def GetIasCertificates(config):
# load, initialize and create signup info the enclave library
# (signup info are not relevant here)
# the creation of signup info includes getting a verification report from IAS
try:
enclave_config = config['EnclaveModule']
pdo_enclave.initialize_with_configuration(enclave_config)
nonce = '{0:016X}'.format(123456789)
enclave_data = pdo_enclave.create_signup_info(nonce, nonce)
except Exception as e:
logger.error("unable to initialize a new enclave; %s", str(e))
sys.exit(-1)
# extract the IAS certificates from proof_data
pd_dict = json.loads(enclave_data.proof_data)
ias_certificates = pd_dict['certificates']
# dump the IAS certificates in the respective files
with open(IasRootCACertificate_FilePath, "w+") as file:
file.write("{0}".format(ias_certificates[1]))
with open(IasAttestationVerificationCertificate_FilePathname,
"w+") as file:
file.write("{0}".format(ias_certificates[0]))
# do a clean shutdown of enclave
pdo_enclave.shutdown()
return
def shutdown_enclave():
"""
"""
try:
pdo_enclave.shutdown()
except Exception as e:
logger.error('enclave shutdown failed; %s', str(e))
try:
pdo_enclave.block_store_close()
except Exception as e:
logger.error('block store shutdown failed; %s', str(e))
def shutdown():
"""
"""
pdo_enclave.shutdown()