forked from joostd/ssh-sk-attestation-poc
-
Notifications
You must be signed in to change notification settings - Fork 0
/
attestation.php
45 lines (32 loc) · 962 Bytes
/
attestation.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
<?php
include("common.php");
# input must be an SSH security key attestation:
# Attestation format is:
# string "ssh-sk-attest-v01"
# string attestation certificate
# string enrollment signature
# string authenticator data (CBOR encoded)
# uint32 reserved flags
# string reserved string
$s = file_get_contents('php://stdin');
echo "attestation:\n";
[$t,$l,$v] = tlv($s);
assert( bin2hex($t) === "0000" );
assert($v === "ssh-sk-attest-v01");
echo " format: " . bin2hex($v) . "\n";
[$t,$l,$v] = tlv($s);
assert( bin2hex($t) === "0000" );
echo " certificate: " . bin2hex($v) . "\n";
[$t,$l,$v] = tlv($s);
assert( bin2hex($t) === "0000" );
echo " signature: " . bin2hex($v) . "\n";
[$t,$l,$v] = tlv($s);
assert( bin2hex($t) === "0000" );
echo " authData: " . bin2hex($v) . "\n";
# reserved flags
[$t,$l,$v] = tlv($s);
assert( bin2hex($t) === "0000" );
# reserved string
[$t,$l,$v] = tlv($s);
assert( bin2hex($t) === "0000" );
assert($s==="");