Closed water5-cmd closed 2 years ago
Hi, This is the Open Enclave report header: https://github.com/openenclave/openenclave/blob/v0.17.6/include/openenclave/internal/report.h#L69
By the way, will edgelessdb validate the quote to PCCS?
Yes, EdgelessDB requires the PCCS to issue a quote and era
will validate the quote with the help of the PCCS.
Thanks for your help! Now I know what the report header represents, next I will learn how era
verifies the quote.
Hi @thomasten , The PCCS service works well in my machine, About PCCS, I had tested it by running SGXDataCenterAttestationPrimitives/SampleCode.
Now, I started the edgelessdb to get the quote, code is GetRemoteReport, I pass the value of variable
reportdata
from TEE to REE and send it toQuoteVerificationSample
for authentication. The edgelessdb quote length is 4744 bytes, content is (Hexadecimal printing):By running
SGXDataCenterAttestationPrimitives/SampleCode/QuoteVerificationSample
, the output is:When I use Intel SGX DCAP examples, code is sgx_qe_get_quote, I get the sgx quote, length is 4728, content is (Hexadecimal printing):
By running
SGXDataCenterAttestationPrimitives/SampleCode/QuoteVerificationSample
, the output is:But, if I remove the extra 16 bytes [01 00 00 00 02 00 00 00 78 12 00 00 00 00 00 00 ] from edgelessdb quote, send it to
QuoteVerificationSample
for authentication, quote verification success, output is:So, what do these 16 bytes represent in edgelessdb quote? By the way, will edgelessdb validate the quote to PCCS?