Skip to content

Commit 0540ba2

Browse files
ameba23ameba23
committed
Attestation returns measurements if successful
1 parent bd5866c commit 0540ba2

File tree

1 file changed

+7
-5
lines changed

1 file changed

+7
-5
lines changed

src/attestation.rs

Lines changed: 7 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -14,6 +14,8 @@ use x509_parser::prelude::*;
1414
/// For fetching collateral directly from intel, if no PCCS is specified
1515
const PCS_URL: &str = "https://api.trustedservices.intel.com";
1616

17+
type Measurements = (PlatformMeasurements, CvmImageMeasurements);
18+
1719
/// Defines how to generate a quote
1820
pub trait QuoteGenerator: Clone + Send + 'static {
1921
/// Whether this is CVM attestation. This should always return true except for the [NoQuoteGenerator] case.
@@ -42,7 +44,7 @@ pub trait QuoteVerifier: Clone + Send + 'static {
4244
input: Vec<u8>,
4345
cert_chain: &[CertificateDer<'_>],
4446
exporter: [u8; 32],
45-
) -> impl Future<Output = Result<(), AttestationError>> + Send;
47+
) -> impl Future<Output = Result<Option<Measurements>, AttestationError>> + Send;
4648
}
4749

4850
/// Quote generation using configfs_tsm
@@ -151,7 +153,7 @@ impl QuoteVerifier for DcapTdxQuoteVerifier {
151153
input: Vec<u8>,
152154
cert_chain: &[CertificateDer<'_>],
153155
exporter: [u8; 32],
154-
) -> Result<(), AttestationError> {
156+
) -> Result<Option<Measurements>, AttestationError> {
155157
let quote_input = compute_report_input(cert_chain, exporter)?;
156158
let (platform_measurements, image_measurements) = if cfg!(not(test)) {
157159
let now = std::time::SystemTime::now()
@@ -205,7 +207,7 @@ impl QuoteVerifier for DcapTdxQuoteVerifier {
205207
return Err(AttestationError::UnacceptableOsImageMeasurements);
206208
}
207209

208-
Ok(())
210+
Ok(Some((platform_measurements, image_measurements)))
209211
}
210212
}
211213

@@ -264,9 +266,9 @@ impl QuoteVerifier for NoQuoteVerifier {
264266
input: Vec<u8>,
265267
_cert_chain: &[CertificateDer<'_>],
266268
_exporter: [u8; 32],
267-
) -> Result<(), AttestationError> {
269+
) -> Result<Option<Measurements>, AttestationError> {
268270
if input.is_empty() {
269-
Ok(())
271+
Ok(None)
270272
} else {
271273
Err(AttestationError::AttestationGivenWhenNoneExpected)
272274
}

0 commit comments

Comments
 (0)