premain

package

v1.4.1 Latest Latest Go to latest Published: Feb 27, 2024 License: MPL-2.0 Imports: 25 Imported by: 2

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/edgelesssys/marblerun

Links

Open Source Insights

Documentation ¶

Overview ¶

Package premain contains the logic invoked before the applications actual main-function, that authenticates to the coordinator and pulls configurations and secrets which are subsequently passed to the application.

Index ¶

func ActivateRPCNoTTLS(req *rpc.ActivationReq, coordAddr string, ...) (*rpc.Parameters, error)
func GramineActivate(req *rpc.ActivationReq, coordAddr string, ...) (*rpc.Parameters, error)
func PreMain() error
func PreMainEgo() error
func PreMainEx(issuer quote.Issuer, activate ActivateFunc, hostfs, enclavefs afero.Fs) error
func PreMainMock() error
type ActivateFunc
type GramineQuoteIssuer
- func (GramineQuoteIssuer) Issue(cert []byte) ([]byte, error)
type OcclumQuoteIssuer
- func (OcclumQuoteIssuer) Issue(cert []byte) ([]byte, error)

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

func ActivateRPCNoTTLS ¶ added in v1.4.1

func ActivateRPCNoTTLS(req *rpc.ActivationReq, coordAddr string, tlsCredentials credentials.TransportCredentials) (*rpc.Parameters, error)

ActivateRPCNoTTLS sends an activation request to the Coordinator. It fails if TTLS is configured.

func GramineActivate ¶ added in v0.5.1

func GramineActivate(req *rpc.ActivationReq, coordAddr string, tlsCredentials credentials.TransportCredentials) (*rpc.Parameters, error)

GramineActivate sends an activation request to the Coordinator and initializes protected files.

func PreMain ¶

func PreMain() error

PreMain runs before the App's actual main routine and authenticates with the Coordinator.

It obtains a quote from the CPU and authenticates itself to the Coordinator through remote attestation. After successful authentication PreMain will set the files, environment variables and commandline arguments according to the manifest. Finally it will mount the host file system under '/edg/hostfs' before returning execution to the actual application.

func PreMainEgo ¶ added in v0.3.2

func PreMainEgo() error

PreMainEgo works similar to PreMain, but let's EGo's premain handle the in-enclave memory filesystem mounting.

func PreMainEx ¶ added in v0.3.0

func PreMainEx(issuer quote.Issuer, activate ActivateFunc, hostfs, enclavefs afero.Fs) error

PreMainEx is like PreMain, but allows to customize the quoting and file system handling.

func PreMainMock ¶

func PreMainMock() error

PreMainMock mocks the quoting and file system handling in the PreMain routine for testing.

Types ¶

type ActivateFunc ¶ added in v0.3.0

type ActivateFunc func(req *rpc.ActivationReq, coordAddr string, tlsCredentials credentials.TransportCredentials) (*rpc.Parameters, error)

ActivateFunc is called by premain to activate the Marble and get its parameters.

type GramineQuoteIssuer ¶ added in v0.5.1

type GramineQuoteIssuer struct{}

GramineQuoteIssuer issues quotes.

func (GramineQuoteIssuer) Issue ¶ added in v0.5.1

func (GramineQuoteIssuer) Issue(cert []byte) ([]byte, error)

Issue issues a quote for remote attestation for a given message (usually a certificate).

type OcclumQuoteIssuer ¶ added in v0.3.2

type OcclumQuoteIssuer struct{}

OcclumQuoteIssuer issues quotes.

func (OcclumQuoteIssuer) Issue ¶ added in v0.3.2

func (OcclumQuoteIssuer) Issue(cert []byte) ([]byte, error)

Issue issues a quote for remote attestation for a given message (usually a certificate).

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL