in cvm-attestation/src/AttestationProvider.py [0:0]
def print_tdx_guest_claims(self, encoded_token):
try:
claims = jwt.decode(encoded_token, options={"verify_signature": False})
if claims['x-ms-isolation-tee']['x-ms-compliance-status'] == 'azure-compliant-cvm':
self.log.info(f"Claims:")
self.log.info(f"Attestation Type: {claims['x-ms-isolation-tee']['x-ms-attestation-type']}")
self.log.info(f"Status: {claims['x-ms-isolation-tee']['x-ms-compliance-status']}")
self.log.info(f"MR SEAM: {claims['x-ms-isolation-tee']['tdx_mrseam']}")
self.log.info(f"MR TD: {claims['x-ms-isolation-tee']['tdx_report_data']}")
self.log.info(f"SEAM SVN: {claims['x-ms-isolation-tee']['tdx_seamsvn']}")
self.log.info(f"TD Attributes: {claims['x-ms-isolation-tee']['tdx_td_attributes']}")
self.log.info(f"TEE TCB SVN: {claims['x-ms-isolation-tee']['tdx_tee_tcb_svn']}")
self.log.info(f"Report Data: {claims['x-ms-isolation-tee']['tdx_report_data']}")
self.log.info(f"User Claims Digest: {claims['x-ms-isolation-tee']['x-ms-runtime']['user-data']}")
self.log.info("Attested Guest Successfully!!")
except Exception as e:
raise AttestationProviderException(f'Exception while decoding jwt. Exception: {e}')