README
¶
This package contains the logic to initialise EdgelessDB.
- the sql script
- the handshake logic
Note: EdgelessDB does not support foreign keys. All logical FKs have been replaced with indexes.
Documentation
¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
Types ¶
type Config ¶
type Config struct {
Host string
}
todo (#1474) - move more of the hardcoded config into this (attestation conf, usernames etc.)
type Credentials ¶
type Credentials struct {
ManifestJSON string // contains CA cert and sql statements to initialize edb and then to verify edb is setup as expected
EDBCACertPEM string // root cert securely provided by edb enclave to encrypt all our communication with it
CACertPEM string // root cert we generate in our enclave and securely provide to the edb in the manifest
UserCertPEM string // db user cert, generated in our enclave, signed by our root cert
UserKeyPEM string // db user private key, generated in our enclave
}
type EdgelessAttestationConstraints ¶
type EdgelessAttestationConstraints struct {
// This triplet of fields is typically used to attest an instance of an edgeless product (again, see ERA docs for more info)
SecurityVersion uint // Min required security version of the Edgeless product
SignerID string // corresponds to MRSIGNER SGX data, the expected fingerprint of Edgeless System's signing key
ProductID uint16 // The ID for the edgeless product, ProductID = 16 for Edgeless DB
// Alternative to the triplet above you can specify a UniqueID which corresponds to a specific enclave package
UniqueID string // This corresponds to the MRENCLAVE field in the SGX attestation data, it is stricter than the triplet above
Debug bool // while debugging this can be set to true to permit debug attestations to pass verification
}
Source Files
Click to show internal directories.
Click to hide internal directories.