Documentation
¶
Overview ¶
Package sgx provides Go interface to SGX USIG implementation.
Index ¶
- func MakeCert(epoch uint64, signature []byte) []byte
- func MakeID(epoch uint64, publicKey interface{}) ([]byte, error)
- func ParseCert(cert []byte) (epoch uint64, signature []byte, err error)
- func ParseID(usigID []byte) (epoch uint64, pubKey crypto.PublicKey, err error)
- func VerifySignature(pubKey interface{}, digest Digest, epoch, counter uint64, signature []byte) error
- func VerifyUI(message []byte, ui *usig.UI, usigID []byte) error
- type Digest
- type USIG
- type USIGEnclave
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func MakeCert ¶
MakeCert composes a USIG certificate which is 64-bit big-endian encoded epoch value followed by serialized USIG signature.
func MakeID ¶
MakeID composes a USIG identity which is 64-bit big-endian encoded epoch value followed by public key serialized in PKIX format.
func ParseCert ¶
ParseCert breaks a USIG certificate down to epoch value and serialized USIG signature.
Types ¶
type Digest ¶
Digest represents the data type of the message digest used to create unique identifiers
type USIG ¶
type USIG struct {
*USIGEnclave
}
USIG implements USIG interface around USIGEnclave.
func New ¶
New creates a new instance of SGXUSIG. It is a wrapper around NewUSIGEnclave(). See NewUSIGEnclave() for more details. Note that the created instance has to be disposed with Destroy() method, e.g. using defer.
type USIGEnclave ¶
type USIGEnclave struct {
// contains filtered or unexported fields
}
USIGEnclave represents a USIG enclave instance.
func NewUSIGEnclave ¶
func NewUSIGEnclave(enclaveFile string, sealedKey []byte) (*USIGEnclave, error)
NewUSIGEnclave creates a new instance of USIG enclave. Note that the created instance has to be disposed with Destroy() method, e.g. using defer. A sealed key, previously retrieved by SealedKey(), can be supplied to initialize the enclave with that key pair. If nil is passed instead then a new key pair will be generated by the enclave.
func (*USIGEnclave) CreateUI ¶
func (enclave *USIGEnclave) CreateUI(digest Digest) (counter uint64, signature []byte, err error)
CreateUI assigns the next USIG counter value to the specified message digest. The assigned counter value and serialized USIG signature are returned.
func (*USIGEnclave) Destroy ¶
func (enclave *USIGEnclave) Destroy()
Destroy destroys previously created USIG enclave instance. Must be called only once per each enclave instance
func (*USIGEnclave) Epoch ¶
func (enclave *USIGEnclave) Epoch() uint64
Epoch retrieves the unique epoch value generated by this USIG enclave instance.
func (*USIGEnclave) PublicKey ¶
func (enclave *USIGEnclave) PublicKey() crypto.PublicKey
PublicKey retrieves the public part of the key used by USIG enclave instance to sign unique identifiers it produces
func (*USIGEnclave) SealedKey ¶
func (enclave *USIGEnclave) SealedKey() []byte
SealedKey retrieves the sealed key used by the USIG enclave. The retrieved key can be supplied to subsequent calls to NewUSIGEnclave() on the same physical machine.
Source Files