This project implements a RiscZero based AWS Nitro Enclave attestation verifier.
While it produces zero false positives, it does not aim to produce zero false negatives, i.e. it could reject theoretically valid attestations. Instead, it asserts specific attestation formats that are actually used in order to optimize proving time. It also does not verify any extensions in the certificates as it was deemed unnecessary.
Install the RiscZero tooling before proceeding further.
Note: Requires CUDA by default. It is possible to disable CUDA by disabling the relevant feature in host/Cargo.toml, but the proof generation process could take hours on a CPU.
cargo build --releaseReproducible builds are enabled for the guest to produce a consistent GUEST_ID.
Expected GUEST_ID: 0x72b93507835e59e7e2690d93761c8020816dcccb21355b94b7e654ed35b3e17b
$ ./target/release/host --help
GUEST: 0x72b93507835e59e7e2690d93761c8020816dcccb21355b94b7e654ed35b3e17b
Usage: host --url <URL>
Options:
-u, --url <URL>
-h, --help Print help
-V, --version Print versionIt takes in a URL to an attestation server producing binary attestations.
The journal contains bytes in the following order:
- 8 byte timestamp in milliseconds from the attestation
- 96 byte public key from the root certificate
- 1 byte length of the public key from the attestation
- N byte public key from the attestation
- 32 byte image id computed by hashing the PCRs and user data from the attestation
project_name
├── Cargo.toml
├── host
│ ├── Cargo.toml <-- [Disable CUDA here]
│ └── src
│ └── main.rs <-- [Host code goes here]
└── methods
├── Cargo.toml
├── build.rs <-- [Reproducible guest builds stuff here]
├── guest
│ ├── Cargo.toml
│ └── src
│ └── method_name.rs <-- [Guest code goes here]
└── src
└── lib.rs
This project is licensed under the GNU AGPLv3 or any later version. See LICENSE.txt.