Using gRPC and verifing the quote

[lili]

In the link https://gramine.readthedocs.io/en/stable/attestation.html it is mentioned that are using RA-TLS for verification, I have an app which server and client are connecting to each other via gRPC, in the CI=EXAMPLES/ra-tls-mbedtls gramine group is used RA-TLS sample and modified it , my question is that is it possible to do so with gRPC? I mean for me that gRPC is used for server and client connection how can I perform verification? is there any way to no change gRPC to RA-TLS?

Thanks in advance.

[Vij, Mona]

Hi Lilli,

    Gramine aims to run unmodified applications and that is why we provide RA-TLS samples and easiest for most applications is to integrate the high level interface, where the attestation runs before your application gets control. You can refer to the ra-tls-secret-prov example and integrate with your code, you can likely integrate the dummy server code with your server.

 

Now if a user is willing to modify their application and already have a client server model, then you will have to use our reference code as example and integrate in your client server example. If you were already using TLS then you could have replaced TLS with RA-TLS, but since you are using gRPC, you will need to replace the underlying TLS lib that gRPC is using with RA-TLS.

 

I think easiest will be for you to NOT modify your application, but use ra-tls-secret-prov example to run the attestation code well before your code runs.

 

Thanks

Mona

--
You received this message because you are subscribed to the Google Groups "Gramine Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to gramine-user...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/gramine-users/fba1afc5-63cc-464d-be73-30feff14026cn%40googlegroups.com.