edgelessdb

package

v0.27.0 Latest Latest Go to latest Published: Sep 6, 2024 License: AGPL-3.0 Imports: 38 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/ten-protocol/go-ten

Links

Open Source Insights

README ¶

This package contains the logic to initialise EdgelessDB.

the sql script
the handshake logic

Note: EdgelessDB does not support foreign keys. All logical FKs have been replaced with indexes.

Documentation ¶

Index ¶

func ConnectToEdgelessDB(edbHost string, tlsCfg *tls.Config, logger gethlog.Logger) (*sql.DB, error)
func Connector(edbCfg *Config, config config.EnclaveConfig, logger gethlog.Logger) (enclavedb.EnclaveDB, error)
func CreateTLSCfg(creds *Credentials) (*tls.Config, error)
type Config
type Credentials
- func LoadCredentialsFromFile() (*Credentials, bool, error)
type EdgelessAttestationConstraints

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

func ConnectToEdgelessDB ¶ added in v0.25.0

func ConnectToEdgelessDB(edbHost string, tlsCfg *tls.Config, logger gethlog.Logger) (*sql.DB, error)

func Connector ¶

func Connector(edbCfg *Config, config config.EnclaveConfig, logger gethlog.Logger) (enclavedb.EnclaveDB, error)

Connector (re-)establishes a connection to the Edgeless DB for the TEN enclave

func CreateTLSCfg ¶ added in v0.25.0

func CreateTLSCfg(creds *Credentials) (*tls.Config, error)

Types ¶

type Config ¶

type Config struct {
	Host string
}

todo (#1474) - move more of the hardcoded config into this (attestation conf, usernames etc.)

type Credentials ¶

type Credentials struct {
	ManifestJSON string // contains CA cert and sql statements to initialize edb and then to verify edb is setup as expected
	EDBCACertPEM string // root cert securely provided by edb enclave to encrypt all our communication with it
	CACertPEM    string // root cert we generate in our enclave and securely provide to the edb in the manifest
	UserCertPEM  string // db user cert, generated in our enclave, signed by our root cert
	UserKeyPEM   string // db user private key, generated in our enclave
}

func LoadCredentialsFromFile ¶ added in v0.25.0

func LoadCredentialsFromFile() (*Credentials, bool, error)

LoadCredentialsFromFile returns (credentials object, found flag, error), if file not found it will return nil error but found=false

type EdgelessAttestationConstraints ¶

type EdgelessAttestationConstraints struct {
	// This triplet of fields is typically used to attest an instance of an edgeless product (again, see ERA docs for more info)
	SecurityVersion uint   // Min required security version of the Edgeless product
	SignerID        string // corresponds to MRSIGNER SGX data, the expected fingerprint of Edgeless System's signing key
	ProductID       uint16 // The ID for the edgeless product, ProductID = 16 for Edgeless DB

	// Alternative to the triplet above you can specify a UniqueID which corresponds to a specific enclave package
	UniqueID string // This corresponds to the MRENCLAVE field in the SGX attestation data, it is stricter than the triplet above

	Debug bool // while debugging this can be set to true to permit debug attestations to pass verification
}

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL