1. Decoding sigstruct
Example file: sigstruct.bin
a. Using CLI
$ em-cli build parse-sigstruct ./sigstruct.bin { "mrenclave": "53cc2b0e4de94af0d237870c8f6cdddcf7d500b550de9c912fb0679294239ddb", "mrsigner": "ead6b106311614ab8cf26606e2583b61be82a43109e14d4fc91609286a58ab10", "isvprodid": 10001, "isvsvn": 13003 }
b. Using bash commands
1. mrenclave - 32 bytes at offset 960
# dd if=~/sigstruct.bin of=~/mrenclave.bin bs=1 skip=960 count=32 # xxd -p ~/mrenclave.bin | tr -d '\n' 53cc2b0e4de94af0d237870c8f6cdddcf7d500b550de9c912fb0679294239ddb
2. mrsigner - sha256 over 384 bytes at offset 128
# dd if=~/sigstruct.bin of=~/mrsigner.bin bs=1 skip=128 count=384 # sha256sum ~/mrsigner.bin ead6b106311614ab8cf26606e2583b61be82a43109e14d4fc91609286a58ab10
RUN 3. isvprodid - 2 bytes - little endian at position 1024
# od --endian=little --read-bytes=2 -j 1024 -s ~/sigstruct.bin | awk '{print $2}' 10001
4. isvsvn - 2 bytes - little endian at position 1026
# od --endian=little --read-bytes=2 -j 1026 -s ~/sigstruct.bin | awk '{print $2}' 13003
c. Using Javascript
Quick javascript sample code that outputs values to console
<input type="file" /> <div id="result"></div> <script> function toHexString(byteArray) { return Array.from(byteArray, function(byte) { return ('0' + (byte & 0xFF).toString(16)).slice(-2); }).join('') } document.querySelector('input').addEventListener('change', function() { var reader = new FileReader(); reader.onload = function() { var arrayBuffer = this.result; var array = new Uint8Array(arrayBuffer); const mrenclave = toHexString(array.slice(960,960+32)); console.log("mrenclave=" + mrenclave); const mrsignerbytes = array.slice(128,128+384); crypto.subtle.digest('SHA-256', mrsignerbytes).then(hash => { const mrsigner = toHexString(new Uint8Array(hash)); console.log("mrsigner=" + mrsigner); }); const isvsvn = array[1024] + array[1025] * 256; console.log("isvsvn=" + isvsvn); const isvprodid = array[1026] + array[1027] * 256; console.log("isvprodid=" + isvprodid); } reader.readAsArrayBuffer(this.files[0]); }, false); </script>
Example output:
1.html:17 mrenclave=53cc2b0e4de94af0d237870c8f6cdddcf7d500b550de9c912fb0679294239ddb 1.html:26 isvsvn=10001 1.html:28 isvprodid=13003 1.html:22 mrsigner=ead6b106311614ab8cf26606e2583b61be82a43109e14d4fc91609286a58ab10
2. Installing rust quickly
# apt-get update && apt-get install -y wget curl build-essential g++ clang pkg-config libssl-dev protobuf-compiler libclang-dev cmake # wget https://sh.rustup.rs -O ./rust.sh && chmod u+x ./rust.sh && ./rust.sh -y && echo "source ~/.cargo/env" >> ~/.bashrc # source ~/.cargo/env && rustup toolchain add nightly && rustup default nightly && rustup target add x86_64-fortanix-unknown-sgx --toolchain nightly && cargo install fortanix-sgx-tools sgxs-tools # echo -e "[target.x86_64-fortanix-unknown-sgx]\nrunner = \"ftxsgx-runner-cargo\"" > ~/.cargo/config
Comments
Please sign in to leave a comment.