mirror of https://github.com/bytecodealliance/wasm-micro-runtime.git synced 2024-11-26 15:32:05 +00:00

History

Jämes Ménétrey 8b8c59589d Clarify how to verify SGX evidence without an Intel SGX-enabled platform (#3158 ) This PR encompasses two complementing purposes: A documentation on verifying an Intel SGX evidence as produced by WAMR, including a guide for verification without an Intel SGX-enabled platform. This also contains a small addition to the RA sample to extract specific information, such as whether the enclave is running in debug mode. A C# sample to verify evidence on trusted premises (and without Intel SGX). Evidence is generated on untrusted environments, using Intel SGX.		2024-02-17 18:44:22 +08:00
..
.gitignore	Clarify how to verify SGX evidence without an Intel SGX-enabled platform (#3158 )	2024-02-17 18:44:22 +08:00
Program.cs	Clarify how to verify SGX evidence without an Intel SGX-enabled platform (#3158 )	2024-02-17 18:44:22 +08:00
README.md	Clarify how to verify SGX evidence without an Intel SGX-enabled platform (#3158 )	2024-02-17 18:44:22 +08:00
VerifyEvidence.csproj	Clarify how to verify SGX evidence without an Intel SGX-enabled platform (#3158 )	2024-02-17 18:44:22 +08:00

README.md

Examples of evidence verification without Intel SGX using C#

This sample demonstrates how to validate WAMR-generated evidence without using an Intel SGX-enabled platform. A typical use case is a Web service hosted on trusted premises.

Prerequisites

dotnet-sdk (8+)
librats
Intel infrastructure for validating evidence, see here

This sample has been tested on Linux Ubuntu 20.04+. Any other Linux platforms should be supported. This sample should also work on other OS, provided librats can be compiled on those other OS.

How to use

Supply the reference values to consider trustworthy in Program.cs.
Generate a valid JSON evidence using WAMR on an Intel SGX-enabled platform.
Fill in the JSON evidence in Program.cs.
Run the command dotnet run in this directory.