How does the attestation process guarantee code integrity?

  • Application Attestation: (Code Integrity)

    • When the enclave application starts, it first starts the application attestation process.

    • The Enclave application generates an attestation report and sends it to the Node Agent.

    • The Node Agent signs that report with its certificate.

    • The Enclave application generates a CSR with the above report and sends it back to the Node Agent.

    • The Node agent forwards this CSR to Fortanix CCM and gets it checked.

    • If the attestation is passed, then Fortanix CCM issues a certificate to the enclave.