Asylo
Public Member Functions | Static Public Member Functions | Protected Member Functions | List of all members
asylo::EnclaveAssertionAuthority Class Referenceabstract

An EnclaveAssertionAuthority is an authority for assertions of a particular identity type. More...

#include <enclave_assertion_authority.h>

Inheritance diagram for asylo::EnclaveAssertionAuthority:
Inheritance graph
[legend]

Public Member Functions

virtual ~EnclaveAssertionAuthority ()=default
 
virtual Status Initialize (const std::string &config)=0
 Initializes this assertion authority using the provided config. More...
 
virtual bool IsInitialized () const =0
 Indicates whether this assertion authority has been initialized successfully via a call to Initialize(). More...
 
virtual EnclaveIdentityType IdentityType () const =0
 Gets the enclave identity type handled by this assertion authority. More...
 
virtual std::string AuthorityType () const =0
 Gets the type of this assertion authority. More...
 

Static Public Member Functions

static StatusOr< std::string > GenerateAuthorityId (const EnclaveIdentityType &identity_type, const std::string &authority_type)
 Gets a unique identifier for an EnclaveAssertionAuthority with the given identity_type and authority_type. More...
 

Protected Member Functions

bool IsCompatibleAssertionDescription (const AssertionDescription &description) const
 Indicates whether description describes an assertion that is compatible with this authority. More...
 

Detailed Description

An EnclaveAssertionAuthority is an authority for assertions of a particular identity type.

An EnclaveAssertionAuthority is also identified by its authority type. The combination of identity type and authority type uniquely identifies an EnclaveAssertionAuthority.

EnclaveAssertionAuthority cannot be instantiated. It is an abstract interface that is intended to be extended by subclasses that define a particular set of operations on assertion authorities.

See EnclaveAssertionGenerator and EnclaveAssertionVerifier for examples of how the EnclaveAssertionAuthority interface can be extended.

Constructor & Destructor Documentation

◆ ~EnclaveAssertionAuthority()

virtual asylo::EnclaveAssertionAuthority::~EnclaveAssertionAuthority ( )
virtualdefault

Member Function Documentation

◆ AuthorityType()

virtual std::string asylo::EnclaveAssertionAuthority::AuthorityType ( ) const
pure virtual

Gets the type of this assertion authority.

Returns
The type of this authority.

Implemented in asylo::SgxIntelEcdsaQeRemoteAssertionGenerator, asylo::SgxIntelEcdsaQeRemoteAssertionVerifier, asylo::SgxAgeRemoteAssertionVerifier, asylo::SgxAgeRemoteAssertionGenerator, asylo::NullAssertionVerifier, asylo::SgxLocalAssertionGenerator, asylo::NullAssertionGenerator, and asylo::SgxLocalAssertionVerifier.

◆ GenerateAuthorityId()

static StatusOr<std::string> asylo::EnclaveAssertionAuthority::GenerateAuthorityId ( const EnclaveIdentityType &  identity_type,
const std::string &  authority_type 
)
inlinestatic

Gets a unique identifier for an EnclaveAssertionAuthority with the given identity_type and authority_type.

The identifier is a string that combines identity_type and authority_type. It can be used as a unique identifier for an authority that handles assertions for identity_type and authority_type.

Parameters
identity_typeThe identity type handled by the authority.
authority_typeThe authority type of the authority.
Returns
The generated authority identifier on success, or a non-OK Status on failure.

◆ IdentityType()

virtual EnclaveIdentityType asylo::EnclaveAssertionAuthority::IdentityType ( ) const
pure virtual

Gets the enclave identity type handled by this assertion authority.

Returns
The identity type handled by this authority.

Implemented in asylo::SgxIntelEcdsaQeRemoteAssertionGenerator, asylo::SgxIntelEcdsaQeRemoteAssertionVerifier, asylo::SgxAgeRemoteAssertionVerifier, asylo::SgxAgeRemoteAssertionGenerator, asylo::NullAssertionVerifier, asylo::SgxLocalAssertionGenerator, asylo::NullAssertionGenerator, and asylo::SgxLocalAssertionVerifier.

◆ Initialize()

virtual Status asylo::EnclaveAssertionAuthority::Initialize ( const std::string &  config)
pure virtual

Initializes this assertion authority using the provided config.

Parameters
configA config with which to initialize this authority.
Returns
A Status indicating whether initialization succeeded.

Implemented in asylo::SgxIntelEcdsaQeRemoteAssertionGenerator, asylo::SgxIntelEcdsaQeRemoteAssertionVerifier, asylo::SgxAgeRemoteAssertionVerifier, asylo::SgxAgeRemoteAssertionGenerator, asylo::NullAssertionVerifier, asylo::SgxLocalAssertionGenerator, asylo::NullAssertionGenerator, and asylo::SgxLocalAssertionVerifier.

◆ IsCompatibleAssertionDescription()

bool asylo::EnclaveAssertionAuthority::IsCompatibleAssertionDescription ( const AssertionDescription &  description) const
inlineprotected

Indicates whether description describes an assertion that is compatible with this authority.

This functionality is common to all assertion authorities and is provided for convenience of implementing more complex operations.

Parameters
descriptionA description to check for compatibility.
Returns
True if description is compatible with this authority.

◆ IsInitialized()

virtual bool asylo::EnclaveAssertionAuthority::IsInitialized ( ) const
pure virtual

Indicates whether this assertion authority has been initialized successfully via a call to Initialize().

Returns
True if this authority is initialized.

Implemented in asylo::SgxIntelEcdsaQeRemoteAssertionGenerator, asylo::SgxIntelEcdsaQeRemoteAssertionVerifier, asylo::SgxAgeRemoteAssertionVerifier, asylo::SgxAgeRemoteAssertionGenerator, asylo::NullAssertionVerifier, asylo::SgxLocalAssertionGenerator, asylo::NullAssertionGenerator, and asylo::SgxLocalAssertionVerifier.

The documentation for this class was generated from the following file: