; size_t endorsements_body_size = 0; @@ -729,141 +894,20 @@ void verify_sgx_evidence( &claims_size), OE_OK); - // Check SGX report identity and OE claims - sgx_report_body = format_type == SGX_FORMAT_TYPE_LOCAL - ? &((sgx_report_t*)report_body)->body - : &((sgx_quote_t*)report_body)->report_body; - - // Make sure that the identity info matches with the regular oe report. - OE_TEST_CODE( - oe_parse_sgx_report_body(sgx_report_body, !is_local, &report), OE_OK); - - // Check id version. - value = _find_claim(claims, claims_size, OE_CLAIM_ID_VERSION); - OE_TEST(value != NULL && *((uint32_t*)value) == report.identity.id_version); - - // Check security version. - value = _find_claim(claims, claims_size, OE_CLAIM_SECURITY_VERSION); - OE_TEST( - value != NULL && - *((uint32_t*)value) == report.identity.security_version); - - // Check attributes - value = _find_claim(claims, claims_size, OE_CLAIM_ATTRIBUTES); - OE_TEST(value != NULL && *((uint64_t*)value) == report.identity.attributes); - - // Check unique ID - value = _find_claim(claims, claims_size, OE_CLAIM_UNIQUE_ID); - OE_TEST( - value != NULL && memcmp( - value, - &report.identity.unique_id, - sizeof(report.identity.unique_id)) == 0); - - // Check signer ID - value = _find_claim(claims, claims_size, OE_CLAIM_SIGNER_ID); - OE_TEST( - value != NULL && memcmp( - value, - &report.identity.signer_id, - sizeof(report.identity.signer_id)) == 0); - - // Check product ID - value = _find_claim(claims, claims_size, OE_CLAIM_PRODUCT_ID); - OE_TEST( - value != NULL && memcmp( - value, - &report.identity.product_id, - sizeof(report.identity.product_id)) == 0); - - // Check UUID. - value = _find_claim(claims, claims_size, OE_CLAIM_FORMAT_UUID); - OE_TEST(value != NULL && memcmp(value, format_id, sizeof(*format_id)) == 0); - - // Check SGX Page Fault, General Protection Exception Reported to an SSA - // Frame or Not - flag = !!(sgx_report_body->miscselect & SGX_MISC_FLAGS_PF_GP_EXIT_INFO); - value = _find_claim(claims, claims_size, OE_CLAIM_SGX_PF_GP_EXINFO_ENABLED); - OE_TEST(value != NULL && memcmp(value, &flag, sizeof(flag)) == 0); - - // Check SGX Report ISV Extended Product ID - value = - _find_claim(claims, claims_size, OE_CLAIM_SGX_ISV_EXTENDED_PRODUCT_ID); - OE_TEST( - value != NULL && memcmp( - value, - sgx_report_body->isvextprodid, - sizeof(sgx_report_body->isvextprodid)) == 0); - - // Check SGX Report Is Mode 64bit or Not - flag = !!(sgx_report_body->attributes.flags & SGX_FLAGS_MODE64BIT); - value = _find_claim(claims, claims_size, OE_CLAIM_SGX_IS_MODE64BIT); - OE_TEST(value != NULL && memcmp(value, &flag, sizeof(flag)) == 0); - - // Check SGX Report Has Provision Key or Not - flag = !!(sgx_report_body->attributes.flags & SGX_FLAGS_PROVISION_KEY); - value = _find_claim(claims, claims_size, OE_CLAIM_SGX_HAS_PROVISION_KEY); - OE_TEST(value != NULL && memcmp(value, &flag, sizeof(flag)) == 0); - - // Check SGX Report Has Einittoken Key or Not - flag = !!(sgx_report_body->attributes.flags & SGX_FLAGS_EINITTOKEN_KEY); - value = _find_claim(claims, claims_size, OE_CLAIM_SGX_HAS_EINITTOKEN_KEY); - OE_TEST(value != NULL && memcmp(value, &flag, sizeof(flag)) == 0); - - // Check SGX Use KSS or Not - flag = !!(sgx_report_body->attributes.flags & SGX_FLAGS_KSS); - value = _find_claim(claims, claims_size, OE_CLAIM_SGX_USES_KSS); - OE_TEST(value != NULL && memcmp(value, &flag, sizeof(flag)) == 0); - - // Check SGX Report Configuration ID - value = _find_claim(claims, claims_size, OE_CLAIM_SGX_CONFIG_ID); - OE_TEST( - value != NULL && memcmp( - value, - sgx_report_body->configid, - sizeof(sgx_report_body->configid)) == 0); - - // Check SGX Report Configuration Security Version - value = _find_claim(claims, claims_size, OE_CLAIM_SGX_CONFIG_SVN); - OE_TEST( - value != NULL && memcmp( - value, - &sgx_report_body->configsvn, - sizeof(sgx_report_body->configsvn)) == 0); - - // Check SGX Report ISV Family ID - value = _find_claim(claims, claims_size, OE_CLAIM_SGX_ISV_FAMILY_ID); - OE_TEST( - value != NULL && memcmp( - value, - sgx_report_body->isvfamilyid, - sizeof(sgx_report_body->isvfamilyid)) == 0); - - // Check date time. + _test_claims( + claims, + claims_size, + format_type, + is_local, + report_body, + format_id, + expected_endorsements ? &sgx_endorsements : NULL, + custom_claims_buffer, + custom_claims_buffer_size); + + // Test date time. from = _find_claim(claims, claims_size, OE_CLAIM_VALIDITY_FROM); - OE_TEST(is_local || from != NULL); - until = _find_claim(claims, claims_size, OE_CLAIM_VALIDITY_UNTIL); - OE_TEST(is_local || until != NULL); - - // Check SGX optional claims: - if (expected_endorsements) - { - for (uint32_t i = OE_REQUIRED_CLAIMS_COUNT + - OE_SGX_REQUIRED_CLAIMS_COUNT + - OE_OPTIONAL_CLAIMS_COUNT, - j = 1; - j <= OE_SGX_OPTIONAL_CLAIMS_COUNT; - i++, j++) - { - value = claims[i].value; - OE_TEST( - value != NULL && memcmp( - value, - sgx_endorsements.items[j].data, - sgx_endorsements.items[j].size) == 0); - } - } if (endorsements) { @@ -886,20 +930,6 @@ void verify_sgx_evidence( (oe_datetime_t*)until); } - // Check custom claims. - // For SGX report or quote, this is captured in SGX report data. - if (custom_claims_buffer) - { - if (format_type == SGX_FORMAT_TYPE_LOCAL || - format_type == SGX_FORMAT_TYPE_REMOTE) - value = - _find_claim(claims, claims_size, OE_CLAIM_CUSTOM_CLAIMS_BUFFER); - else - value = _find_claim(claims, claims_size, OE_CLAIM_SGX_REPORT_DATA); - OE_TEST( - value != NULL && - !memcmp(custom_claims_buffer, value, custom_claims_buffer_size)); - } OE_TEST_CODE(oe_free_claims(claims, claims_size), OE_OK); claims = NULL; claims_size = 0; @@ -1008,12 +1038,48 @@ void verify_sgx_evidence( &claims_size), OE_OK); + _test_claims( + claims, + claims_size, + SGX_FORMAT_TYPE_LEGACY_REPORT, + is_local, + report_body, + &_ecdsa_report_uuid, + expected_endorsements ? &sgx_endorsements : NULL, + (const uint8_t*)&hash, + sizeof(hash)); + + OE_TEST_CODE(oe_free_claims(claims, claims_size), OE_OK); + claims = NULL; + claims_size = 0; + + // Plugin should be able to handle legacy oe_report with NULL format id + OE_TEST_CODE( + oe_verify_evidence( + NULL, + report_buffer, + report_buffer_size, + NULL, + 0, + NULL, + 0, + &claims, + &claims_size), + OE_OK); + oe_free(report_buffer); report_buffer = NULL; - value = _find_claim(claims, claims_size, OE_CLAIM_SGX_REPORT_DATA); - - OE_TEST(value != NULL && !memcmp(&hash, value, sizeof(hash))); + _test_claims( + claims, + claims_size, + SGX_FORMAT_TYPE_LEGACY_REPORT, + is_local, + report_body, + &_ecdsa_report_uuid, + expected_endorsements ? &sgx_endorsements : NULL, + (const uint8_t*)&hash, + sizeof(hash)); OE_TEST_CODE(oe_free_claims(claims, claims_size), OE_OK); claims = NULL; @@ -1032,9 +1098,16 @@ void verify_sgx_evidence( &claims_size), OE_OK); - value = _find_claim(claims, claims_size, OE_CLAIM_SGX_REPORT_DATA); - - OE_TEST(value != NULL && !memcmp(&hash, value, sizeof(hash))); + _test_claims( + claims, + claims_size, + SGX_FORMAT_TYPE_RAW_QUOTE, + is_local, + report_body, + &_ecdsa_quote_uuid, + expected_endorsements ? &sgx_endorsements : NULL, + (const uint8_t*)&hash, + sizeof(hash)); OE_TEST_CODE(oe_free_claims(claims, claims_size), OE_OK); claims = NULL; @@ -1058,7 +1131,6 @@ void verify_sgx_evidence( OE_TEST(result == OE_INVALID_PARAMETER || result == OE_NOT_FOUND); // With failed oe_verify_evidence(), no claims are returned. - printf("done verify_sgx_evidence on OE_report / SGX_quote\n"); } }