sgx

package
v0.2103.6 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Nov 15, 2021 License: Apache-2.0 Imports: 10 Imported by: 6

Documentation

Overview

Package SGX provides common Intel SGX datatypes and utilities.

Index

Constants

View Source 
const (
	// MrEnclaveSize is the size of an MrEnclave in bytes.
	MrEnclaveSize = sha256.Size

	// MrSignerSize is the size of an MrSigner in bytes.
	MrSignerSize = sha256.Size

	// ModulusSize is the required RSA modulus size in bits.
	ModulusSize = 3072
)

Variables

This section is empty.

Functions

func From3072le 

func From3072le(b []byte) (*big.Int, error)

From3072le converts a 3072 bit buffer to the corresponding big.Int, assuming that the buffer is in little endian representation.

func To3072le 

func To3072le(z *big.Int, mayPad bool) ([]byte, error)

To3072le converts a big.Int to a 3072 bit little endian representation, padding if allowed AND required.

func UnsafeFortanixDummyKey 

func UnsafeFortanixDummyKey() *rsa.PrivateKey

UnsafeFortanixDummyKey returns the Fortanix dummy signing key.

This MUST only ever be used for launching test enclaves.

Types

type Attributes 

type Attributes struct {
	Flags AttributesFlags
	Xfrm  uint64
}

Attributes is a SGX enclave attributes value inside report.

type AttributesFlags 

type AttributesFlags uint64

AttributesFlags is attributes flags inside enclave report attributes. 

const (
	AttributeInit          AttributesFlags = 0b0000_0001
	AttributeDebug         AttributesFlags = 0b0000_0010
	AttributeMode64Bit     AttributesFlags = 0b0000_0100
	AttributeProvisionKey  AttributesFlags = 0b0001_0000
	AttributeEInitTokenKey AttributesFlags = 0b0010_0000
)

Predefined enclave report attributes flags.

func (AttributesFlags) Contains 

func (a AttributesFlags) Contains(flag AttributesFlags) bool

GetFlagInit returns value of given flag attribute of the Report.

type Constraints added in v0.2100.0 

type Constraints struct {
	// Enclaves is the allowed MRENCLAVE/MRSIGNER pairs.
	Enclaves []EnclaveIdentity `json:"enclaves"`
}

Constraints are the Intel SGX TEE constraints.

type EnclaveIdentity 

type EnclaveIdentity struct {
	MrEnclave MrEnclave `json:"mr_enclave"`
	MrSigner  MrSigner  `json:"mr_signer"`
}

EnclaveIdentity is a byte serialized MRSIGNER/MRENCLAVE pair.

func (EnclaveIdentity) MarshalText 

func (id EnclaveIdentity) MarshalText() (data []byte, err error)

MarshalText encodes an EnclaveIdentity into text form.

func (EnclaveIdentity) String 

func (id EnclaveIdentity) String() string

String returns the string representation of a EnclaveIdentity.

func (*EnclaveIdentity) UnmarshalHex 

func (id *EnclaveIdentity) UnmarshalHex(text string) error

UnmarshalHex decodes a hex marshaled EnclaveIdentity.

func (*EnclaveIdentity) UnmarshalText 

func (id *EnclaveIdentity) UnmarshalText(text []byte) error

UnmarshalText decodes a text marshaled EnclaveIdentity.

type MrEnclave 

type MrEnclave [MrEnclaveSize]byte

Mrenclave is a SGX enclave identity register value (MRENCLAVE).

func (*MrEnclave) FromSgxs 

func (m *MrEnclave) FromSgxs(r io.Reader) error

FromSgxs derives a MrEnclave from r, under the assumption that r will provide the entire `.sgxs` file.

func (*MrEnclave) FromSgxsBytes 

func (m *MrEnclave) FromSgxsBytes(data []byte) error

FromSgxsBytes dervies a MrEnclave from a byte slice containing a `.sgxs` file.

func (*MrEnclave) MarshalBinary 

func (m *MrEnclave) MarshalBinary() (data []byte, err error)

MarshalBinary encodes a Mrenclave into binary form.

func (MrEnclave) String 

func (m MrEnclave) String() string

String returns the string representation of a MrEnclave.

func (*MrEnclave) UnmarshalBinary 

func (m *MrEnclave) UnmarshalBinary(data []byte) error

UnmarshalBinary decodes a binary marshaled Mrenclave.

func (*MrEnclave) UnmarshalHex 

func (m *MrEnclave) UnmarshalHex(text string) error

UnmarshalHex decodes a hex marshaled MrEnclave.

type MrSigner 

type MrSigner [MrSignerSize]byte

MrSigner is a SGX enclave signer register value (MRSIGNER). 

var (
	// FortanixDummyMrSigner is the MRSIGNER value corresponding to the
	// dummy signing key that is used by the Fortanix Rust SGX SDK's
	// enclave-runner.
	FortanixDummyMrSigner MrSigner
)

func (*MrSigner) FromPublicKey 

func (m *MrSigner) FromPublicKey(pk *rsa.PublicKey) error

FromPublicKey derives a MrSigner from a RSA public key.

func (*MrSigner) MarshalBinary 

func (m *MrSigner) MarshalBinary() (data []byte, err error)

MarshalBinary encodes a MrSigner into binary form.

func (MrSigner) String 

func (m MrSigner) String() string

String returns the string representation of a MrSigner.

func (*MrSigner) UnmarshalBinary 

func (m *MrSigner) UnmarshalBinary(data []byte) error

UnmarshalBinary decodes a binary marshaled MrSigner.

func (*MrSigner) UnmarshalHex 

func (m *MrSigner) UnmarshalHex(text string) error

UnmarshalHex decodes a hex marshaled MrSigner.

Source Files

View all Source files

Directories

Path Synopsis
Package aesm provides a client for AESMD.
 Package aesm provides a client for AESMD.
Package ias provides routines for interacting with the Intel Attestation Service.
 Package ias provides routines for interacting with the Intel Attestation Service.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.