def GetIasCertificates(config):
# load, initialize and create signup info the enclave library
# (signup info are not relevant here)
# the creation of signup info includes getting a verification report from IAS
try:
enclave_config = config['EnclaveModule']
pdo_enclave.initialize_with_configuration(enclave_config)
nonce = '{0:016X}'.format(123456789)
enclave_data = pdo_enclave.create_signup_info(nonce, nonce)
except Exception as e:
logger.error("unable to initialize a new enclave; %s", str(e))
sys.exit(-1)
# extract the IAS certificates from proof_data
pd_dict = json.loads(enclave_data.proof_data)
ias_certificates = pd_dict['certificates']
# dump the IAS certificates in the respective files
with open(IasRootCACertificate_FilePath, "w+") as file:
file.write("{0}".format(ias_certificates[1]))
with open(IasAttestationVerificationCertificate_FilePathname,
"w+") as file:
file.write("{0}".format(ias_certificates[0]))
# do a clean shutdown of enclave
pdo_enclave.shutdown()
return
def initialize_enclave(config) :
"""initialize_enclave -- call the initialization function on the
enclave module
"""
try :
block_store_file = config['StorageService']['BlockStore']
if not os.path.isfile(block_store_file) :
raise Exception('missing block store file {0}'.format(block_store_file))
pdo_enclave.block_store_open(block_store_file)
except KeyError as ke :
raise Exception('missing block store configuration key {0}'.format(str(ke)))
try :
enclave_config = config['EnclaveModule']
pdo_enclave.initialize_with_configuration(enclave_config)
except KeyError as ke :
raise Exception('missing enclave module configuration')
def initialize_enclave(enclave_config):
"""initialize_enclave -- call the initialization function on the
enclave module
"""
pdo_enclave.initialize_with_configuration(enclave_config)