wasm-micro-runtime/samples/sgx-ra/wasm-app/main.c

/*
 * Copyright (c) 2022 Intel Corporation
 * Copyright (c) 2020-2021 Alibaba Cloud
 *
 * SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception
 */

#include <stdio.h>
#include <stdlib.h>
#include "lib_rats_wrapper.h"

#define __is_print(ch) ((unsigned int)((ch) - ' ') < 127u - ' ')

/**
 * hex_dump
 *
 * @brief dump data in hex format
 *
 * @param title: Title
 * @param buf: User buffer
 * @param size: Dump data size
 * @param number: The number of outputs per line
 *
 * @return void
 */
void
hex_dump(const char *title, const uint8_t *buf, uint32_t size, uint32_t number)
{
    int i, j;
    if (title) {
        printf("\n\t%s:\n\n", title);
    }

    for (i = 0; i < size; i += number) {
        printf("%08X: ", i);

        for (j = 0; j < number; j++) {
            if (j % 8 == 0) {
                printf(" ");
            }
            if (i + j < size)
                printf("%02X ", buf[i + j]);
            else
                printf("   ");
        }
        printf(" ");

        for (j = 0; j < number; j++) {
            if (i + j < size) {
                printf("%c", __is_print(buf[i + j]) ? buf[i + j] : '.');
            }
        }
        printf("\n");
    }
}

int
main(int argc, char **argv)
{
    int ret_code = -1;
    char *evidence_json = NULL;

    // Generate user_data by SHA256 buffer and the wasm module.
    // user_data = SHA256(sha256_wasm_module || buffer)
    const char *buffer = "This is a sample.";

    // If you want to declare the evidence of type rats_sgx_evidence_t on the
    // stack, you should modify the stack size of the CMAKE_EXE_LINKER_FLAGS in
    // CMakeLists.txt to 51200 at least.
    rats_sgx_evidence_t *evidence =
        (rats_sgx_evidence_t *)malloc(sizeof(rats_sgx_evidence_t));
    if (!evidence) {
        printf("ERROR: No memory to allocate.\n");
        goto err;
    }

    int rats_err = librats_collect(&evidence_json, buffer);
    if (rats_err != 0) {
        printf("ERROR: Collect evidence failed, error code: %#x\n", rats_err);
        goto err;
    }

    if (librats_parse_evidence(evidence_json, evidence) != 0) {
        printf("ERROR: Parse evidence failed.\n");
        goto err;
    }

    // You could use these parameters for further verification.
    hex_dump("Quote", evidence->quote, evidence->quote_size, 32);
    hex_dump("User Data", evidence->user_data, SGX_USER_DATA_SIZE, 32);
    hex_dump("MRENCLAVE", evidence->mr_enclave, SGX_MEASUREMENT_SIZE, 32);
    hex_dump("MRSIGNER", evidence->mr_signer, SGX_MEASUREMENT_SIZE, 32);
    printf("\n\tProduct ID:\t\t\t\t%u\n", evidence->product_id);
    printf("\tSecurity Version:\t\t\t%u\n", evidence->security_version);
    printf("\tAttributes.flags:\t\t\t%llu\n", evidence->att_flags);
    printf("\tAttributes.flags[INITTED]:\t\t%d\n",
           (evidence->att_flags & SGX_FLAGS_INITTED) != 0);
    printf("\tAttributes.flags[DEBUG]:\t\t%d\n",
           (evidence->att_flags & SGX_FLAGS_DEBUG) != 0);
    printf("\tAttributes.flags[MODE64BIT]:\t\t%d\n",
           (evidence->att_flags & SGX_FLAGS_MODE64BIT) != 0);
    printf("\tAttributes.flags[PROVISION_KEY]:\t%d\n",
           (evidence->att_flags & SGX_FLAGS_PROVISION_KEY) != 0);
    printf("\tAttributes.flags[EINITTOKEN_KEY]:\t%d\n",
           (evidence->att_flags & SGX_FLAGS_EINITTOKEN_KEY) != 0);
    printf("\tAttributes.flags[KSS]:\t\t\t%d\n",
           (evidence->att_flags & SGX_FLAGS_KSS) != 0);
    printf("\tAttributes.flags[AEX_NOTIFY]:\t\t%d\n",
           (evidence->att_flags & SGX_FLAGS_AEX_NOTIFY) != 0);
    printf("\tAttribute.xfrm:\t\t\t\t%llu\n", evidence->att_xfrm);

    rats_err = librats_verify((const char *)evidence_json, evidence->user_data);
    if (rats_err != 0) {
        printf("ERROR: Evidence is not trusted, error code: %#x.\n", rats_err);
        goto err;
    }

    ret_code = 0;
    printf("Evidence is trusted.\n");

err:
    if (evidence_json) {
        librats_dispose_evidence_json(evidence_json);
    }

    if (evidence) {
        free(evidence);
    }

    return ret_code;
}