forked from intel/sgx-ra-sample
-
Notifications
You must be signed in to change notification settings - Fork 0
/
iasrequest.h
167 lines (120 loc) · 4.08 KB
/
iasrequest.h
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
/*
Copyright 2018 Intel Corporation
This software and the related documents are Intel copyrighted materials,
and your use of them is governed by the express license under which they
were provided to you (License). Unless the License provides otherwise,
you may not use, modify, copy, publish, distribute, disclose or transmit
this software or the related documents without Intel's prior written
permission.
This software and the related documents are provided as is, with no
express or implied warranties, other than those that are expressly stated
in the License.
*/
#ifndef __IASREQUEST_H
#define __IASREQUEST_H
#include <sys/types.h>
#include <inttypes.h>
#include <openssl/x509.h>
#include "agent.h"
#include "settings.h"
using namespace std;
#include <string>
#include <map>
#include <vector>
/* Our arguments and data must be NULL-terminated strings */
#define IAS_F_DEFAULT IAS_F_VERIFY_PEER
#define IAS_F_VERIFY_PEER 0x1
/* IAS API v1 has been EOL'd */
/* IAS API v2 has been deprecated as of Aug-17-2018 */
#define IAS_MIN_VERSION 3
/* IAS API v4 is the latest supported API */
#define IAS_MAX_VERSION 4
#define IAS_PROXY_NONE 0
#define IAS_PROXY_AUTO 1
#define IAS_PROXY_FORCE 2
#define IAS_SERVER_DEVELOPMENT 0
#define IAS_SERVER_PRODUCTION 1
#define IAS_SUBSCRIPTION_KEY_SIZE 32
/* The IAS development server hostname */
#define IAS_SERVER_DEVELOPMENT_HOST "api.trustedservices.intel.com/sgx/dev"
/* The IAS production server hostname */
#define IAS_SERVER_PRODUCTION_HOST "api.trustedservices.intel.com/sgx"
#define IAS_PORT 443
/* Model these roughly after errno */
typedef uint32_t ias_error_t;
// We couldn't construct the query string, or the query attempt to
//
#define IAS_QUERY_FAILED 0
// Model these after HTTP response codes defined by the IAS spec //
#define IAS_OK 200
#define IAS_BADREQUEST 400
#define IAS_UNAUTHORIZED 401
#define IAS_NOT_FOUND 404
#define IAS_SERVER_ERR 500
#define IAS_UNAVAILABLE 503
// Other errors
#define IAS_INTERNAL_ERROR 1000
#define IAS_BAD_CERTIFICATE 1001
#define IAS_BAD_SIGNATURE 1002
void ias_list_agents (FILE *fp);
class Agent;
class IAS_Connection {
friend class Agent;
public:
enum SubscriptionKeyID
{
Primary = 0,
Secondary,
Last
};
private:
string c_server;
typedef char subkey_t[IAS_SUBSCRIPTION_KEY_SIZE];
subkey_t subscription_key_enc[SubscriptionKeyID::Last];
subkey_t subscription_key_xor[SubscriptionKeyID::Last];
string c_ca_file;
string c_proxy_server;
uint16_t c_server_port;
uint16_t c_proxy_port;
int c_proxy_mode;
uint32_t c_flags;
X509_STORE *c_store;
Agent *c_agent;
string c_agent_name;
int setSubscriptionKey (SubscriptionKeyID id, char * subscriptionKey);
SubscriptionKeyID currentKeyID = SubscriptionKeyID::Primary;
public:
IAS_Connection(int server, uint32_t flags, char * subscriptionKey, char * secSubscriptionKey);
~IAS_Connection();
string base_url();
int agent(const char *agent_name);
string getSubscriptionKey();
SubscriptionKeyID getSubscriptionKeyID() { return currentKeyID; }
void SetSubscriptionKeyID(SubscriptionKeyID id) { currentKeyID = id;}
int proxy(const char *server, uint16_t port);
void proxy_mode(int mode) { c_proxy_mode= mode; }
int proxy_mode() { return c_proxy_mode; }
string proxy_server() { return c_proxy_server; }
uint16_t proxy_port() { return c_proxy_port; }
string proxy_url();
void ca_bundle(const char *file) { c_ca_file= file; }
string ca_bundle() { return c_ca_file; }
/* Internal cert store for verifying the IAS Signing certificate */
void cert_store(X509_STORE *store) { c_store= store; }
X509_STORE *cert_store() { return c_store; }
Agent* new_agent();
Agent* agent();
};
class IAS_Request {
IAS_Connection *r_conn;
uint16_t r_api_version;
string url;
public:
IAS_Request(IAS_Connection *conn_in, uint16_t version= IAS_API_DEF_VERSION);
~IAS_Request();
IAS_Connection *conn() { return r_conn; }
ias_error_t sigrl(uint32_t gid, string &sigrl);
ias_error_t report(map<string,string> &payload, string &content,
vector<string> &messages);
};
#endif