Does rust sgx sdk support generating public key certificates in x509 format?

apache / incubator-teaclave-sgx-sdk

Apache Teaclave (incubating) SGX SDK helps developers to write Intel SGX applications in the Rust programming language, and also known as Rust SGX SDK.

https://teaclave.apache.org

Apache License 2.0

1.18k stars 265 forks source link

Does rust sgx sdk support generating public key certificates in x509 format? #442

Open HGZ-20 opened 1 year ago

HGZ-20 commented 1 year ago

I want to generate a public key certificate in the enclave and send it out, but I don't seem to find a way to generate a public key certificate in x509 format in the rust sgx sdk. Only see the get_ecc_cert() method written in SampleCode. Is it because exporting certificates is not supported yet, and I have to write related codes by myself?

yangfh2004 commented 1 year ago

Yes, you do, if you want to use it with secured connections, you need a CA to sign your pub key otherwise you can sign it by yourself inside the enclave. You can generate a pair of RSA keys with the SDK but you need to do the rest.