edgelessdb

package
v0.21.1 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Feb 13, 2024 License: AGPL-3.0 Imports: 37 Imported by: 0

README

This package contains the logic to initialise EdgelessDB.

  • the sql script
  • the handshake logic

Note: EdgelessDB does not support foreign keys. All logical FKs have been replaced with indexes.

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func Connector

func Connector(edbCfg *Config, logger gethlog.Logger) (enclavedb.EnclaveDB, error)

Types

type Config

type Config struct {
	Host string
}

todo (#1474) - move more of the hardcoded config into this (attestation conf, usernames etc.)

type Credentials

type Credentials struct {
	ManifestJSON string // contains CA cert and sql statements to initialize edb and then to verify edb is setup as expected
	EDBCACertPEM string // root cert securely provided by edb enclave to encrypt all our communication with it
	CACertPEM    string // root cert we generate in our enclave and securely provide to the edb in the manifest
	UserCertPEM  string // db user cert, generated in our enclave, signed by our root cert
	UserKeyPEM   string // db user private key, generated in our enclave
}

type EdgelessAttestationConstraints

type EdgelessAttestationConstraints struct {
	// This triplet of fields is typically used to attest an instance of an edgeless product (again, see ERA docs for more info)
	SecurityVersion uint   // Min required security version of the Edgeless product
	SignerID        string // corresponds to MRSIGNER SGX data, the expected fingerprint of Edgeless System's signing key
	ProductID       uint16 // The ID for the edgeless product, ProductID = 16 for Edgeless DB

	// Alternative to the triplet above you can specify a UniqueID which corresponds to a specific enclave package
	UniqueID string // This corresponds to the MRENCLAVE field in the SGX attestation data, it is stricter than the triplet above

	Debug bool // while debugging this can be set to true to permit debug attestations to pass verification
}

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL