Skip to content

Commit

Permalink
Merge #436
Browse files Browse the repository at this point in the history
436: Add an OID for attestation transparency. HRST-32 r=Taowyoo a=arai-fortanix

Attestation transparency information will be added to the certificate used for joining the cluster, so we need an OID for that purpose.

This is being added on the 1.x branch because roche currently must be built with a 1.x version of sgx_pkix due to dependencies on dcap-ql version 3.3. dcap-ql can't be updated without updating mbedtls.

Co-authored-by: Daniel Arai <daniel@fortanix.com>
  • Loading branch information
bors[bot] and arai-fortanix authored Apr 24, 2023
2 parents 313efd7 + 0c5d711 commit 15823d2
Show file tree
Hide file tree
Showing 4 changed files with 8 additions and 3 deletions.
2 changes: 1 addition & 1 deletion Cargo.lock

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

4 changes: 2 additions & 2 deletions sgx-pkix/Cargo.toml
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
[package]
name = "sgx_pkix"
version = "0.1.3"
version = "0.1.4"
authors = ["Fortanix, Inc."]
edition = "2018"
license = "MPL-2.0"
Expand All @@ -12,6 +12,6 @@ categories = ["cryptography"]
[dependencies]
byteorder = "1.0"
pkix = ">=0.1.1, <0.3.0"
sgx-isa = { version = "0.3", path = "../sgx-isa" }
sgx-isa = "0.3"
quick-error = "1.1.0"
lazy_static = "1"
2 changes: 2 additions & 0 deletions sgx-pkix/src/lib.rs
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,8 @@
* This Source Code Form is subject to the terms of the Mozilla Public
* License, v. 2.0. If a copy of the MPL was not distributed with this
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
#![recursion_limit = "256"]

#[macro_use]
extern crate quick_error;
#[macro_use]
Expand Down
3 changes: 3 additions & 0 deletions sgx-pkix/src/oid.rs
Original file line number Diff line number Diff line change
Expand Up @@ -35,6 +35,9 @@ lazy_static!{
pub static ref round5_5pke_0d: ObjectIdentifier = vec![1, 3, 6, 1, 4, 1, 49690, 4, 2].into();
pub static ref lms_15_10_sha256: ObjectIdentifier = vec![1, 3, 6, 1, 4, 1, 49690, 4, 3].into();

// Fortanix attestation transparency identifiers
pub static ref transparencyProofSgx: ObjectIdentifier = vec![1, 3, 6, 1, 4, 1, 49690, 5, 1].into();

// Intel SGX OID namespaces:
// https://download.01.org/intel-sgx/sgx-dcap/1.10/linux/docs/Intel_SGX_PCK_Certificate_CRL_Spec-1.4.pdf
// https://github.com/intel/SGXDataCenterAttestationPrimitives/blob/master/QuoteVerification/QVL/Src/AttestationParsers/src/ParserUtils.h#L57
Expand Down

0 comments on commit 15823d2

Please sign in to comment.