in source/attestation.c [98:139]
int aws_attestation_request(
struct aws_allocator *allocator,
struct aws_rsa_keypair *keypair,
struct aws_byte_buf *attestation_document) {
AWS_PRECONDITION(keypair != NULL && keypair->key_impl != NULL);
if (allocator == NULL) {
allocator = aws_nitro_enclaves_get_allocator();
}
int nsm_fd = nsm_lib_init();
if (nsm_fd < 0) {
return AWS_OP_ERR;
}
CBB out;
if (CBB_init(&out, 0) != 1 || EVP_marshal_public_key(&out, keypair->key_impl) != 1) {
CBB_cleanup(&out);
return AWS_OP_ERR;
}
/* Get the attestation document. */
uint8_t att_doc[NSM_MAX_ATTESTATION_DOC_SIZE];
uint32_t att_doc_len = NSM_MAX_ATTESTATION_DOC_SIZE;
int rc = nsm_get_attestation_doc(nsm_fd, NULL, 0, NULL, 0, CBB_data(&out), CBB_len(&out), att_doc, &att_doc_len);
if (rc) {
CBB_cleanup(&out);
nsm_lib_exit(nsm_fd);
return AWS_OP_ERR;
}
CBB_cleanup(&out);
struct aws_byte_cursor cursor = aws_byte_cursor_from_array(att_doc, att_doc_len);
if (AWS_OP_SUCCESS != aws_byte_buf_init_copy_from_cursor(attestation_document, allocator, cursor)) {
nsm_lib_exit(nsm_fd);
return AWS_OP_ERR;
}
nsm_lib_exit(nsm_fd);
return AWS_OP_SUCCESS;
}