sgx

package
v0.2202.12 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Feb 27, 2024 License: Apache-2.0 Imports: 10 Imported by: 10

Documentation

Overview

Package sgx provides common Intel SGX datatypes and utilities.

Index

Constants

View Source
const (
	// MrEnclaveSize is the size of an MrEnclave in bytes.
	MrEnclaveSize = sha256.Size

	// MrSignerSize is the size of an MrSigner in bytes.
	MrSignerSize = sha256.Size

	// ModulusSize is the required RSA modulus size in bits.
	ModulusSize = 3072
)

Variables

This section is empty.

Functions

func From3072le

func From3072le(b []byte) (*big.Int, error)

From3072le converts a 3072 bit buffer to the corresponding big.Int, assuming that the buffer is in little endian representation.

func To3072le

func To3072le(z *big.Int, mayPad bool) ([]byte, error)

To3072le converts a big.Int to a 3072 bit little endian representation, padding if allowed AND required.

func UnsafeFortanixDummyKey

func UnsafeFortanixDummyKey() *rsa.PrivateKey

UnsafeFortanixDummyKey returns the Fortanix dummy signing key.

This MUST only ever be used for launching test enclaves.

Types

type Attributes

type Attributes struct {
	Flags AttributesFlags
	Xfrm  uint64
}

Attributes is a SGX enclave attributes value inside report.

type AttributesFlags

type AttributesFlags uint64

AttributesFlags is attributes flags inside enclave report attributes.

const (
	AttributeInit          AttributesFlags = 0b0000_0001
	AttributeDebug         AttributesFlags = 0b0000_0010
	AttributeMode64Bit     AttributesFlags = 0b0000_0100
	AttributeProvisionKey  AttributesFlags = 0b0001_0000
	AttributeEInitTokenKey AttributesFlags = 0b0010_0000
)

Predefined enclave report attributes flags.

func (AttributesFlags) Contains

func (a AttributesFlags) Contains(flag AttributesFlags) bool

Contains returns value of given flag attribute of the Report.

type EnclaveIdentity

type EnclaveIdentity struct {
	MrEnclave MrEnclave `json:"mr_enclave"`
	MrSigner  MrSigner  `json:"mr_signer"`
}

EnclaveIdentity is a byte serialized MRSIGNER/MRENCLAVE pair.

func (EnclaveIdentity) MarshalText

func (id EnclaveIdentity) MarshalText() (data []byte, err error)

MarshalText encodes an EnclaveIdentity into text form.

func (EnclaveIdentity) String

func (id EnclaveIdentity) String() string

String returns the string representation of a EnclaveIdentity.

func (*EnclaveIdentity) UnmarshalHex

func (id *EnclaveIdentity) UnmarshalHex(text string) error

UnmarshalHex decodes a hex marshaled EnclaveIdentity.

func (*EnclaveIdentity) UnmarshalText

func (id *EnclaveIdentity) UnmarshalText(text []byte) error

UnmarshalText decodes a text marshaled EnclaveIdentity.

type MrEnclave

type MrEnclave [MrEnclaveSize]byte

MrEnclave is a SGX enclave identity register value (MRENCLAVE).

func (*MrEnclave) FromSgxs

func (m *MrEnclave) FromSgxs(r io.Reader) error

FromSgxs derives a MrEnclave from r, under the assumption that r will provide the entire `.sgxs` file.

func (*MrEnclave) FromSgxsBytes

func (m *MrEnclave) FromSgxsBytes(data []byte) error

FromSgxsBytes dervies a MrEnclave from a byte slice containing a `.sgxs` file.

func (*MrEnclave) MarshalBinary

func (m *MrEnclave) MarshalBinary() (data []byte, err error)

MarshalBinary encodes a Mrenclave into binary form.

func (MrEnclave) String

func (m MrEnclave) String() string

String returns the string representation of a MrEnclave.

func (*MrEnclave) UnmarshalBinary

func (m *MrEnclave) UnmarshalBinary(data []byte) error

UnmarshalBinary decodes a binary marshaled Mrenclave.

func (*MrEnclave) UnmarshalHex

func (m *MrEnclave) UnmarshalHex(text string) error

UnmarshalHex decodes a hex marshaled MrEnclave.

type MrSigner

type MrSigner [MrSignerSize]byte

MrSigner is a SGX enclave signer register value (MRSIGNER).

var (
	// FortanixDummyMrSigner is the MRSIGNER value corresponding to the
	// dummy signing key that is used by the Fortanix Rust SGX SDK's
	// enclave-runner.
	FortanixDummyMrSigner MrSigner
)

func (*MrSigner) FromPublicKey

func (m *MrSigner) FromPublicKey(pk *rsa.PublicKey) error

FromPublicKey derives a MrSigner from a RSA public key.

func (*MrSigner) MarshalBinary

func (m *MrSigner) MarshalBinary() (data []byte, err error)

MarshalBinary encodes a MrSigner into binary form.

func (MrSigner) String

func (m MrSigner) String() string

String returns the string representation of a MrSigner.

func (*MrSigner) UnmarshalBinary

func (m *MrSigner) UnmarshalBinary(data []byte) error

UnmarshalBinary decodes a binary marshaled MrSigner.

func (*MrSigner) UnmarshalHex

func (m *MrSigner) UnmarshalHex(text string) error

UnmarshalHex decodes a hex marshaled MrSigner.

type VerifiedQuote added in v0.2202.0

type VerifiedQuote struct {
	ReportData []byte
	Identity   EnclaveIdentity
}

VerifiedQuote is an extract from a remote attestation quote that has undergone verification.

Directories

Path Synopsis
Package aesm provides a client for AESMD.
Package aesm provides a client for AESMD.
Package ias provides routines for interacting with the Intel Attestation Service.
Package ias provides routines for interacting with the Intel Attestation Service.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL