Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

rats-tls integrated librats #170

Open
8 tasks
houhuiting opened this issue Apr 12, 2023 · 0 comments
Open
8 tasks

rats-tls integrated librats #170

houhuiting opened this issue Apr 12, 2023 · 0 comments

Comments

@houhuiting
Copy link
Contributor

librats目前将rats-tls的Crypto Wrapper实例,Enclave Attester实例, Enclave Verifier实例迁移过去,提供了两个api(librats_get_attestation_certificate和librats_verify_attestation_certificate)来生成和验证证书:

  • 对Tls Wrapper实例的use_privkey方法进行改造,使得其可以接受PEM格式的privkey
  • 对Tls Wrapper实例的use_cert方法进行改造,使其接受uint8_t格式(DER编码)的cert
  • 将librats的librats_get_attestation_certificate api集成到rats-tls的librats_get_attestation_certificate() api中
  • 对rats_tls_set_verification_callback api进行调整,使其设置的回调函数指针能传入到librats_verify_attestation_certificate中
  • 对verify_certificate进行改造,使用librats_verify_attestation_certificate来实现verify_certificate
  • 改造rats_tls_cleanup api,使其不再清理被迁移到librats的实例
  • 给librats每个api加param,提供一些自定义能力(包括实例选择类型、可以考虑将custom_claims等也放进去)
  • 在rats-tls中加入no_privkey参数,让用户可以决定是否使用用户自己提供的privkey。
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@houhuiting