verifier: add report and init claims to SNP

Adds two fields to the claims that are parsed from the SNP hardware evidence. Fixes: confidential-containers#228 Signed-off-by: Tobin Feldman-Fitzthum <[email protected]>
fitzthum · Dec 5, 2023 · 93d1f33 · 93d1f33
1 parent de939c3
commit 93d1f33
Showing 1 changed file with 7 additions and 1 deletion.
diff --git a/attestation-service/verifier/src/snp/mod.rs b/attestation-service/verifier/src/snp/mod.rs
@@ -222,6 +222,8 @@ fn verify_cert_chain(cert_chain: &[CertTableEntry], ask: &X509, ark: &X509) -> R
 }
 
 pub(crate) fn parse_tee_evidence(report: &AttestationReport) -> TeeEvidenceParsedClaim {
+    let engine = base64::engine::general_purpose::STANDARD;
+
     let claims_map = json!({
         // policy fields
         "policy_abi_major": format!("{}",report.policy.abi_major()),
@@ -242,7 +244,11 @@ pub(crate) fn parse_tee_evidence(report: &AttestationReport) -> TeeEvidenceParse
         "platform_smt_enabled": format!("{}", report.plat_info.smt_enabled()),
 
         // measurement
-        "measurement": format!("{}", base64::engine::general_purpose::STANDARD.encode(report.measurement)),
+        "measurement": format!("{}", engine.encode(report.measurement)),
+
+        // report data and host data
+        "report_data": format!("{}", engine.encode(report.report_data)),
+        "init_data": format!("{}", engine.encode(report.host_data)),
     });
 
     claims_map as TeeEvidenceParsedClaim