Skip to content

Commit 7ee2ec2

Browse files
patrislavpatrislav
committed
enclave: include parsed SignedAttestation in Attestation
1 parent ddad757 commit 7ee2ec2

2 files changed

Lines changed: 20 additions & 8 deletions

File tree

enclave/attestation.go

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -11,6 +11,7 @@ import (
1111
"github.com/aws/aws-sdk-go-v2/service/kms/types"
1212

1313
"github.com/0xsequence/nitrocontrol/cms"
14+
"github.com/0xsequence/tee-verifier/nitro"
1415
)
1516

1617
// Attestation represents an open NSM session. It also includes a Document that is the result of
@@ -19,6 +20,9 @@ import (
1920
//
2021
// NOTE: Attestation must always be Closed manually after use.
2122
type Attestation struct {
23+
// SignedAttestation is the parsed attestation document.
24+
*nitro.SignedAttestation
25+
2226
// ReadCloser is an open NSM session. Reading from it returns random bytes.
2327
io.ReadCloser
2428

enclave/enclave.go

Lines changed: 16 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -8,6 +8,7 @@ import (
88
"fmt"
99

1010
"github.com/0xsequence/nsm/request"
11+
"github.com/0xsequence/tee-verifier/nitro"
1112
)
1213

1314
// Enclave communicates with the Nitro Security Module to acquire an Attestation.
@@ -73,11 +74,18 @@ func (e *Enclave) GetAttestation(ctx context.Context, nonce []byte, userData []b
7374
return nil, fmt.Errorf("attestation document is empty")
7475
}
7576

77+
parsed, err := nitro.Parse(res.Attestation.Document)
78+
if err != nil {
79+
_ = sess.Close()
80+
return nil, fmt.Errorf("parse attestation document: %w", err)
81+
}
82+
7683
att := &Attestation{
77-
ReadCloser: sess,
78-
document: res.Attestation.Document,
79-
kms: e.kms,
80-
key: e.privKey,
84+
SignedAttestation: parsed,
85+
ReadCloser: sess,
86+
document: res.Attestation.Document,
87+
kms: e.kms,
88+
key: e.privKey,
8189
}
8290
return att, nil
8391
}
@@ -96,10 +104,10 @@ func (e *Enclave) GetMeasurements(ctx context.Context, indices []uint16) (Measur
96104

97105
measurements := make(Measurements)
98106
for _, index := range indices {
99-
res, err := sess.Send(ctx, &request.DescribePCR{Index: index})
100-
if err != nil {
101-
return nil, fmt.Errorf("NSM DescribePCR call: %w", err)
102-
}
107+
res, err := sess.Send(ctx, &request.DescribePCR{Index: index})
108+
if err != nil {
109+
return nil, fmt.Errorf("NSM DescribePCR call: %w", err)
110+
}
103111
measurements[index] = hex.EncodeToString(res.DescribePCR.Data)
104112
}
105113

0 commit comments

Comments
 (0)