Harmless since debug flag for testing.
On the Rust side unsafe skip verify check is minimal:
|
if !unsafe_skip_quote_verification { |
|
let tcb_level = quote.verify(tcb_info, qe_identity, ts)?; |
|
|
|
// Validate TCB level. |
|
match tcb_level.status { |
|
TCBStatus::UpToDate | TCBStatus::SWHardeningNeeded => {} |
On the go side, signature verification captures the quote verification against the policy that rust side may not ignore with unsafe skip verify set to true:
|
if !unsafeSkipVerify { |
|
err := q.signature.Verify(q.header, q.reportBody, ts, tcb, policy) |
|
if err != nil { |
|
return nil, err |
|
} |
Harmless since debug flag for testing.
On the Rust side unsafe skip verify check is minimal:
oasis-core/runtime/src/common/sgx/pcs/quote.rs
Lines 83 to 88 in 59b8f32
On the go side, signature verification captures the quote verification against the policy that rust side may not ignore with unsafe skip verify set to true:
oasis-core/go/common/sgx/pcs/quote.go
Lines 196 to 200 in 59b8f32