Open Enclave  0.11.0

◆ oe_verify_attestation_certificate()

oe_result_t oe_verify_attestation_certificate ( uint8_t *  cert_in_der,
size_t  cert_in_der_len,
oe_identity_verify_callback_t  enclave_identity_callback,
void *  arg 
)

oe_verify_attestation_certificate

This function perform a custom validation on the input certificate. This validation includes extracting an attestation evidence extension from the certificate before validating this evidence. An optional enclave_identity_callback could be passed in for a calling client to further validate the identity of the enclave creating the quote. OE_FAILURE is returned if the expected certificate extension OID is not found.

Parameters
[in]cert_in_dera pointer to buffer holding certificate contents in DER format
[in]cert_in_der_lensize of certificate buffer above
[in]enclave_identity_callbackcallback routine for custom identity checking
[in]argan optional context pointer argument specified by the caller when setting callback
Return values
OE_OKon a successful validation
OE_VERIFY_FAILEDon quote failure
OE_INVALID_PARAMETERAt least one parameter is invalid
OE_FAILUREgeneral failure
otherappropriate error code