Skip to content

Instantly share code, notes, and snippets.

@bl4ck5un

bl4ck5un/ias_test.py

Created December 30, 2016 03:30
Show Gist options
  • Save bl4ck5un/cf05402069504d68cd4f8184f4767de6 to your computer and use it in GitHub Desktop.
Save bl4ck5un/cf05402069504d68cd4f8184f4767de6 to your computer and use it in GitHub Desktop.
Download ZIP
contact IAS via REST API
Raw
ias_test.py
import requests as rq
import httpsig
import json
import pprint
KEY_DIR = '/home/fan/Downloads/att_keys'
cert=(KEY_DIR + '/client.crt', KEY_DIR + '/client.key')
def print_headers(headers):
print 'HEADERS: '
for k, v in headers.iteritems():
print k, ': ', v
def parse_request(r):
print '-------------BEGIN RESPONSE----------------------'
print 'STATUS CODE: ', r.status_code
print_headers(r.headers)
try:
j = r.json()
print 'JSON: ', json.dumps(j, indent=4, separators=(',', ': '))
except ValueError:
pass
print '--------------END OF RESPONSE--------------------'
intel_url = "https://test-as.sgx.trustedservices.intel.com:443/attestation/sgx/v1"
"""
A note for gid:
Base 16-encoded representation of the EPID group ID provided by the platform,
encoded as a Big Endian integer.
"""
gid="00000283"
url = intel_url + "/sigrl/" + gid
r = rq.get(url, cert=cert)
parse_request(r)
r = rq.get('https://test-as.sgx.trustedservices.intel.com:443/attestation/sgx/v1/report/275282483811748960165302352346594337759',
cert=cert)
parse_request(r)
import json
quote = "AQABAIMCAAAEAAAAAAAAAPCPp6rjdFLfMtaSVrmphfAAAAAAAAAAAAAAAAAAAAAAAwMCBAEBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwAAAAAAAAAHAAAAAAAAADDmJLFC1SML7iVwuoaX0p4zG2UIIMX9K3qqbV9vBvdKAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACD1xnnferKFHD2uvYqTXdDA8iZ22kCD5xw7h38CMfOngAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAouIdJ9nkTVZeKE9RsSzz5wWgvttnyuP6l/z8vf4CXQH8DAAAAAAAAAQAAAAAAAAAgHN9xan8AAHC/H0H8fwAAqAIAAFV0rHICfIauGPAFfxEXdaOaW29QTpBUYL7XmtjuFMyvWtlSNXIlAzHrHZq2jOVkdKSVX1x3yQAh8+WxVO/SqX99Lmb98EzZZdtsEU0do++J3kKzmAyTNfPj0+krH3FUDF+EFA+VMQ+y0rk+rWoBNl1XPCDlod9iZucZBH37IppXgF1sl2s9ykfMMMvK7oVy8ermumyrHXpbfcDH0QM1ZkXKDGxwUBp0eO+nWw4WCa1YsRAE/Kok5nZMvaxJk0bIp/g9AyxxCOW9hXuwTrKO8CJOyHfrT6khV5I+qekDlKjdWCcjL7G9HeqUs6ubnZJAnWW82DBM3NLaLaiXFUUmfiACM6s1jOxC6KFyaB+EYxnQdlmgiT6oalHbb1XOh9jjmb9Sf0c6cS1H2DzqT2gBAACpftvmVSxEaeHB9veeO70jHjAxczWfPOwieS+zkLrTKwA1QS5ZaoZ/mZ222lFKZniE4eJDOsGg5IO6ubV32rD7B3FVXggnG/rl3Ynkm07N1DbJoxNaFeCPL7jD8iDV9PJX/w2UP81FbBcUuBMUHoVNHroBc7C/f9iAqJZpHrM3q6y3P9/HfM6Eiv8aHylLcmuSO6MY29BooGmzs7Z5i8+tQwhl1nH7GLgO1VM66ohTMkVZj97KuJOkqzGgFmBrOoS/uWEFIWOAqDGfXWjTPAfIYohwiY4MqK/yPzA9HsrYvb0dniIqujjwzfDcihsqZ2K3ptqQoaYIDJ9zSQ0+wHW5rpeLUbnAa78SseOqAWhboDhnBdl804xUb7ipjEh3D9ZGhk+MjJbKKOHm1s+fedNTR8y3PuHtXU0HdkY4k3ekh9oN5JqgCr/YQZcFItU0ylixulAm9U2tXscDFAkL1AEpTMTvtBsG6K0UctpleCkKfmTrKHKaj4Si"
att_evidence_payload = {
'isvEnclaveQuote': quote,
}
r = rq.post(intel_url + '/report', json=att_evidence_payload, cert=cert)
pubkey = open('RK_PUB.PEM', 'rb').read()
http_verifier = httpsig.Verifier(secret=pubkey, algorithm='rsa-sha256')
parse_request(r)
print r.content
print 'VERIFICATION: ', http_verifier._verify(r.content, r.headers['x-iasreport-signature'])
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment