sigstruct

package

v0.2201.9 Latest Latest Go to latest Published: Jul 26, 2022 License: Apache-2.0 Imports: 10 Imported by: 2

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/oasisprotocol/oasis-core

Links

Open Source Insights

Documentation ¶

Index ¶

func UnsafeDebugForEnclave(sgxs []byte) ([]byte, error)
type Option
type Sigstruct
- func New(opts ...Option) *Sigstruct
- func Verify(buf []byte) (*rsa.PublicKey, *Sigstruct, error)

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

func UnsafeDebugForEnclave ¶

func UnsafeDebugForEnclave(sgxs []byte) ([]byte, error)

UnsafeDebugForEnclave returns the SIGSTRUCT corresponding to the provided SGX enclave binary, signed using the Fortanix Rust SDK's dummy signing key.

This routine is deterministic, and MUST only ever be used for testing.

Types ¶

type Option ¶

type Option func(*Sigstruct)

Option is an option used when constructing a Sigstruct.

func WithAttributes ¶

func WithAttributes(attributes sgx.Attributes) Option

WithAttributes sets the ATTRIBUTES field.

func WithAttributesMask ¶

func WithAttributesMask(attributesMask [2]uint64) Option

WithAttributesMask sets the ATTRIBUTESMASK field.

func WithBuildDate ¶

func WithBuildDate(date time.Time) Option

WithBuildDate sets the BUILDDATE field.

func WithEnclaveHash ¶

func WithEnclaveHash(enclaveHash sgx.MrEnclave) Option

WithEnclaveHash sets the ENCLAVEHASH field.

func WithISVProdID ¶

func WithISVProdID(isvProdID uint16) Option

WithISVProdID sets the ISVPRODID field.

func WithISVSVN ¶

func WithISVSVN(isvSVN uint16) Option

WithISVSVN sets the ISVSVN field.

func WithMiscSelect ¶

func WithMiscSelect(miscSelect uint32) Option

WithMiscSelect sets the MISCSELECT field.

func WithMiscSelectMask ¶

func WithMiscSelectMask(miscSelectMask uint32) Option

WithMiscSelectMask sets the MISCSELECTMASK field.

func WithSwDefined ¶

func WithSwDefined(swDefined [4]byte) Option

WithSwDefined sets the SWDEFINED field.

type Sigstruct ¶

type Sigstruct struct {
	BuildDate      time.Time
	SwDefined      [4]byte
	MiscSelect     uint32
	MiscSelectMask uint32
	Attributes     sgx.Attributes
	AttributesMask [2]uint64
	EnclaveHash    sgx.MrEnclave
	ISVProdID      uint16
	ISVSVN         uint16
}

Sigstruct is an SGX enclave SIGSTRUCT.

The most recent version of the Intel documentation defines more fields that were formerly reserved, however support for setting such things is currently not implemented.

func New ¶

func New(opts ...Option) *Sigstruct

New creates a new Sigstruct ready to be signed.

func Verify ¶

func Verify(buf []byte) (*rsa.PublicKey, *Sigstruct, error)

Verify validates a byte serialized SIGSTRUCT, and returns the signing public key and parsed SIGSTRUCT.

Note: The returned SIGSTRUCT omits fields not currently used.

func (*Sigstruct) HashForSignature ¶ added in v0.2201.9

func (s *Sigstruct) HashForSignature() []byte

HashForSignature returns the SHA-256 hash that is to be signed.

This method can be used for offline signing.

func (*Sigstruct) Sign ¶

func (s *Sigstruct) Sign(privateKey *rsa.PrivateKey) ([]byte, error)

Sign signs the SIGSTRUCT with the provided private key.

func (*Sigstruct) WithSignature ¶ added in v0.2201.9

func (s *Sigstruct) WithSignature(rawSig []byte, pubKey *rsa.PublicKey) ([]byte, error)

WithSignature combines the provided raw signature (which must be over the result of an earlier call to HashForSignature) with the given SIGSTRUCT.

The SIGSTRUCT that was signed MUST match this structure and an error will be returned otherwise to prevent returning a malformed SIGSTRUCT.

This method can be used after an offline signing process has produced a signature.

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL