sdk

package

v0.6.0 Latest Latest Go to latest Published: Apr 19, 2023 License: Apache-2.0 Imports: 32 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/capeprivacy/cli

Links

Open Source Insights

Documentation ¶

Index ¶

Constants
func AESEncrypt(plaintext []byte) ([]byte, []byte, error)
func Deploy(req DeployRequest, keyReq KeyRequest) (string, []byte, error)
func Encrypt(message, username string, options ...Option) (string, error)
func EncryptBytes(keyReq KeyRequest, input []byte) ([]byte, error)
func Key(keyReq KeyRequest) ([]byte, error)
func LinkAWSAccount(url string, token string, customerID string) error
func PersistFile(configDir, filename string, data []byte) error
func ProcessUserFunction(path string) (io.Reader, error)
func RSAEncrypt(plaintext []byte, publicKey []byte) ([]byte, error)
func Run(req RunRequest) (*cli.RunResult, error)
func Test(testReq TestRequest, verifier Verifier, endpoint string, pcrSlice []string) (*cli.RunResult, error)
type AttestationUserData
- func ConnectAndAttest(keyReq KeyRequest, verifier Verifier) (*attest.AttestationDoc, *AttestationUserData, error)
type DeployRequest
type ErrorMsg
type KeyRequest
type Option
- func WithInsecure(insecure bool) Option
- func WithURL(s string) Option
type Options
type OversizeFunctionError
- func (e OversizeFunctionError) Error() string
type RunRequest
type TestRequest
type Verifier

Constants ¶

View Source

const AesKeySize = 32

Variables ¶

This section is empty.

Functions ¶

func AESEncrypt ¶

func AESEncrypt(plaintext []byte) ([]byte, []byte, error)

func Deploy ¶

func Deploy(req DeployRequest, keyReq KeyRequest) (string, []byte, error)

Deploy encrypts the given function data within a secure enclave and stores the encrypted function for future use. Returns a function ID upon successful deployment. The stored function can only be decrypted within an enclave.

func Encrypt ¶

func Encrypt(message, username string, options ...Option) (string, error)

func EncryptBytes ¶ added in v0.2.1

func EncryptBytes(keyReq KeyRequest, input []byte) ([]byte, error)

func Key ¶

func Key(keyReq KeyRequest) ([]byte, error)

func LinkAWSAccount ¶ added in v0.4.0

func LinkAWSAccount(url string, token string, customerID string) error

func PersistFile ¶ added in v0.4.0

func PersistFile(configDir, filename string, data []byte) error

func ProcessUserFunction ¶ added in v0.5.6

func ProcessUserFunction(path string) (io.Reader, error)

ProcessUserFunction takes a string path and produces a io.Reader to zipped function. It could take both a folder as well as a zip file.

func RSAEncrypt ¶

func RSAEncrypt(plaintext []byte, publicKey []byte) ([]byte, error)

func Run ¶

func Run(req RunRequest) (*cli.RunResult, error)

Run loads the given function into a secure enclave and invokes it on the given data, then returns the result.

func Test ¶

func Test(testReq TestRequest, verifier Verifier, endpoint string, pcrSlice []string) (*cli.RunResult, error)

Test simulates the workflow of Deploy and Run, without storing the function. It loads the given function into an enclave, runs it on the given data, and returns the result. Use Test to verify that your function will work before storing it via Deploy.

Types ¶

type AttestationUserData ¶ added in v0.3.0

type AttestationUserData struct {
	FuncChecksum             []byte `json:"func_checksum"`
	KeyChecksum              []byte `json:"key_checksum"`
	CapeKey                  []byte `json:"key"`
	SignatureVerificationKey []byte `json:"signature_verification_public_key,omitempty"`
}

func ConnectAndAttest ¶

func ConnectAndAttest(keyReq KeyRequest, verifier Verifier) (*attest.AttestationDoc, *AttestationUserData, error)

TODO: Run, deploy and test could use this function.

type DeployRequest ¶

type DeployRequest struct {
	URL       string
	Name      string
	Reader    io.Reader
	PcrSlice  []string
	Public    bool
	AuthToken string

	// For development use only: skips validating TLS certificate from the URL
	Insecure bool
}

type ErrorMsg ¶

type ErrorMsg struct {
	Error string `json:"error"`
}

type KeyRequest ¶

type KeyRequest struct {
	URL          string
	FunctionAuth entities.FunctionAuth
	ConfigDir    string
	CapeKeyFile  string
	PcrSlice     []string

	// For development use only: skips validating TLS certificate from the URL
	Insecure bool
}

type Option ¶ added in v0.4.5

type Option func(o *Options)

func WithInsecure ¶ added in v0.4.8

func WithInsecure(insecure bool) Option

func WithURL ¶ added in v0.4.5

func WithURL(s string) Option

type Options ¶ added in v0.4.5

type Options struct {
	URL      string
	Insecure bool
}

type OversizeFunctionError ¶ added in v0.5.6

type OversizeFunctionError struct {
	// contains filtered or unexported fields
}

func (OversizeFunctionError) Error ¶ added in v0.5.6

func (e OversizeFunctionError) Error() string

type RunRequest ¶

type RunRequest struct {
	URL          string
	FunctionID   string
	Data         []byte
	FuncChecksum []byte
	KeyChecksum  []byte
	PcrSlice     []string
	FunctionAuth entities.FunctionAuth

	// For development use only: skips validating TLS certificate from the URL
	Insecure bool
}

type TestRequest ¶

type TestRequest struct {
	Function  []byte
	Input     []byte
	AuthToken string

	// For development use only: circumvents some token authorization when true
	Insecure bool
}

type Verifier ¶ added in v0.5.0

type Verifier interface {
	Verify(attestation []byte, nonce []byte) (*attest.AttestationDoc, error)
}

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL