sgx

package

v0.0.0-...-2a45ea8 Latest Latest Go to latest Published: Nov 7, 2023 License: Apache-2.0 Imports: 15 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/hyperledger-labs/minbft

Links

Open Source Insights

Documentation ¶

Overview ¶

Package sgx provides Go interface to SGX USIG implementation.

Index ¶

func MakeCert(epoch uint64, signature []byte) []byte
func MakeID(epoch uint64, publicKey interface{}) ([]byte, error)
func ParseCert(cert []byte) (epoch uint64, signature []byte, err error)
func ParseID(usigID []byte) (epoch uint64, pubKey crypto.PublicKey, err error)
func VerifySignature(pubKey interface{}, digest Digest, epoch, counter uint64, signature []byte) error
func VerifyUI(message []byte, ui *usig.UI, usigID []byte) error
type Digest
type USIG
- func New(enclaveFile string, sealedKey []byte) (*USIG, error)
type USIGEnclave
- func NewUSIGEnclave(enclaveFile string, sealedKey []byte) (*USIGEnclave, error)

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

func MakeCert ¶

func MakeCert(epoch uint64, signature []byte) []byte

MakeCert composes a USIG certificate which is 64-bit big-endian encoded epoch value followed by serialized USIG signature.

func MakeID ¶

func MakeID(epoch uint64, publicKey interface{}) ([]byte, error)

MakeID composes a USIG identity which is 64-bit big-endian encoded epoch value followed by public key serialized in PKIX format.

func ParseCert ¶

func ParseCert(cert []byte) (epoch uint64, signature []byte, err error)

ParseCert breaks a USIG certificate down to epoch value and serialized USIG signature.

func ParseID ¶

func ParseID(usigID []byte) (epoch uint64, pubKey crypto.PublicKey, err error)

ParseID breaks a USIG identity down to epoch value and public key.

func VerifySignature ¶

func VerifySignature(pubKey interface{}, digest Digest, epoch, counter uint64, signature []byte) error

VerifySignature verifies a USIG signature over the message digest, epoch and counter values, given a USIG public key.

func VerifyUI ¶

func VerifyUI(message []byte, ui *usig.UI, usigID []byte) error

VerifyUI verifies unique identifier generated for the message by USIG with the specified identity.

Types ¶

type Digest ¶

type Digest [sha256.Size]byte

Digest represents the data type of the message digest used to create unique identifiers

type USIG ¶

type USIG struct {
	*USIGEnclave
}

USIG implements USIG interface around USIGEnclave.

func New ¶

func New(enclaveFile string, sealedKey []byte) (*USIG, error)

New creates a new instance of SGXUSIG. It is a wrapper around NewUSIGEnclave(). See NewUSIGEnclave() for more details. Note that the created instance has to be disposed with Destroy() method, e.g. using defer.

func (*USIG) CreateUI ¶

func (u *USIG) CreateUI(message []byte) (*usig.UI, error)

CreateUI creates a unique identifier assigned to the message.

func (*USIG) ID ¶

func (u *USIG) ID() []byte

ID returns the USIG instance identity.

func (*USIG) VerifyUI ¶

func (u *USIG) VerifyUI(message []byte, ui *usig.UI, usigID []byte) error

VerifyUI is just a wrapper around the VerifyUI function at the package-level.

type USIGEnclave ¶

type USIGEnclave struct {
	// contains filtered or unexported fields
}

USIGEnclave represents a USIG enclave instance.

func NewUSIGEnclave ¶

func NewUSIGEnclave(enclaveFile string, sealedKey []byte) (*USIGEnclave, error)

NewUSIGEnclave creates a new instance of USIG enclave. Note that the created instance has to be disposed with Destroy() method, e.g. using defer. A sealed key, previously retrieved by SealedKey(), can be supplied to initialize the enclave with that key pair. If nil is passed instead then a new key pair will be generated by the enclave.

func (*USIGEnclave) CreateUI ¶

func (enclave *USIGEnclave) CreateUI(digest Digest) (counter uint64, signature []byte, err error)

CreateUI assigns the next USIG counter value to the specified message digest. The assigned counter value and serialized USIG signature are returned.

func (*USIGEnclave) Destroy ¶

func (enclave *USIGEnclave) Destroy()

Destroy destroys previously created USIG enclave instance. Must be called only once per each enclave instance

func (*USIGEnclave) Epoch ¶

func (enclave *USIGEnclave) Epoch() uint64

Epoch retrieves the unique epoch value generated by this USIG enclave instance.

func (*USIGEnclave) PublicKey ¶

func (enclave *USIGEnclave) PublicKey() crypto.PublicKey

PublicKey retrieves the public part of the key used by USIG enclave instance to sign unique identifiers it produces

func (*USIGEnclave) SealedKey ¶

func (enclave *USIGEnclave) SealedKey() []byte

SealedKey retrieves the sealed key used by the USIG enclave. The retrieved key can be supplied to subsequent calls to NewUSIGEnclave() on the same physical machine.

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL