Documentation
¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type ChurpSchemeStatus ¶ added in v0.2400.0
type ChurpSchemeStatus struct {
// Status is the consensus status of the CHURP scheme.
Status *churp.Status `json:"status,omitempty"`
}
ChurpSchemeStatus represents the status of a CHURP scheme.
type ChurpStatus ¶ added in v0.2400.0
type ChurpStatus struct {
// Schemes is a list of CHURP scheme configurations.
Schemes map[uint8]ChurpSchemeStatus `json:"schemes,omitempty"`
}
ChurpStatus represents the status of the key manager CHURP extension.
type EphemeralSecretStats ¶ added in v0.2300.0
type EphemeralSecretStats struct {
// NumLoaded is the number of loaded secrets.
NumLoaded int `json:"num_loaded"`
// LastLoaded is the epoch of the last loaded secret.
LastLoaded beacon.EpochTime `json:"last_loaded_epoch"`
// NumGenerated is the number of generated secrets.
NumGenerated int `json:"num_generated"`
// LastGenerated is the epoch of the last generated secret.
LastGenerated beacon.EpochTime `json:"last_generated_epoch"`
}
EphemeralSecretStats are the ephemeral secret generation and replication stats.
type MasterSecretStats ¶ added in v0.2300.0
type MasterSecretStats struct {
// NumLoaded is the number of loaded secrets.
NumLoaded int `json:"num_loaded"`
// LastLoaded is the generation of the last loaded secret.
LastLoaded uint64 `json:"last_loaded_generation"`
// NumGenerated is the number of generated secrets.
NumGenerated int `json:"num_generated"`
// LastGenerated is the generation of the last generated secret.
LastGenerated uint64 `json:"last_generated_generation"`
}
MasterSecretStats are the master secret generation and replication stats.
type RPCAccessController ¶ added in v0.2400.0
type RPCAccessController interface {
// Methods returns a list of allowed methods.
Methods() []string
// Connect verifies whether the peer is allowed to establish a secure Noise connection,
// meaning it is authorized to invoke at least one secure RPC method.
Connect(ctx context.Context, peerID core.PeerID) bool
// Authorize verifies whether the peer is allowed to invoke the specified RPC method.
Authorize(ctx context.Context, method string, kind enclaverpc.Kind, peerID core.PeerID) error
}
RPCAccessController handles the authorization of enclave RPC calls.
type RuntimeAccessList ¶
type RuntimeAccessList struct {
// RuntimeID is the runtime ID of the runtime this access list is for.
RuntimeID common.Namespace `json:"runtime_id"`
// Peers is a list of peers that are allowed to call protected methods.
Peers []core.PeerID `json:"peers"`
}
RuntimeAccessList is an access control lists for a runtime.
type SecretsStatus ¶ added in v0.2400.0
type SecretsStatus struct {
// Status is the global key manager committee status.
Status *secrets.Status `json:"status"`
// Worker is the key manager master and ephemeral secrets worker status.
Worker SecretsWorkerStatus `json:"worker"`
}
SecretsStatus is the key manager master and ephemeral secrets status.
type SecretsWorkerStatus ¶ added in v0.2400.0
type SecretsWorkerStatus struct {
// Status is a concise status of the worker.
Status StatusState `json:"status"`
// LastRegistration is the time of the last successful registration with the consensus registry
// service. In case the worker did not successfully register yet, it will be the zero timestamp.
LastRegistration time.Time `json:"last_registration"`
// Policy is the master and ephemeral secrets access control policy.
Policy *secrets.SignedPolicySGX `json:"policy"`
// PolicyChecksum is the checksum of the policy.
PolicyChecksum []byte `json:"policy_checksum"`
// MasterSecrets are the master secret generation and replication stats.
MasterSecrets MasterSecretStats `json:"master_secrets"`
// EphemeralSecrets are the ephemeral secret generation and replication stats.
EphemeralSecrets EphemeralSecretStats `json:"ephemeral_secrets"`
// PrivatePeers is a list of peers that are always allowed to call protected methods.
PrivatePeers []core.PeerID `json:"private_peers"`
}
SecretsWorkerStatus is the key manager master and ephemeral secrets worker status.
type Status ¶
type Status struct {
// Status is a concise status of the key manager worker.
Status StatusState `json:"status"`
// ActiveVersion is the currently active version.
ActiveVersion *version.Version `json:"active_version"`
// RuntimeID is the runtime ID of the key manager.
RuntimeID *common.Namespace `json:"runtime_id"`
// ClientRuntimes is a list of compute runtimes that use this key manager.
ClientRuntimes []common.Namespace `json:"client_runtimes"`
// AccessList is per-runtime list of peers that are allowed to call protected methods.
AccessList []RuntimeAccessList `json:"access_list"`
// Secrets is the master and ephemeral secrets status.
Secrets *SecretsStatus `json:"secrets"`
// Churp is the CHURP status.
Churp ChurpStatus `json:"churp"`
}
Status is the key manager worker status.
type StatusState ¶
type StatusState uint8
StatusState is the concise status state of the key manager worker.
const ( // StatusStateReady is the ready status state. StatusStateReady StatusState = 0 // StatusStateStarting is the starting status state. StatusStateStarting StatusState = 1 // StatusStateStopped is the stopped status state. StatusStateStopped StatusState = 2 // StatusStateDisabled is the disabled status state. StatusStateDisabled StatusState = 3 )
func (StatusState) MarshalText ¶
func (s StatusState) MarshalText() ([]byte, error)
MarshalText encodes a StatusState into text form.
func (StatusState) String ¶
func (s StatusState) String() string
String returns a string representation of a status state.
func (*StatusState) UnmarshalText ¶
func (s *StatusState) UnmarshalText(text []byte) error
UnmarshalText decodes a text slice into a StatusState.
Source Files
Click to show internal directories.
Click to hide internal directories.