Module blindai.dcap_attestation

Functions

def verify_claims(claims: DcapClaims, policy: Policy)

Verify enclave claims against a policy.

Args

claims : DcapClaims
The claims.
policy : Policy
The enclave policy.

Raises

AttestationError
Attestation does not match policy.
IdentityError
The enclave code signature hash does not match the signature hash provided in the policy.
DebugNotAllowedError
The enclave is in debug mode, but the policy does not allow it.
def verify_dcap_attestation(quote: bytes, attestation_collateral: untrusted_pb2.SgxCollateral, enclave_held_data: bytes) ‑> DcapClaims

Verifies if the enclave evidence is valid. * Validates if the quote is trustworthy (issued by an approved Intel CPU) with the attestation collateral using SGX Quote Verification Library. * Validates if the SHA256 hash of Enclave Held Data (EHD) matches the first 32 bytes of reportData field in the enclave quote. After this check we can be sure that the EHD bytes are endorsed by the enclave.

Args

quote : bytes
SGX quote
attestation_collateral : SgxCollateral
SGX collateral needed to assess the validity of the quote (collateral is signed by Intel)
enclave_held_data : bytes
Enclave held data

Raises

QuoteValidationError
The quote could not be validated.
EnclaveHeldDataError
The enclave held data expected does not match the one in the quote. The expected enclave held data in BlindAI is the untrusted certificate to avoid man-in-the-middle attacks.
NotAnEnclaveError
The enclave claims are not validated by the hardware provider, meaning that the claims cannot be verified using the hardware root of trust.

Returns

DcapClaims
The claims.

Classes

class DcapClaims (sgx_ehd: bytes, sgx_is_debuggable: bool, sgx_mrenclave: str, sgx_misc_select: bytes, sgx_attributes: bytes, raw_quote: bytes)

DcapClaims(sgx_ehd: bytes, sgx_is_debuggable: bool, sgx_mrenclave: str, sgx_misc_select: bytes, sgx_attributes: bytes, raw_quote: bytes)

Class variables

var raw_quote : bytes
var sgx_attributes : bytes
var sgx_ehd : bytes
var sgx_is_debuggable : bool
var sgx_misc_select : bytes
var sgx_mrenclave : str

Methods

def get_server_cert(self)

Get the server certificate from the Attestation claims.

Returns

bytes
The PEM-encoded server certificate as a byte string
class Policy (mr_enclave: str, misc_select: bytes, misc_mask: bytes, attributes_flags: bytes, attributes_xfrm: bytes, attributes_mask_flags: bytes, attributes_mask_xfrm: bytes, allow_debug: bool)

Policy(mr_enclave: str, misc_select: bytes, misc_mask: bytes, attributes_flags: bytes, attributes_xfrm: bytes, attributes_mask_flags: bytes, attributes_mask_xfrm: bytes, allow_debug: bool)

Class variables

var allow_debug : bool
var attributes_flags : bytes
var attributes_mask_flags : bytes
var attributes_mask_xfrm : bytes
var attributes_xfrm : bytes
var misc_mask : bytes
var misc_select : bytes
var mr_enclave : str

Methods

def from_dict(obj: dict) ‑> typing_extensions.Self

Load a policy from a dict.

Args

obj : dict
The dict.

Returns

Policy
The policy.
def from_file(path: str) ‑> typing_extensions.Self

Load a policy from a file.

Args

path : str
The path of the file.

Returns

Policy
The policy.
def from_str(s: str) ‑> typing_extensions.Self

Load a policy from a file.

Args

s : str
The content of the policy.

Returns

Policy
The policy.