From fb33f0cd69e0be520f08575c9405e6d9e1766c52 Mon Sep 17 00:00:00 2001 From: Zaptoss Date: Mon, 24 Mar 2025 16:45:09 +0200 Subject: [PATCH] A tool for viewing data in the attestation document issued by Nitro Secure Module --- describe-nitro-attestation/go.mod | 12 +++++++ describe-nitro-attestation/go.sum | 10 ++++++ describe-nitro-attestation/main.go | 56 ++++++++++++++++++++++++++++++ 3 files changed, 78 insertions(+) create mode 100644 describe-nitro-attestation/go.mod create mode 100644 describe-nitro-attestation/go.sum create mode 100644 describe-nitro-attestation/main.go diff --git a/describe-nitro-attestation/go.mod b/describe-nitro-attestation/go.mod new file mode 100644 index 0000000..15c4e17 --- /dev/null +++ b/describe-nitro-attestation/go.mod @@ -0,0 +1,12 @@ +module github.com/distributed-lab/enclave-extras/describe-nitro-attestation + +go 1.23.0 + +require github.com/distributed-lab/enclave-extras/attestation v0.1.3 + +require ( + github.com/ethereum/go-ethereum v1.13.15 // indirect + github.com/fxamacker/cbor/v2 v2.7.0 // indirect + github.com/holiman/uint256 v1.2.4 // indirect + github.com/x448/float16 v0.8.4 // indirect +) diff --git a/describe-nitro-attestation/go.sum b/describe-nitro-attestation/go.sum new file mode 100644 index 0000000..7f2f0cd --- /dev/null +++ b/describe-nitro-attestation/go.sum @@ -0,0 +1,10 @@ +github.com/distributed-lab/enclave-extras/attestation v0.1.3 h1:eD7gO6KMpsLTgnmQX5qChSDWOaENB5BI2Wdnt8qRQNc= +github.com/distributed-lab/enclave-extras/attestation v0.1.3/go.mod h1:li6e9fckEaqCPEgEwYfV2CoHRONCuRdqNY3vaypDVMI= +github.com/ethereum/go-ethereum v1.13.15 h1:U7sSGYGo4SPjP6iNIifNoyIAiNjrmQkz6EwQG+/EZWo= +github.com/ethereum/go-ethereum v1.13.15/go.mod h1:TN8ZiHrdJwSe8Cb6x+p0hs5CxhJZPbqB7hHkaUXcmIU= +github.com/fxamacker/cbor/v2 v2.7.0 h1:iM5WgngdRBanHcxugY4JySA0nk1wZorNOpTgCMedv5E= +github.com/fxamacker/cbor/v2 v2.7.0/go.mod h1:pxXPTn3joSm21Gbwsv0w9OSA2y1HFR9qXEeXQVeNoDQ= +github.com/holiman/uint256 v1.2.4 h1:jUc4Nk8fm9jZabQuqr2JzednajVmBpC+oiTiXZJEApU= +github.com/holiman/uint256 v1.2.4/go.mod h1:EOMSn4q6Nyt9P6efbI3bueV4e1b3dGlUCXeiRV4ng7E= +github.com/x448/float16 v0.8.4 h1:qLwI1I70+NjRFUR3zs1JPUCgaCXSh3SW62uAKT1mSBM= +github.com/x448/float16 v0.8.4/go.mod h1:14CWIYCyZA/cWjXOioeEpHeN/83MdbZDRQHoFcYsOfg= diff --git a/describe-nitro-attestation/main.go b/describe-nitro-attestation/main.go new file mode 100644 index 0000000..5c8df44 --- /dev/null +++ b/describe-nitro-attestation/main.go @@ -0,0 +1,56 @@ +package main + +import ( + "fmt" + "os" + "time" + + "github.com/distributed-lab/enclave-extras/attestation" +) + +func main() { + args := os.Args + + if len(args) == 1 { + fmt.Println("[E] Provide .coses1 file to describe") + os.Exit(1) + } + + filePath := args[1] + if _, err := os.Stat(filePath); err != nil { + if os.IsNotExist(err) { + fmt.Printf("[E] File does not exist: %s\n", filePath) + os.Exit(1) + } + fmt.Printf("[E] Error checking file: %s\n", err) + os.Exit(1) + } + + attestationDocRaw, err := os.ReadFile(filePath) + if err != nil { + fmt.Printf("[E] Failed to read file: %s\n", err) + os.Exit(1) + } + + attestationDoc, err := attestation.ParseNSMAttestationDoc(attestationDocRaw) + if err != nil { + fmt.Printf("[E] Failed to read file: %s\n", err) + os.Exit(1) + } + + fmt.Printf("ModuleID: %s\n", attestationDoc.ModuleID) + fmt.Printf("Timestamp: %s\n", attestationDoc.Timestamp.Format(time.RFC3339)) + fmt.Printf("Digest: %s\n", attestationDoc.Digest) + fmt.Printf("PCRs:\n") + for i := 0; i < 32; i++ { + measurement, ok := attestationDoc.PCRs[i] + if !ok { + continue + } + fmt.Printf("\tPCR[%d]: %x\n", i, measurement) + } + fmt.Printf("PublicKey: %x\n", attestationDoc.PublicKey) + fmt.Printf("UserData: %x\n", attestationDoc.UserData) + fmt.Printf("Nonce: %x\n", attestationDoc.Nonce) + fmt.Printf("IsValid: %t\n", attestationDoc.Verify() == nil) +}