$2a$11$PbnKBsYBb8LZMo6CnZOznONzf5IEAGiuB5a0cRg1hNDMGswGPO0Kq
Harald Hoyer haraldh
☀️
haraldh
/ tcbInfo.json
Last active
August 9, 2023 20:48
❯ curl -X GET "https://api.trustedservices.intel.com/sgx/certification/v4/tcb?fmspc=00606a000000"
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| {"tcbInfo":{"id":"SGX","version":3,"issueDate":"2023-08-09T18:32:31Z","nextUpdate":"2023-09-08T18:32:31Z","fmspc":"00606a000000","pceId":"0000","tcbType":0,"tcbEvaluationDataNumber":16,"tcbLevels":[{"tcb":{"sgxtcbcomponents":[{"svn":12,"category":"BIOS","type":"Early Microcode Update"},{"svn":12,"category":"OS/VMM","type":"SGX Late Microcode Update"},{"svn":3,"category":"OS/VMM","type":"TXT SINIT"},{"svn":3,"category":"BIOS"},{"svn":255},{"svn":255},{"svn":1},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0}],"pcesvn":13},"tcbDate":"2023-08-09T00:00:00Z","tcbStatus":"SWHardeningNeeded","advisoryIDs":["INTEL-SA-00615"]},{"tcb":{"sgxtcbcomponents":[{"svn":12,"category":"BIOS","type":"Early Microcode Update"},{"svn":12,"category":"OS/VMM","type":"SGX Late Microcode Update"},{"svn":3,"category":"OS/VMM","type":"TXT SINIT"},{"svn":3,"category":"BIOS"},{"svn":255},{"svn":255},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0}], |
haraldh
/ openpgp.md
Created
November 7, 2022 09:36
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # generate qemu arguments for named raw disks | |
| # | |
| # qemu_add_drive_args <index> <filename> <id-name> [<bootindex>] | |
| # | |
| # $1: name of the index variable (set to 0 at start) | |
| # $2: name of the argument array variable (set to () at start) | |
| # $3: filename of the raw disk image | |
| # $4: name of the disk in /dev/disk/by-id -> /dev/disk/by-id/ata-disk_$name | |
| # $5: optional bootindex number | |
| # |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| _dogetarg() { | |
| local _search_key | |
| local _in_quote | |
| local _key | |
| local _val | |
| local _equals | |
| local _STATE | |
| local _lastchar | |
| local _want_value | |
| local _multi_args |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| use ::sev::certs::{ca, sev}; | |
| use ::sev::launch::Policy; | |
| use ::sev::session::Session; | |
| use codicon::{Decoder, Encoder}; | |
| use koine::attestation::sev::*; | |
| use process_control::{ChildExt, Timeout}; | |
| use serde::de::Deserialize; | |
| use serde_cbor as serde_flavor; | |
| use std::convert::TryFrom; | |
| use std::os::unix::net::{UnixListener, UnixStream}; |
haraldh
/ get_quote.rs
Created
October 13, 2020 12:58
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| use crate::aesm_proto::Request_InitQuoteRequest; | |
| use byteorder::{NativeEndian, ReadBytesExt, WriteBytesExt}; | |
| use protobuf::Message; | |
| use std::io::{Read, Write}; | |
| use std::mem::size_of; | |
| use std::os::unix::net::UnixStream; | |
| mod aesm_proto; | |
| fn main() -> std::io::Result<()> { |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| use std::ops::DerefMut; | |
| use std::thread::sleep; | |
| use std::time::Duration; | |
| trait DigitalInput { | |
| fn set_state(&mut self, _new_state: bool); | |
| } | |
| trait Mutable<T: ?Sized> { | |
| fn ref_mut(&mut self) -> &mut T; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| extern "C" { | |
| static _DYNAMIC: u64; | |
| } | |
| use core::mem::size_of; | |
| use goblin::elf::dynamic::dyn64::Dyn; | |
| use goblin::elf::dynamic::{DT_REL, DT_RELA, DT_RELASZ, DT_RELSZ}; | |
| use goblin::elf::reloc::reloc64::Rel; | |
| use goblin::elf::reloc::reloc64::Rela; | |
| use goblin::elf::reloc::reloc64::R_X86_64_RELATIVE; |
# dnf install tar tpm2-tools openssl /usr/bin/xxd
# ## Encrypt
# dd if=/dev/random of=shared_key bs=64 count=1
# openssl enc \
-aes-256-cbc -salt \
-iv $(dd if=shared_key bs=1 skip=32 | xxd -l 16 -c 32 -p ) \
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| text | |
| lang en_US.UTF-8 | |
| keyboard us | |
| timezone US/Eastern | |
| selinux --enforcing | |
| firewall --enabled | |
| services --enabled=sshd,systemd-networkd,systemd-resolved,chronyd,zram-swap | |
| network --bootproto=dhcp --device=link --activate | |
| reboot |
NewerOlder