gramine-sgx-ias-verify-report – Submit Intel Attestation Service request

Synopsis

gramine-sgx-ias-verify-report [OPTION]…

Description

gramine-sgx-ias-verify-report verifies attestation report retrieved from the Intel Attestation Service (using gramine-sgx-ias-request for example). It also verifies that the quote contained in the IAS report contains expected values.

Command line arguments

-h, --help

Display usage.

-v, --verbose

Print more information.

-m, --msb

Print/parse hex strings in big-endian order.

-r, --report-path

IAS report to verify.

-s, --sig-path

Path to the IAS report’s signature.

-o, --allow-outdated-tcb

Treat IAS status GROUP_OUT_OF_DATE as OK.

-n, --nonce

Nonce that’s expected in the report (optional).

-S, --mr-signer

Expected mr_signer field (hex string, optional).

-E, --mr-enclave

Expected mr_enclave field (hex string, optional).

-R, --report-data

Expected report_data field (hex string, optional).

-P, --isv-prod-id

Expected isv_prod_id field (hex string, optional).

-V, --isv-svn

Expected isv_svn field (hex string, optional).

-i, --ias-pubkey

Path to IAS public RSA key (PEM format, optional).