| <!DOCTYPE html> |
| <html lang="en-US"> |
| <head> |
| <meta charset="utf-8"> |
| <meta name="viewport" content="width=device-width,initial-scale=1"> |
| <title>Attestation in Teaclave | Apache Teaclave (incubating)</title> |
| <meta name="generator" content="VuePress 1.9.7"> |
| <link rel="alternate" type="application/rss+xml" href="https://teaclave.apache.org/rss.xml" title="Apache Teaclave (incubating) RSS Feed"> |
| <link rel="alternate" type="application/atom+xml" href="https://teaclave.apache.org/feed.atom" title="Apache Teaclave (incubating) Atom Feed"> |
| <link rel="alternate" type="application/json" href="https://teaclave.apache.org/feed.json" title="Apache Teaclave (incubating) JSON Feed"> |
| <meta name="description" content="Apache Teaclave (incubating) is an open source universal secure computing platform, making computation on privacy-sensitive data safe and simple."> |
| <meta property="article:modified_time" content="2020-06-18T23:53:28.000Z"> |
| <meta property="og:site_name" content="Apache Teaclave (incubating)"> |
| <meta property="og:title" content="Attestation in Teaclave"> |
| <meta property="og:type" content="website"> |
| <meta property="og:url" content="https://teaclave.apache.org/docs/codebase/attestation/"> |
| <meta name="twitter:title" content="Attestation in Teaclave"> |
| <meta name="twitter:url" content="https://teaclave.apache.org/docs/codebase/attestation/"> |
| <meta name="twitter:card" content="summary_large_image"> |
| <meta name="twitter:site" content="@ApacheTeaclave"> |
| |
| <link rel="preload" href="/assets/css/0.styles.7a68c1e3.css" as="style"><link rel="preload" href="/assets/js/app.416a7edd.js" as="script"><link rel="preload" href="/assets/js/6.cb964028.js" as="script"><link rel="preload" href="/assets/js/1.d73ee85d.js" as="script"><link rel="preload" href="/assets/js/70.ae576e11.js" as="script"><link rel="prefetch" href="/assets/js/10.dd5d6438.js"><link rel="prefetch" href="/assets/js/100.46160955.js"><link rel="prefetch" href="/assets/js/101.9f777f97.js"><link rel="prefetch" href="/assets/js/102.db34fcee.js"><link rel="prefetch" href="/assets/js/103.2c909920.js"><link rel="prefetch" href="/assets/js/104.62a09edf.js"><link rel="prefetch" href="/assets/js/105.1137ce46.js"><link rel="prefetch" href="/assets/js/106.7b874960.js"><link rel="prefetch" href="/assets/js/107.4acbae6d.js"><link rel="prefetch" href="/assets/js/108.dc9f4f34.js"><link rel="prefetch" href="/assets/js/109.a752bc7e.js"><link rel="prefetch" href="/assets/js/11.ae218e97.js"><link rel="prefetch" href="/assets/js/110.b94b1daf.js"><link rel="prefetch" href="/assets/js/111.5e1135dd.js"><link rel="prefetch" href="/assets/js/112.e62d88dd.js"><link rel="prefetch" href="/assets/js/12.1d03a56a.js"><link rel="prefetch" href="/assets/js/13.fc7df053.js"><link rel="prefetch" href="/assets/js/14.6ad08dcc.js"><link rel="prefetch" href="/assets/js/15.ac8415d3.js"><link rel="prefetch" href="/assets/js/16.196140b7.js"><link rel="prefetch" href="/assets/js/17.1555cdf6.js"><link rel="prefetch" href="/assets/js/18.c4ade0d2.js"><link rel="prefetch" href="/assets/js/19.1f86150d.js"><link rel="prefetch" href="/assets/js/2.f85cce33.js"><link rel="prefetch" href="/assets/js/20.0106ee82.js"><link rel="prefetch" href="/assets/js/21.551cda9a.js"><link rel="prefetch" href="/assets/js/22.a1deb586.js"><link rel="prefetch" href="/assets/js/23.bea9a769.js"><link rel="prefetch" href="/assets/js/24.a111f8c3.js"><link rel="prefetch" href="/assets/js/25.94b105d2.js"><link rel="prefetch" href="/assets/js/26.6eb02834.js"><link rel="prefetch" href="/assets/js/27.cb815dd7.js"><link rel="prefetch" href="/assets/js/28.95da7ad2.js"><link rel="prefetch" href="/assets/js/29.41c82c76.js"><link rel="prefetch" href="/assets/js/30.2d4f6457.js"><link rel="prefetch" href="/assets/js/31.f85c3079.js"><link rel="prefetch" href="/assets/js/32.6327034e.js"><link rel="prefetch" href="/assets/js/33.3db23b15.js"><link rel="prefetch" href="/assets/js/34.4b677f53.js"><link rel="prefetch" href="/assets/js/35.74c2bfa1.js"><link rel="prefetch" href="/assets/js/36.aac34e45.js"><link rel="prefetch" href="/assets/js/37.ba75de3f.js"><link rel="prefetch" href="/assets/js/38.25a187b5.js"><link rel="prefetch" href="/assets/js/39.a708e045.js"><link rel="prefetch" href="/assets/js/40.6961c007.js"><link rel="prefetch" href="/assets/js/41.33532c91.js"><link rel="prefetch" href="/assets/js/42.f5927854.js"><link rel="prefetch" href="/assets/js/43.223d6216.js"><link rel="prefetch" href="/assets/js/44.d8df7ac3.js"><link rel="prefetch" href="/assets/js/45.9a21ca3e.js"><link rel="prefetch" href="/assets/js/46.949f9fe6.js"><link rel="prefetch" href="/assets/js/47.ba103762.js"><link rel="prefetch" href="/assets/js/48.e7764c1b.js"><link rel="prefetch" href="/assets/js/49.d05175f8.js"><link rel="prefetch" href="/assets/js/5.0eeb0687.js"><link rel="prefetch" href="/assets/js/50.4240669f.js"><link rel="prefetch" href="/assets/js/51.b33563db.js"><link rel="prefetch" href="/assets/js/52.146509f4.js"><link rel="prefetch" href="/assets/js/53.72230e92.js"><link rel="prefetch" href="/assets/js/54.7d5c4465.js"><link rel="prefetch" href="/assets/js/55.f0e9528b.js"><link rel="prefetch" href="/assets/js/56.6aa20eb5.js"><link rel="prefetch" href="/assets/js/57.793df332.js"><link rel="prefetch" href="/assets/js/58.2c88c658.js"><link rel="prefetch" href="/assets/js/59.29946c67.js"><link rel="prefetch" href="/assets/js/60.987ce7ea.js"><link rel="prefetch" href="/assets/js/61.e911a08e.js"><link rel="prefetch" href="/assets/js/62.280f7f41.js"><link rel="prefetch" href="/assets/js/63.0f3bb444.js"><link rel="prefetch" href="/assets/js/64.2b6ea649.js"><link rel="prefetch" href="/assets/js/65.219b780b.js"><link rel="prefetch" href="/assets/js/66.96999c9e.js"><link rel="prefetch" href="/assets/js/67.c2dec1a1.js"><link rel="prefetch" href="/assets/js/68.42fec217.js"><link rel="prefetch" href="/assets/js/69.61ecb198.js"><link rel="prefetch" href="/assets/js/7.847a8d20.js"><link rel="prefetch" href="/assets/js/71.3578bb66.js"><link rel="prefetch" href="/assets/js/72.b649388b.js"><link rel="prefetch" href="/assets/js/73.c03d947c.js"><link rel="prefetch" href="/assets/js/74.74092564.js"><link rel="prefetch" href="/assets/js/75.f5fb1db6.js"><link rel="prefetch" href="/assets/js/76.5e90f553.js"><link rel="prefetch" href="/assets/js/77.0bf63761.js"><link rel="prefetch" href="/assets/js/78.04e1fbee.js"><link rel="prefetch" href="/assets/js/79.5f71740f.js"><link rel="prefetch" href="/assets/js/8.68e95cf5.js"><link rel="prefetch" href="/assets/js/80.5da4cdab.js"><link rel="prefetch" href="/assets/js/81.ce072043.js"><link rel="prefetch" href="/assets/js/82.25ce02b0.js"><link rel="prefetch" href="/assets/js/83.9f374702.js"><link rel="prefetch" href="/assets/js/84.d4de12eb.js"><link rel="prefetch" href="/assets/js/85.e934db2b.js"><link rel="prefetch" href="/assets/js/86.084c1fd9.js"><link rel="prefetch" href="/assets/js/87.fbf2870d.js"><link rel="prefetch" href="/assets/js/88.c480980d.js"><link rel="prefetch" href="/assets/js/89.6a5a74c1.js"><link rel="prefetch" href="/assets/js/9.be5ff211.js"><link rel="prefetch" href="/assets/js/90.67a108d9.js"><link rel="prefetch" href="/assets/js/91.7c7ba95c.js"><link rel="prefetch" href="/assets/js/92.0ae5dd81.js"><link rel="prefetch" href="/assets/js/93.5353cf22.js"><link rel="prefetch" href="/assets/js/94.f7d41210.js"><link rel="prefetch" href="/assets/js/95.5f5bed22.js"><link rel="prefetch" href="/assets/js/96.59de9d4b.js"><link rel="prefetch" href="/assets/js/97.0d914caf.js"><link rel="prefetch" href="/assets/js/98.d751f4be.js"><link rel="prefetch" href="/assets/js/99.2bb8c143.js"><link rel="prefetch" href="/assets/js/vuejs-paginate.8e583f31.js"> |
| <link rel="stylesheet" href="/assets/css/0.styles.7a68c1e3.css"> |
| </head> |
| <body> |
| <div id="app" data-server-rendered="true"><div class="theme-container"><header class="navbar"><div class="sidebar-button"><svg xmlns="http://www.w3.org/2000/svg" aria-hidden="true" role="img" viewBox="0 0 448 512" class="icon"><path fill="currentColor" d="M436 124H12c-6.627 0-12-5.373-12-12V80c0-6.627 5.373-12 12-12h424c6.627 0 12 5.373 12 12v32c0 6.627-5.373 12-12 12zm0 160H12c-6.627 0-12-5.373-12-12v-32c0-6.627 5.373-12 12-12h424c6.627 0 12 5.373 12 12v32c0 6.627-5.373 12-12 12zm0 160H12c-6.627 0-12-5.373-12-12v-32c0-6.627 5.373-12 12-12h424c6.627 0 12 5.373 12 12v32c0 6.627-5.373 12-12 12z"></path></svg></div> <a href="/" class="home-link router-link-active"><img src="/assets/img/logo.svg" alt="Apache Teaclave (incubating)" class="logo"> <span class="site-name can-hide" style="display:none;">Teaclave</span></a> <div class="links"><!----> <nav class="nav-links can-hide"><div class="nav-item"><a href="/" class="nav-link"> |
| ABOUT |
| </a></div><div class="nav-item"><a href="/powered-by/" class="nav-link"> |
| POWERED BY |
| </a></div><div class="nav-item"><a href="/community/" class="nav-link"> |
| COMMUNITY |
| </a></div><div class="nav-item"><a href="/download/" class="nav-link"> |
| DOWNLOAD |
| </a></div><div class="nav-item"><a href="/contributors/" class="nav-link"> |
| CONTRIBUTORS |
| </a></div><div class="nav-item"><div class="dropdown-wrapper"><button type="button" aria-label="DOCS" class="dropdown-title"><span class="title">DOCS</span> <span class="arrow right"></span></button> <ul class="nav-dropdown" style="display:none;"><li class="dropdown-item"><!----> <a href="/docs/" class="nav-link router-link-active"> |
| Teaclave |
| </a></li><li class="dropdown-item"><!----> <a href="/sgx-sdk-docs/" class="nav-link"> |
| Teaclave SGX SDK |
| </a></li><li class="dropdown-item"><!----> <a href="/trustzone-sdk-docs/" class="nav-link"> |
| Teaclave TrustZone SDK |
| </a></li><li class="dropdown-item"><h4> |
| APIS |
| </h4> <ul class="dropdown-subitem-wrapper"><li class="dropdown-subitem"><a href="https://teaclave.apache.org/api-docs/client-sdk-rust/" target="_self" rel="" class="nav-link external"> |
| Teaclave Client SDK (Rust) |
| <!----></a></li><li class="dropdown-subitem"><a href="https://teaclave.apache.org/api-docs/client-sdk-python/" target="_self" rel="" class="nav-link external"> |
| Teaclave Client SDK (Python) |
| <!----></a></li><li class="dropdown-subitem"><a href="https://teaclave.apache.org/api-docs/sgx-sdk/" target="_self" rel="" class="nav-link external"> |
| Teaclave SGX SDK |
| <!----></a></li><li class="dropdown-subitem"><a href="https://teaclave.apache.org/api-docs/trustzone-sdk/optee-teec" target="_self" rel="" class="nav-link external"> |
| Teaclave TrustZone SDK (Host) |
| <!----></a></li><li class="dropdown-subitem"><a href="https://teaclave.apache.org/api-docs/trustzone-sdk/optee-utee" target="_self" rel="" class="nav-link external"> |
| Teaclave TrustZone SDK (TA) |
| <!----></a></li><li class="dropdown-subitem"><a href="https://teaclave.apache.org/api-docs/crates-enclave/" target="_self" rel="" class="nav-link external"> |
| Crates in Teaclave (Enclave) |
| <!----></a></li><li class="dropdown-subitem"><a href="https://teaclave.apache.org/api-docs/crates-app/" target="_self" rel="" class="nav-link external"> |
| Crates in Teaclave (App) |
| <!----></a></li></ul></li></ul></div></div><div class="nav-item"><a href="/blog/" class="nav-link"> |
| BLOG |
| </a></div><div class="nav-item"><div class="dropdown-wrapper"><button type="button" aria-label="REPOS" class="dropdown-title"><span class="title">REPOS</span> <span class="arrow right"></span></button> <ul class="nav-dropdown" style="display:none;"><li class="dropdown-item"><!----> <a href="https://github.com/apache/incubator-teaclave" target="_blank" rel="noopener noreferrer" class="nav-link external"> |
| Teaclave |
| <span><svg xmlns="http://www.w3.org/2000/svg" aria-hidden="true" focusable="false" x="0px" y="0px" viewBox="0 0 100 100" width="15" height="15" class="icon outbound"><path fill="currentColor" d="M18.8,85.1h56l0,0c2.2,0,4-1.8,4-4v-32h-8v28h-48v-48h28v-8h-32l0,0c-2.2,0-4,1.8-4,4v56C14.8,83.3,16.6,85.1,18.8,85.1z"></path> <polygon fill="currentColor" points="45.7,48.7 51.3,54.3 77.2,28.5 77.2,37.2 85.2,37.2 85.2,14.9 62.8,14.9 62.8,22.9 71.5,22.9"></polygon></svg> <span class="sr-only">(opens new window)</span></span></a></li><li class="dropdown-item"><!----> <a href="https://github.com/apache/incubator-teaclave-sgx-sdk" target="_blank" rel="noopener noreferrer" class="nav-link external"> |
| Teaclave SGX SDK |
| <span><svg xmlns="http://www.w3.org/2000/svg" aria-hidden="true" focusable="false" x="0px" y="0px" viewBox="0 0 100 100" width="15" height="15" class="icon outbound"><path fill="currentColor" d="M18.8,85.1h56l0,0c2.2,0,4-1.8,4-4v-32h-8v28h-48v-48h28v-8h-32l0,0c-2.2,0-4,1.8-4,4v56C14.8,83.3,16.6,85.1,18.8,85.1z"></path> <polygon fill="currentColor" points="45.7,48.7 51.3,54.3 77.2,28.5 77.2,37.2 85.2,37.2 85.2,14.9 62.8,14.9 62.8,22.9 71.5,22.9"></polygon></svg> <span class="sr-only">(opens new window)</span></span></a></li><li class="dropdown-item"><!----> <a href="https://github.com/apache/incubator-teaclave-trustzone-sdk" target="_blank" rel="noopener noreferrer" class="nav-link external"> |
| Teaclave TrustZone SDK |
| <span><svg xmlns="http://www.w3.org/2000/svg" aria-hidden="true" focusable="false" x="0px" y="0px" viewBox="0 0 100 100" width="15" height="15" class="icon outbound"><path fill="currentColor" d="M18.8,85.1h56l0,0c2.2,0,4-1.8,4-4v-32h-8v28h-48v-48h28v-8h-32l0,0c-2.2,0-4,1.8-4,4v56C14.8,83.3,16.6,85.1,18.8,85.1z"></path> <polygon fill="currentColor" points="45.7,48.7 51.3,54.3 77.2,28.5 77.2,37.2 85.2,37.2 85.2,14.9 62.8,14.9 62.8,22.9 71.5,22.9"></polygon></svg> <span class="sr-only">(opens new window)</span></span></a></li><li class="dropdown-item"><!----> <a href="https://github.com/apache/incubator-teaclave-java-tee-sdk" target="_blank" rel="noopener noreferrer" class="nav-link external"> |
| Teaclave Java TEE SDK |
| <span><svg xmlns="http://www.w3.org/2000/svg" aria-hidden="true" focusable="false" x="0px" y="0px" viewBox="0 0 100 100" width="15" height="15" class="icon outbound"><path fill="currentColor" d="M18.8,85.1h56l0,0c2.2,0,4-1.8,4-4v-32h-8v28h-48v-48h28v-8h-32l0,0c-2.2,0-4,1.8-4,4v56C14.8,83.3,16.6,85.1,18.8,85.1z"></path> <polygon fill="currentColor" points="45.7,48.7 51.3,54.3 77.2,28.5 77.2,37.2 85.2,37.2 85.2,14.9 62.8,14.9 62.8,22.9 71.5,22.9"></polygon></svg> <span class="sr-only">(opens new window)</span></span></a></li><li class="dropdown-item"><!----> <a href="https://github.com/apache/incubator-teaclave-website" target="_blank" rel="noopener noreferrer" class="nav-link external"> |
| Teaclave Website |
| <span><svg xmlns="http://www.w3.org/2000/svg" aria-hidden="true" focusable="false" x="0px" y="0px" viewBox="0 0 100 100" width="15" height="15" class="icon outbound"><path fill="currentColor" d="M18.8,85.1h56l0,0c2.2,0,4-1.8,4-4v-32h-8v28h-48v-48h28v-8h-32l0,0c-2.2,0-4,1.8-4,4v56C14.8,83.3,16.6,85.1,18.8,85.1z"></path> <polygon fill="currentColor" points="45.7,48.7 51.3,54.3 77.2,28.5 77.2,37.2 85.2,37.2 85.2,14.9 62.8,14.9 62.8,22.9 71.5,22.9"></polygon></svg> <span class="sr-only">(opens new window)</span></span></a></li></ul></div></div><div class="nav-item"><div class="dropdown-wrapper"><button type="button" aria-label="Apache Software Foundation" class="dropdown-title"><span class="title">ASF</span> <span class="arrow right"></span></button> <ul class="nav-dropdown" style="display:none;"><li class="dropdown-item"><!----> <a href="https://www.apache.org/" target="_blank" rel="noopener noreferrer" class="nav-link external"> |
| ASF Homepage |
| <span><svg xmlns="http://www.w3.org/2000/svg" aria-hidden="true" focusable="false" x="0px" y="0px" viewBox="0 0 100 100" width="15" height="15" class="icon outbound"><path fill="currentColor" d="M18.8,85.1h56l0,0c2.2,0,4-1.8,4-4v-32h-8v28h-48v-48h28v-8h-32l0,0c-2.2,0-4,1.8-4,4v56C14.8,83.3,16.6,85.1,18.8,85.1z"></path> <polygon fill="currentColor" points="45.7,48.7 51.3,54.3 77.2,28.5 77.2,37.2 85.2,37.2 85.2,14.9 62.8,14.9 62.8,22.9 71.5,22.9"></polygon></svg> <span class="sr-only">(opens new window)</span></span></a></li><li class="dropdown-item"><!----> <a href="https://www.apache.org/licenses/" target="_blank" rel="noopener noreferrer" class="nav-link external"> |
| License |
| <span><svg xmlns="http://www.w3.org/2000/svg" aria-hidden="true" focusable="false" x="0px" y="0px" viewBox="0 0 100 100" width="15" height="15" class="icon outbound"><path fill="currentColor" d="M18.8,85.1h56l0,0c2.2,0,4-1.8,4-4v-32h-8v28h-48v-48h28v-8h-32l0,0c-2.2,0-4,1.8-4,4v56C14.8,83.3,16.6,85.1,18.8,85.1z"></path> <polygon fill="currentColor" points="45.7,48.7 51.3,54.3 77.2,28.5 77.2,37.2 85.2,37.2 85.2,14.9 62.8,14.9 62.8,22.9 71.5,22.9"></polygon></svg> <span class="sr-only">(opens new window)</span></span></a></li><li class="dropdown-item"><!----> <a href="https://www.apache.org/foundation/sponsorship.html" target="_blank" rel="noopener noreferrer" class="nav-link external"> |
| Sponsorship |
| <span><svg xmlns="http://www.w3.org/2000/svg" aria-hidden="true" focusable="false" x="0px" y="0px" viewBox="0 0 100 100" width="15" height="15" class="icon outbound"><path fill="currentColor" d="M18.8,85.1h56l0,0c2.2,0,4-1.8,4-4v-32h-8v28h-48v-48h28v-8h-32l0,0c-2.2,0-4,1.8-4,4v56C14.8,83.3,16.6,85.1,18.8,85.1z"></path> <polygon fill="currentColor" points="45.7,48.7 51.3,54.3 77.2,28.5 77.2,37.2 85.2,37.2 85.2,14.9 62.8,14.9 62.8,22.9 71.5,22.9"></polygon></svg> <span class="sr-only">(opens new window)</span></span></a></li><li class="dropdown-item"><!----> <a href="https://www.apache.org/security/" target="_blank" rel="noopener noreferrer" class="nav-link external"> |
| Security |
| <span><svg xmlns="http://www.w3.org/2000/svg" aria-hidden="true" focusable="false" x="0px" y="0px" viewBox="0 0 100 100" width="15" height="15" class="icon outbound"><path fill="currentColor" d="M18.8,85.1h56l0,0c2.2,0,4-1.8,4-4v-32h-8v28h-48v-48h28v-8h-32l0,0c-2.2,0-4,1.8-4,4v56C14.8,83.3,16.6,85.1,18.8,85.1z"></path> <polygon fill="currentColor" points="45.7,48.7 51.3,54.3 77.2,28.5 77.2,37.2 85.2,37.2 85.2,14.9 62.8,14.9 62.8,22.9 71.5,22.9"></polygon></svg> <span class="sr-only">(opens new window)</span></span></a></li><li class="dropdown-item"><!----> <a href="https://privacy.apache.org/policies/privacy-policy-public.html" target="_blank" rel="noopener noreferrer" class="nav-link external"> |
| Privacy |
| <span><svg xmlns="http://www.w3.org/2000/svg" aria-hidden="true" focusable="false" x="0px" y="0px" viewBox="0 0 100 100" width="15" height="15" class="icon outbound"><path fill="currentColor" d="M18.8,85.1h56l0,0c2.2,0,4-1.8,4-4v-32h-8v28h-48v-48h28v-8h-32l0,0c-2.2,0-4,1.8-4,4v56C14.8,83.3,16.6,85.1,18.8,85.1z"></path> <polygon fill="currentColor" points="45.7,48.7 51.3,54.3 77.2,28.5 77.2,37.2 85.2,37.2 85.2,14.9 62.8,14.9 62.8,22.9 71.5,22.9"></polygon></svg> <span class="sr-only">(opens new window)</span></span></a></li><li class="dropdown-item"><!----> <a href="https://www.apache.org/foundation/thanks.html" target="_blank" rel="noopener noreferrer" class="nav-link external"> |
| Thanks |
| <span><svg xmlns="http://www.w3.org/2000/svg" aria-hidden="true" focusable="false" x="0px" y="0px" viewBox="0 0 100 100" width="15" height="15" class="icon outbound"><path fill="currentColor" d="M18.8,85.1h56l0,0c2.2,0,4-1.8,4-4v-32h-8v28h-48v-48h28v-8h-32l0,0c-2.2,0-4,1.8-4,4v56C14.8,83.3,16.6,85.1,18.8,85.1z"></path> <polygon fill="currentColor" points="45.7,48.7 51.3,54.3 77.2,28.5 77.2,37.2 85.2,37.2 85.2,14.9 62.8,14.9 62.8,22.9 71.5,22.9"></polygon></svg> <span class="sr-only">(opens new window)</span></span></a></li><li class="dropdown-item"><!----> <a href="https://www.apache.org/events/current-event.html" target="_blank" rel="noopener noreferrer" class="nav-link external"> |
| Events |
| <span><svg xmlns="http://www.w3.org/2000/svg" aria-hidden="true" focusable="false" x="0px" y="0px" viewBox="0 0 100 100" width="15" height="15" class="icon outbound"><path fill="currentColor" d="M18.8,85.1h56l0,0c2.2,0,4-1.8,4-4v-32h-8v28h-48v-48h28v-8h-32l0,0c-2.2,0-4,1.8-4,4v56C14.8,83.3,16.6,85.1,18.8,85.1z"></path> <polygon fill="currentColor" points="45.7,48.7 51.3,54.3 77.2,28.5 77.2,37.2 85.2,37.2 85.2,14.9 62.8,14.9 62.8,22.9 71.5,22.9"></polygon></svg> <span class="sr-only">(opens new window)</span></span></a></li></ul></div></div> <!----></nav></div></header> <div class="sidebar-mask"></div> <aside class="sidebar"><nav class="nav-links"><div class="nav-item"><a href="/" class="nav-link"> |
| ABOUT |
| </a></div><div class="nav-item"><a href="/powered-by/" class="nav-link"> |
| POWERED BY |
| </a></div><div class="nav-item"><a href="/community/" class="nav-link"> |
| COMMUNITY |
| </a></div><div class="nav-item"><a href="/download/" class="nav-link"> |
| DOWNLOAD |
| </a></div><div class="nav-item"><a href="/contributors/" class="nav-link"> |
| CONTRIBUTORS |
| </a></div><div class="nav-item"><div class="dropdown-wrapper"><button type="button" aria-label="DOCS" class="dropdown-title"><span class="title">DOCS</span> <span class="arrow right"></span></button> <ul class="nav-dropdown" style="display:none;"><li class="dropdown-item"><!----> <a href="/docs/" class="nav-link router-link-active"> |
| Teaclave |
| </a></li><li class="dropdown-item"><!----> <a href="/sgx-sdk-docs/" class="nav-link"> |
| Teaclave SGX SDK |
| </a></li><li class="dropdown-item"><!----> <a href="/trustzone-sdk-docs/" class="nav-link"> |
| Teaclave TrustZone SDK |
| </a></li><li class="dropdown-item"><h4> |
| APIS |
| </h4> <ul class="dropdown-subitem-wrapper"><li class="dropdown-subitem"><a href="https://teaclave.apache.org/api-docs/client-sdk-rust/" target="_self" rel="" class="nav-link external"> |
| Teaclave Client SDK (Rust) |
| <!----></a></li><li class="dropdown-subitem"><a href="https://teaclave.apache.org/api-docs/client-sdk-python/" target="_self" rel="" class="nav-link external"> |
| Teaclave Client SDK (Python) |
| <!----></a></li><li class="dropdown-subitem"><a href="https://teaclave.apache.org/api-docs/sgx-sdk/" target="_self" rel="" class="nav-link external"> |
| Teaclave SGX SDK |
| <!----></a></li><li class="dropdown-subitem"><a href="https://teaclave.apache.org/api-docs/trustzone-sdk/optee-teec" target="_self" rel="" class="nav-link external"> |
| Teaclave TrustZone SDK (Host) |
| <!----></a></li><li class="dropdown-subitem"><a href="https://teaclave.apache.org/api-docs/trustzone-sdk/optee-utee" target="_self" rel="" class="nav-link external"> |
| Teaclave TrustZone SDK (TA) |
| <!----></a></li><li class="dropdown-subitem"><a href="https://teaclave.apache.org/api-docs/crates-enclave/" target="_self" rel="" class="nav-link external"> |
| Crates in Teaclave (Enclave) |
| <!----></a></li><li class="dropdown-subitem"><a href="https://teaclave.apache.org/api-docs/crates-app/" target="_self" rel="" class="nav-link external"> |
| Crates in Teaclave (App) |
| <!----></a></li></ul></li></ul></div></div><div class="nav-item"><a href="/blog/" class="nav-link"> |
| BLOG |
| </a></div><div class="nav-item"><div class="dropdown-wrapper"><button type="button" aria-label="REPOS" class="dropdown-title"><span class="title">REPOS</span> <span class="arrow right"></span></button> <ul class="nav-dropdown" style="display:none;"><li class="dropdown-item"><!----> <a href="https://github.com/apache/incubator-teaclave" target="_blank" rel="noopener noreferrer" class="nav-link external"> |
| Teaclave |
| <span><svg xmlns="http://www.w3.org/2000/svg" aria-hidden="true" focusable="false" x="0px" y="0px" viewBox="0 0 100 100" width="15" height="15" class="icon outbound"><path fill="currentColor" d="M18.8,85.1h56l0,0c2.2,0,4-1.8,4-4v-32h-8v28h-48v-48h28v-8h-32l0,0c-2.2,0-4,1.8-4,4v56C14.8,83.3,16.6,85.1,18.8,85.1z"></path> <polygon fill="currentColor" points="45.7,48.7 51.3,54.3 77.2,28.5 77.2,37.2 85.2,37.2 85.2,14.9 62.8,14.9 62.8,22.9 71.5,22.9"></polygon></svg> <span class="sr-only">(opens new window)</span></span></a></li><li class="dropdown-item"><!----> <a href="https://github.com/apache/incubator-teaclave-sgx-sdk" target="_blank" rel="noopener noreferrer" class="nav-link external"> |
| Teaclave SGX SDK |
| <span><svg xmlns="http://www.w3.org/2000/svg" aria-hidden="true" focusable="false" x="0px" y="0px" viewBox="0 0 100 100" width="15" height="15" class="icon outbound"><path fill="currentColor" d="M18.8,85.1h56l0,0c2.2,0,4-1.8,4-4v-32h-8v28h-48v-48h28v-8h-32l0,0c-2.2,0-4,1.8-4,4v56C14.8,83.3,16.6,85.1,18.8,85.1z"></path> <polygon fill="currentColor" points="45.7,48.7 51.3,54.3 77.2,28.5 77.2,37.2 85.2,37.2 85.2,14.9 62.8,14.9 62.8,22.9 71.5,22.9"></polygon></svg> <span class="sr-only">(opens new window)</span></span></a></li><li class="dropdown-item"><!----> <a href="https://github.com/apache/incubator-teaclave-trustzone-sdk" target="_blank" rel="noopener noreferrer" class="nav-link external"> |
| Teaclave TrustZone SDK |
| <span><svg xmlns="http://www.w3.org/2000/svg" aria-hidden="true" focusable="false" x="0px" y="0px" viewBox="0 0 100 100" width="15" height="15" class="icon outbound"><path fill="currentColor" d="M18.8,85.1h56l0,0c2.2,0,4-1.8,4-4v-32h-8v28h-48v-48h28v-8h-32l0,0c-2.2,0-4,1.8-4,4v56C14.8,83.3,16.6,85.1,18.8,85.1z"></path> <polygon fill="currentColor" points="45.7,48.7 51.3,54.3 77.2,28.5 77.2,37.2 85.2,37.2 85.2,14.9 62.8,14.9 62.8,22.9 71.5,22.9"></polygon></svg> <span class="sr-only">(opens new window)</span></span></a></li><li class="dropdown-item"><!----> <a href="https://github.com/apache/incubator-teaclave-java-tee-sdk" target="_blank" rel="noopener noreferrer" class="nav-link external"> |
| Teaclave Java TEE SDK |
| <span><svg xmlns="http://www.w3.org/2000/svg" aria-hidden="true" focusable="false" x="0px" y="0px" viewBox="0 0 100 100" width="15" height="15" class="icon outbound"><path fill="currentColor" d="M18.8,85.1h56l0,0c2.2,0,4-1.8,4-4v-32h-8v28h-48v-48h28v-8h-32l0,0c-2.2,0-4,1.8-4,4v56C14.8,83.3,16.6,85.1,18.8,85.1z"></path> <polygon fill="currentColor" points="45.7,48.7 51.3,54.3 77.2,28.5 77.2,37.2 85.2,37.2 85.2,14.9 62.8,14.9 62.8,22.9 71.5,22.9"></polygon></svg> <span class="sr-only">(opens new window)</span></span></a></li><li class="dropdown-item"><!----> <a href="https://github.com/apache/incubator-teaclave-website" target="_blank" rel="noopener noreferrer" class="nav-link external"> |
| Teaclave Website |
| <span><svg xmlns="http://www.w3.org/2000/svg" aria-hidden="true" focusable="false" x="0px" y="0px" viewBox="0 0 100 100" width="15" height="15" class="icon outbound"><path fill="currentColor" d="M18.8,85.1h56l0,0c2.2,0,4-1.8,4-4v-32h-8v28h-48v-48h28v-8h-32l0,0c-2.2,0-4,1.8-4,4v56C14.8,83.3,16.6,85.1,18.8,85.1z"></path> <polygon fill="currentColor" points="45.7,48.7 51.3,54.3 77.2,28.5 77.2,37.2 85.2,37.2 85.2,14.9 62.8,14.9 62.8,22.9 71.5,22.9"></polygon></svg> <span class="sr-only">(opens new window)</span></span></a></li></ul></div></div><div class="nav-item"><div class="dropdown-wrapper"><button type="button" aria-label="Apache Software Foundation" class="dropdown-title"><span class="title">ASF</span> <span class="arrow right"></span></button> <ul class="nav-dropdown" style="display:none;"><li class="dropdown-item"><!----> <a href="https://www.apache.org/" target="_blank" rel="noopener noreferrer" class="nav-link external"> |
| ASF Homepage |
| <span><svg xmlns="http://www.w3.org/2000/svg" aria-hidden="true" focusable="false" x="0px" y="0px" viewBox="0 0 100 100" width="15" height="15" class="icon outbound"><path fill="currentColor" d="M18.8,85.1h56l0,0c2.2,0,4-1.8,4-4v-32h-8v28h-48v-48h28v-8h-32l0,0c-2.2,0-4,1.8-4,4v56C14.8,83.3,16.6,85.1,18.8,85.1z"></path> <polygon fill="currentColor" points="45.7,48.7 51.3,54.3 77.2,28.5 77.2,37.2 85.2,37.2 85.2,14.9 62.8,14.9 62.8,22.9 71.5,22.9"></polygon></svg> <span class="sr-only">(opens new window)</span></span></a></li><li class="dropdown-item"><!----> <a href="https://www.apache.org/licenses/" target="_blank" rel="noopener noreferrer" class="nav-link external"> |
| License |
| <span><svg xmlns="http://www.w3.org/2000/svg" aria-hidden="true" focusable="false" x="0px" y="0px" viewBox="0 0 100 100" width="15" height="15" class="icon outbound"><path fill="currentColor" d="M18.8,85.1h56l0,0c2.2,0,4-1.8,4-4v-32h-8v28h-48v-48h28v-8h-32l0,0c-2.2,0-4,1.8-4,4v56C14.8,83.3,16.6,85.1,18.8,85.1z"></path> <polygon fill="currentColor" points="45.7,48.7 51.3,54.3 77.2,28.5 77.2,37.2 85.2,37.2 85.2,14.9 62.8,14.9 62.8,22.9 71.5,22.9"></polygon></svg> <span class="sr-only">(opens new window)</span></span></a></li><li class="dropdown-item"><!----> <a href="https://www.apache.org/foundation/sponsorship.html" target="_blank" rel="noopener noreferrer" class="nav-link external"> |
| Sponsorship |
| <span><svg xmlns="http://www.w3.org/2000/svg" aria-hidden="true" focusable="false" x="0px" y="0px" viewBox="0 0 100 100" width="15" height="15" class="icon outbound"><path fill="currentColor" d="M18.8,85.1h56l0,0c2.2,0,4-1.8,4-4v-32h-8v28h-48v-48h28v-8h-32l0,0c-2.2,0-4,1.8-4,4v56C14.8,83.3,16.6,85.1,18.8,85.1z"></path> <polygon fill="currentColor" points="45.7,48.7 51.3,54.3 77.2,28.5 77.2,37.2 85.2,37.2 85.2,14.9 62.8,14.9 62.8,22.9 71.5,22.9"></polygon></svg> <span class="sr-only">(opens new window)</span></span></a></li><li class="dropdown-item"><!----> <a href="https://www.apache.org/security/" target="_blank" rel="noopener noreferrer" class="nav-link external"> |
| Security |
| <span><svg xmlns="http://www.w3.org/2000/svg" aria-hidden="true" focusable="false" x="0px" y="0px" viewBox="0 0 100 100" width="15" height="15" class="icon outbound"><path fill="currentColor" d="M18.8,85.1h56l0,0c2.2,0,4-1.8,4-4v-32h-8v28h-48v-48h28v-8h-32l0,0c-2.2,0-4,1.8-4,4v56C14.8,83.3,16.6,85.1,18.8,85.1z"></path> <polygon fill="currentColor" points="45.7,48.7 51.3,54.3 77.2,28.5 77.2,37.2 85.2,37.2 85.2,14.9 62.8,14.9 62.8,22.9 71.5,22.9"></polygon></svg> <span class="sr-only">(opens new window)</span></span></a></li><li class="dropdown-item"><!----> <a href="https://privacy.apache.org/policies/privacy-policy-public.html" target="_blank" rel="noopener noreferrer" class="nav-link external"> |
| Privacy |
| <span><svg xmlns="http://www.w3.org/2000/svg" aria-hidden="true" focusable="false" x="0px" y="0px" viewBox="0 0 100 100" width="15" height="15" class="icon outbound"><path fill="currentColor" d="M18.8,85.1h56l0,0c2.2,0,4-1.8,4-4v-32h-8v28h-48v-48h28v-8h-32l0,0c-2.2,0-4,1.8-4,4v56C14.8,83.3,16.6,85.1,18.8,85.1z"></path> <polygon fill="currentColor" points="45.7,48.7 51.3,54.3 77.2,28.5 77.2,37.2 85.2,37.2 85.2,14.9 62.8,14.9 62.8,22.9 71.5,22.9"></polygon></svg> <span class="sr-only">(opens new window)</span></span></a></li><li class="dropdown-item"><!----> <a href="https://www.apache.org/foundation/thanks.html" target="_blank" rel="noopener noreferrer" class="nav-link external"> |
| Thanks |
| <span><svg xmlns="http://www.w3.org/2000/svg" aria-hidden="true" focusable="false" x="0px" y="0px" viewBox="0 0 100 100" width="15" height="15" class="icon outbound"><path fill="currentColor" d="M18.8,85.1h56l0,0c2.2,0,4-1.8,4-4v-32h-8v28h-48v-48h28v-8h-32l0,0c-2.2,0-4,1.8-4,4v56C14.8,83.3,16.6,85.1,18.8,85.1z"></path> <polygon fill="currentColor" points="45.7,48.7 51.3,54.3 77.2,28.5 77.2,37.2 85.2,37.2 85.2,14.9 62.8,14.9 62.8,22.9 71.5,22.9"></polygon></svg> <span class="sr-only">(opens new window)</span></span></a></li><li class="dropdown-item"><!----> <a href="https://www.apache.org/events/current-event.html" target="_blank" rel="noopener noreferrer" class="nav-link external"> |
| Events |
| <span><svg xmlns="http://www.w3.org/2000/svg" aria-hidden="true" focusable="false" x="0px" y="0px" viewBox="0 0 100 100" width="15" height="15" class="icon outbound"><path fill="currentColor" d="M18.8,85.1h56l0,0c2.2,0,4-1.8,4-4v-32h-8v28h-48v-48h28v-8h-32l0,0c-2.2,0-4,1.8-4,4v56C14.8,83.3,16.6,85.1,18.8,85.1z"></path> <polygon fill="currentColor" points="45.7,48.7 51.3,54.3 77.2,28.5 77.2,37.2 85.2,37.2 85.2,14.9 62.8,14.9 62.8,22.9 71.5,22.9"></polygon></svg> <span class="sr-only">(opens new window)</span></span></a></li></ul></div></div> <!----></nav> <ul class="sidebar-links"><li><section class="sidebar-group depth-0"><p class="sidebar-heading"><span>Try</span> <!----></p> <ul class="sidebar-links sidebar-group-items"><li><a href="/docs/my-first-function/" class="sidebar-link">My First Function</a></li><li><a href="/docs/functions-in-python/" class="sidebar-link">Write Functions in Python</a></li><li><a href="/docs/builtin-functions/" class="sidebar-link">How to Add Built-in Functions</a></li><li><a href="/docs/azure-confidential-computing/" class="sidebar-link">Deploying Teaclave on Azure Confidential Computing Virtual Machines</a></li><li><a href="/docs/executing-wasm/" class="sidebar-link">Executing WebAssembly in Teaclave</a></li><li><a href="/docs/inference-with-tvm/" class="sidebar-link">Inference Task with TVM in Teaclave</a></li></ul></section></li><li><section class="sidebar-group depth-0"><p class="sidebar-heading"><span>Design</span> <!----></p> <ul class="sidebar-links sidebar-group-items"><li><a href="/docs/threat-model/" class="sidebar-link">Threat Model</a></li><li><a href="/docs/mutual-attestation/" class="sidebar-link">Mutual Attestation: Why and How</a></li><li><a href="/docs/access-control/" class="sidebar-link">Access Control in Teaclave</a></li><li><a href="/docs/build-system/" class="sidebar-link">Build System</a></li><li><a href="/docs/service-internals/" class="sidebar-link">Teaclave Service Internals</a></li><li><a href="/docs/adding-executors/" class="sidebar-link">Adding Executors</a></li><li><a href="/docs/papers-talks/" class="sidebar-link">Papers, Talks, and Related Articles</a></li></ul></section></li><li><section class="sidebar-group depth-0"><p class="sidebar-heading"><span>Contribute</span> <!----></p> <ul class="sidebar-links sidebar-group-items"><li><a href="/docs/release-guide/" class="sidebar-link">Release Guide</a></li><li><a href="/docs/development-tips/" class="sidebar-link">Development Tips</a></li><li><a href="/docs/rust-guildeline/" class="sidebar-link">Rust Development Guideline</a></li></ul></section></li><li><section class="sidebar-group depth-0"><p class="sidebar-heading open"><span>Codebase</span> <!----></p> <ul class="sidebar-links sidebar-group-items"><li><a href="/docs/codebase/attestation/" aria-current="page" class="active sidebar-link">Attestation in Teaclave</a></li><li><a href="/docs/codebase/binder/" class="sidebar-link">Binder</a></li><li><a href="/docs/codebase/cli/" class="sidebar-link">Teaclave Command Line Tool</a></li><li><a href="/docs/codebase/common/" class="sidebar-link">Common Libraries</a></li><li><a href="/docs/codebase/config/" class="sidebar-link">Configurations in Teaclave</a></li><li><a href="/docs/codebase/crypto/" class="sidebar-link">Crypto Primitives</a></li><li><a href="/docs/codebase/dcap/" class="sidebar-link">Data Center Attestation Service</a></li><li><a href="/docs/codebase/docker/" class="sidebar-link">Teaclave Docker</a></li><li><a href="/docs/codebase/examples/" class="sidebar-link">Examples</a></li><li><a href="/docs/codebase/executor/" class="sidebar-link">Function Executors</a></li><li><a href="/docs/codebase/file-agent/" class="sidebar-link">File Agent</a></li><li><a href="/docs/codebase/function/" class="sidebar-link">Built-in Functions</a></li><li><a href="/docs/codebase/rpc/" class="sidebar-link">RPC</a></li><li><a href="/docs/codebase/runtime/" class="sidebar-link">Executor Runtime</a></li><li><a href="/docs/codebase/sdk/" class="sidebar-link">Client SDK</a></li><li><a href="/docs/codebase/services/" class="sidebar-link">Teaclave Services</a></li><li><a href="/docs/codebase/tests/" class="sidebar-link">Test Harness and Test Cases</a></li><li><a href="/docs/codebase/third-party/" class="sidebar-link">Third-Party Dependency Vendoring</a></li><li><a href="/docs/codebase/tools/" class="sidebar-link">Tools</a></li><li><a href="/docs/codebase/types/" class="sidebar-link">Types</a></li><li><a href="/docs/codebase/worker/" class="sidebar-link">Teaclave Worker</a></li></ul></section></li></ul> </aside> <main class="page"> <div class="theme-default-content content__default"><h1 id="attestation-in-teaclave"><a href="#attestation-in-teaclave" class="header-anchor">#</a> Attestation in Teaclave</h1> <p>This directory contains the implementation of the attestation in Apache |
| Teaclave.</p> <p>Attestation is the process of demonstrating that a software component is running |
| properly on a Trusted Execution Environment (e.g., Intel SGX).</p> <p>Teaclave combines the remote attestation with a TLS connection to improve the |
| trustworthiness of two endpoints. Once established, it has attested that the |
| running parties are inside trusted enclaves and provided trusted channels with |
| end-to-end encryption, the enclave code's identity, and other information.</p> <p>The platform includes several services, and each service is running inside an |
| enclave. Those services communicate with mutual-attested TLS channels.</p> <h2 id="how-it-works"><a href="#how-it-works" class="header-anchor">#</a> How it Works</h2> <p>We integrate the attestation process in the TLS handshake. The attested-TLS |
| handshake is similar to a normal TLS handshake, except the extension of the |
| certificate includes an SGX attestation report. We make the certificate |
| cryptographically bound to a specific enclave instance by adding the public key |
| of the certificate in the attestation report.</p> <p>During the build time, the public keys of the auditor enclaves are hard-coded in |
| Teaclave services enclave, and enclave measurements and signatures are loaded |
| from outside during the runtime. Auditor enclaves verify and sign the identity |
| of each service enclave. After each service receives the attestation report, it |
| will verify whether the <code>MR_SIGNER</code> and <code>MR_ENCLAVE</code> from the attestation report |
| match the identity information signed by auditor enclaves. After that, it will |
| verify the TLS certificate. If all the verifications pass, a secure attested |
| channel is established between two enclaves.</p> <p>Please note the trusted channel can also have one-way (client -> server) |
| attestation. Under the circumstances, only the server needs to run inside TEEs.</p> <h2 id="attestation-report"><a href="#attestation-report" class="header-anchor">#</a> Attestation Report</h2> <p>After one party obtains an attestation report from the received certificate. |
| Teaclave first verifies the attestation report with the <code>report_ca_cert</code> from the |
| attestation service provider (e.g., IAS report root CA certificate for EPID, |
| or DCAP attestation server end-entity certificate for DCAP).</p> <h3 id="verification"><a href="#verification" class="header-anchor">#</a> Verification</h3> <p>There is much information included in an attestation report such as CPU |
| version, ISV version, product ID, etc. By default, Teaclave will check |
| <code>MR_ENCLAVE</code> and <code>MR_SIGNER</code>. Users can also define a customized |
| verification function to check more information in attestation reports by |
| implementing the <code>AttestationReportVerificationFn</code> function.</p> <h3 id="freshness"><a href="#freshness" class="header-anchor">#</a> Freshness</h3> <p>To make sure the platform is always up-to-date and trusted, Teaclave will update |
| attestation report periodically. By default, the validity time of an attestation |
| report is 3600 seconds. It can be changed in the |
| <a href="https://github.com/apache/incubator-teaclave/blob/master/config/build.config.toml" target="_blank" rel="noopener noreferrer"><code>build.config.toml</code></a> |
| file.</p></div> <footer class="page-edit"><!----> <div class="last-updated"><span class="prefix">Last Updated:</span> <span class="time">6/18/2020, 11:53:28 PM</span></div></footer> <div class="page-nav"><p class="inner"><span class="prev"> |
| ← |
| <a href="/docs/rust-guildeline/" class="prev"> |
| Rust Development Guideline |
| </a></span> <span class="next"><a href="/docs/codebase/binder/"> |
| Binder |
| </a> |
| → |
| </span></p></div> <div class="footer"> |
| Apache Teaclave (incubating) is an effort undergoing incubation at The Apache |
| Software Foundation (ASF), sponsored by the Apache Incubator. |
| Incubation is required of all newly accepted projects until a further review |
| indicates that the infrastructure, communications, and decision making process |
| have stabilized in a manner consistent with other successful ASF projects. While |
| incubation status is not necessarily a reflection of the completeness or |
| stability of the code, it does indicate that the project has yet to be fully |
| endorsed by the ASF. |
| Copyright © 2020 The Apache Software Foundation. |
| Licensed under the Apache License, Version 2.0. |
| Apache Teaclave, Apache, the Apache feather, and the Apache Teaclave project logo are either |
| trademarks or registered trademarks of the Apache Software Foundation. |
| </div></main></div><div class="global-ui"><!----></div></div> |
| <script src="/assets/js/app.416a7edd.js" defer></script><script src="/assets/js/6.cb964028.js" defer></script><script src="/assets/js/1.d73ee85d.js" defer></script><script src="/assets/js/70.ae576e11.js" defer></script> |
| </body> |
| </html> |
