Reputation: 21
How to get the Quote from an Intel SGX Enclave
I am developing a trusted computing project with the help of an Intel SGX Enclave.
To verify an Enclave i need the Quote generated by the Quoting-Enclave.
I know how it works theoretically and how to start an Enclave. But I am not able to find any code examples or detailed explanation on how to recieve the quote for an Enclave and sending it to the calling programm.
Can someone please explain that to me through an example?
Upvotes: 2
Views: 1046
Answers (1)
Reputation: 384
Well, what you are trying to do is called Attestation.
Attestation is a process to verify:
- whether an enclave is running the expected bynaries (signed library), and,
- whether it is running in a real SGX enabled processor.
Attestation usually is required prior to providing secrets to an enclave. This process is called Provisioning.
There are two kinds of Attestation:
- Local Attestation: two enclaves, running on the same Platform (PC) want to "verify" each other.
- Remote Attestation: a Service Provicer needs to verify an enclave remotely.
You mention Quote Enclave (QE) so I suppose you are using Remote attestation.
If you are searching for examples, please refer to the example projects comming with the Intel SGX SDK, or the ones available at the Intel SGX site.
Upvotes: -2
Related Questions
- Load an application into Intel SGX enclave
- Intel SGX Service Provider
- How does a client share a secret with an Intel SGX enclave instance, without letting the server hosting the enclave knowing it?
- How to prove that certain data is calculated(or generated) inside Enclave(Intel SGX)?
- Intel SGX remote attestation sample code
- A detail about SGX loading
- Intel SGX developer licensing and open-source software
- SGX calculating HMAC inside enclave
- Determine SGX enclaves running on same system
- Trouble Creating and Executing an Intel SGX Enclave