[GitHub] [incubator-teaclave-trustzone-sdk] DemesneGH commented on issue #112: Will this library support remote attestation?

Fri, 28 Apr 2023 22:07:38 -0700 


DemesneGH commented on issue #112:
URL: 
https://github.com/apache/incubator-teaclave-trustzone-sdk/issues/112#issuecomment-1528656943

   Hi @prz23 
   The mutual attestation has been implemented in Teaclave and Teaclave SGX SDK 
(reference: [incubator-teaclave/mutual-attestation.md at master · 
apache/incubator-teaclave · 
GitHub](https://github.com/apache/incubator-teaclave/blob/master/docs/mutual-attestation.md)).
 Adding remote attestation support in the Teaclave TrustZone SDK is on our road 
map and we've made some progress on that.
   
   Here's an overview of the related work:
   - Our TLS support and client/server examples: 
[incubator-teaclave-trustzone-sdk/examples/tls_server-rs at master · 
apache/incubator-teaclave-trustzone-sdk · 
GitHub](https://github.com/apache/incubator-teaclave-trustzone-sdk/tree/master/examples/tls_server-rs)
   - OP-TEE's support for attestation in pseudo TA, which provides runtime 
measurements: [core: pta: add remote attestation PTA · OP-TEE/optee_os@7e05ec2 
· 
GitHub](https://github.com/OP-TEE/optee_os/commit/7e05ec25bd68ba56ba19a450b44d6eea08b18e24)
   - Remote attestation implementation in incubator-teaclave
   
   In order to complete the TrustZone SDK implementation, we need to:
   - Wrap the APIs for the TA to call the pseudo TA, such as `TEE_OpenTASession`
   - Customize the TLS certificate based on our TLS client/server example
   - Add the attestation module and attestation example
   
   We'll keep you informed of any updates on this thread. If you're interested 
in implementing this feature, we'd appreciate your contribution. Thank you!


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@teaclave.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org


---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@teaclave.apache.org
For additional commands, e-mail: dev-h...@teaclave.apache.org

Reply via email to