You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Custom extended certificate validation:
1. Validate certificate
2. Validate the evidence
3. Validate peer enclave's identity
Validate the enclave’s identity (e.g., MRENCLAVE in SGX) against the expected list. This check ensures only the intended party is allowed to connect to.
tee_verify_ceritificate_with_evidence() for inside enclave calls, was added to perform step 1-2 and leaving step 3 to application for business logic.
How to perform step 3? Is there any SDK that will make my live easier and extract quote report from the TLS certificate? Or am I forced to do it on my own, finding the extension in the TLS, decoding CBOR etc?
I was expecting to find a function similar to: get_report(ra_tls_certificate) -> sgx_report
The text was updated successfully, but these errors were encountered:
Following the https://github.com/intel/linux-sgx/blob/7385e10ce1106215d15f874a024ca224c7417eea/SampleCode/SampleAttestedTLS/AttestedTLSREADME.md
How to perform step 3? Is there any SDK that will make my live easier and extract quote report from the TLS certificate? Or am I forced to do it on my own, finding the extension in the TLS, decoding CBOR etc?
I was expecting to find a function similar to:
get_report(ra_tls_certificate) -> sgx_reportThe text was updated successfully, but these errors were encountered: