diff --git a/contracts/Constants.sol b/contracts/Constants.sol index 4f4be52..e15331b 100644 --- a/contracts/Constants.sol +++ b/contracts/Constants.sol @@ -33,20 +33,22 @@ library OIDs { // Decent OIDs // Root OIDs bytes32 constant OID_DECENT_EXT_VER = - 0x6982f5c89a94ffdfaaab8591c1b5f7c2f782b01e010000000000000000000000; - bytes32 constant OID_DECENT_PLATFORM_ID = - 0x6982f5c89a94ffdfaaab8591c1b5f7c2f782b01e020000000000000000000000; + 0x2B0601040183E445010101000000000000000000000000000000000000000000; + bytes32 constant OID_DECENT_PLATFORM_TYPE = + 0x2B0601040183E445010102000000000000000000000000000000000000000000; bytes32 constant OID_DECENT_HASHED_KEYS = - 0x6982f5c89a94ffdfaaab8591c1b5f7c2f782b01e040000000000000000000000; + 0x2B0601040183E445010104000000000000000000000000000000000000000000; bytes32 constant OID_DECENT_APP_HASH = - 0x6982f5c89a94ffdfaaab8591c1b5f7c2f782b01e050000000000000000000000; + 0x2B0601040183E445010105000000000000000000000000000000000000000000; bytes32 constant OID_DECENT_AUTH_LIST = - 0x6982f5c89a94ffdfaaab8591c1b5f7c2f782b01e060000000000000000000000; + 0x2B0601040183E445010106000000000000000000000000000000000000000000; + bytes32 constant OID_DECENT_PLATFORM_ID = + 0x2B0601040183E445010107000000000000000000000000000000000000000000; // Platform specific OIDs bytes32 constant OID_DECENT_STD_REP_DATA = - 0x6982f5c89a94ffdfaaab8591c1b5f7c2f782b01e030101000000000000000000; + 0x2B0601040183E445010103010100000000000000000000000000000000000000; bytes32 constant OID_DECENT_ATTESTATION = - 0x6982f5c89a94ffdfaaab8591c1b5f7c2f782b01e030102000000000000000000; + 0x2B0601040183E445010103010200000000000000000000000000000000000000; } library Names { diff --git a/contracts/DecentAppCert.sol b/contracts/DecentAppCert.sol index 0922b4f..51bbee8 100644 --- a/contracts/DecentAppCert.sol +++ b/contracts/DecentAppCert.sol @@ -97,7 +97,7 @@ library DecentAppCert { X509Extension.ExtEntry[] memory extEntries = new X509Extension.ExtEntry[](5); extEntries[0].extnID = OIDs.OID_DECENT_EXT_VER; - extEntries[1].extnID = OIDs.OID_DECENT_PLATFORM_ID; + extEntries[1].extnID = OIDs.OID_DECENT_PLATFORM_TYPE; extEntries[2].extnID = OIDs.OID_DECENT_APP_HASH; extEntries[3].extnID = OIDs.OID_DECENT_AUTH_LIST; diff --git a/contracts/DecentServerCert.sol b/contracts/DecentServerCert.sol index f6c4653..43549ad 100644 --- a/contracts/DecentServerCert.sol +++ b/contracts/DecentServerCert.sol @@ -35,6 +35,7 @@ library DecentServerCert { bool isVerified; address serverKeyAddr; bytes32 enclaveHash; + bytes32 platformId; // the fingerprint of the platform } //===== functions ===== @@ -269,12 +270,13 @@ library DecentServerCert { // extracting extensions X509Extension.ExtEntry[] memory extEntries = - new X509Extension.ExtEntry[](5); + new X509Extension.ExtEntry[](6); extEntries[0].extnID = OIDs.OID_DECENT_EXT_VER; - extEntries[1].extnID = OIDs.OID_DECENT_PLATFORM_ID; + extEntries[1].extnID = OIDs.OID_DECENT_PLATFORM_TYPE; extEntries[2].extnID = OIDs.OID_DECENT_HASHED_KEYS; extEntries[3].extnID = OIDs.OID_DECENT_STD_REP_DATA; extEntries[4].extnID = OIDs.OID_DECENT_ATTESTATION; + extEntries[5].extnID = OIDs.OID_DECENT_PLATFORM_ID; X509Extension.extractNeededExtensions( certDer, @@ -315,6 +317,10 @@ library DecentServerCert { require(false, "Unsupported platform"); } + // Platform ID + require(extEntries[5].isParsed, "Platform ID not found"); + cert.platformId = extEntries[5].extnValue.readBytes32(0); + // Decent server public key extractDecentServerKey(cert, certNodes, certDer, keyRing); diff --git a/contracts/DecentServerCertMgr.sol b/contracts/DecentServerCertMgr.sol index 3fd02ce..14c8b1d 100644 --- a/contracts/DecentServerCertMgr.sol +++ b/contracts/DecentServerCertMgr.sol @@ -88,4 +88,22 @@ contract DecentServerCertMgr { bytes32(0); } + /** + * Get the platform ID of a Decent Server + * @param svrKeyAddr Address derived from the Decent Server public key + * @return bytes32 Platform ID of the Decent Server + */ + function getPlatformId(address svrKeyAddr) + external + view + returns (bytes32) + { + DecentServerCert.DecentServerCertObj storage cert = + m_serverCerts[svrKeyAddr]; + + require(cert.isVerified, "Server not verified"); + + return cert.platformId; + } + } diff --git a/contracts/Interface_DecentServerCertMgr.sol b/contracts/Interface_DecentServerCertMgr.sol index d21b351..65a2fe2 100644 --- a/contracts/Interface_DecentServerCertMgr.sol +++ b/contracts/Interface_DecentServerCertMgr.sol @@ -35,4 +35,14 @@ interface Interface_DecentServerCertMgr { view returns (bytes32); + /** + * Get the platform ID of a Decent Server + * @param svrKeyAddr Address derived from the Decent Server public key + * @return bytes32 Platform ID of the Decent Server + */ + function getPlatformId(address svrKeyAddr) + external + view + returns (bytes32); + } diff --git a/libs/ens-contracts/BytesUtils.sol b/libs/ens-contracts/BytesUtils.sol index cb91323..7aba67a 100644 --- a/libs/ens-contracts/BytesUtils.sol +++ b/libs/ens-contracts/BytesUtils.sol @@ -216,6 +216,22 @@ library BytesUtils { } } + /* + * @dev Returns the 64-bit number at the specified index of self. + * @param self The byte string. + * @param idx The index into the bytes + * @return The specified 64 bits of the string, interpreted as an integer. + */ + function readUint64( + bytes memory self, + uint256 idx + ) internal pure returns (uint64 ret) { + require(idx + 8 <= self.length); + assembly { + ret := and(mload(add(add(self, 8), idx)), 0xFFFFFFFFFFFFFFFF) + } + } + /* * @dev Returns the 32 byte value at the specified index of self. * @param self The byte string. diff --git a/tests/DecentCommon/04_X509Extension.sol b/tests/DecentCommon/04_X509Extension.sol index ad82dda..9cbb7cc 100644 --- a/tests/DecentCommon/04_X509Extension.sol +++ b/tests/DecentCommon/04_X509Extension.sol @@ -21,7 +21,7 @@ contract X509Extension_proxy { new X509Extension.ExtEntry[](3); extEntries[0].extnID = OIDs.OID_DECENT_EXT_VER; - extEntries[1].extnID = OIDs.OID_DECENT_PLATFORM_ID; + extEntries[1].extnID = OIDs.OID_DECENT_PLATFORM_TYPE; extEntries[2].extnID = OIDs.OID_DECENT_HASHED_KEYS; uint256 idx; @@ -33,7 +33,7 @@ contract X509Extension_proxy { Assert.equal(idx, 2, "wrong index"); idx = X509Extension.findIdxOfExtEntry( - OIDs.OID_DECENT_PLATFORM_ID, + OIDs.OID_DECENT_PLATFORM_TYPE, extEntries ); Assert.equal(idx, 1, "wrong index"); @@ -62,7 +62,7 @@ contract X509Extension_proxy { new X509Extension.ExtEntry[](3); extEntries[0].extnID = OIDs.OID_DECENT_EXT_VER; - extEntries[1].extnID = OIDs.OID_DECENT_PLATFORM_ID; + extEntries[1].extnID = OIDs.OID_DECENT_PLATFORM_TYPE; extEntries[2].extnID = OIDs.OID_NAME_CN; bytes memory certDer = TestCerts.DECENT_SVR_CERT_DER; diff --git a/tests/DecentServer/01_DecentServerCert.sol b/tests/DecentServer/01_DecentServerCert.sol index 65a0d4c..dfa5ecf 100644 --- a/tests/DecentServer/01_DecentServerCert.sol +++ b/tests/DecentServer/01_DecentServerCert.sol @@ -56,6 +56,7 @@ contract DecentServerCertBasics_proxy { constructor() { m_quoteStatusMap[keccak256("OK")] = true; + m_quoteStatusMap[keccak256("GROUP_OUT_OF_DATE")] = true; m_quoteStatusMap[keccak256("CONFIGURATION_NEEDED")] = true; m_quoteStatusMap[keccak256("SW_HARDENING_NEEDED")] = true; m_quoteStatusMap[keccak256("CONFIGURATION_AND_SW_HARDENING_NEEDED")] = true; @@ -157,6 +158,7 @@ contract DecentServerCertCerts_proxy { constructor() { m_quoteStatusMap[keccak256("OK")] = true; + m_quoteStatusMap[keccak256("GROUP_OUT_OF_DATE")] = true; m_quoteStatusMap[keccak256("CONFIGURATION_NEEDED")] = true; m_quoteStatusMap[keccak256("SW_HARDENING_NEEDED")] = true; m_quoteStatusMap[keccak256("CONFIGURATION_AND_SW_HARDENING_NEEDED")] = true; @@ -217,6 +219,11 @@ contract DecentServerCertCerts_proxy { TestCerts.DECENT_SVR_CERT_KEY_ADDR, "serverKeyAddr mismatch" ); + Assert.equal( + cert.platformId, + TestCerts.DECENT_SVR_CERT_PLAT_ID, + "serverKeyAddr mismatch" + ); } } diff --git a/tests/DecentServer/03_DecentServerCertMgr_test.sol b/tests/DecentServer/03_DecentServerCertMgr_test.sol index 63befff..238c67c 100644 --- a/tests/DecentServer/03_DecentServerCertMgr_test.sol +++ b/tests/DecentServer/03_DecentServerCertMgr_test.sol @@ -69,6 +69,14 @@ contract DecentServerCertMgr_testSuit { TestCerts.DECENT_SVR_CERT_ENCL_HASH, "encHash not match" ); + + bytes32 platId = decentServerCertMgr.getPlatformId(TestCerts.DECENT_SVR_CERT_KEY_ADDR); + + Assert.equal( + platId, + TestCerts.DECENT_SVR_CERT_PLAT_ID, + "platform ID not match" + ); } function verifyCertTest() public { @@ -93,6 +101,14 @@ contract DecentServerCertMgr_testSuit { TestCerts.DECENT_SVR_CERT_ENCL_HASH, "encHash not match" ); + + bytes32 platId = decentServerCertMgr.getPlatformId(TestCerts.DECENT_SVR_CERT_KEY_ADDR); + + Assert.equal( + platId, + TestCerts.DECENT_SVR_CERT_PLAT_ID, + "platform ID not match" + ); } function verifyInvalidCertTest() public { diff --git a/tests/Ecdsa/01_LibSecp256k1Sha256.sol b/tests/Ecdsa/01_LibSecp256k1Sha256.sol index 8e64269..d2465b0 100644 --- a/tests/Ecdsa/01_LibSecp256k1Sha256.sol +++ b/tests/Ecdsa/01_LibSecp256k1Sha256.sol @@ -141,6 +141,7 @@ contract LibSecp256k1Sha256_proxy { certNodes.loadCertNodes(certDer); address addr = TestCerts.DECENT_SVR_CERT_KEY_ADDR; + uint8 v = TestCerts.DECENT_SVR_CERT_SIGN_V; bytes32 r = TestCerts.DECENT_SVR_CERT_SIGN_R; bytes32 s = TestCerts.DECENT_SVR_CERT_SIGN_S; @@ -148,17 +149,23 @@ contract LibSecp256k1Sha256_proxy { bytes32 tbsHash = sha256(tbsBytes); Assert.equal( - ecrecover(tbsHash, 28, r, s), + tbsHash, + TestCerts.DECENT_SVR_CERT_HASH, + "[server cert]tbsHash!=DECENT_SVR_CERT_HASH" + ); + + Assert.equal( + ecrecover(tbsHash, v, r, s), addr, - "ecrecover()!=addr" + "[server cert]ecrecover()!=addr" ); Assert.ok( LibSecp256k1Sha256.verifySignMsg(addr, tbsBytes, r, s), - "verifySignMsg!=true" + "[server cert]verifySignMsg!=true" ); Assert.ok( LibSecp256k1Sha256.verifySignHash(addr, tbsHash, r, s), - "verifySignHash!=true" + "[server cert]verifySignHash!=true" ); } @@ -170,6 +177,7 @@ contract LibSecp256k1Sha256_proxy { certNodes.loadCertNodes(certDer); address addr = TestCerts.DECENT_SVR_CERT_KEY_ADDR; + uint8 v = TestCerts.DECENT_APP_CERT_SIGN_V; bytes32 r = TestCerts.DECENT_APP_CERT_SIGN_R; bytes32 s = TestCerts.DECENT_APP_CERT_SIGN_S; @@ -177,17 +185,23 @@ contract LibSecp256k1Sha256_proxy { bytes32 tbsHash = sha256(tbsBytes); Assert.equal( - ecrecover(tbsHash, 27, r, s), + tbsHash, + TestCerts.DECENT_APP_CERT_HASH, + "[server cert]tbsHash!=DECENT_APP_CERT_HASH" + ); + + Assert.equal( + ecrecover(tbsHash, v, r, s), addr, - "ecrecover()!=addr" + "[app cert]ecrecover()!=addr" ); Assert.ok( LibSecp256k1Sha256.verifySignMsg(addr, tbsBytes, r, s), - "verifySignMsg!=true" + "[app cert]verifySignMsg!=true" ); Assert.ok( LibSecp256k1Sha256.verifySignHash(addr, tbsHash, r, s), - "verifySignHash!=true" + "[app cert]verifySignHash!=true" ); } diff --git a/tests/Ecdsa/01_LibSecp256k1Sha256_test.sol b/tests/Ecdsa/01_LibSecp256k1Sha256_test.sol index dfacf48..4da6210 100644 --- a/tests/Ecdsa/01_LibSecp256k1Sha256_test.sol +++ b/tests/Ecdsa/01_LibSecp256k1Sha256_test.sol @@ -138,17 +138,16 @@ contract LibSecp256k1Sha256_testSuite { function ecrecoverGasEval() public { address addr = TestCerts.DECENT_SVR_CERT_KEY_ADDR; - uint8 recId = 27; + uint8 v = TestCerts.DECENT_APP_CERT_SIGN_V; bytes32 r = TestCerts.DECENT_APP_CERT_SIGN_R; bytes32 s = TestCerts.DECENT_APP_CERT_SIGN_S; - bytes32 msgHash = - 0x43c4bb5ebe59f2bfa5d1d90cb04f49c2d814f2be48a00055c014fefccf9de381; + bytes32 msgHash = TestCerts.DECENT_APP_CERT_HASH; address actAddr; uint256 gasUsed = gasleft(); - actAddr = ecrecover(msgHash, recId, r, s); + actAddr = ecrecover(msgHash, v, r, s); gasUsed = gasUsed - gasleft(); Assert.equal(actAddr, addr, "ecrecover returns a diff addr"); diff --git a/tests/TestCerts.sol b/tests/TestCerts.sol index 62ba1fe..e238747 100644 --- a/tests/TestCerts.sol +++ b/tests/TestCerts.sol @@ -85,6 +85,29 @@ library TestCerts { uint256 constant IAS_ROOT_CERT_NOT_BEFORE = 1479137851; uint256 constant IAS_ROOT_CERT_NOT_AFTER = 2524607999; + string constant IAS_ROOT_CERT_NAME_CN = "Intel SGX Attestation Report Signing CA"; + string constant IAS_ROOT_CERT_NAME_C = "US"; + string constant IAS_ROOT_CERT_NAME_L = "Santa Clara"; + string constant IAS_ROOT_CERT_NAME_ST = "CA"; + string constant IAS_ROOT_CERT_NAME_O = "Intel Corporation"; + + bytes32 constant IAS_ROOT_CERT_HASH = + hex"6f8fceab18f6e70fd4e0c8c9ae15713eccb153c304af33fea4b7b5eedd26cc01"; + + bytes constant IAS_ROOT_CERT_SIGN = + hex"785f2d60c5c80af42a797610213915da82c9b29e89e0902a25a6c75b16091c68" + hex"ab204aae711889492c7e1e320911455a8fc13442312e77a63994d99795c8ea45" + hex"76823cea8ad1e191cfa862fab8a932d3d9b0535a0702d0555f74e520e30330f3" + hex"3480e7adc9d7c81e20703142bf00c528a80b463381fd602a82c7035281aae595" + hex"62ccb5334ea8903e650b010681f5ce8eb62eac9c414988243aec92f25bf13cdf" + hex"f7ebcc298ee51bba5a3538b66b26cbc45a51de003cad306531ad7cf5d4ef0f88" + hex"05d1b9133d24135ab3c4641a2f8808349d7333295e0e76ee4bc5227232628efa" + hex"80d79d92ab4e3d1120f3fb5ad119cd8d544aa1d4a6865e6b57beac5771307e2e" + hex"3cb9070da47b4bfc8869e01413ea093541de8a792811b74636c5e91452cf0cee" + hex"59f2fb404acd0bc584cb9c835404734c0e7ec6605cdfcf2ff439b6d4719f702f" + hex"0e0c3fa04fdb12a6cb2ad1ab1c9af1f8f4c3a08edd72a32b0bb5d0ad256ffd15" + hex"9a683b2a5a1f1d11fa62532f03d754caef0da5735a1e5a884c7e89d91218c9d7"; + bytes constant IAS_ROOT_CERT_KEY_DER = hex"308201a2300d06092a864886f70d01010105000382018f003082018a02820181" hex"009f3c647eb5773cbb512d2732c0d7415ebb55a0fa9ede2e649199e6821db910" @@ -117,29 +140,6 @@ library TestCerts { bytes constant IAS_ROOT_CERT_KEY_EXP = hex"010001"; - bytes32 constant IAS_ROOT_CERT_HASH = - hex"6f8fceab18f6e70fd4e0c8c9ae15713eccb153c304af33fea4b7b5eedd26cc01"; - - bytes constant IAS_ROOT_CERT_SIGN = - hex"785f2d60c5c80af42a797610213915da82c9b29e89e0902a25a6c75b16091c68" - hex"ab204aae711889492c7e1e320911455a8fc13442312e77a63994d99795c8ea45" - hex"76823cea8ad1e191cfa862fab8a932d3d9b0535a0702d0555f74e520e30330f3" - hex"3480e7adc9d7c81e20703142bf00c528a80b463381fd602a82c7035281aae595" - hex"62ccb5334ea8903e650b010681f5ce8eb62eac9c414988243aec92f25bf13cdf" - hex"f7ebcc298ee51bba5a3538b66b26cbc45a51de003cad306531ad7cf5d4ef0f88" - hex"05d1b9133d24135ab3c4641a2f8808349d7333295e0e76ee4bc5227232628efa" - hex"80d79d92ab4e3d1120f3fb5ad119cd8d544aa1d4a6865e6b57beac5771307e2e" - hex"3cb9070da47b4bfc8869e01413ea093541de8a792811b74636c5e91452cf0cee" - hex"59f2fb404acd0bc584cb9c835404734c0e7ec6605cdfcf2ff439b6d4719f702f" - hex"0e0c3fa04fdb12a6cb2ad1ab1c9af1f8f4c3a08edd72a32b0bb5d0ad256ffd15" - hex"9a683b2a5a1f1d11fa62532f03d754caef0da5735a1e5a884c7e89d91218c9d7"; - - string constant IAS_ROOT_CERT_NAME_CN = - "Intel SGX Attestation Report Signing CA"; - string constant IAS_ROOT_CERT_NAME_C = "US"; - string constant IAS_ROOT_CERT_NAME_L = "Santa Clara"; - string constant IAS_ROOT_CERT_NAME_ST = "CA"; - string constant IAS_ROOT_CERT_NAME_O = "Intel Corporation"; //===== IAS Report Certificate ===== @@ -213,6 +213,29 @@ library TestCerts { uint256 constant IAS_REPORT_CERT_NOT_BEFORE = 1479807418; uint256 constant IAS_REPORT_CERT_NOT_AFTER = 1795167418; + string constant IAS_REPORT_CERT_NAME_CN = "Intel SGX Attestation Report Signing"; + string constant IAS_REPORT_CERT_NAME_C = "US"; + string constant IAS_REPORT_CERT_NAME_L = "Santa Clara"; + string constant IAS_REPORT_CERT_NAME_ST = "CA"; + string constant IAS_REPORT_CERT_NAME_O = "Intel Corporation"; + + bytes32 constant IAS_REPORT_CERT_HASH = + hex"13472863bcbe2462fb4312ddda9d77ca41575d79760881eb1d2d6c9be2c40094"; + + bytes constant IAS_REPORT_CERT_SIGN = + hex"6708b61b5c2bd215473e2b46af99284fbb939d3f3b152c996f1a6af3b329bd22" + hex"0b1d3b610f6bce2e6753bded304db21912f385256216cfcba456bd96940be892" + hex"f5690c260d1ef84f1606040222e5fe08e5326808212a447cfdd64a46e94bf29f" + hex"6b4b9a721d25b3c4e2f62f58baed5d77c505248f0f801f9fbfb7fd752080095c" + hex"ee80938b339f6dbb4e165600e20e4a718812d49d9901e310a9b51d66c79909c6" + hex"996599fae6d76a79ef145d9943bf1d3e35d3b42d1fb9a45cbe8ee334c166eee7" + hex"d32fcdc9935db8ec8bb1d8eb3779dd8ab92b6e387f0147450f1e381d08581fb8" + hex"3df33b15e000a59be57ea94a3a52dc64bdaec959b3464c91e725bbdaea3d99e8" + hex"57e380a23c9d9fb1ef58e9e42d71f12130f9261d7234d6c37e2b03dba40dfdfb" + hex"13ac4ad8e13fd3756356b6b50015a3ec9580b815d87c2cef715cd28df00bbf2a" + hex"3c403ebf6691b3f05edd9143803ca085cff57e053eec2f8fea46ea778a68c9be" + hex"885bc28225bc5f309be4a2b74d3a03945319dd3c7122fed6ff53bb8b8cb3a03c"; + bytes constant IAS_REPORT_CERT_KEY_DER = hex"30820122300d06092a864886f70d01010105000382010f003082010a02820101" hex"00a97a2de0e66ea6147c9ee745ac0162686c7192099afc4b3f040fad6de09351" @@ -237,176 +260,300 @@ library TestCerts { bytes constant IAS_REPORT_CERT_KEY_EXP = hex"010001"; - bytes32 constant IAS_REPORT_CERT_HASH = - hex"13472863bcbe2462fb4312ddda9d77ca41575d79760881eb1d2d6c9be2c40094"; - - bytes constant IAS_REPORT_CERT_SIGN = - hex"6708b61b5c2bd215473e2b46af99284fbb939d3f3b152c996f1a6af3b329bd22" - hex"0b1d3b610f6bce2e6753bded304db21912f385256216cfcba456bd96940be892" - hex"f5690c260d1ef84f1606040222e5fe08e5326808212a447cfdd64a46e94bf29f" - hex"6b4b9a721d25b3c4e2f62f58baed5d77c505248f0f801f9fbfb7fd752080095c" - hex"ee80938b339f6dbb4e165600e20e4a718812d49d9901e310a9b51d66c79909c6" - hex"996599fae6d76a79ef145d9943bf1d3e35d3b42d1fb9a45cbe8ee334c166eee7" - hex"d32fcdc9935db8ec8bb1d8eb3779dd8ab92b6e387f0147450f1e381d08581fb8" - hex"3df33b15e000a59be57ea94a3a52dc64bdaec959b3464c91e725bbdaea3d99e8" - hex"57e380a23c9d9fb1ef58e9e42d71f12130f9261d7234d6c37e2b03dba40dfdfb" - hex"13ac4ad8e13fd3756356b6b50015a3ec9580b815d87c2cef715cd28df00bbf2a" - hex"3c403ebf6691b3f05edd9143803ca085cff57e053eec2f8fea46ea778a68c9be" - hex"885bc28225bc5f309be4a2b74d3a03945319dd3c7122fed6ff53bb8b8cb3a03c"; - - string constant IAS_REPORT_CERT_NAME_CN = - "Intel SGX Attestation Report Signing"; - string constant IAS_REPORT_CERT_NAME_C = "US"; - string constant IAS_REPORT_CERT_NAME_L = "Santa Clara"; - string constant IAS_REPORT_CERT_NAME_ST = "CA"; - string constant IAS_REPORT_CERT_NAME_O = "Intel Corporation"; - // Decent Server Certificate + //===== Decent Server Certificate ===== bytes constant DECENT_SVR_CERT_DER = - hex"30820e8530820e29a003020102022100bcb9320d098d90043c701c9a6fb51af7" - hex"3fc0ec5dceb5b019ff4e5f1b050b5bf6300c06082a8648ce3d04030205003081" - hex"843153305106035504030c4a3242323933413742354346464330434439303031" - hex"4534323336343545323830444345364337333530313233453537433844453733" - hex"3337333844393835314236375f536563703235366b3131163014060355040a0c" - hex"0d446563656e74456e636c61766531153013060355040b0c0c446563656e7453" - hex"6572766572301e170d3232303130313030303030305a170d3232303130313030" - hex"303030305a3081843153305106035504030c4a32423239334137423543464643" - hex"3043443930303145343233363435453238304443453643373335303132334535" - hex"374338444537333337333844393835314236375f536563703235366b31311630" - hex"14060355040a0c0d446563656e74456e636c61766531153013060355040b0c0c" - hex"446563656e745365727665723056301006072a8648ce3d020106052b8104000a" - hex"03420004a7354ba6e1ff9ccdc480e86b5bdbb7b626cf809da86e9f4a1b648df7" - hex"7c3e1bebdc701843d7ccb9917431fab88ec01789582f65a06b8cbeb169efb7d2" - hex"354831eda3820c6930820c65300f0603551d130101ff040530030101ff300e06" - hex"03551d0f0101ff0404030201ce301106096086480186f8420101040403020007" - hex"301a06156982f5c89a94ffdfaaab8591c1b5f7c2f782b01e0104013130210615" - hex"6982f5c89a94ffdfaaab8591c1b5f7c2f782b01e0204085347585f4550494430" - hex"5906156982f5c89a94ffdfaaab8591c1b5f7c2f782b01e040440436b1e0092c4" - hex"1144116cedadcbeb3996cb2b22dc5d2429d61bac67d9ea829c96f1e85721407c" - hex"cba565945bc6f8a5de67920ed63395ce146abc26ba03507c84b1305b06176982" - hex"f5c89a94ffdfaaab8591c1b5f7c2f782b01e0301010440c6c66ce0f0d9388218" - hex"667b11a5cc5cdff94a8309d29bf664f859de63cd496be2000000000000000000" - hex"000000000000000000000000000000000000000000000030820b3606176982f5" - hex"c89a94ffdfaaab8591c1b5f7c2f782b01e03010204820b19f90b16f904a8b904" - hex"a5308204a130820309a003020102020900d107765d32a3b096300d06092a8648" - hex"86f70d01010b0500307e310b3009060355040613025553310b30090603550408" - hex"0c0243413114301206035504070c0b53616e746120436c617261311a30180603" - hex"55040a0c11496e74656c20436f72706f726174696f6e3130302e06035504030c" - hex"27496e74656c20534758204174746573746174696f6e205265706f7274205369" - hex"676e696e67204341301e170d3136313132323039333635385a170d3236313132" - hex"303039333635385a307b310b3009060355040613025553310b30090603550408" - hex"0c0243413114301206035504070c0b53616e746120436c617261311a30180603" - hex"55040a0c11496e74656c20436f72706f726174696f6e312d302b06035504030c" - hex"24496e74656c20534758204174746573746174696f6e205265706f7274205369" - hex"676e696e6730820122300d06092a864886f70d01010105000382010f00308201" - hex"0a0282010100a97a2de0e66ea6147c9ee745ac0162686c7192099afc4b3f040f" - hex"ad6de093511d74e802f510d716038157dcaf84f4104bd3fed7e6b8f99c8817fd" - hex"1ff5b9b864296c3d81fa8f1b729e02d21d72ffee4ced725efe74bea68fbc4d42" - hex"44286fcdd4bf64406a439a15bcb4cf67754489c423972b4a80df5c2e7c5bc2db" - hex"af2d42bb7b244f7c95bf92c75d3b33fc5410678a89589d1083da3acc459f2704" - hex"cd99598c275e7c1878e00757e5bdb4e840226c11c0a17ff79c80b15c1ddb5af2" - hex"1cc2417061fbd2a2da819ed3b72b7efaa3bfebe2805c9b8ac19aa346512d484c" - hex"fc81941e15f55881cc127e8f7aa12300cd5afb5742fa1d20cb467a5beb1c666c" - hex"f76a368978b50203010001a381a43081a1301f0603551d230418301680147843" - hex"7b76a67ebcd0af7e4237eb357c3b8701513c300e0603551d0f0101ff04040302" - hex"06c0300c0603551d130101ff0402300030600603551d1f045930573055a053a0" - hex"51864f687474703a2f2f7472757374656473657276696365732e696e74656c2e" - hex"636f6d2f636f6e74656e742f43524c2f5347582f4174746573746174696f6e52" - hex"65706f72745369676e696e6743412e63726c300d06092a864886f70d01010b05" - hex"0003820181006708b61b5c2bd215473e2b46af99284fbb939d3f3b152c996f1a" - hex"6af3b329bd220b1d3b610f6bce2e6753bded304db21912f385256216cfcba456" - hex"bd96940be892f5690c260d1ef84f1606040222e5fe08e5326808212a447cfdd6" - hex"4a46e94bf29f6b4b9a721d25b3c4e2f62f58baed5d77c505248f0f801f9fbfb7" - hex"fd752080095cee80938b339f6dbb4e165600e20e4a718812d49d9901e310a9b5" - hex"1d66c79909c6996599fae6d76a79ef145d9943bf1d3e35d3b42d1fb9a45cbe8e" - hex"e334c166eee7d32fcdc9935db8ec8bb1d8eb3779dd8ab92b6e387f0147450f1e" - hex"381d08581fb83df33b15e000a59be57ea94a3a52dc64bdaec959b3464c91e725" - hex"bbdaea3d99e857e380a23c9d9fb1ef58e9e42d71f12130f9261d7234d6c37e2b" - hex"03dba40dfdfb13ac4ad8e13fd3756356b6b50015a3ec9580b815d87c2cef715c" - hex"d28df00bbf2a3c403ebf6691b3f05edd9143803ca085cff57e053eec2f8fea46" - hex"ea778a68c9be885bc28225bc5f309be4a2b74d3a03945319dd3c7122fed6ff53" - hex"bb8b8cb3a03cb905657b226e6f6e6365223a2244434541374246433936384631" - hex"31394343463735354244453844423142373633222c226964223a223237323632" - hex"3134323139363434333138363530383031373633303338303039323031343238" - hex"222c2274696d657374616d70223a22323032332d30342d32345431383a33313a" - hex"30352e353333313834222c2276657273696f6e223a342c226570696450736575" - hex"646f6e796d223a22534f4e2f437a3774504148454634663747624b367244774c" - hex"2f6f4d58756d497576466e2b7246516c5354555a41764948584f48556e574154" - hex"794b6543624358562b30795a3563436f7373796a526a34665a6d397341466c35" - hex"626d42464e4f4f4d4d2f536734684c523165375237692b4865646b63346a3551" - hex"75346e3779484c342f3363692f6d61496335523256475630314b424f30487962" - hex"416d6232504a6a5332747867424d7753534e773d222c2261647669736f727955" - hex"524c223a2268747470733a2f2f73656375726974792d63656e7465722e696e74" - hex"656c2e636f6d222c2261647669736f7279494473223a5b22494e54454c2d5341" - hex"2d3030313631222c22494e54454c2d53412d3030323139222c22494e54454c2d" - hex"53412d3030323839222c22494e54454c2d53412d3030333334222c22494e5445" - hex"4c2d53412d3030363135225d2c22697376456e636c61766551756f7465537461" - hex"747573223a22434f4e46494755524154494f4e5f414e445f53575f4841524445" - hex"4e494e475f4e4545444544222c22706c6174666f726d496e666f426c6f62223a" - hex"2231353032303036353030303030383030303031333133303230343031303130" - hex"3730303030303030303030303030303030303030443030303030433030303030" - hex"3030323030303030303030303030303043343246453830433844433143423236" - hex"4535334445313339413045313041304431463139303342434142324531343030" - hex"3544443745464138304136323231324632333241364442444539353033453531" - hex"4533383745373631453330464342374434313942394444383845353630383739" - hex"43444533394344344139414546303535384344222c22697376456e636c617665" - hex"51756f7465426f6479223a22416741424145494d4141414e4141304141414141" - hex"41466844324c6c6644616855675046753070486d536430414141414141414141" - hex"4141414141414141414141414578502f2f774543414141414141414141414141" + hex"30820ea830820e4ea00302010202146b6fe6c4c67da011f760ad2e823e2595ca" + hex"0f9d51300a06082a8648ce3d0403023081843153305106035504030c4a414530" + hex"3042303437313337413736324534314644314532324545443032333144314634" + hex"42303145433138353034393730353144303831463238314231313645455f5365" + hex"63703235366b3131163014060355040a0c0d446563656e74456e636c61766531" + hex"153013060355040b0c0c446563656e74536572766572301e170d323230313031" + hex"3030303030305a170d3232303130313030303030305a30818431533051060355" + hex"04030c4a41453030423034373133374137363245343146443145323245454430" + hex"3233314431463442303145433138353034393730353144303831463238314231" + hex"313645455f536563703235366b3131163014060355040a0c0d446563656e7445" + hex"6e636c61766531153013060355040b0c0c446563656e74536572766572305630" + hex"1006072a8648ce3d020106052b8104000a03420004d34fcbf203332daab18a97" + hex"c2e8a7d197e69ca3208e0bd23d457b170e0651a335a4d96730b0b11eaecf74d1" + hex"042c001e4617c99e6246ed98e07c2155a4e0dc379da3820c9d30820c99300f06" + hex"03551d130101ff040530030101ff300e0603551d0f0101ff0404030201ce3011" + hex"06096086480186f84201010404030200073010060b2b0601040183e445010101" + hex"0401313017060b2b0601040183e44501010204085347585f45504944304f060b" + hex"2b0601040183e44501010404402d67693c2bd23245ee4144d7f102a15134d67a" + hex"14f9d8902bce58315c1e60838db452c3acc00f3721c6490b7e1f57f2e0bcd039" + hex"7618db9432758f17c6d9b6c9613051060d2b0601040183e44501010301010440" + hex"020553728a607f66c0b6710fae805dda764ceda748b5f3031127a204823b356c" + hex"0000000000000000000000000000000000000000000000000000000000000000" + hex"30820b61060d2b0601040183e445010103010204820b4ef90b4bf904a8b904a5" + hex"308204a130820309a003020102020900d107765d32a3b096300d06092a864886" + hex"f70d01010b0500307e310b3009060355040613025553310b300906035504080c" + hex"0243413114301206035504070c0b53616e746120436c617261311a3018060355" + hex"040a0c11496e74656c20436f72706f726174696f6e3130302e06035504030c27" + hex"496e74656c20534758204174746573746174696f6e205265706f727420536967" + hex"6e696e67204341301e170d3136313132323039333635385a170d323631313230" + hex"3039333635385a307b310b3009060355040613025553310b300906035504080c" + hex"0243413114301206035504070c0b53616e746120436c617261311a3018060355" + hex"040a0c11496e74656c20436f72706f726174696f6e312d302b06035504030c24" + hex"496e74656c20534758204174746573746174696f6e205265706f727420536967" + hex"6e696e6730820122300d06092a864886f70d01010105000382010f003082010a" + hex"0282010100a97a2de0e66ea6147c9ee745ac0162686c7192099afc4b3f040fad" + hex"6de093511d74e802f510d716038157dcaf84f4104bd3fed7e6b8f99c8817fd1f" + hex"f5b9b864296c3d81fa8f1b729e02d21d72ffee4ced725efe74bea68fbc4d4244" + hex"286fcdd4bf64406a439a15bcb4cf67754489c423972b4a80df5c2e7c5bc2dbaf" + hex"2d42bb7b244f7c95bf92c75d3b33fc5410678a89589d1083da3acc459f2704cd" + hex"99598c275e7c1878e00757e5bdb4e840226c11c0a17ff79c80b15c1ddb5af21c" + hex"c2417061fbd2a2da819ed3b72b7efaa3bfebe2805c9b8ac19aa346512d484cfc" + hex"81941e15f55881cc127e8f7aa12300cd5afb5742fa1d20cb467a5beb1c666cf7" + hex"6a368978b50203010001a381a43081a1301f0603551d2304183016801478437b" + hex"76a67ebcd0af7e4237eb357c3b8701513c300e0603551d0f0101ff0404030206" + hex"c0300c0603551d130101ff0402300030600603551d1f045930573055a053a051" + hex"864f687474703a2f2f7472757374656473657276696365732e696e74656c2e63" + hex"6f6d2f636f6e74656e742f43524c2f5347582f4174746573746174696f6e5265" + hex"706f72745369676e696e6743412e63726c300d06092a864886f70d01010b0500" + hex"03820181006708b61b5c2bd215473e2b46af99284fbb939d3f3b152c996f1a6a" + hex"f3b329bd220b1d3b610f6bce2e6753bded304db21912f385256216cfcba456bd" + hex"96940be892f5690c260d1ef84f1606040222e5fe08e5326808212a447cfdd64a" + hex"46e94bf29f6b4b9a721d25b3c4e2f62f58baed5d77c505248f0f801f9fbfb7fd" + hex"752080095cee80938b339f6dbb4e165600e20e4a718812d49d9901e310a9b51d" + hex"66c79909c6996599fae6d76a79ef145d9943bf1d3e35d3b42d1fb9a45cbe8ee3" + hex"34c166eee7d32fcdc9935db8ec8bb1d8eb3779dd8ab92b6e387f0147450f1e38" + hex"1d08581fb83df33b15e000a59be57ea94a3a52dc64bdaec959b3464c91e725bb" + hex"daea3d99e857e380a23c9d9fb1ef58e9e42d71f12130f9261d7234d6c37e2b03" + hex"dba40dfdfb13ac4ad8e13fd3756356b6b50015a3ec9580b815d87c2cef715cd2" + hex"8df00bbf2a3c403ebf6691b3f05edd9143803ca085cff57e053eec2f8fea46ea" + hex"778a68c9be885bc28225bc5f309be4a2b74d3a03945319dd3c7122fed6ff53bb" + hex"8b8cb3a03cb9059a7b226e6f6e6365223a223146353741443337443146373431" + hex"414545333638354242393544454535423831222c226964223a22313433313138" + hex"3935343634323337303831313134373830373132303837343732333836333430" + hex"36222c2274696d657374616d70223a22323032342d30372d30385430313a3334" + hex"3a30372e343635393835222c2276657273696f6e223a352c2261747465737461" + hex"74696f6e54797065223a2245504944222c226570696450736575646f6e796d22" + hex"3a22534f4e2f437a3774504148454634663747624b367244774c2f6f4d58756d" + hex"497576466e2b7246516c5354555a41764948584f48556e574154794b65436243" + hex"58562b30795a3563436f7373796a526a34665a6d397341466c35626d42464e4f" + hex"4f4d4d2f536734684c523165375237692b4865646b63346a355175346e377948" + hex"4c342f3363692f6d61496335523256475630314b424f30487962416d6232504a" + hex"6a5332747867424d7753534e773d222c2261647669736f727955524c223a2268" + hex"747470733a2f2f73656375726974792d63656e7465722e696e74656c2e636f6d" + hex"222c2261647669736f7279494473223a5b22494e54454c2d53412d3030313631" + hex"222c22494e54454c2d53412d3030323139222c22494e54454c2d53412d303032" + hex"3839222c22494e54454c2d53412d3030333334222c22494e54454c2d53412d30" + hex"30363135222c22494e54454c2d53412d3030383238225d2c22697376456e636c" + hex"61766551756f7465537461747573223a2247524f55505f4f55545f4f465f4441" + hex"5445222c22706c6174666f726d496e666f426c6f62223a223135303230303635" + hex"3034303030393030303031343134303230343031303130373030303030303030" + hex"3030303030303030303030443030303030433030303030303032303030303030" + hex"3030303030303043343246454332383434393333303130414438383445413738" + hex"3146383739423832344137443642344237423946314436444436454642324136" + hex"4239334639433634433639434643393931363434324632414537463746354433" + hex"4233433539304630303039314343363346434331374141374432423343363943" + hex"34324637324134344144222c22697376456e636c61766551756f7465426f6479" + hex"223a22416741424145494d4141414e414130414141414141466844324c6c6644" + hex"616855675046753070486d536430414141414141414141414141414141414141" + hex"4141414578542f2f774543414141414141414141414141414141414141414141" + hex"4141414141414141414141414141414141414141414141414141414141414141" + hex"4141414277414141414141414141484141414141414141414b34417345635465" + hex"6e5975516630654975375149783066537748734746424a6346485167664b4273" + hex"5262754141414141414141414141414141414141414141414141414141414141" + hex"41414141414141414141414141434431786e6e6665724b464844327576597154" + hex"5864444138695a32326b434435787737683338434d664f6e6741414141414141" hex"4141414141414141414141414141414141414141414141414141414141414141" - hex"4141414141414141414141414277414141414141414141484141414141414141" - hex"414373704f6e74632f38444e6b41486b493252654b41334f62484e51456a3558" - hex"794e357a4e7a6a5a6852746e4141414141414141414141414141414141414141" - hex"41414141414141414141414141414141414141414141434431786e6e6665724b" - hex"4648443275765971545864444138695a32326b434435787737683338434d664f" - hex"6e67414141414141414141414141414141414141414141414141414141414141" hex"4141414141414141414141414141414141414141414141414141414141414141" hex"4141414141414141414141414141414141414141414141414141414141414141" hex"4141414141414141414141414141414141414141414141414141414141414141" hex"4141414141414141414141414141414141414141414141414141414141414141" hex"4141414141414141414141414141414141414141414141414141414141414141" - hex"4141414141414141414141414141414141414141414142575469366b2b515a69" - hex"57463275586647734c6c45384b38345532626c2f427a49454153416d3139576c" - hex"7a77414141414141414141414141414141414141414141414141414141414141" - hex"414141414141414141414141227db9010029dda58b778c77c067b6117e6690e8" - hex"7eaf2e03398ca49b092be3203f1046d0a754c85a078f032b2ca335949421a1e1" - hex"f8ba271ae1e2e52c613f6633767b1d92bf6ddc6ad52947b109d1e530d08d5e2b" - hex"237c90504250a890b3fb52fcd7a2cf2864851dc671acd85ce1177ee64635606d" - hex"31e48263af7ca6f170a8a547eaf60edc79973f18d8c317a0da8c829992bc5125" - hex"d97ef5d549bac744d4c311c670b4852af08b05a01dc3891254ea1c326e92c5d1" - hex"6cc23c93856f456aef0f1f92739f48430b6a26717a390e84cac53d437c09a531" - hex"02e8d9a2d0504f9658ec35b1da9e834675006daa676194139b326daeb335b20a" - hex"4077c94281d057769366f22c93c2671e19300c06082a8648ce3d040302050003" - hex"4800304502204bc3cbb7afb2c51764d6df5b7082301238b41046f771890eb4bb" - hex"c3a889d9f126022100f0474d61b6ab1ec87c27726c0dec24edfe96cbb003d5bf" - hex"3e7799220f22b3b888"; + hex"414141414141414141414141414158495337557a2f6353544246667a6459776a" + hex"316c57386f424931577176616e4578596c6a2b69467061454141414141414141" + hex"4141414141414141414141414141414141414141414141414141414141414141" + hex"414141222c227463624576616c756174696f6e446174614e756d626572223a31" + hex"377db901000d6a2aa2c158c3cd93dcc3968145c9a60c26318ea63bab5c6d2861" + hex"d1ed811a3bbd577c1dc28e6c8215cc69a385f11605ff6af8c1844670084399db" + hex"5fce9dbba85ba6b048203ee1803006c621d26abb9a699e97b67183a9e9698c2e" + hex"0854b1195fa04fa233fd98f5c03e3f2333f5a0c90645aee6692abd49d283247d" + hex"8c2c41a2ebcb54d5d6115cce6c96fb666569b3429b683fc03f9dfc8bdc953a30" + hex"b106f91bf8278c6c0eb25bdae9abef01301fab04368372f53d60bf080ec8f668" + hex"1239192b1db34d158d21cb9ac794294a4274a6ca47fcde9a9a33f0351a3702fe" + hex"21f7d04a8302bd78332c04d444b069483d8c3aa5128ce93bea4e134035223121" + hex"7ec1e50147302f060b2b0601040183e44501010704208e6c440e300acde68c1a" + hex"3396d3bdbfa8d471aac09dce79392da9c1b90736d795300a06082a8648ce3d04" + hex"0302034800304502207ac59e6e0c939fd42f3a243915f5b4c237da2f7a8498d0" + hex"1083c6b209c6297a7b022100f69a815d1c7516241dd8cd933dc8f2628c5a751e" + hex"9ba33354a4031be14b1930f5"; + + bytes constant DECENT_SVR_CERT_TBS = + hex"30820e4ea00302010202146b6fe6c4c67da011f760ad2e823e2595ca0f9d5130" + hex"0a06082a8648ce3d0403023081843153305106035504030c4a41453030423034" + hex"3731333741373632453431464431453232454544303233314431463442303145" + hex"433138353034393730353144303831463238314231313645455f536563703235" + hex"366b3131163014060355040a0c0d446563656e74456e636c6176653115301306" + hex"0355040b0c0c446563656e74536572766572301e170d32323031303130303030" + hex"30305a170d3232303130313030303030305a3081843153305106035504030c4a" + hex"4145303042303437313337413736324534314644314532324545443032333144" + hex"3146344230314543313835303439373035314430383146323831423131364545" + hex"5f536563703235366b3131163014060355040a0c0d446563656e74456e636c61" + hex"766531153013060355040b0c0c446563656e745365727665723056301006072a" + hex"8648ce3d020106052b8104000a03420004d34fcbf203332daab18a97c2e8a7d1" + hex"97e69ca3208e0bd23d457b170e0651a335a4d96730b0b11eaecf74d1042c001e" + hex"4617c99e6246ed98e07c2155a4e0dc379da3820c9d30820c99300f0603551d13" + hex"0101ff040530030101ff300e0603551d0f0101ff0404030201ce301106096086" + hex"480186f84201010404030200073010060b2b0601040183e44501010104013130" + hex"17060b2b0601040183e44501010204085347585f45504944304f060b2b060104" + hex"0183e44501010404402d67693c2bd23245ee4144d7f102a15134d67a14f9d890" + hex"2bce58315c1e60838db452c3acc00f3721c6490b7e1f57f2e0bcd0397618db94" + hex"32758f17c6d9b6c9613051060d2b0601040183e4450101030101044002055372" + hex"8a607f66c0b6710fae805dda764ceda748b5f3031127a204823b356c00000000" + hex"0000000000000000000000000000000000000000000000000000000030820b61" + hex"060d2b0601040183e445010103010204820b4ef90b4bf904a8b904a5308204a1" + hex"30820309a003020102020900d107765d32a3b096300d06092a864886f70d0101" + hex"0b0500307e310b3009060355040613025553310b300906035504080c02434131" + hex"14301206035504070c0b53616e746120436c617261311a3018060355040a0c11" + hex"496e74656c20436f72706f726174696f6e3130302e06035504030c27496e7465" + hex"6c20534758204174746573746174696f6e205265706f7274205369676e696e67" + hex"204341301e170d3136313132323039333635385a170d32363131323030393336" + hex"35385a307b310b3009060355040613025553310b300906035504080c02434131" + hex"14301206035504070c0b53616e746120436c617261311a3018060355040a0c11" + hex"496e74656c20436f72706f726174696f6e312d302b06035504030c24496e7465" + hex"6c20534758204174746573746174696f6e205265706f7274205369676e696e67" + hex"30820122300d06092a864886f70d01010105000382010f003082010a02820101" + hex"00a97a2de0e66ea6147c9ee745ac0162686c7192099afc4b3f040fad6de09351" + hex"1d74e802f510d716038157dcaf84f4104bd3fed7e6b8f99c8817fd1ff5b9b864" + hex"296c3d81fa8f1b729e02d21d72ffee4ced725efe74bea68fbc4d4244286fcdd4" + hex"bf64406a439a15bcb4cf67754489c423972b4a80df5c2e7c5bc2dbaf2d42bb7b" + hex"244f7c95bf92c75d3b33fc5410678a89589d1083da3acc459f2704cd99598c27" + hex"5e7c1878e00757e5bdb4e840226c11c0a17ff79c80b15c1ddb5af21cc2417061" + hex"fbd2a2da819ed3b72b7efaa3bfebe2805c9b8ac19aa346512d484cfc81941e15" + hex"f55881cc127e8f7aa12300cd5afb5742fa1d20cb467a5beb1c666cf76a368978" + hex"b50203010001a381a43081a1301f0603551d2304183016801478437b76a67ebc" + hex"d0af7e4237eb357c3b8701513c300e0603551d0f0101ff0404030206c0300c06" + hex"03551d130101ff0402300030600603551d1f045930573055a053a051864f6874" + hex"74703a2f2f7472757374656473657276696365732e696e74656c2e636f6d2f63" + hex"6f6e74656e742f43524c2f5347582f4174746573746174696f6e5265706f7274" + hex"5369676e696e6743412e63726c300d06092a864886f70d01010b050003820181" + hex"006708b61b5c2bd215473e2b46af99284fbb939d3f3b152c996f1a6af3b329bd" + hex"220b1d3b610f6bce2e6753bded304db21912f385256216cfcba456bd96940be8" + hex"92f5690c260d1ef84f1606040222e5fe08e5326808212a447cfdd64a46e94bf2" + hex"9f6b4b9a721d25b3c4e2f62f58baed5d77c505248f0f801f9fbfb7fd75208009" + hex"5cee80938b339f6dbb4e165600e20e4a718812d49d9901e310a9b51d66c79909" + hex"c6996599fae6d76a79ef145d9943bf1d3e35d3b42d1fb9a45cbe8ee334c166ee" + hex"e7d32fcdc9935db8ec8bb1d8eb3779dd8ab92b6e387f0147450f1e381d08581f" + hex"b83df33b15e000a59be57ea94a3a52dc64bdaec959b3464c91e725bbdaea3d99" + hex"e857e380a23c9d9fb1ef58e9e42d71f12130f9261d7234d6c37e2b03dba40dfd" + hex"fb13ac4ad8e13fd3756356b6b50015a3ec9580b815d87c2cef715cd28df00bbf" + hex"2a3c403ebf6691b3f05edd9143803ca085cff57e053eec2f8fea46ea778a68c9" + hex"be885bc28225bc5f309be4a2b74d3a03945319dd3c7122fed6ff53bb8b8cb3a0" + hex"3cb9059a7b226e6f6e6365223a22314635374144333744314637343141454533" + hex"3638354242393544454535423831222c226964223a2231343331313839353436" + hex"3432333730383131313437383037313230383734373233383633343036222c22" + hex"74696d657374616d70223a22323032342d30372d30385430313a33343a30372e" + hex"343635393835222c2276657273696f6e223a352c226174746573746174696f6e" + hex"54797065223a2245504944222c226570696450736575646f6e796d223a22534f" + hex"4e2f437a3774504148454634663747624b367244774c2f6f4d58756d49757646" + hex"6e2b7246516c5354555a41764948584f48556e574154794b6543624358562b30" + hex"795a3563436f7373796a526a34665a6d397341466c35626d42464e4f4f4d4d2f" + hex"536734684c523165375237692b4865646b63346a355175346e3779484c342f33" + hex"63692f6d61496335523256475630314b424f30487962416d6232504a6a533274" + hex"7867424d7753534e773d222c2261647669736f727955524c223a226874747073" + hex"3a2f2f73656375726974792d63656e7465722e696e74656c2e636f6d222c2261" + hex"647669736f7279494473223a5b22494e54454c2d53412d3030313631222c2249" + hex"4e54454c2d53412d3030323139222c22494e54454c2d53412d3030323839222c" + hex"22494e54454c2d53412d3030333334222c22494e54454c2d53412d3030363135" + hex"222c22494e54454c2d53412d3030383238225d2c22697376456e636c61766551" + hex"756f7465537461747573223a2247524f55505f4f55545f4f465f44415445222c" + hex"22706c6174666f726d496e666f426c6f62223a22313530323030363530343030" + hex"3039303030303134313430323034303130313037303030303030303030303030" + hex"3030303030303044303030303043303030303030303230303030303030303030" + hex"3030304334324645433238343439333330313041443838344541373831463837" + hex"3942383234413744364234423742394631443644443645464232413642393346" + hex"3943363443363943464339393136343432463241453746374635443342334335" + hex"3930463030303931434336334643433137414137443242334336394334324637" + hex"324134344144222c22697376456e636c61766551756f7465426f6479223a2241" + hex"6741424145494d4141414e414130414141414141466844324c6c664461685567" + hex"5046753070486d53643041414141414141414141414141414141414141414145" + hex"78542f2f77454341414141414141414141414141414141414141414141414141" + hex"4141414141414141414141414141414141414141414141414141414141414142" + hex"77414141414141414141484141414141414141414b344173456354656e597551" + hex"6630654975375149783066537748734746424a6346485167664b427352627541" + hex"4141414141414141414141414141414141414141414141414141414141414141" + hex"414141414141414141434431786e6e6665724b46484432757659715458644441" + hex"38695a32326b434435787737683338434d664f6e674141414141414141414141" + hex"4141414141414141414141414141414141414141414141414141414141414141" + hex"4141414141414141414141414141414141414141414141414141414141414141" + hex"4141414141414141414141414141414141414141414141414141414141414141" + hex"4141414141414141414141414141414141414141414141414141414141414141" + hex"4141414141414141414141414141414141414141414141414141414141414141" + hex"4141414141414141414141414141414141414141414141414141414141414141" + hex"4141414141414141414158495337557a2f6353544246667a6459776a316c5738" + hex"6f424931577176616e4578596c6a2b6946706145414141414141414141414141" + hex"4141414141414141414141414141414141414141414141414141414141414122" + hex"2c227463624576616c756174696f6e446174614e756d626572223a31377db901" + hex"000d6a2aa2c158c3cd93dcc3968145c9a60c26318ea63bab5c6d2861d1ed811a" + hex"3bbd577c1dc28e6c8215cc69a385f11605ff6af8c1844670084399db5fce9dbb" + hex"a85ba6b048203ee1803006c621d26abb9a699e97b67183a9e9698c2e0854b119" + hex"5fa04fa233fd98f5c03e3f2333f5a0c90645aee6692abd49d283247d8c2c41a2" + hex"ebcb54d5d6115cce6c96fb666569b3429b683fc03f9dfc8bdc953a30b106f91b" + hex"f8278c6c0eb25bdae9abef01301fab04368372f53d60bf080ec8f6681239192b" + hex"1db34d158d21cb9ac794294a4274a6ca47fcde9a9a33f0351a3702fe21f7d04a" + hex"8302bd78332c04d444b069483d8c3aa5128ce93bea4e1340352231217ec1e501" + hex"47302f060b2b0601040183e44501010704208e6c440e300acde68c1a3396d3bd" + hex"bfa8d471aac09dce79392da9c1b90736d795"; + + uint256 constant DECENT_SVR_CERT_NOT_BEFORE = 1640995200; + uint256 constant DECENT_SVR_CERT_NOT_AFTER = 1640995200; + + string constant DECENT_SVR_CERT_NAME_CN = "AE00B047137A762E41FD1E22EED0231D1F4B01EC1850497051D081F281B116EE_Secp256k1"; + string constant DECENT_SVR_CERT_NAME_O = "DecentEnclave"; + + bytes32 constant DECENT_SVR_CERT_HASH = + hex"4d2c470aed823777f214476ca03a6d078807a8c0f33b0540b7de01771ab07a2f"; + + bytes constant DECENT_SVR_CERT_SIGN = + hex"304502207ac59e6e0c939fd42f3a243915f5b4c237da2f7a8498d01083c6b209" + hex"c6297a7b022100f69a815d1c7516241dd8cd933dc8f2628c5a751e9ba33354a4" + hex"031be14b1930f5"; + + uint8 constant DECENT_SVR_CERT_SIGN_V = 27; + bytes32 constant DECENT_SVR_CERT_SIGN_R = + hex"7ac59e6e0c939fd42f3a243915f5b4c237da2f7a8498d01083c6b209c6297a7b"; + bytes32 constant DECENT_SVR_CERT_SIGN_S = + hex"f69a815d1c7516241dd8cd933dc8f2628c5a751e9ba33354a4031be14b1930f5"; + + bytes constant DECENT_SVR_CERT_KEY_DER = + hex"3056301006072a8648ce3d020106052b8104000a03420004d34fcbf203332daa" + hex"b18a97c2e8a7d197e69ca3208e0bd23d457b170e0651a335a4d96730b0b11eae" + hex"cf74d1042c001e4617c99e6246ed98e07c2155a4e0dc379d"; + + bytes32 constant DECENT_SVR_CERT_KEY_X = + hex"d34fcbf203332daab18a97c2e8a7d197e69ca3208e0bd23d457b170e0651a335"; + bytes32 constant DECENT_SVR_CERT_KEY_Y = + hex"a4d96730b0b11eaecf74d1042c001e4617c99e6246ed98e07c2155a4e0dc379d"; bytes constant DECENT_SVR_CERT_KEY_BYTES = - hex"a7354ba6e1ff9ccdc480e86b5bdbb7b626cf809da86e9f4a1b648df77c3e1beb" - hex"dc701843d7ccb9917431fab88ec01789582f65a06b8cbeb169efb7d2354831ed"; + hex"d34fcbf203332daab18a97c2e8a7d197e69ca3208e0bd23d457b170e0651a335" + hex"a4d96730b0b11eaecf74d1042c001e4617c99e6246ed98e07c2155a4e0dc379d"; address constant DECENT_SVR_CERT_KEY_ADDR = - 0xd11169Fe26A678dFb634C67aC85C05ccd796dAEd; + 0xB972eE70CB574ec4FBCA6Eb479d632131a425d0f; - bytes32 constant DECENT_SVR_CERT_HASH = - 0x732f273ebc132ab780f30ad1592dad9c50eeab9c2d7a677cf2f076d32b67f71f; + string constant DECENT_SVR_CERT_VERSION = "1"; - bytes32 constant DECENT_SVR_CERT_SIGN_R = - hex"4bc3cbb7afb2c51764d6df5b7082301238b41046f771890eb4bbc3a889d9f126"; - bytes32 constant DECENT_SVR_CERT_SIGN_S = - hex"f0474d61b6ab1ec87c27726c0dec24edfe96cbb003d5bf3e7799220f22b3b888"; + string constant DECENT_SVR_CERT_TYPE = "SGX_EPID"; bytes constant DECENT_SVR_CERT_KEYRING = - hex"436b1e0092c41144116cedadcbeb3996cb2b22dc5d2429d61bac67d9ea829c96" - hex"f1e85721407ccba565945bc6f8a5de67920ed63395ce146abc26ba03507c84b1"; + hex"2d67693c2bd23245ee4144d7f102a15134d67a14f9d8902bce58315c1e60838d" + hex"b452c3acc00f3721c6490b7e1f57f2e0bcd0397618db9432758f17c6d9b6c961"; + + bytes32 constant DECENT_SVR_CERT_PLAT_ID = + hex"8e6c440e300acde68c1a3396d3bdbfa8d471aac09dce79392da9c1b90736d795"; bytes constant DECENT_SVR_CERT_STD_REP_DATA = - hex"C6C66CE0F0D9388218667B11A5CC5CDFF94A8309D29BF664F859DE63CD496BE2" + hex"020553728a607f66c0b6710fae805dda764ceda748b5f3031127a204823b356c" hex"0000000000000000000000000000000000000000000000000000000000000000"; bytes constant DECENT_SVR_CERT_ATT_REP_RLP = - hex"f90b16f904a8b904a5308204a130820309a003020102020900d107765d32a3b0" + hex"f90b4bf904a8b904a5308204a130820309a003020102020900d107765d32a3b0" hex"96300d06092a864886f70d01010b0500307e310b300906035504061302555331" hex"0b300906035504080c0243413114301206035504070c0b53616e746120436c61" hex"7261311a3018060355040a0c11496e74656c20436f72706f726174696f6e3130" @@ -443,159 +590,270 @@ library TestCerts { hex"261d7234d6c37e2b03dba40dfdfb13ac4ad8e13fd3756356b6b50015a3ec9580" hex"b815d87c2cef715cd28df00bbf2a3c403ebf6691b3f05edd9143803ca085cff5" hex"7e053eec2f8fea46ea778a68c9be885bc28225bc5f309be4a2b74d3a03945319" - hex"dd3c7122fed6ff53bb8b8cb3a03cb905657b226e6f6e6365223a224443454137" - hex"424643393638463131394343463735354244453844423142373633222c226964" - hex"223a223237323632313432313936343433313836353038303137363330333830" - hex"3039323031343238222c2274696d657374616d70223a22323032332d30342d32" - hex"345431383a33313a30352e353333313834222c2276657273696f6e223a342c22" - hex"6570696450736575646f6e796d223a22534f4e2f437a37745041484546346637" - hex"47624b367244774c2f6f4d58756d497576466e2b7246516c5354555a41764948" - hex"584f48556e574154794b6543624358562b30795a3563436f7373796a526a3466" - hex"5a6d397341466c35626d42464e4f4f4d4d2f536734684c523165375237692b48" - hex"65646b63346a355175346e3779484c342f3363692f6d61496335523256475630" - hex"314b424f30487962416d6232504a6a5332747867424d7753534e773d222c2261" - hex"647669736f727955524c223a2268747470733a2f2f73656375726974792d6365" - hex"6e7465722e696e74656c2e636f6d222c2261647669736f7279494473223a5b22" - hex"494e54454c2d53412d3030313631222c22494e54454c2d53412d303032313922" - hex"2c22494e54454c2d53412d3030323839222c22494e54454c2d53412d30303333" - hex"34222c22494e54454c2d53412d3030363135225d2c22697376456e636c617665" - hex"51756f7465537461747573223a22434f4e46494755524154494f4e5f414e445f" - hex"53575f48415244454e494e475f4e4545444544222c22706c6174666f726d496e" - hex"666f426c6f62223a223135303230303635303030303038303030303133313330" - hex"3230343031303130373030303030303030303030303030303030303044303030" - hex"3030433030303030303032303030303030303030303030304334324645383043" - hex"3844433143423236453533444531333941304531304130443146313930334243" - hex"4142324531343030354444374546413830413632323132463233324136444244" - hex"4539353033453531453338374537363145333046434237443431394239444438" - hex"384535363038373943444533394344344139414546303535384344222c226973" - hex"76456e636c61766551756f7465426f6479223a22416741424145494d4141414e" - hex"414130414141414141466844324c6c6644616855675046753070486d53643041" - hex"41414141414141414141414141414141414141414578502f2f77454341414141" + hex"dd3c7122fed6ff53bb8b8cb3a03cb9059a7b226e6f6e6365223a223146353741" + hex"443337443146373431414545333638354242393544454535423831222c226964" + hex"223a223134333131383935343634323337303831313134373830373132303837" + hex"34373233383633343036222c2274696d657374616d70223a22323032342d3037" + hex"2d30385430313a33343a30372e343635393835222c2276657273696f6e223a35" + hex"2c226174746573746174696f6e54797065223a2245504944222c226570696450" + hex"736575646f6e796d223a22534f4e2f437a3774504148454634663747624b3672" + hex"44774c2f6f4d58756d497576466e2b7246516c5354555a41764948584f48556e" + hex"574154794b6543624358562b30795a3563436f7373796a526a34665a6d397341" + hex"466c35626d42464e4f4f4d4d2f536734684c523165375237692b4865646b6334" + hex"6a355175346e3779484c342f3363692f6d61496335523256475630314b424f30" + hex"487962416d6232504a6a5332747867424d7753534e773d222c2261647669736f" + hex"727955524c223a2268747470733a2f2f73656375726974792d63656e7465722e" + hex"696e74656c2e636f6d222c2261647669736f7279494473223a5b22494e54454c" + hex"2d53412d3030313631222c22494e54454c2d53412d3030323139222c22494e54" + hex"454c2d53412d3030323839222c22494e54454c2d53412d3030333334222c2249" + hex"4e54454c2d53412d3030363135222c22494e54454c2d53412d3030383238225d" + hex"2c22697376456e636c61766551756f7465537461747573223a2247524f55505f" + hex"4f55545f4f465f44415445222c22706c6174666f726d496e666f426c6f62223a" + hex"2231353032303036353034303030393030303031343134303230343031303130" + hex"3730303030303030303030303030303030303030443030303030433030303030" + hex"3030323030303030303030303030303043343246454332383434393333303130" + hex"4144383834454137383146383739423832344137443642344237423946314436" + hex"4444364546423241364239334639433634433639434643393931363434324632" + hex"4145374637463544334233433539304630303039314343363346434331374141" + hex"37443242334336394334324637324134344144222c22697376456e636c617665" + hex"51756f7465426f6479223a22416741424145494d4141414e4141304141414141" + hex"41466844324c6c6644616855675046753070486d536430414141414141414141" + hex"4141414141414141414141414578542f2f774543414141414141414141414141" hex"4141414141414141414141414141414141414141414141414141414141414141" - hex"4141414141414141414141414141414141414141427741414141414141414148" - hex"4141414141414141414373704f6e74632f38444e6b41486b493252654b41334f" - hex"62484e51456a3558794e357a4e7a6a5a6852746e414141414141414141414141" - hex"4141414141414141414141414141414141414141414141414141414141414344" - hex"31786e6e6665724b4648443275765971545864444138695a32326b4344357877" - hex"37683338434d664f6e6741414141414141414141414141414141414141414141" + hex"4141414141414141414141414277414141414141414141484141414141414141" + hex"414b344173456354656e5975516630654975375149783066537748734746424a" + hex"6346485167664b42735262754141414141414141414141414141414141414141" + hex"41414141414141414141414141414141414141414141434431786e6e6665724b" + hex"4648443275765971545864444138695a32326b434435787737683338434d664f" + hex"6e67414141414141414141414141414141414141414141414141414141414141" hex"4141414141414141414141414141414141414141414141414141414141414141" hex"4141414141414141414141414141414141414141414141414141414141414141" hex"4141414141414141414141414141414141414141414141414141414141414141" hex"4141414141414141414141414141414141414141414141414141414141414141" hex"4141414141414141414141414141414141414141414141414141414141414141" - hex"4141414141414141414141414141414141414141414141414141414141414257" - hex"5469366b2b515a6957463275586647734c6c45384b38345532626c2f427a4945" - hex"4153416d3139576c7a7741414141414141414141414141414141414141414141" - hex"4141414141414141414141414141414141414141227db9010029dda58b778c77" - hex"c067b6117e6690e87eaf2e03398ca49b092be3203f1046d0a754c85a078f032b" - hex"2ca335949421a1e1f8ba271ae1e2e52c613f6633767b1d92bf6ddc6ad52947b1" - hex"09d1e530d08d5e2b237c90504250a890b3fb52fcd7a2cf2864851dc671acd85c" - hex"e1177ee64635606d31e48263af7ca6f170a8a547eaf60edc79973f18d8c317a0" - hex"da8c829992bc5125d97ef5d549bac744d4c311c670b4852af08b05a01dc38912" - hex"54ea1c326e92c5d16cc23c93856f456aef0f1f92739f48430b6a26717a390e84" - hex"cac53d437c09a53102e8d9a2d0504f9658ec35b1da9e834675006daa67619413" - hex"9b326daeb335b20a4077c94281d057769366f22c93c2671e19"; + hex"414141414141414141414141414141414141414141414158495337557a2f6353" + hex"544246667a6459776a316c57386f424931577176616e4578596c6a2b69467061" + hex"4541414141414141414141414141414141414141414141414141414141414141" + hex"414141414141414141414141222c227463624576616c756174696f6e44617461" + hex"4e756d626572223a31377db901000d6a2aa2c158c3cd93dcc3968145c9a60c26" + hex"318ea63bab5c6d2861d1ed811a3bbd577c1dc28e6c8215cc69a385f11605ff6a" + hex"f8c1844670084399db5fce9dbba85ba6b048203ee1803006c621d26abb9a699e" + hex"97b67183a9e9698c2e0854b1195fa04fa233fd98f5c03e3f2333f5a0c90645ae" + hex"e6692abd49d283247d8c2c41a2ebcb54d5d6115cce6c96fb666569b3429b683f" + hex"c03f9dfc8bdc953a30b106f91bf8278c6c0eb25bdae9abef01301fab04368372" + hex"f53d60bf080ec8f6681239192b1db34d158d21cb9ac794294a4274a6ca47fcde" + hex"9a9a33f0351a3702fe21f7d04a8302bd78332c04d444b069483d8c3aa5128ce9" + hex"3bea4e1340352231217ec1e50147"; + + bytes constant DECENT_SVR_CERT_ATT_REP_CERT = + hex"308204a130820309a003020102020900d107765d32a3b096300d06092a864886" + hex"f70d01010b0500307e310b3009060355040613025553310b300906035504080c" + hex"0243413114301206035504070c0b53616e746120436c617261311a3018060355" + hex"040a0c11496e74656c20436f72706f726174696f6e3130302e06035504030c27" + hex"496e74656c20534758204174746573746174696f6e205265706f727420536967" + hex"6e696e67204341301e170d3136313132323039333635385a170d323631313230" + hex"3039333635385a307b310b3009060355040613025553310b300906035504080c" + hex"0243413114301206035504070c0b53616e746120436c617261311a3018060355" + hex"040a0c11496e74656c20436f72706f726174696f6e312d302b06035504030c24" + hex"496e74656c20534758204174746573746174696f6e205265706f727420536967" + hex"6e696e6730820122300d06092a864886f70d01010105000382010f003082010a" + hex"0282010100a97a2de0e66ea6147c9ee745ac0162686c7192099afc4b3f040fad" + hex"6de093511d74e802f510d716038157dcaf84f4104bd3fed7e6b8f99c8817fd1f" + hex"f5b9b864296c3d81fa8f1b729e02d21d72ffee4ced725efe74bea68fbc4d4244" + hex"286fcdd4bf64406a439a15bcb4cf67754489c423972b4a80df5c2e7c5bc2dbaf" + hex"2d42bb7b244f7c95bf92c75d3b33fc5410678a89589d1083da3acc459f2704cd" + hex"99598c275e7c1878e00757e5bdb4e840226c11c0a17ff79c80b15c1ddb5af21c" + hex"c2417061fbd2a2da819ed3b72b7efaa3bfebe2805c9b8ac19aa346512d484cfc" + hex"81941e15f55881cc127e8f7aa12300cd5afb5742fa1d20cb467a5beb1c666cf7" + hex"6a368978b50203010001a381a43081a1301f0603551d2304183016801478437b" + hex"76a67ebcd0af7e4237eb357c3b8701513c300e0603551d0f0101ff0404030206" + hex"c0300c0603551d130101ff0402300030600603551d1f045930573055a053a051" + hex"864f687474703a2f2f7472757374656473657276696365732e696e74656c2e63" + hex"6f6d2f636f6e74656e742f43524c2f5347582f4174746573746174696f6e5265" + hex"706f72745369676e696e6743412e63726c300d06092a864886f70d01010b0500" + hex"03820181006708b61b5c2bd215473e2b46af99284fbb939d3f3b152c996f1a6a" + hex"f3b329bd220b1d3b610f6bce2e6753bded304db21912f385256216cfcba456bd" + hex"96940be892f5690c260d1ef84f1606040222e5fe08e5326808212a447cfdd64a" + hex"46e94bf29f6b4b9a721d25b3c4e2f62f58baed5d77c505248f0f801f9fbfb7fd" + hex"752080095cee80938b339f6dbb4e165600e20e4a718812d49d9901e310a9b51d" + hex"66c79909c6996599fae6d76a79ef145d9943bf1d3e35d3b42d1fb9a45cbe8ee3" + hex"34c166eee7d32fcdc9935db8ec8bb1d8eb3779dd8ab92b6e387f0147450f1e38" + hex"1d08581fb83df33b15e000a59be57ea94a3a52dc64bdaec959b3464c91e725bb" + hex"daea3d99e857e380a23c9d9fb1ef58e9e42d71f12130f9261d7234d6c37e2b03" + hex"dba40dfdfb13ac4ad8e13fd3756356b6b50015a3ec9580b815d87c2cef715cd2" + hex"8df00bbf2a3c403ebf6691b3f05edd9143803ca085cff57e053eec2f8fea46ea" + hex"778a68c9be885bc28225bc5f309be4a2b74d3a03945319dd3c7122fed6ff53bb" + hex"8b8cb3a03c"; bytes constant DECENT_SVR_CERT_ATT_REP_JSON = - hex"7b226e6f6e6365223a2244434541374246433936384631313943434637353542" - hex"44453844423142373633222c226964223a223237323632313432313936343433" - hex"3138363530383031373633303338303039323031343238222c2274696d657374" - hex"616d70223a22323032332d30342d32345431383a33313a30352e353333313834" - hex"222c2276657273696f6e223a342c226570696450736575646f6e796d223a2253" - hex"4f4e2f437a3774504148454634663747624b367244774c2f6f4d58756d497576" - hex"466e2b7246516c5354555a41764948584f48556e574154794b6543624358562b" - hex"30795a3563436f7373796a526a34665a6d397341466c35626d42464e4f4f4d4d" - hex"2f536734684c523165375237692b4865646b63346a355175346e3779484c342f" - hex"3363692f6d61496335523256475630314b424f30487962416d6232504a6a5332" - hex"747867424d7753534e773d222c2261647669736f727955524c223a2268747470" - hex"733a2f2f73656375726974792d63656e7465722e696e74656c2e636f6d222c22" - hex"61647669736f7279494473223a5b22494e54454c2d53412d3030313631222c22" - hex"494e54454c2d53412d3030323139222c22494e54454c2d53412d303032383922" - hex"2c22494e54454c2d53412d3030333334222c22494e54454c2d53412d30303631" - hex"35225d2c22697376456e636c61766551756f7465537461747573223a22434f4e" - hex"46494755524154494f4e5f414e445f53575f48415244454e494e475f4e454544" - hex"4544222c22706c6174666f726d496e666f426c6f62223a223135303230303635" - hex"3030303030383030303031333133303230343031303130373030303030303030" - hex"3030303030303030303030443030303030433030303030303032303030303030" - hex"3030303030303043343246453830433844433143423236453533444531333941" - hex"3045313041304431463139303342434142324531343030354444374546413830" - hex"4136323231324632333241364442444539353033453531453338374537363145" - hex"3330464342374434313942394444383845353630383739434445333943443441" - hex"39414546303535384344222c22697376456e636c61766551756f7465426f6479" - hex"223a22416741424145494d4141414e414130414141414141466844324c6c6644" - hex"616855675046753070486d536430414141414141414141414141414141414141" - hex"4141414578502f2f774543414141414141414141414141414141414141414141" - hex"4141414141414141414141414141414141414141414141414141414141414141" - hex"4141414277414141414141414141484141414141414141414373704f6e74632f" - hex"38444e6b41486b493252654b41334f62484e51456a3558794e357a4e7a6a5a68" - hex"52746e4141414141414141414141414141414141414141414141414141414141" - hex"41414141414141414141414141434431786e6e6665724b464844327576597154" - hex"5864444138695a32326b434435787737683338434d664f6e6741414141414141" + hex"7b226e6f6e6365223a2231463537414433374431463734314145453336383542" + hex"42393544454535423831222c226964223a223134333131383935343634323337" + hex"30383131313437383037313230383734373233383633343036222c2274696d65" + hex"7374616d70223a22323032342d30372d30385430313a33343a30372e34363539" + hex"3835222c2276657273696f6e223a352c226174746573746174696f6e54797065" + hex"223a2245504944222c226570696450736575646f6e796d223a22534f4e2f437a" + hex"3774504148454634663747624b367244774c2f6f4d58756d497576466e2b7246" + hex"516c5354555a41764948584f48556e574154794b6543624358562b30795a3563" + hex"436f7373796a526a34665a6d397341466c35626d42464e4f4f4d4d2f53673468" + hex"4c523165375237692b4865646b63346a355175346e3779484c342f3363692f6d" + hex"61496335523256475630314b424f30487962416d6232504a6a5332747867424d" + hex"7753534e773d222c2261647669736f727955524c223a2268747470733a2f2f73" + hex"656375726974792d63656e7465722e696e74656c2e636f6d222c226164766973" + hex"6f7279494473223a5b22494e54454c2d53412d3030313631222c22494e54454c" + hex"2d53412d3030323139222c22494e54454c2d53412d3030323839222c22494e54" + hex"454c2d53412d3030333334222c22494e54454c2d53412d3030363135222c2249" + hex"4e54454c2d53412d3030383238225d2c22697376456e636c61766551756f7465" + hex"537461747573223a2247524f55505f4f55545f4f465f44415445222c22706c61" + hex"74666f726d496e666f426c6f62223a2231353032303036353034303030393030" + hex"3030313431343032303430313031303730303030303030303030303030303030" + hex"3030304430303030304330303030303030323030303030303030303030303043" + hex"3432464543323834343933333031304144383834454137383146383739423832" + hex"3441374436423442374239463144364444364546423241364239334639433634" + hex"4336394346433939313634343246324145374637463544334233433539304630" + hex"3030393143433633464343313741413744324233433639433432463732413434" + hex"4144222c22697376456e636c61766551756f7465426f6479223a224167414241" + hex"45494d4141414e414130414141414141466844324c6c66446168556750467530" + hex"70486d5364304141414141414141414141414141414141414141414578542f2f" + hex"7745434141414141414141414141414141414141414141414141414141414141" + hex"4141414141414141414141414141414141414141414141414141414277414141" + hex"414141414141484141414141414141414b344173456354656e59755166306549" + hex"75375149783066537748734746424a6346485167664b42735262754141414141" hex"4141414141414141414141414141414141414141414141414141414141414141" + hex"4141414141434431786e6e6665724b4648443275765971545864444138695a32" + hex"326b434435787737683338434d664f6e67414141414141414141414141414141" hex"4141414141414141414141414141414141414141414141414141414141414141" hex"4141414141414141414141414141414141414141414141414141414141414141" hex"4141414141414141414141414141414141414141414141414141414141414141" hex"4141414141414141414141414141414141414141414141414141414141414141" hex"4141414141414141414141414141414141414141414141414141414141414141" - hex"4141414141414141414141414142575469366b2b515a6957463275586647734c" - hex"6c45384b38345532626c2f427a49454153416d3139576c7a7741414141414141" hex"4141414141414141414141414141414141414141414141414141414141414141" - hex"414141227d"; + hex"41414141414158495337557a2f6353544246667a6459776a316c57386f424931" + hex"577176616e4578596c6a2b694670614541414141414141414141414141414141" + hex"414141414141414141414141414141414141414141414141414141222c227463" + hex"624576616c756174696f6e446174614e756d626572223a31377d"; bytes constant DECENT_SVR_CERT_ATT_REP_SIGN = - hex"29dda58b778c77c067b6117e6690e87eaf2e03398ca49b092be3203f1046d0a7" - hex"54c85a078f032b2ca335949421a1e1f8ba271ae1e2e52c613f6633767b1d92bf" - hex"6ddc6ad52947b109d1e530d08d5e2b237c90504250a890b3fb52fcd7a2cf2864" - hex"851dc671acd85ce1177ee64635606d31e48263af7ca6f170a8a547eaf60edc79" - hex"973f18d8c317a0da8c829992bc5125d97ef5d549bac744d4c311c670b4852af0" - hex"8b05a01dc3891254ea1c326e92c5d16cc23c93856f456aef0f1f92739f48430b" - hex"6a26717a390e84cac53d437c09a53102e8d9a2d0504f9658ec35b1da9e834675" - hex"006daa676194139b326daeb335b20a4077c94281d057769366f22c93c2671e19"; + hex"0d6a2aa2c158c3cd93dcc3968145c9a60c26318ea63bab5c6d2861d1ed811a3b" + hex"bd577c1dc28e6c8215cc69a385f11605ff6af8c1844670084399db5fce9dbba8" + hex"5ba6b048203ee1803006c621d26abb9a699e97b67183a9e9698c2e0854b1195f" + hex"a04fa233fd98f5c03e3f2333f5a0c90645aee6692abd49d283247d8c2c41a2eb" + hex"cb54d5d6115cce6c96fb666569b3429b683fc03f9dfc8bdc953a30b106f91bf8" + hex"278c6c0eb25bdae9abef01301fab04368372f53d60bf080ec8f6681239192b1d" + hex"b34d158d21cb9ac794294a4274a6ca47fcde9a9a33f0351a3702fe21f7d04a83" + hex"02bd78332c04d444b069483d8c3aa5128ce93bea4e1340352231217ec1e50147"; + + string constant DECENT_SVR_CERT_QUOTE_ST = "GROUP_OUT_OF_DATE"; bytes32 constant DECENT_SVR_CERT_ENCL_HASH = - hex"2b293a7b5cffc0cd9001e423645e280dce6c7350123e57c8de733738d9851b67"; + hex"ae00b047137a762e41fd1e22eed0231d1f4b01ec1850497051d081f281b116ee"; + + bytes constant DECENT_SVR_CERT_REP_DATA = + hex"17212ed4cff7124c115fcdd6308f5956f28048d56aaf6a71316258fe885a5a10" + hex"0000000000000000000000000000000000000000000000000000000000000000"; - // Decent App Certificate + + //===== Decent App Certificate ===== bytes constant DECENT_APP_CERT_DER = - hex"308203973082033aa003020102022005443c1844abf050d7f485c522f07f0d95" - hex"1f12113a74e23daaeaf9cb957d66e0300c06082a8648ce3d0403020500308184" - hex"3153305106035504030c4a324232393341374235434646433043443930303145" - hex"3432333634354532383044434536433733353031323345353743384445373333" - hex"37333844393835314236375f536563703235366b3131163014060355040a0c0d" - hex"446563656e74456e636c61766531153013060355040b0c0c446563656e745365" - hex"72766572301e170d3232303130313030303030305a170d323230313031303030" - hex"3030305a3081813153305106035504030c4a3535333244383832343833303431" - hex"4141364145393039353144453244333842314442433241333741394335463143" - hex"3046323038424531344634343830303230445f536563703235366b3131163014" - hex"060355040a0c0d446563656e74456e636c61766531123010060355040b0c0944" - hex"6563656e744170703056301006072a8648ce3d020106052b8104000a03420004" - hex"2277c5ca36d39a200398ec444ddf57aa3a6ce507ae555d6901a1a3e08d36bd14" - hex"765c8a615451bc296153273c84f9621e5395b090e8ca4fba83da5f3634064c8d" - hex"a382017e3082017a300f0603551d130101ff040530030101ff300e0603551d0f" - hex"0101ff0404030201ce301106096086480186f8420101040403020007301a0615" - hex"6982f5c89a94ffdfaaab8591c1b5f7c2f782b01e01040131302106156982f5c8" - hex"9a94ffdfaaab8591c1b5f7c2f782b01e0204085347585f455049443039061569" - hex"82f5c89a94ffdfaaab8591c1b5f7c2f782b01e0504205532d882483041aa6ae9" - hex"0951de2d38b1dbc2a37a9c5f1c0f208be14f4480020d3081c906156982f5c89a" - hex"94ffdfaaab8591c1b5f7c2f782b01e060481aff8ad23c9830402008401000000" - hex"f8a022e200a00000000000000000000000000000000000000000000000000000" - hex"000000000000d08208008c446563656e74536572766572e200a0000000000000" - hex"0000000000000000000000000000000000000000000000000001d18208008d44" - hex"6563656e745265766f6b6572e200a00000000000000000000000000000000000" - hex"000000000000000000000000000002d28208008e446563656e74457468657265" - hex"756d300c06082a8648ce3d04030205000349003046022100f7323b2ab00dd953" - hex"66919fa892bc4e03edfd03ec4d5b8fa4a7bd54138ebf12f5022100c5f4028355" - hex"9b47053c8f34f4872ed5f33a401f1ffc143ecc5ddcd579197376d4"; + hex"3082035e30820304a003020102021424d738b4228f6ee1ba7af1ea65f773a2fb" + hex"bd9efb300a06082a8648ce3d0403023081843153305106035504030c4a414530" + hex"3042303437313337413736324534314644314532324545443032333144314634" + hex"42303145433138353034393730353144303831463238314231313645455f5365" + hex"63703235366b3131163014060355040a0c0d446563656e74456e636c61766531" + hex"153013060355040b0c0c446563656e74536572766572301e170d323230313031" + hex"3030303030305a170d3232303130313030303030305a30818131533051060355" + hex"04030c4a37373946333437383439313930374434353436343731314335353435" + hex"4532383034303134384231433435323331323735333333453531423644353631" + hex"424132365f536563703235366b3131163014060355040a0c0d446563656e7445" + hex"6e636c61766531123010060355040b0c09446563656e74417070305630100607" + hex"2a8648ce3d020106052b8104000a03420004fb958d4dff70ca62702fdf12effa" + hex"25fdd3e2bcb10ae68427bdab677c594606a401e8a10da0863b8912aa999730de" + hex"ccc6030124e8e52cca34d7c67ab8856ab9b1a382015630820152300f0603551d" + hex"130101ff040530030101ff300e0603551d0f0101ff0404030201ce3011060960" + hex"86480186f84201010404030200073010060b2b0601040183e445010101040131" + hex"3017060b2b0601040183e44501010204085347585f45504944302f060b2b0601" + hex"040183e4450101050420779f3478491907d45464711c5545e28040148b1c4523" + hex"1275333e51b6d561ba263081bf060b2b0601040183e4450101060481aff8ad23" + hex"c9830402008401000000f8a022e200a000000000000000000000000000000000" + hex"00000000000000000000000000000000d08208008c446563656e745365727665" + hex"72e200a000000000000000000000000000000000000000000000000000000000" + hex"00000001d18208008d446563656e745265766f6b6572e200a000000000000000" + hex"00000000000000000000000000000000000000000000000002d28208008e4465" + hex"63656e74457468657265756d300a06082a8648ce3d0403020348003045022100" + hex"8b986ed8952a48e9810303fe031b943d785610c566a8db2c8c394cea26d05845" + hex"0220450e76b8ed0157417211298f87ac97dbb18e4cd27305b2587c9ee705d4fd" + hex"737c"; + + bytes constant DECENT_APP_CERT_TBS = + hex"30820304a003020102021424d738b4228f6ee1ba7af1ea65f773a2fbbd9efb30" + hex"0a06082a8648ce3d0403023081843153305106035504030c4a41453030423034" + hex"3731333741373632453431464431453232454544303233314431463442303145" + hex"433138353034393730353144303831463238314231313645455f536563703235" + hex"366b3131163014060355040a0c0d446563656e74456e636c6176653115301306" + hex"0355040b0c0c446563656e74536572766572301e170d32323031303130303030" + hex"30305a170d3232303130313030303030305a3081813153305106035504030c4a" + hex"3737394633343738343931393037443435343634373131433535343545323830" + hex"3430313438423143343532333132373533333345353142364435363142413236" + hex"5f536563703235366b3131163014060355040a0c0d446563656e74456e636c61" + hex"766531123010060355040b0c09446563656e744170703056301006072a8648ce" + hex"3d020106052b8104000a03420004fb958d4dff70ca62702fdf12effa25fdd3e2" + hex"bcb10ae68427bdab677c594606a401e8a10da0863b8912aa999730deccc60301" + hex"24e8e52cca34d7c67ab8856ab9b1a382015630820152300f0603551d130101ff" + hex"040530030101ff300e0603551d0f0101ff0404030201ce301106096086480186" + hex"f84201010404030200073010060b2b0601040183e4450101010401313017060b" + hex"2b0601040183e44501010204085347585f45504944302f060b2b0601040183e4" + hex"450101050420779f3478491907d45464711c5545e28040148b1c45231275333e" + hex"51b6d561ba263081bf060b2b0601040183e4450101060481aff8ad23c9830402" + hex"008401000000f8a022e200a00000000000000000000000000000000000000000" + hex"000000000000000000000000d08208008c446563656e74536572766572e200a0" + hex"0000000000000000000000000000000000000000000000000000000000000001" + hex"d18208008d446563656e745265766f6b6572e200a00000000000000000000000" + hex"000000000000000000000000000000000000000002d28208008e446563656e74" + hex"457468657265756d"; + + uint256 constant DECENT_APP_CERT_NOT_BEFORE = 1640995200; + uint256 constant DECENT_APP_CERT_NOT_AFTER = 1640995200; + + string constant DECENT_APP_CERT_NAME_CN = "779F3478491907D45464711C5545E28040148B1C45231275333E51B6D561BA26_Secp256k1"; + string constant DECENT_APP_CERT_NAME_O = "DecentEnclave"; + + bytes32 constant DECENT_APP_CERT_HASH = + hex"3c361532823d168c2af8c619b48a864c303530e3f25da7d8f79fdca073ceb934"; + + bytes constant DECENT_APP_CERT_SIGN = + hex"30450221008b986ed8952a48e9810303fe031b943d785610c566a8db2c8c394c" + hex"ea26d058450220450e76b8ed0157417211298f87ac97dbb18e4cd27305b2587c" + hex"9ee705d4fd737c"; + + uint8 constant DECENT_APP_CERT_SIGN_V = 27; + bytes32 constant DECENT_APP_CERT_SIGN_R = + hex"8b986ed8952a48e9810303fe031b943d785610c566a8db2c8c394cea26d05845"; + bytes32 constant DECENT_APP_CERT_SIGN_S = + hex"450e76b8ed0157417211298f87ac97dbb18e4cd27305b2587c9ee705d4fd737c"; + + bytes constant DECENT_APP_CERT_KEY_DER = + hex"3056301006072a8648ce3d020106052b8104000a03420004fb958d4dff70ca62" + hex"702fdf12effa25fdd3e2bcb10ae68427bdab677c594606a401e8a10da0863b89" + hex"12aa999730deccc6030124e8e52cca34d7c67ab8856ab9b1"; + + bytes32 constant DECENT_APP_CERT_KEY_X = + hex"fb958d4dff70ca62702fdf12effa25fdd3e2bcb10ae68427bdab677c594606a4"; + bytes32 constant DECENT_APP_CERT_KEY_Y = + hex"01e8a10da0863b8912aa999730deccc6030124e8e52cca34d7c67ab8856ab9b1"; + + bytes constant DECENT_APP_CERT_KEY_BYTES = + hex"fb958d4dff70ca62702fdf12effa25fdd3e2bcb10ae68427bdab677c594606a4" + hex"01e8a10da0863b8912aa999730deccc6030124e8e52cca34d7c67ab8856ab9b1"; address constant DECENT_APP_CERT_KEY_ADDR = - 0xadfbC2b19F22F1FD30e48Ed1522F922E545251Ed; + 0x2b1D07aB2d2f7479637ee12eC13978251Bc0DDf1; - bytes32 constant DECENT_APP_CERT_HASH = - 0x43c4bb5ebe59f2bfa5d1d90cb04f49c2d814f2be48a00055c014fefccf9de381; + string constant DECENT_APP_CERT_VERSION = "1"; + + string constant DECENT_APP_CERT_TYPE = "SGX_EPID"; bytes32 constant DECENT_APP_CERT_ENCL_HASH = - hex"5532d882483041aa6ae90951de2d38b1dbc2a37a9c5f1c0f208be14f4480020d"; + hex"779f3478491907d45464711c5545e28040148b1c45231275333e51b6d561ba26"; bytes constant DECENT_APP_CERT_AUTHLIST = hex"f8ad23c9830402008401000000f8a022e200a000000000000000000000000000" @@ -605,9 +863,5 @@ library TestCerts { hex"00000000000000000000000000000000000000000000000000000002d2820800" hex"8e446563656e74457468657265756d"; - bytes32 constant DECENT_APP_CERT_SIGN_R = - hex"f7323b2ab00dd95366919fa892bc4e03edfd03ec4d5b8fa4a7bd54138ebf12f5"; - bytes32 constant DECENT_APP_CERT_SIGN_S = - hex"c5f40283559b47053c8f34f4872ed5f33a401f1ffc143ecc5ddcd579197376d4"; } diff --git a/tests/certs/CertDecentApp.pem b/tests/certs/CertDecentApp.pem index 87739e2..c1d2296 100644 --- a/tests/certs/CertDecentApp.pem +++ b/tests/certs/CertDecentApp.pem @@ -1,22 +1,21 @@ -----BEGIN CERTIFICATE----- -MIIDlzCCAzqgAwIBAgIgBUQ8GESr8FDX9IXFIvB/DZUfEhE6dOI9qur5y5V9ZuAw -DAYIKoZIzj0EAwIFADCBhDFTMFEGA1UEAwxKMkIyOTNBN0I1Q0ZGQzBDRDkwMDFF -NDIzNjQ1RTI4MERDRTZDNzM1MDEyM0U1N0M4REU3MzM3MzhEOTg1MUI2N19TZWNw -MjU2azExFjAUBgNVBAoMDURlY2VudEVuY2xhdmUxFTATBgNVBAsMDERlY2VudFNl -cnZlcjAeFw0yMjAxMDEwMDAwMDBaFw0yMjAxMDEwMDAwMDBaMIGBMVMwUQYDVQQD -DEo1NTMyRDg4MjQ4MzA0MUFBNkFFOTA5NTFERTJEMzhCMURCQzJBMzdBOUM1RjFD -MEYyMDhCRTE0RjQ0ODAwMjBEX1NlY3AyNTZrMTEWMBQGA1UECgwNRGVjZW50RW5j -bGF2ZTESMBAGA1UECwwJRGVjZW50QXBwMFYwEAYHKoZIzj0CAQYFK4EEAAoDQgAE -InfFyjbTmiADmOxETd9Xqjps5QeuVV1pAaGj4I02vRR2XIphVFG8KWFTJzyE+WIe -U5WwkOjKT7qD2l82NAZMjaOCAX4wggF6MA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P -AQH/BAQDAgHOMBEGCWCGSAGG+EIBAQQEAwIABzAaBhVpgvXImpT/36qrhZHBtffC -94KwHgEEATEwIQYVaYL1yJqU/9+qq4WRwbX3wveCsB4CBAhTR1hfRVBJRDA5BhVp -gvXImpT/36qrhZHBtffC94KwHgUEIFUy2IJIMEGqaukJUd4tOLHbwqN6nF8cDyCL -4U9EgAINMIHJBhVpgvXImpT/36qrhZHBtffC94KwHgYEga/4rSPJgwQCAIQBAAAA -+KAi4gCgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQgggAjERlY2Vu -dFNlcnZlcuIAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB0YIIAI1E -ZWNlbnRSZXZva2Vy4gCgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALS -gggAjkRlY2VudEV0aGVyZXVtMAwGCCqGSM49BAMCBQADSQAwRgIhAPcyOyqwDdlT -ZpGfqJK8TgPt/QPsTVuPpKe9VBOOvxL1AiEAxfQCg1WbRwU8jzT0hy7V8zpAHx/8 -FD7MXdzVeRlzdtQ= +MIIDXjCCAwSgAwIBAgIUJNc4tCKPbuG6evHqZfdzovu9nvswCgYIKoZIzj0EAwIw +gYQxUzBRBgNVBAMMSkFFMDBCMDQ3MTM3QTc2MkU0MUZEMUUyMkVFRDAyMzFEMUY0 +QjAxRUMxODUwNDk3MDUxRDA4MUYyODFCMTE2RUVfU2VjcDI1NmsxMRYwFAYDVQQK +DA1EZWNlbnRFbmNsYXZlMRUwEwYDVQQLDAxEZWNlbnRTZXJ2ZXIwHhcNMjIwMTAx +MDAwMDAwWhcNMjIwMTAxMDAwMDAwWjCBgTFTMFEGA1UEAwxKNzc5RjM0Nzg0OTE5 +MDdENDU0NjQ3MTFDNTU0NUUyODA0MDE0OEIxQzQ1MjMxMjc1MzMzRTUxQjZENTYx +QkEyNl9TZWNwMjU2azExFjAUBgNVBAoMDURlY2VudEVuY2xhdmUxEjAQBgNVBAsM +CURlY2VudEFwcDBWMBAGByqGSM49AgEGBSuBBAAKA0IABPuVjU3/cMpicC/fEu/6 +Jf3T4ryxCuaEJ72rZ3xZRgakAeihDaCGO4kSqpmXMN7MxgMBJOjlLMo018Z6uIVq +ubGjggFWMIIBUjAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBzjARBglg +hkgBhvhCAQEEBAMCAAcwEAYLKwYBBAGD5EUBAQEEATEwFwYLKwYBBAGD5EUBAQIE +CFNHWF9FUElEMC8GCysGAQQBg+RFAQEFBCB3nzR4SRkH1FRkcRxVReKAQBSLHEUj +EnUzPlG21WG6JjCBvwYLKwYBBAGD5EUBAQYEga/4rSPJgwQCAIQBAAAA+KAi4gCg +AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQgggAjERlY2VudFNlcnZl +cuIAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB0YIIAI1EZWNlbnRS +ZXZva2Vy4gCgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALSgggAjkRl +Y2VudEV0aGVyZXVtMAoGCCqGSM49BAMCA0gAMEUCIQCLmG7YlSpI6YEDA/4DG5Q9 +eFYQxWao2yyMOUzqJtBYRQIgRQ52uO0BV0FyESmPh6yX27GOTNJzBbJYfJ7nBdT9 +c3w= -----END CERTIFICATE----- diff --git a/tests/certs/CertDecentServer.pem b/tests/certs/CertDecentServer.pem index 15762de..acb1407 100644 --- a/tests/certs/CertDecentServer.pem +++ b/tests/certs/CertDecentServer.pem @@ -1,80 +1,81 @@ -----BEGIN CERTIFICATE----- -MIIOhTCCDimgAwIBAgIhALy5Mg0JjZAEPHAcmm+1Gvc/wOxdzrWwGf9OXxsFC1v2 -MAwGCCqGSM49BAMCBQAwgYQxUzBRBgNVBAMMSjJCMjkzQTdCNUNGRkMwQ0Q5MDAx -RTQyMzY0NUUyODBEQ0U2QzczNTAxMjNFNTdDOERFNzMzNzM4RDk4NTFCNjdfU2Vj -cDI1NmsxMRYwFAYDVQQKDA1EZWNlbnRFbmNsYXZlMRUwEwYDVQQLDAxEZWNlbnRT -ZXJ2ZXIwHhcNMjIwMTAxMDAwMDAwWhcNMjIwMTAxMDAwMDAwWjCBhDFTMFEGA1UE -AwxKMkIyOTNBN0I1Q0ZGQzBDRDkwMDFFNDIzNjQ1RTI4MERDRTZDNzM1MDEyM0U1 -N0M4REU3MzM3MzhEOTg1MUI2N19TZWNwMjU2azExFjAUBgNVBAoMDURlY2VudEVu -Y2xhdmUxFTATBgNVBAsMDERlY2VudFNlcnZlcjBWMBAGByqGSM49AgEGBSuBBAAK -A0IABKc1S6bh/5zNxIDoa1vbt7Ymz4CdqG6fShtkjfd8Phvr3HAYQ9fMuZF0Mfq4 -jsAXiVgvZaBrjL6xae+30jVIMe2jggxpMIIMZTAPBgNVHRMBAf8EBTADAQH/MA4G -A1UdDwEB/wQEAwIBzjARBglghkgBhvhCAQEEBAMCAAcwGgYVaYL1yJqU/9+qq4WR -wbX3wveCsB4BBAExMCEGFWmC9cialP/fqquFkcG198L3grAeAgQIU0dYX0VQSUQw -WQYVaYL1yJqU/9+qq4WRwbX3wveCsB4EBEBDax4AksQRRBFs7a3L6zmWyysi3F0k -KdYbrGfZ6oKclvHoVyFAfMulZZRbxvil3meSDtYzlc4UarwmugNQfISxMFsGF2mC -9cialP/fqquFkcG198L3grAeAwEBBEDGxmzg8Nk4ghhmexGlzFzf+UqDCdKb9mT4 -Wd5jzUlr4gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMIILNgYXaYL1 -yJqU/9+qq4WRwbX3wveCsB4DAQIEggsZ+QsW+QSouQSlMIIEoTCCAwmgAwIBAgIJ -ANEHdl0yo7CWMA0GCSqGSIb3DQEBCwUAMH4xCzAJBgNVBAYTAlVTMQswCQYDVQQI -DAJDQTEUMBIGA1UEBwwLU2FudGEgQ2xhcmExGjAYBgNVBAoMEUludGVsIENvcnBv -cmF0aW9uMTAwLgYDVQQDDCdJbnRlbCBTR1ggQXR0ZXN0YXRpb24gUmVwb3J0IFNp -Z25pbmcgQ0EwHhcNMTYxMTIyMDkzNjU4WhcNMjYxMTIwMDkzNjU4WjB7MQswCQYD -VQQGEwJVUzELMAkGA1UECAwCQ0ExFDASBgNVBAcMC1NhbnRhIENsYXJhMRowGAYD -VQQKDBFJbnRlbCBDb3Jwb3JhdGlvbjEtMCsGA1UEAwwkSW50ZWwgU0dYIEF0dGVz -dGF0aW9uIFJlcG9ydCBTaWduaW5nMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB -CgKCAQEAqXot4OZuphR8nudFrAFiaGxxkgma/Es/BA+tbeCTUR106AL1ENcWA4FX -3K+E9BBL0/7X5rj5nIgX/R/1ubhkKWw9gfqPG3KeAtIdcv/uTO1yXv50vqaPvE1C -RChvzdS/ZEBqQ5oVvLTPZ3VEicQjlytKgN9cLnxbwtuvLUK7eyRPfJW/ksddOzP8 -VBBniolYnRCD2jrMRZ8nBM2ZWYwnXnwYeOAHV+W9tOhAImwRwKF/95yAsVwd21ry -HMJBcGH70qLagZ7Ttyt++qO/6+KAXJuKwZqjRlEtSEz8gZQeFfVYgcwSfo96oSMA -zVr7V0L6HSDLRnpb6xxmbPdqNol4tQIDAQABo4GkMIGhMB8GA1UdIwQYMBaAFHhD -e3amfrzQr35CN+s1fDuHAVE8MA4GA1UdDwEB/wQEAwIGwDAMBgNVHRMBAf8EAjAA -MGAGA1UdHwRZMFcwVaBToFGGT2h0dHA6Ly90cnVzdGVkc2VydmljZXMuaW50ZWwu -Y29tL2NvbnRlbnQvQ1JML1NHWC9BdHRlc3RhdGlvblJlcG9ydFNpZ25pbmdDQS5j -cmwwDQYJKoZIhvcNAQELBQADggGBAGcIthtcK9IVRz4rRq+ZKE+7k50/OxUsmW8a -avOzKb0iCx07YQ9rzi5nU73tME2yGRLzhSViFs/LpFa9lpQL6JL1aQwmDR74TxYG -BAIi5f4I5TJoCCEqRHz91kpG6Uvyn2tLmnIdJbPE4vYvWLrtXXfFBSSPD4Afn7+3 -/XUggAlc7oCTizOfbbtOFlYA4g5KcYgS1J2ZAeMQqbUdZseZCcaZZZn65tdqee8U -XZlDvx0+NdO0LR+5pFy+juM0wWbu59MvzcmTXbjsi7HY6zd53Yq5K244fwFHRQ8e -OB0IWB+4PfM7FeAApZvlfqlKOlLcZL2uyVmzRkyR5yW72uo9mehX44CiPJ2fse9Y -6eQtcfEhMPkmHXI01sN+KwPbpA39+xOsStjhP9N1Y1a2tQAVo+yVgLgV2Hws73Fc -0o3wC78qPEA+v2aRs/Be3ZFDgDyghc/1fgU+7C+P6kbqd4poyb6IW8KCJbxfMJvk -ordNOgOUUxndPHEi/tb/U7uLjLOgPLkFZXsibm9uY2UiOiJEQ0VBN0JGQzk2OEYx -MTlDQ0Y3NTVCREU4REIxQjc2MyIsImlkIjoiMjcyNjIxNDIxOTY0NDMxODY1MDgw -MTc2MzAzODAwOTIwMTQyOCIsInRpbWVzdGFtcCI6IjIwMjMtMDQtMjRUMTg6MzE6 -MDUuNTMzMTg0IiwidmVyc2lvbiI6NCwiZXBpZFBzZXVkb255bSI6IlNPTi9Dejd0 -UEFIRUY0ZjdHYks2ckR3TC9vTVh1bUl1dkZuK3JGUWxTVFVaQXZJSFhPSFVuV0FU -eUtlQ2JDWFYrMHlaNWNDb3NzeWpSajRmWm05c0FGbDVibUJGTk9PTU0vU2c0aExS -MWU3UjdpK0hlZGtjNGo1UXU0bjd5SEw0LzNjaS9tYUljNVIyVkdWMDFLQk8wSHli -QW1iMlBKalMydHhnQk13U1NOdz0iLCJhZHZpc29yeVVSTCI6Imh0dHBzOi8vc2Vj -dXJpdHktY2VudGVyLmludGVsLmNvbSIsImFkdmlzb3J5SURzIjpbIklOVEVMLVNB -LTAwMTYxIiwiSU5URUwtU0EtMDAyMTkiLCJJTlRFTC1TQS0wMDI4OSIsIklOVEVM -LVNBLTAwMzM0IiwiSU5URUwtU0EtMDA2MTUiXSwiaXN2RW5jbGF2ZVF1b3RlU3Rh -dHVzIjoiQ09ORklHVVJBVElPTl9BTkRfU1dfSEFSREVOSU5HX05FRURFRCIsInBs -YXRmb3JtSW5mb0Jsb2IiOiIxNTAyMDA2NTAwMDAwODAwMDAxMzEzMDIwNDAxMDEw -NzAwMDAwMDAwMDAwMDAwMDAwMDBEMDAwMDBDMDAwMDAwMDIwMDAwMDAwMDAwMDAw -QzQyRkU4MEM4REMxQ0IyNkU1M0RFMTM5QTBFMTBBMEQxRjE5MDNCQ0FCMkUxNDAw -NUREN0VGQTgwQTYyMjEyRjIzMkE2REJERTk1MDNFNTFFMzg3RTc2MUUzMEZDQjdE -NDE5QjlERDg4RTU2MDg3OUNERTM5Q0Q0QTlBRUYwNTU4Q0QiLCJpc3ZFbmNsYXZl -UXVvdGVCb2R5IjoiQWdBQkFFSU1BQUFOQUEwQUFBQUFBRmhEMkxsZkRhaFVnUEZ1 -MHBIbVNkMEFBQUFBQUFBQUFBQUFBQUFBQUFBQUV4UC8vd0VDQUFBQUFBQUFBQUFB -QUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFCd0FB -QUFBQUFBQUhBQUFBQUFBQUFDc3BPbnRjLzhETmtBSGtJMlJlS0EzT2JITlFFajVY -eU41ek56alpoUnRuQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFB -QUFBQUFBQ0QxeG5uZmVyS0ZIRDJ1dllxVFhkREE4aVoyMmtDRDV4dzdoMzhDTWZP -bmdBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFB +MIIOqDCCDk6gAwIBAgIUa2/mxMZ9oBH3YK0ugj4llcoPnVEwCgYIKoZIzj0EAwIw +gYQxUzBRBgNVBAMMSkFFMDBCMDQ3MTM3QTc2MkU0MUZEMUUyMkVFRDAyMzFEMUY0 +QjAxRUMxODUwNDk3MDUxRDA4MUYyODFCMTE2RUVfU2VjcDI1NmsxMRYwFAYDVQQK +DA1EZWNlbnRFbmNsYXZlMRUwEwYDVQQLDAxEZWNlbnRTZXJ2ZXIwHhcNMjIwMTAx +MDAwMDAwWhcNMjIwMTAxMDAwMDAwWjCBhDFTMFEGA1UEAwxKQUUwMEIwNDcxMzdB +NzYyRTQxRkQxRTIyRUVEMDIzMUQxRjRCMDFFQzE4NTA0OTcwNTFEMDgxRjI4MUIx +MTZFRV9TZWNwMjU2azExFjAUBgNVBAoMDURlY2VudEVuY2xhdmUxFTATBgNVBAsM +DERlY2VudFNlcnZlcjBWMBAGByqGSM49AgEGBSuBBAAKA0IABNNPy/IDMy2qsYqX +wuin0ZfmnKMgjgvSPUV7Fw4GUaM1pNlnMLCxHq7PdNEELAAeRhfJnmJG7ZjgfCFV +pODcN52jggydMIIMmTAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBzjAR +BglghkgBhvhCAQEEBAMCAAcwEAYLKwYBBAGD5EUBAQEEATEwFwYLKwYBBAGD5EUB +AQIECFNHWF9FUElEME8GCysGAQQBg+RFAQEEBEAtZ2k8K9IyRe5BRNfxAqFRNNZ6 +FPnYkCvOWDFcHmCDjbRSw6zADzchxkkLfh9X8uC80Dl2GNuUMnWPF8bZtslhMFEG +DSsGAQQBg+RFAQEDAQEEQAIFU3KKYH9mwLZxD66AXdp2TO2nSLXzAxEnogSCOzVs +AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwggthBg0rBgEEAYPkRQEB +AwECBIILTvkLS/kEqLkEpTCCBKEwggMJoAMCAQICCQDRB3ZdMqOwljANBgkqhkiG +9w0BAQsFADB+MQswCQYDVQQGEwJVUzELMAkGA1UECAwCQ0ExFDASBgNVBAcMC1Nh +bnRhIENsYXJhMRowGAYDVQQKDBFJbnRlbCBDb3Jwb3JhdGlvbjEwMC4GA1UEAwwn +SW50ZWwgU0dYIEF0dGVzdGF0aW9uIFJlcG9ydCBTaWduaW5nIENBMB4XDTE2MTEy +MjA5MzY1OFoXDTI2MTEyMDA5MzY1OFowezELMAkGA1UEBhMCVVMxCzAJBgNVBAgM +AkNBMRQwEgYDVQQHDAtTYW50YSBDbGFyYTEaMBgGA1UECgwRSW50ZWwgQ29ycG9y +YXRpb24xLTArBgNVBAMMJEludGVsIFNHWCBBdHRlc3RhdGlvbiBSZXBvcnQgU2ln +bmluZzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKl6LeDmbqYUfJ7n +RawBYmhscZIJmvxLPwQPrW3gk1EddOgC9RDXFgOBV9yvhPQQS9P+1+a4+ZyIF/0f +9bm4ZClsPYH6jxtyngLSHXL/7kztcl7+dL6mj7xNQkQob83Uv2RAakOaFby0z2d1 +RInEI5crSoDfXC58W8Lbry1Cu3skT3yVv5LHXTsz/FQQZ4qJWJ0Qg9o6zEWfJwTN +mVmMJ158GHjgB1flvbToQCJsEcChf/ecgLFcHdta8hzCQXBh+9Ki2oGe07crfvqj +v+vigFybisGao0ZRLUhM/IGUHhX1WIHMEn6PeqEjAM1a+1dC+h0gy0Z6W+scZmz3 +ajaJeLUCAwEAAaOBpDCBoTAfBgNVHSMEGDAWgBR4Q3t2pn680K9+QjfrNXw7hwFR +PDAOBgNVHQ8BAf8EBAMCBsAwDAYDVR0TAQH/BAIwADBgBgNVHR8EWTBXMFWgU6BR +hk9odHRwOi8vdHJ1c3RlZHNlcnZpY2VzLmludGVsLmNvbS9jb250ZW50L0NSTC9T +R1gvQXR0ZXN0YXRpb25SZXBvcnRTaWduaW5nQ0EuY3JsMA0GCSqGSIb3DQEBCwUA +A4IBgQBnCLYbXCvSFUc+K0avmShPu5OdPzsVLJlvGmrzsym9IgsdO2EPa84uZ1O9 +7TBNshkS84UlYhbPy6RWvZaUC+iS9WkMJg0e+E8WBgQCIuX+COUyaAghKkR8/dZK +RulL8p9rS5pyHSWzxOL2L1i67V13xQUkjw+AH5+/t/11IIAJXO6Ak4szn227ThZW +AOIOSnGIEtSdmQHjEKm1HWbHmQnGmWWZ+ubXannvFF2ZQ78dPjXTtC0fuaRcvo7j +NMFm7ufTL83Jk1247Iux2Os3ed2KuStuOH8BR0UPHjgdCFgfuD3zOxXgAKWb5X6p +SjpS3GS9rslZs0ZMkeclu9rqPZnoV+OAojydn7HvWOnkLXHxITD5Jh1yNNbDfisD +26QN/fsTrErY4T/TdWNWtrUAFaPslYC4Fdh8LO9xXNKN8Au/KjxAPr9mkbPwXt2R +Q4A8oIXP9X4FPuwvj+pG6neKaMm+iFvCgiW8XzCb5KK3TToDlFMZ3TxxIv7W/1O7 +i4yzoDy5BZp7Im5vbmNlIjoiMUY1N0FEMzdEMUY3NDFBRUUzNjg1QkI5NURFRTVC +ODEiLCJpZCI6IjE0MzExODk1NDY0MjM3MDgxMTE0NzgwNzEyMDg3NDcyMzg2MzQw +NiIsInRpbWVzdGFtcCI6IjIwMjQtMDctMDhUMDE6MzQ6MDcuNDY1OTg1IiwidmVy +c2lvbiI6NSwiYXR0ZXN0YXRpb25UeXBlIjoiRVBJRCIsImVwaWRQc2V1ZG9ueW0i +OiJTT04vQ3o3dFBBSEVGNGY3R2JLNnJEd0wvb01YdW1JdXZGbityRlFsU1RVWkF2 +SUhYT0hVbldBVHlLZUNiQ1hWKzB5WjVjQ29zc3lqUmo0ZlptOXNBRmw1Ym1CRk5P +T01NL1NnNGhMUjFlN1I3aStIZWRrYzRqNVF1NG43eUhMNC8zY2kvbWFJYzVSMlZH +VjAxS0JPMEh5YkFtYjJQSmpTMnR4Z0JNd1NTTnc9IiwiYWR2aXNvcnlVUkwiOiJo +dHRwczovL3NlY3VyaXR5LWNlbnRlci5pbnRlbC5jb20iLCJhZHZpc29yeUlEcyI6 +WyJJTlRFTC1TQS0wMDE2MSIsIklOVEVMLVNBLTAwMjE5IiwiSU5URUwtU0EtMDAy +ODkiLCJJTlRFTC1TQS0wMDMzNCIsIklOVEVMLVNBLTAwNjE1IiwiSU5URUwtU0Et +MDA4MjgiXSwiaXN2RW5jbGF2ZVF1b3RlU3RhdHVzIjoiR1JPVVBfT1VUX09GX0RB +VEUiLCJwbGF0Zm9ybUluZm9CbG9iIjoiMTUwMjAwNjUwNDAwMDkwMDAwMTQxNDAy +MDQwMTAxMDcwMDAwMDAwMDAwMDAwMDAwMDAwRDAwMDAwQzAwMDAwMDAyMDAwMDAw +MDAwMDAwMEM0MkZFQzI4NDQ5MzMwMTBBRDg4NEVBNzgxRjg3OUI4MjRBN0Q2QjRC +N0I5RjFENkRENkVGQjJBNkI5M0Y5QzY0QzY5Q0ZDOTkxNjQ0MkYyQUU3RjdGNUQz +QjNDNTkwRjAwMDkxQ0M2M0ZDQzE3QUE3RDJCM0M2OUM0MkY3MkE0NEFEIiwiaXN2 +RW5jbGF2ZVF1b3RlQm9keSI6IkFnQUJBRUlNQUFBTkFBMEFBQUFBQUZoRDJMbGZE +YWhVZ1BGdTBwSG1TZDBBQUFBQUFBQUFBQUFBQUFBQUFBQUFFeFQvL3dFQ0FBQUFB QUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFB +QUFBQndBQUFBQUFBQUFIQUFBQUFBQUFBSzRBc0VjVGVuWXVRZjBlSXU3UUl4MGZT +d0hzR0ZCSmNGSFFnZktCc1JidUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFB +QUFBQUFBQUFBQUFBQUNEMXhubmZlcktGSEQydXZZcVRYZERBOGlaMjJrQ0Q1eHc3 +aDM4Q01mT25nQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFB QUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFB QUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFB -QUFBQUFBQUFBQUFBQUFBQUFBQUFBQUJXVGk2aytRWmlXRjJ1WGZHc0xsRThLODRV -MmJsL0J6SUVBU0FtMTlXbHp3QUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFB -QUFBQUFBQUFBQUFBIn25AQAp3aWLd4x3wGe2EX5mkOh+ry4DOYykmwkr4yA/EEbQ -p1TIWgePAyssozWUlCGh4fi6Jxrh4uUsYT9mM3Z7HZK/bdxq1SlHsQnR5TDQjV4r -I3yQUEJQqJCz+1L816LPKGSFHcZxrNhc4Rd+5kY1YG0x5IJjr3ym8XCopUfq9g7c -eZc/GNjDF6DajIKZkrxRJdl+9dVJusdE1MMRxnC0hSrwiwWgHcOJElTqHDJuksXR -bMI8k4VvRWrvDx+Sc59IQwtqJnF6OQ6EysU9Q3wJpTEC6Nmi0FBPlljsNbHanoNG -dQBtqmdhlBObMm2uszWyCkB3yUKB0Fd2k2byLJPCZx4ZMAwGCCqGSM49BAMCBQAD -SAAwRQIgS8PLt6+yxRdk1t9bcIIwEji0EEb3cYkOtLvDqInZ8SYCIQDwR01htqse -yHwncmwN7CTt/pbLsAPVvz53mSIPIrO4iA== +QUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFB +QUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBWElTN1V6L2NTVEJGZnpkWXdq +MWxXOG9CSTFXcXZhbkV4WWxqK2lGcGFFQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFB +QUFBQUFBQUFBQUFBQUFBQUFBQSIsInRjYkV2YWx1YXRpb25EYXRhTnVtYmVyIjox +N325AQANaiqiwVjDzZPcw5aBRcmmDCYxjqY7q1xtKGHR7YEaO71XfB3CjmyCFcxp +o4XxFgX/avjBhEZwCEOZ21/OnbuoW6awSCA+4YAwBsYh0mq7mmmel7Zxg6npaYwu +CFSxGV+gT6Iz/Zj1wD4/IzP1oMkGRa7maSq9SdKDJH2MLEGi68tU1dYRXM5slvtm +ZWmzQptoP8A/nfyL3JU6MLEG+Rv4J4xsDrJb2umr7wEwH6sENoNy9T1gvwgOyPZo +EjkZKx2zTRWNIcuax5QpSkJ0pspH/N6amjPwNRo3Av4h99BKgwK9eDMsBNREsGlI +PYw6pRKM6TvqThNANSIxIX7B5QFHMC8GCysGAQQBg+RFAQEHBCCObEQOMArN5owa +M5bTvb+o1HGqwJ3OeTktqcG5BzbXlTAKBggqhkjOPQQDAgNIADBFAiB6xZ5uDJOf +1C86JDkV9bTCN9oveoSY0BCDxrIJxil6ewIhAPaagV0cdRYkHdjNkz3I8mKMWnUe +m6MzVKQDG+FLGTD1 -----END CERTIFICATE----- diff --git a/tests/certs/GenCertSol.py b/tests/certs/GenCertSol.py new file mode 100644 index 0000000..5ed147f --- /dev/null +++ b/tests/certs/GenCertSol.py @@ -0,0 +1,565 @@ +#!/usr/bin/env python3 +# -*- coding:utf-8 -*- +### +# Copyright (c) 2024 Haofan Zheng +# Use of this source code is governed by an MIT-style +# license that can be found in the LICENSE file or at +# https://opensource.org/licenses/MIT. +### + + +import base64 +import binascii +import json +import os + +from typing import Any, List, Tuple + +from cryptography.x509 import ( + load_der_x509_certificate, + load_pem_x509_certificate, + Certificate, + ObjectIdentifier +) +from cryptography.x509.oid import NameOID +from cryptography.hazmat.primitives import hashes +from cryptography.hazmat.primitives.asymmetric.types import CertificatePublicKeyTypes +from cryptography.hazmat.primitives.serialization import Encoding +from cryptography.hazmat.primitives.serialization import PublicFormat + +from eth_utils.crypto import keccak +from eth_utils.address import to_checksum_address + +from eth_keys.backends import NativeECCBackend +from eth_keys.datatypes import Signature + +from rlp import decode + + +THIS_DIR = os.path.dirname(os.path.abspath(__file__)) +TESTS_DIR = os.path.dirname(THIS_DIR) + +IAS_ROOT_PEM_PATH = os.path.join(THIS_DIR, 'CertIASRoot.pem') +IAS_REP_PEM_PATH = os.path.join(THIS_DIR, 'CertIASReport.pem') +DECENT_SVR_PEM_PATH = os.path.join(THIS_DIR, 'CertDecentServer.pem') +DECENT_APP_PEM_PATH = os.path.join(THIS_DIR, 'CertDecentApp.pem') + +CERTS_SOL_PATH = os.path.join(TESTS_DIR, 'TestCerts.sol') + + +class ASN1Parser(object): + + def __init__(self,) -> None: + super(ASN1Parser, self).__init__() + + def _ParseSeq(self, data: bytes) -> List[Any]: + res = [] + while len(data) > 0: + # Parse the next element + elem, data = self._ParseElement(data) + res.append(elem) + + return res + + def _ParseInt(self, data: bytes) -> int: + return int.from_bytes(data, 'big') + + def _ParseElement(self, data: bytes) -> Tuple[Any, bytes]: + # Get the tag + tag = data[0] + data = data[1:] + + # Get the length + if data[0] & 0x80: + # Multi-byte length + numBytes = data[0] & 0x7F + lenData = data[1:1+numBytes] + length = int.from_bytes(lenData, 'big') + value = data[1+numBytes:1+numBytes+length] + data = data[1+numBytes+length:] + else: + # Single byte length + length = data[0] + value = data[1:1+length] + data = data[1+length:] + + # Parse the value + if tag == 0x02: + # Integer + value = self._ParseInt(value) + elif tag == 0x30: + # Sequence + value = self._ParseSeq(value) + + return value, data + + def Parse(self, data: bytes) -> Any: + obj, data = self._ParseElement(data) + + if len(data) > 0: + raise ValueError('Extra data after parsing object') + + return obj + + +def AddIndent( + lines: List[str], + indentLevel: int, + indentChar: str = ' ' +) -> List[str]: + return [ + ((indentChar * indentLevel) + line) for line in lines + ] + + +def FormatHex( + dataHex: str, + indentLevel: int, + indentChar: str = ' ' +) -> List[str]: + + # Split into 32 bytes per line + dataHexLines = [ + ('hex"' + dataHex[i:i+64] + '"') for i in range(0, len(dataHex), 64) + ] + + dataHexLines[-1] += ';' + + return AddIndent(dataHexLines, indentLevel, indentChar) + + +def FormatBytes( + data: bytes, + indentLevel: int, + indentChar: str = ' ' +) -> List[str]: + derHex = data.hex() + + return FormatHex(derHex, indentLevel, indentChar) + + +def FormatInt( + num: int, + indentLevel: int, + indentChar: str = ' ' +) -> str: + intHex = hex(num) + + # Remove the '0x' prefix + intHex = intHex[2:] + # Pad with 0s to make it even length + if len(intHex) % 2 == 1: + intHex = '0' + intHex + + return FormatHex(intHex, indentLevel, indentChar) + + +def WriteRSAKey( + pkey: CertificatePublicKeyTypes, + varPrefix: str +) -> List[str]: + outLines = [] + + ## Write key DER + outLines.append(f' bytes constant {varPrefix}_CERT_KEY_DER =') + outLines += FormatBytes( + cert.public_key().public_bytes( + encoding=Encoding.DER, + format=PublicFormat.SubjectPublicKeyInfo + ), + 2 + ) + outLines.append('') + + ## Write key modulus and exponent + pubKeyNum = pkey.public_numbers() + outLines.append(f' bytes constant {varPrefix}_CERT_KEY_MOD =') + outLines += FormatInt(pubKeyNum.n, 2) + outLines.append('') + eStr, = FormatInt(pubKeyNum.e, 0) + outLines.append(f' bytes constant {varPrefix}_CERT_KEY_EXP = {eStr}') + outLines.append('') + + return outLines + + +class ECPubKey(object): + + def __init__( + self, + pkey: CertificatePublicKeyTypes, + ) -> None: + super(ECPubKey, self).__init__() + + self.bytes = \ + pkey.public_numbers().x.to_bytes(32, 'big') + \ + pkey.public_numbers().y.to_bytes(32, 'big') + self.x = pkey.public_numbers().x + self.y = pkey.public_numbers().y + self.address = to_checksum_address(keccak(self.bytes)[-20:]) + + +def WriteECKey( + pkey: CertificatePublicKeyTypes, + varPrefix: str +) -> List[str]: + outLines = [] + + ## Write key der + outLines.append(f' bytes constant {varPrefix}_CERT_KEY_DER =') + outLines += FormatBytes( + pkey.public_bytes( + encoding=Encoding.DER, + format=PublicFormat.SubjectPublicKeyInfo + ), + 2 + ) + outLines.append('') + + ecPubKey = ECPubKey(pkey) + + outLines.append(f' bytes32 constant {varPrefix}_CERT_KEY_X =') + outLines += FormatInt(ecPubKey.x, 2) + outLines.append(f' bytes32 constant {varPrefix}_CERT_KEY_Y =') + outLines += FormatInt(ecPubKey.y, 2) + outLines.append('') + + outLines.append(f' bytes constant {varPrefix}_CERT_KEY_BYTES =') + outLines += FormatBytes(ecPubKey.bytes, 2) + outLines.append('') + + outLines.append(f' address constant {varPrefix}_CERT_KEY_ADDR =') + outLines += AddIndent( + [ + (ecPubKey.address + ';'), + # ('0x' + (keccak(pkeyBytes)[:20].hex()) + ';'), + ], + 2 + ) + outLines.append('') + + return outLines + + +def WriteCert( + cert: Certificate, + varPrefix: str +) -> List[str]: + outLines = [] + + ## Write entire DER encoded certificate + outLines.append(f' bytes constant {varPrefix}_CERT_DER =') + outLines += FormatBytes(cert.public_bytes(Encoding.DER), 2) + outLines.append('') + + ## Write TBS portion of certificate + outLines.append(f' bytes constant {varPrefix}_CERT_TBS =') + outLines += FormatBytes(cert.tbs_certificate_bytes, 2) + outLines.append('') + + ## Write validity period + notBefore = int(cert.not_valid_before_utc.timestamp()) + notAfter = int(cert.not_valid_after_utc.timestamp()) + outLines.append(f' uint256 constant {varPrefix}_CERT_NOT_BEFORE = {notBefore};') + outLines.append(f' uint256 constant {varPrefix}_CERT_NOT_AFTER = {notAfter};') + outLines.append('') + + ## Write CN, C, L, ST, O + subject = cert.subject + cnObjs = subject.get_attributes_for_oid(NameOID.COMMON_NAME) + if len(cnObjs) > 0: + cn = cnObjs[0].value + outLines.append(f' string constant {varPrefix}_CERT_NAME_CN = "{cn}";') + cObjs = subject.get_attributes_for_oid(NameOID.COUNTRY_NAME) + if len(cObjs) > 0: + c = cObjs[0].value + outLines.append(f' string constant {varPrefix}_CERT_NAME_C = "{c}";') + lObjs = subject.get_attributes_for_oid(NameOID.LOCALITY_NAME) + if len(lObjs) > 0: + l = lObjs[0].value + outLines.append(f' string constant {varPrefix}_CERT_NAME_L = "{l}";') + stObjs = subject.get_attributes_for_oid(NameOID.STATE_OR_PROVINCE_NAME) + if len(stObjs) > 0: + st = stObjs[0].value + outLines.append(f' string constant {varPrefix}_CERT_NAME_ST = "{st}";') + oObjs = subject.get_attributes_for_oid(NameOID.ORGANIZATION_NAME) + if len(oObjs) > 0: + o = oObjs[0].value + outLines.append(f' string constant {varPrefix}_CERT_NAME_O = "{o}";') + outLines.append('') + + ## Write Cert Hash + digest = hashes.Hash(cert.signature_hash_algorithm) + digest.update(cert.tbs_certificate_bytes) + tbsHash = digest.finalize() + outLines.append(f' bytes32 constant {varPrefix}_CERT_HASH =') + outLines += FormatBytes(tbsHash, 2) + outLines.append('') + + ## Write Cert Signature + outLines.append(f' bytes constant {varPrefix}_CERT_SIGN =') + outLines += FormatBytes(cert.signature, 2) + outLines.append('') + + return outLines + + +def WriteCertWithRSAKey( + cert: Certificate, + varPrefix: str +) -> List[str]: + outLines = [] + + ## Write common certificate fields + outLines += WriteCert(cert, varPrefix) + + ## Write key + outLines += WriteRSAKey(cert.public_key(), varPrefix) + + return outLines + + +def GuessVValue( + hashVal: bytes, + rVal: int, + sVal: int, + pubKey: ECPubKey, +) -> int: + possibleVVals = [0, 1] + for vVal in possibleVVals: + pkey = NativeECCBackend().ecdsa_recover( + hashVal, + Signature(vrs=(vVal, rVal, sVal)) + ) + # print(pubKey.address.lower(), pkey.to_address().lower()) + if pubKey.address.lower() == pkey.to_address().lower(): + return vVal + 27 + + raise ValueError('Could not guess v value') + + +def WriteCertWithECKey( + cert: Certificate, + varPrefix: str, + issuerPubKey: ECPubKey, +) -> List[str]: + outLines = [] + + ## Write common certificate fields + outLines += WriteCert(cert, varPrefix) + + ecNumbers = ASN1Parser().Parse(cert.signature) + + ## Guess the v value + digest = hashes.Hash(cert.signature_hash_algorithm) + digest.update(cert.tbs_certificate_bytes) + tbsHash = digest.finalize() + vVal = GuessVValue( + hashVal=tbsHash, + rVal=ecNumbers[0], + sVal=ecNumbers[1], + pubKey=issuerPubKey, + ) + + ## Write Cert Signature EC Numbers + outLines.append(f' uint8 constant {varPrefix}_CERT_SIGN_V = {vVal};') + outLines.append(f' bytes32 constant {varPrefix}_CERT_SIGN_R =') + outLines += FormatInt(ecNumbers[0], 2) + outLines.append(f' bytes32 constant {varPrefix}_CERT_SIGN_S =') + outLines += FormatInt(ecNumbers[1], 2) + outLines.append('') + + ## Write key + outLines += WriteECKey(cert.public_key(), varPrefix) + + return outLines + + +DECENT_CERT_VER_OID = ObjectIdentifier('1.3.6.1.4.1.62021.1.1.1') +DECENT_CERT_TYPE_OID = ObjectIdentifier('1.3.6.1.4.1.62021.1.1.2') +DECENT_CERT_KEYRING_HASH_OID = ObjectIdentifier('1.3.6.1.4.1.62021.1.1.4') +DECENT_CERT_APP_HASH_OID = ObjectIdentifier('1.3.6.1.4.1.62021.1.1.5') +DECENT_CERT_AUTH_LIST_OID = ObjectIdentifier('1.3.6.1.4.1.62021.1.1.6') +DECENT_CERT_PLAT_ID_OID = ObjectIdentifier('1.3.6.1.4.1.62021.1.1.7') + +DECENT_CERT_SGX_STD_REP_DATA = ObjectIdentifier('1.3.6.1.4.1.62021.1.1.3.1.1') +DECENT_CERT_SGX_REP_RLP = ObjectIdentifier('1.3.6.1.4.1.62021.1.1.3.1.2') + + +def WriteDecentSvrCert( + cert: Certificate, + varPrefix: str +) -> List[str]: + outLines = [] + + ecPubKey = ECPubKey(cert.public_key()) + + ## Write common certificate fields + outLines += WriteCertWithECKey(cert, varPrefix, issuerPubKey=ecPubKey) + + ## Write Decent Certificate Fields + ### Version + decentVer = cert.extensions.get_extension_for_oid(DECENT_CERT_VER_OID).value + decentVer = decentVer.public_bytes().decode() + outLines.append(f' string constant {varPrefix}_CERT_VERSION = "{decentVer}";') + outLines.append('') + ### Type + decentType = cert.extensions.get_extension_for_oid(DECENT_CERT_TYPE_OID).value + decentType = decentType.public_bytes().decode() + outLines.append(f' string constant {varPrefix}_CERT_TYPE = "{decentType}";') + outLines.append('') + ### Keyring Hash + decentKeyringHash = cert.extensions.get_extension_for_oid(DECENT_CERT_KEYRING_HASH_OID).value + decentKeyringHash = decentKeyringHash.public_bytes() + outLines.append(f' bytes constant {varPrefix}_CERT_KEYRING =') + outLines += FormatBytes(decentKeyringHash, 2) + outLines.append('') + ### Platform ID + decentPlatId = cert.extensions.get_extension_for_oid(DECENT_CERT_PLAT_ID_OID).value + decentPlatId = decentPlatId.public_bytes() + outLines.append(f' bytes32 constant {varPrefix}_CERT_PLAT_ID =') + outLines += FormatBytes(decentPlatId, 2) + outLines.append('') + ### SGX specific fields + #### SGX Standard Report Data + decentSgxStdRepData = cert.extensions.get_extension_for_oid(DECENT_CERT_SGX_STD_REP_DATA).value + decentSgxStdRepData = decentSgxStdRepData.public_bytes() + outLines.append(f' bytes constant {varPrefix}_CERT_STD_REP_DATA =') + outLines += FormatBytes(decentSgxStdRepData, 2) + outLines.append('') + #### SGX Report RLP + decentSgxRepRLP = cert.extensions.get_extension_for_oid(DECENT_CERT_SGX_REP_RLP).value + decentSgxRepRLP = decentSgxRepRLP.public_bytes() + outLines.append(f' bytes constant {varPrefix}_CERT_ATT_REP_RLP =') + outLines += FormatBytes(decentSgxRepRLP, 2) + outLines.append('') + + parsedRep = decode(decentSgxRepRLP) + repSignerCert: bytes = parsedRep[0][0] + repJson: bytes = parsedRep[1] + repSign: bytes = parsedRep[2] + + ##### Report Signer Certificate + outLines.append(f' bytes constant {varPrefix}_CERT_ATT_REP_CERT =') + outLines += FormatBytes(repSignerCert, 2) + outLines.append('') + ##### Report JSON + outLines.append(f' bytes constant {varPrefix}_CERT_ATT_REP_JSON =') + outLines += FormatBytes(repJson, 2) + outLines.append('') + ##### Report Signature + outLines.append(f' bytes constant {varPrefix}_CERT_ATT_REP_SIGN =') + outLines += FormatBytes(repSign, 2) + outLines.append('') + + ###### Enclave Hash + rep = json.loads(repJson.decode()) + quoteStatus = rep['isvEnclaveQuoteStatus'] + quoteBody = rep['isvEnclaveQuoteBody'] + quoteBody = base64.b64decode(quoteBody) + enclaveHash = quoteBody[112:112+32] + repDataField = quoteBody[368:368+64] + outLines.append(f' string constant {varPrefix}_CERT_QUOTE_ST = "{quoteStatus}";') + outLines.append('') + outLines.append(f' bytes32 constant {varPrefix}_CERT_ENCL_HASH =') + outLines += FormatBytes(enclaveHash, 2) + outLines.append('') + outLines.append(f' bytes constant {varPrefix}_CERT_REP_DATA =') + outLines += FormatBytes(repDataField, 2) + outLines.append('') + + return outLines + + +def WriteDecentAppCert( + cert: Certificate, + varPrefix: str, + serverPubKey: ECPubKey, +) -> List[str]: + outLines = [] + + ## Write common certificate fields + outLines += WriteCertWithECKey(cert, varPrefix, issuerPubKey=serverPubKey) + + ## Write Decent Certificate Fields + ### Version + decentVer = cert.extensions.get_extension_for_oid(DECENT_CERT_VER_OID).value + decentVer = decentVer.public_bytes().decode() + outLines.append(f' string constant {varPrefix}_CERT_VERSION = "{decentVer}";') + outLines.append('') + ### Type + decentType = cert.extensions.get_extension_for_oid(DECENT_CERT_TYPE_OID).value + decentType = decentType.public_bytes().decode() + outLines.append(f' string constant {varPrefix}_CERT_TYPE = "{decentType}";') + outLines.append('') + ### App Hash + decentAppHash = cert.extensions.get_extension_for_oid(DECENT_CERT_APP_HASH_OID).value + decentAppHash = decentAppHash.public_bytes() + outLines.append(f' bytes32 constant {varPrefix}_CERT_ENCL_HASH =') + outLines += FormatBytes(decentAppHash, 2) + outLines.append('') + ### Auth List + decentAuthList = cert.extensions.get_extension_for_oid(DECENT_CERT_AUTH_LIST_OID).value + decentAuthList = decentAuthList.public_bytes() + outLines.append(f' bytes constant {varPrefix}_CERT_AUTHLIST =') + outLines += FormatBytes(decentAuthList, 2) + outLines.append('') + + return outLines + + +# set up the output lines with constant lines +outLines = [ + # license line + '// SPDX-License-Identifier: MIT', + # version pragma + 'pragma solidity >=0.4.17 <0.9.0;', + '', + 'library TestCerts {', + '', +] + +# IAS Root Certificate +outLines.append(' //===== IAS Root Certificate =====') +outLines.append('') +with open(IAS_ROOT_PEM_PATH, 'rb') as f: + cert = load_pem_x509_certificate(f.read()) + outLines += WriteCertWithRSAKey(cert, 'IAS_ROOT') +outLines.append('') + +# IAS Report Certificate +outLines.append(' //===== IAS Report Certificate =====') +outLines.append('') +with open(IAS_REP_PEM_PATH, 'rb') as f: + cert = load_pem_x509_certificate(f.read()) + outLines += WriteCertWithRSAKey(cert, 'IAS_REPORT') +outLines.append('') + +# IAS Report Certificate +outLines.append(' //===== Decent Server Certificate =====') +outLines.append('') +with open(DECENT_SVR_PEM_PATH, 'rb') as f: + cert = load_pem_x509_certificate(f.read()) + # der = binascii.unhexlify('') + # cert = load_der_x509_certificate(der) + outLines += WriteDecentSvrCert(cert, 'DECENT_SVR') + serverPubKey = ECPubKey(cert.public_key()) +outLines.append('') + +# IAS Report Certificate +outLines.append(' //===== Decent App Certificate =====') +outLines.append('') +with open(DECENT_APP_PEM_PATH, 'rb') as f: + cert = load_pem_x509_certificate(f.read()) + # der = binascii.unhexlify('') + # cert = load_der_x509_certificate(der) + outLines += WriteDecentAppCert(cert, 'DECENT_APP', serverPubKey=serverPubKey) +outLines.append('') + +# Add ending bracket +outLines.append('}') + +with open(CERTS_SOL_PATH, 'w') as f: + for line in outLines: + f.write(line + '\n') + diff --git a/tests/certs/KeyDecentApp.pem b/tests/certs/KeyDecentApp.pem new file mode 100644 index 0000000..a551bd7 --- /dev/null +++ b/tests/certs/KeyDecentApp.pem @@ -0,0 +1,5 @@ +-----BEGIN EC PRIVATE KEY----- +MHQCAQEEIOZJNuOjWk1sWME9LrjONetNfxhl2PckCNnkt8j8bLJ4oAcGBSuBBAAK +oUQDQgAE+5WNTf9wymJwL98S7/ol/dPivLEK5oQnvatnfFlGBqQB6KENoIY7iRKq +mZcw3szGAwEk6OUsyjTXxnq4hWq5sQ== +-----END EC PRIVATE KEY----- diff --git a/tests/ens-contracts/BytesUtils.sol b/tests/ens-contracts/BytesUtils.sol index 5523124..6cd5a4c 100644 --- a/tests/ens-contracts/BytesUtils.sol +++ b/tests/ens-contracts/BytesUtils.sol @@ -30,6 +30,22 @@ contract BytesUtils_proxy { "7234567890ABCDEF" // 112 bytes "8234567890ABCDEF"; // 128 bytes + function testReadUint64() external { + bytes memory b = TEST_INPUT_BYTES_128; + + { + uint64 expected = 0x1122334455667788; + uint64 actual = BytesUtils.readUint64(b, 0); + Assert.equal(actual, expected, "readUint64 mismatch"); + } + + { + uint64 expected = 0x9900AABBCCDDEEFF; + uint64 actual = BytesUtils.readUint64(b, 8); + Assert.equal(actual, expected, "readUint64 mismatch"); + } + } + function testSubstringSafe() external { bytes memory b = TEST_INPUT_BYTES_128; diff --git a/tests/ens-contracts/BytesUtils_test.sol b/tests/ens-contracts/BytesUtils_test.sol index b63232e..b3ff3f2 100644 --- a/tests/ens-contracts/BytesUtils_test.sol +++ b/tests/ens-contracts/BytesUtils_test.sol @@ -21,6 +21,17 @@ contract BytesUtils_testSuite { function beforeAll() public { } + function testReadUint64() public { + BytesUtils_proxy testProxy = new BytesUtils_proxy(); + try testProxy.testReadUint64() { + Assert.ok(true, "readUint64 success"); + } catch Error(string memory reason) { + Assert.ok(false, reason); + } catch (bytes memory lowLevelData) { + Assert.ok(false, "unexpected error - readUint64"); + } + } + function testSubstringSafe() public { BytesUtils_proxy testProxy = new BytesUtils_proxy(); try testProxy.testSubstringSafe() {