internal/sgx: do not share quote between multiple issuers

intel / trusted-certificate-issuer

Trusted Certificate Service (TCS) is a K8s service to protect signing keys using Intel's SGX technology. K8s CSR and cert-manager CR APIs are both supported. TCS also contains integration samples for Istio service mesh and Key Management Reference Application (KMRA).

Apache License 2.0

29 stars 15 forks source link

internal/sgx: do not share quote between multiple issuers #34

Closed avalluri closed 2 years ago

avalluri commented 2 years ago

CTK destroys the quote public key and the wrapped key after successful unwrap. Hence the same quote cannot be used for unwrapping the other keys. So, we have to use singer specific quote.

avalluri commented 2 years ago

The PR is rebased on #33

ipuustin commented 2 years ago

Needs rebase against the new changes.

avalluri commented 2 years ago

Needs rebase against the new changes.

Done.