Remote attestation framework for Fortanix EDP
This project is highly experimental at the current stage, so please do not attemp to use it in production. I will keep updating the code and adding more instructions soon.
- Sign up for a Development Access account at https://api.portal.trustedservices.intel.com/EPID-attestation. Make sure that the Name Base Mode is Linkable Quote (this is all the SDK can support for now). Take note of "SPID", "Primary key", and "Secondary key".
- Modify the following fields in settings.json using the information from the previous step:
- "spid": "<SPID>"
- "primary_subscription_key": "<Primary Key>"
- "secondary_subscription_key": "<Secondary key>"
- Download IAS's root certificate from this link and save the cerficate file in directory sample-sp/data. Make sure the file name is "Intel_SGX_Attestation_RootCA.pem".
- Run the script
build.shandrun.shconsecutively from the main directory.
If there are no error messages on the screen, then the remote attestation has run successfully.