1. Decoding sigstruct
Example file: sigstruct.bin
a. Using CLI
$ em-cli build parse-sigstruct ./sigstruct.bin
{
"mrenclave": "53cc2b0e4de94af0d237870c8f6cdddcf7d500b550de9c912fb0679294239ddb",
"mrsigner": "ead6b106311614ab8cf26606e2583b61be82a43109e14d4fc91609286a58ab10",
"isvprodid": 10001,
"isvsvn": 13003
}
b. Using bash commands
1. mrenclave - 32 bytes at offset 960
# dd if=~/sigstruct.bin of=~/mrenclave.bin bs=1 skip=960 count=32 # xxd -p ~/mrenclave.bin | tr -d '\n' 53cc2b0e4de94af0d237870c8f6cdddcf7d500b550de9c912fb0679294239ddb
2. mrsigner - sha256 over 384 bytes at offset 128
# dd if=~/sigstruct.bin of=~/mrsigner.bin bs=1 skip=128 count=384 # sha256sum ~/mrsigner.bin ead6b106311614ab8cf26606e2583b61be82a43109e14d4fc91609286a58ab10
RUN 3. isvprodid - 2 bytes - little endian at position 1024
# od --endian=little --read-bytes=2 -j 1024 -s ~/sigstruct.bin | awk '{print $2}'
10001
4. isvsvn - 2 bytes - little endian at position 1026
# od --endian=little --read-bytes=2 -j 1026 -s ~/sigstruct.bin | awk '{print $2}'
13003
c. Using Javascript
Quick javascript sample code that outputs values to console
<input type="file" />
<div id="result"></div>
<script>
function toHexString(byteArray) {
return Array.from(byteArray, function(byte) {
return ('0' + (byte & 0xFF).toString(16)).slice(-2);
}).join('')
}
document.querySelector('input').addEventListener('change', function() {
var reader = new FileReader();
reader.onload = function() {
var arrayBuffer = this.result;
var array = new Uint8Array(arrayBuffer);
const mrenclave = toHexString(array.slice(960,960+32));
console.log("mrenclave=" + mrenclave);
const mrsignerbytes = array.slice(128,128+384);
crypto.subtle.digest('SHA-256', mrsignerbytes).then(hash => {
const mrsigner = toHexString(new Uint8Array(hash));
console.log("mrsigner=" + mrsigner);
});
const isvsvn = array[1024] + array[1025] * 256;
console.log("isvsvn=" + isvsvn);
const isvprodid = array[1026] + array[1027] * 256;
console.log("isvprodid=" + isvprodid);
}
reader.readAsArrayBuffer(this.files[0]);
}, false);
</script>
Example output:
1.html:17 mrenclave=53cc2b0e4de94af0d237870c8f6cdddcf7d500b550de9c912fb0679294239ddb 1.html:26 isvsvn=10001 1.html:28 isvprodid=13003 1.html:22 mrsigner=ead6b106311614ab8cf26606e2583b61be82a43109e14d4fc91609286a58ab10
2. Installing rust quickly
# apt-get update && apt-get install -y wget curl build-essential g++ clang pkg-config libssl-dev protobuf-compiler libclang-dev cmake # wget https://sh.rustup.rs -O ./rust.sh && chmod u+x ./rust.sh && ./rust.sh -y && echo "source ~/.cargo/env" >> ~/.bashrc # source ~/.cargo/env && rustup toolchain add nightly && rustup default nightly && rustup target add x86_64-fortanix-unknown-sgx --toolchain nightly && cargo install fortanix-sgx-tools sgxs-tools # echo -e "[target.x86_64-fortanix-unknown-sgx]\nrunner = \"ftxsgx-runner-cargo\"" > ~/.cargo/config
Comments
Please sign in to leave a comment.