Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Clarify how to verify SGX evidence without an Intel SGX-enabled platform #3158

Merged
merged 2 commits into from
Feb 17, 2024

Conversation

JamesMenetrey
Copy link
Contributor

Dear Developers,

Today, I provide a PR that encompasses two complementing purposes:

  • A documentation on verifying an Intel SGX evidence as produced by WAMR, including a guide for verification without an Intel SGX-enabled platform. This also contains a small addition to the RA sample to extract specific information, such as whether the enclave is running in debug mode.
  • A C# sample to verify evidence on trusted premises (and without Intel SGX). Evidence is generated on untrusted environments, using Intel SGX.

I stay at your disposal to bring eventual changes for this PR if needed.
Cheers,
Jämes

JamesMenetrey and others added 2 commits February 13, 2024 11:29
Enhance the documentation for validating Intel SGX evidence on
platforms without Intel SGX (or Intel processors). Provide an
example to extract important flags from SGX evidence.
Copy link
Contributor

@wenyongh wenyongh left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@wenyongh wenyongh merged commit 8b8c595 into bytecodealliance:main Feb 17, 2024
406 checks passed
@JamesMenetrey
Copy link
Contributor Author

Thanks for the review!

victoryang00 pushed a commit to victoryang00/wamr-aot-gc-checkpoint-restore that referenced this pull request May 27, 2024
…orm (bytecodealliance#3158)

This PR encompasses two complementing purposes:

A documentation on verifying an Intel SGX evidence as produced by WAMR,
including a guide for verification without an Intel SGX-enabled platform.
This also contains a small addition to the RA sample to extract specific
information, such as whether the enclave is running in debug mode.

A C# sample to verify evidence on trusted premises (and without Intel SGX).
Evidence is generated on untrusted environments, using Intel SGX.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants