Integrate Véraison C/Rust client wrapper on server side #15
Assignees
Labels
Comments
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Summary
The server side of the TLS stack (relying party) needs to call a Veraison challenge/response service endpoint in order to validate the KAT bundle that authenticates the client (attester). Currently, the KAT bundle is only being processed locally.
Details
For a PoC, it will not be necessary to fully integrate the Veraison client into the MbedTLS build process. It should be sufficient to require the person building the demo to have built the Veraison client using Cargo, which will produce a static library and a generated header file. These can be specified as build-time include and linker options for Mbed TLS.
The Rust/C client is available here as a single repo, and can be built trivially with
cargo build. The mainline branch should suffice.It is probably necessary to add a new command-line parameter to
ssl_server2to accept the HTTP endpoint of the challenge-response API.There is some work needed to figure out exactly which parts of the existing code need to be replaced with the call to Veraison.
The text was updated successfully, but these errors were encountered: