Generating key and signing a file #554
Comments
|
Sorry, I'm not sure if I understand this question correctly. Do you mean signing the input data? Can you give me more context of why "generating a key pair from python and use it to sign data"? Thanks! |
|
I have a python application that generates a pdf report. This report should be signed so that it can't be changed (file can be read and then data can be signed) with a private key stored in SGX. Besides, on the first run, the key pair should be generated. It would also be very useful to restrict other applications and processes from using this key. |
|
@mssun any info? Thank you in advance! |
|
It seems the whole process is stateful, where "first run" generates a key pair and the key will be used in "following runs". In general, Teaclave cannot handle statefule tasks since FaaS is stateless in nature. However, specifically in your case, an alternative solution is like this:
If you really want to make it a single function, you can always ask the function to take another input to choose if it's going to generate a key or sign a PDF. Hope I understand your requirements correctly and hope this can help. |
Is it possible to generate a private-public key pair from python (if it does not already exist), and use it to sign data (all from python using teaclave library)?
Similar to this example from Intel: https://software.intel.com/content/www/us/en/develop/articles/code-sample-gateway-key-provisioning-and-secure-signing-using-intel-software-guard.html
If it is possible, can other processes also access this key and use it for signing or is it tied to the application that generated it?
The text was updated successfully, but these errors were encountered: