A library for verifying AWS Nitro Enclave attestations for Go.
It's fairly simple to use it, so here's an example:
import (
"bytes"
"github.com/hf/nitrite"
"time"
)
func verifyAttestation(attestation []byte) error {
res, err := nitrite.Verify(
bytes.NewReader(attestation),
nitrite.VerifyOptions{
CurrentTime: time.Now(),
})
if nil != err {
return err
}
return nil
}This package includes the Nitro Enclave Root CA certificates.
It's recommended you explicitly calculate the SHA256 sum of the DefaultRootCA
string and match it according to the AWS
documentation at the start of your application.
Alternatively, you can supply your own copy of the root CA.
Copyright © 2021 Stojan Dimitrovski. Licensed under the MIT License. See
LICENSE for more information.