This example is derived from linux-sgx-remoteattestation. Only the enclave is rewrote into Rust. Please refer to the following Readme for further detail.
For users' convenience, we simply add SGX_MODE=HW SGX_PRERELEASE=1
into Makefile and just run make
in both ServiceProvider
and Application
.
btw. Dependencies include libjsoncpp-dev
which is missing from below.
#Linux SGX remote attestation (Original Readme below) Example of a remote attestation with Intel's SGX including the communication with IAS.
The code requires the installation of Intel SGX here and the SGX driver here. Furthermore, also a developer account for the usage of IAS has be registered Deverloper account. After the registration with a certificate (can be self-signed for development purposes), Intel will respond with a SPID which is needed to communicate with IAS.
The code consists of two separate programs, the ServiceProvider and the Application. The message exchange over the network is performed using Google Protocol Buffers.
Before running the code, some settings have to be set in the GeneralSettings.h
file:
openssl req -x509 -nodes -newkey rsa:4096 -keyout server.key -out sever.crt -days 365
To be able to run the above code some external libraries are needed:
libprotobuf-dev
, libprotobuf-c0-dev
and protobuf-compiler
libboost-thread-dev
, libboost-system-dev
curl
, libcurl4-openssl-dev
libssl
liblog4cpp5-dev
After the installation of those dependencies, the code can be compiled with the following commands:
cd ServiceProvider
make
cd ../Application
make SGX_MODE=HW SGX_PRERELEASE=1