def attest()

in cvm-attestation/attest.py [0:0]

• 42 lines of code
• 1 McCabe index (conditional complexity)

def attest(c, t, s):
  # create a new console logger
  logger = Logger('logger').get_logger()
  logger.info("Attestation started...")
  logger.info(f"Reading config file: {c}")

  attestation_type = t
  attestation_type = attestation_type.lower()

  # creates an attestation parameters based on user's config
  config_json = parse_config_file(c)
  provider_tag = config_json.get('attestation_provider', None)
  endpoint = config_json.get('attestation_url', None)
  api_key = config_json.get('api_key', None)
  claims = config_json.get('claims', None)

  logger.info("Attestation tool configuration:")
  logger.info(f"provider_tag: {provider_tag}")
  logger.info(f"api_key: {api_key}")
  logger.info(f"claims: {claims}")

  isolation_type = IsolationTypeLookup.get(provider_tag, IsolationTypeLookup['default'])
  endpoint = get_endpoint(logger, isolation_type, attestation_type)
  logger.info(f"Attestation endpoint: {endpoint}")

  # Log SHA512 of user provided claims
  hash_object = hashlib.sha512(json.dumps(claims).encode('utf-8'))
  hex_dig = hash_object.hexdigest()
  logger.info(f"SHA512 of user provided claims: {hex_dig.upper()}")

  # Build attestation client parameters
  provider = AttestationProviderLookup.get(provider_tag, AttestationProviderLookup['default'])
  client_parameters = AttestationClientParameters(endpoint, provider, isolation_type, claims, api_key)

  # Attest based on user configuration
  attestation_client = AttestationClient(logger, client_parameters)
  if attestation_type in ATTESTATION_METHODS:
    method_name = ATTESTATION_METHODS[attestation_type]
    token = getattr(attestation_client, method_name)()
  else:
    raise AttestException(f"Invalid parameter for attestation type: '{attestation_type}'. \
                          Supported types: {', '.join(ATTESTATION_METHODS.keys())}")

  # Store hardware report and runtime data to files if the save flag is specified
  if s:
    # get the hardware evidence obtained by the attstation client
    hardware_evidence = attestation_client.get_hardware_evidence()
    hardware_report = hardware_evidence.hardware_report
    runtime_data = hardware_evidence.runtime_data

    # Store hardware report
    file_path = 'report.bin'
    with open(file_path, 'wb') as file:
      file.write(hardware_report)
    logger.info(f"Output successfully written to: {file_path}")

    # Stores the runtime data in a json file
    json_data = json.loads(runtime_data)
    with open('runtime_data.json', 'w') as file:
      json.dump(json_data, file, indent=2)
      logger.info(f"Output successfully written to: 'runtime_data.json'")