Parse and verify the signed Attestation Document #4
Comments
|
Hi, what's the status of this? Is there some existing library that helps verify an attestation document? thanks |
|
I have written something up that solves this issue for me, perhaps you will find it helpful (until AWS does it "officially" and "supported", in which case, definitely use theirs: |
|
Thanks! That's very helpful |
|
@petreeftime would you accept a PR that incorporates @dreemkiller's solution? |
|
I had written similar code in Python for this purpose: https://github.com/richardfan1126/nitro-enclave-python-demo/blob/master/attestation_verifier/secretstore/attestation_verifier.py Given that verifying attestation documents is mostly the task of an external component which doesn't directly work with NSM, should this feature included in nsm-lib? Or should it be included in some other external tools like Nitro CLI? |
|
I've also written some golang that does this: https://github.com/veracruz-project/go-nitro-enclave-attestation-document I'm not sure the best place to put an "AWS Approved" parser/verifier. |
Given a COSE binary, provide an API to extract the Attestation Document from it and verify the signature against a given root(s) of trust.
The text was updated successfully, but these errors were encountered: