How do I deserialise an RA-TLS certificate's x509 extension?

[fwoodruff]

I need to validate an RA-TLS certificate's x509v3 extension in Typescript.

I need to know what message within the certificate is signed.
I need to parse out a signature (r,s) from the x509 extension.
Finally I need to know what the public key of this signature needs comparison against.

Fundamentally this is a deserialisation exercise! Not complex, just unguessable.

Pointing to various deserialisation steps in the RA-TLS code would be one possible useful answer here.

Are there any other forums where I can get specific RA-TLS support or am I in the right place here?

[dimakuv]

First, make sure to read this: https://gramine.readthedocs.io/en/stable/attestation.html#mid-level-ra-tls-interface

Then look at the RA-TLS code:

• gramine/tools/sgx/ra-tls/ra_tls_verify_common.c

  Line 122 in e3d3aa3

  int find_oid_in_cert_extensions(const uint8_t* exts, size_t exts_size, const uint8_t* oid,

• gramine/tools/sgx/ra-tls/ra_tls_verify_common.c

  Line 222 in e3d3aa3

  int extract_quote_and_verify_pubkey(mbedtls_x509_crt* crt, sgx_quote_t** out_quote,

• gramine/tools/sgx/ra-tls/ra_tls_verify_dcap.c

  Line 168 in e3d3aa3

  ret = sgx_qv_verify_quote((uint8_t*)quote, (uint32_t)quote_size, /*p_quote_collateral=*/NULL,

  -- this is the call to the external (to Gramine) function from Intel SGX PSW's library libsgx-dcap-quote-verify

The currently used OID:

• gramine/tools/sgx/ra-tls/ra_tls_common.h

  Lines 24 to 26 in e3d3aa3

  	#define OID(N) \
  	{ 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF8, 0x4D, 0x8A, 0x39, (N) }
  	static const uint8_t g_quote_oid[] = OID(0x06);

I need to know what message within the certificate is signed.

I don't know what is meant by this. Inside the certificate, we embed the SGX quote as a special-numbered OID object.

I need to parse out a signature (r,s) from the x509 extension.

Which signature? Of the SGX quote? You'll need to look at the Intel SGX quote format (the documentation and formats can be found on the internet).

Finally I need to know what the public key of this signature needs comparison against.

The SGX Quote is signed by the special Quoting Enclave, and it embeds the certificate chain that is rooted at the Intel PCS web service. You can find more documentation on the internet; it's not part of Gramine but rather part of the Intel SGX PSW.

---

I'm unsure what you're trying to achieve. All these "how to verify the SGX quote" is supposed to be hidden by the Intel SGX PSW infrastructure. For example, if you run on MS Azure SGX-enabled VMs, they already have this preinstalled, and you just need to link against libsgx-dcap-quote-verify and call a function there, supplying the SGX quote (extracted from the received RA-TLS X.509 certificate). This is what RA-TLS implementation in Gramine performs.