in samplecode/ue-ra/ue-ra-client-java/src/main/java/org/rustsgx/ueraclientjava/VerifyMraCert.java [105:189]
public static void verifyAtteReport(byte[] attnReportRaw, byte[] pubK) throws Exception {
//extract data from attReportJson
Gson gson = new Gson();
String attReportJson = new String();
for (int i = 0; i < attnReportRaw.length; i++) {
attReportJson += (char) attnReportRaw[i];
}
SgxQuoteReport sgxQr;
try {
sgxQr = gson.fromJson(attReportJson, SgxQuoteReport.class);
} catch (Exception e) {
throw e;
}
//1 Check timestamp is within 24H
if (sgxQr.getTimestamp().length() != 0) {
String timeFixed = sgxQr.getTimestamp() + "Z";
DateTime dateTime = new DateTime(timeFixed);
DateTime now = new DateTime();
Interval interval = new Interval(dateTime.getMillis(), now.getMillis());
System.out.printf("Time diff = %d\n", Seconds.secondsIn(interval).getSeconds());
} else {
throw new Exception("Failed to fetch timestamp from attestation report");
}
//2 Verify quote status (mandatory field)
if (sgxQr.getIsvEnclaveQuoteStatus().length() != 0) {
System.out.printf("isvEnclaveQuoteStatus = %s\n", sgxQr.getIsvEnclaveQuoteStatus());
switch (sgxQr.getIsvEnclaveQuoteStatus()) {
case "OK":
break;
case "GROUP_OUT_OF_DATE":
case "GROUP_REVOKED":
case "CONFIGURATION_NEEDED":
if (sgxQr.getPlatformInfoBlob().length() != 0) {
byte[] pfBlob = HexBin.decode(sgxQr.getPlatformInfoBlob());
PlatformInfoBlob platformInfoBlob = new PlatformInfoBlob();
platformInfoBlob.parsePlatInfo(Arrays.copyOfRange(pfBlob, 4, pfBlob.length), platformInfoBlob);
System.out.printf("Platform info is: %s\n", gson.toJson(platformInfoBlob));
} else {
throw new Exception("Failed to fetch platformInfoBlob from attestation report");
}
break;
default:
throw new Exception("SGX_ERROR_UNEXPECTED");
}
} else {
throw new Exception("Failed to fetch isvEnclaveQuoteStatus from attestation report");
}
// 3 Verify quote body
if (sgxQr.getIsvEnclaveQuoteBody().length() != 0) {
Base64.Decoder decoder = Base64.getDecoder();
byte[] qb = decoder.decode(sgxQr.getIsvEnclaveQuoteBody());
String qbString = new String();
String qbBytes = new String();
String pubKeyString = new String();
for (int i = 0; i < qb.length; i++) {
qbBytes += String.format("%d, ", Byte.toUnsignedInt(qb[i]));
qbString += String.format("%02x", qb[i]);
}
for (int i = 0; i < pubK.length; i++) {
pubKeyString += String.format("%02x", pubK[i]);
}
QuoteReportData quoteReportData = new QuoteReportData();
quoteReportData.pareReport(qb, qbString, quoteReportData);
System.out.println("Quote = [" + qbBytes.substring(0, qbBytes.length() - 2) + "]");
System.out.printf("sgx quote version = %s\n", quoteReportData.getVersion());
System.out.printf("sgx quote signature type = %s\n", quoteReportData.getSignType());
System.out.printf("sgx quote report_data = %s\n", quoteReportData.getQuoteReportBody().getReportData());
System.out.printf("sgx quote mr_enclave = %s\n", quoteReportData.getQuoteReportBody().getMrEnclave());
System.out.printf("sgx quote mr_signer = %s\n", quoteReportData.getQuoteReportBody().getMrSigner());
System.out.printf("Anticipated public key = %s\n", pubKeyString);
if (pubKeyString.equals(quoteReportData.getQuoteReportBody().getReportData())) {
System.out.println("ue RA done!");
}
} else {
throw new Exception("Failed to fetch isvEnclaveQuoteBody from attestation report");
}
}