in src/local_gpu_verifier/src/verifier/attestation/__init__.py [0:0]
def verify_signature(self, certificate, signature_length, hashfunc):
""" Performs the signature verification of the attestation report.
Args:
certificate (OpenSSL.crypto.X509): The GPU attestation leaf certificate.
signature_length (int): the length of the signature field of the attestation report.
hashfunc (_hashlib.HASH): The hashlib hash function.
Returns:
[bool]: return True if the signature verification is successful
otherwise, return False.
"""
try:
event_log.debug("Extracting the public key from the certificate for the attestation report.")
public_key = extract_public_key(certificate)
verifying_key = VerifyingKey.from_pem(public_key)
event_log.debug("Extracted the public key from the certificate for the the attestation report.")
data_whose_signature_is_to_be_verified = AttestationReport.concatenate(request_data = self.request_data,
response_data = self.response_data,
signature_length = signature_length)
signature = self.get_response_message().get_signature()
event_log.debug("Verifying the signature of the attestation report.")
status = verifying_key.verify(signature, data_whose_signature_is_to_be_verified, hashfunc = hashfunc)
return status
except BadSignatureError:
return False
except Exception as error:
err_msg = "Something went wrong during attestation report signature verification."
info_log.info(err_msg)
return False