Asylo
Public Member Functions | List of all members
asylo::EnclaveAssertionGenerator Class Referenceabstract

Defines an interface for assertion authorities that create assertion offers and generate assertions. More...

#include <enclave_assertion_generator.h>

Inheritance diagram for asylo::EnclaveAssertionGenerator:
Inheritance graph
[legend]
Collaboration diagram for asylo::EnclaveAssertionGenerator:
Collaboration graph
[legend]

Public Member Functions

virtual Status CreateAssertionOffer (AssertionOffer *offer) const =0
 Creates an assertion offer compatible with this generator's identity type and authority type and places the result in offer. More...
 
virtual StatusOr< bool > CanGenerate (const AssertionRequest &request) const =0
 Indicates whether the assertion requested in request can be generated by this generator. More...
 
virtual Status Generate (const std::string &user_data, const AssertionRequest &request, Assertion *assertion) const =0
 Generates an assertion that satisfies the given request, if request is compatible with this generator's identity type and authority type. More...
 
- Public Member Functions inherited from asylo::EnclaveAssertionAuthority
virtual ~EnclaveAssertionAuthority ()=default
 
virtual Status Initialize (const std::string &config)=0
 Initializes this assertion authority using the provided config. More...
 
virtual bool IsInitialized () const =0
 Indicates whether this assertion authority has been initialized successfully via a call to Initialize(). More...
 
virtual EnclaveIdentityType IdentityType () const =0
 Gets the enclave identity type handled by this assertion authority. More...
 
virtual std::string AuthorityType () const =0
 Gets the type of this assertion authority. More...
 

Additional Inherited Members

- Static Public Member Functions inherited from asylo::EnclaveAssertionAuthority
static StatusOr< std::string > GenerateAuthorityId (const EnclaveIdentityType &identity_type, const std::string &authority_type)
 Gets a unique identifier for an EnclaveAssertionAuthority with the given identity_type and authority_type. More...
 
- Protected Member Functions inherited from asylo::EnclaveAssertionAuthority
bool IsCompatibleAssertionDescription (const AssertionDescription &description) const
 Indicates whether description describes an assertion that is compatible with this authority. More...
 

Detailed Description

Defines an interface for assertion authorities that create assertion offers and generate assertions.

EnclaveAssertionGenerator cannot be instantiated; it is intended to be derived from by classes that implement the EnclaveAssertionGenerator interface for a particular identity type and authority type.

Derived classes of EnclaveAssertionGenerator must:

Derived classes of EnclaveAssertionGenerator must also implement virtual methods presented by EnclaveAssertionAuthority.

Member Function Documentation

◆ CanGenerate()

virtual StatusOr<bool> asylo::EnclaveAssertionGenerator::CanGenerate ( const AssertionRequest &  request) const
pure virtual

Indicates whether the assertion requested in request can be generated by this generator.

Parameters
requestA request to be fulfilled.
Returns
True if the assertion specified in request can be generated, and false if no errors occur during the operation but request cannot be fulfilled. Returns a non-OK Status if this generator is not yet initialized or if an internal error occurs while attempting the operation.

Implemented in asylo::SgxIntelEcdsaQeRemoteAssertionGenerator, asylo::SgxAgeRemoteAssertionGenerator, asylo::SgxLocalAssertionGenerator, and asylo::NullAssertionGenerator.

◆ CreateAssertionOffer()

virtual Status asylo::EnclaveAssertionGenerator::CreateAssertionOffer ( AssertionOffer *  offer) const
pure virtual

Creates an assertion offer compatible with this generator's identity type and authority type and places the result in offer.

Parameters
[out]offerThe generated offer.
Returns
A Status indicating whether the offer was created. Returns a non-OK Status if this generator is not initialized or if an internal error occurs while attempting the operation.

Implemented in asylo::SgxIntelEcdsaQeRemoteAssertionGenerator, asylo::SgxAgeRemoteAssertionGenerator, asylo::SgxLocalAssertionGenerator, and asylo::NullAssertionGenerator.

◆ Generate()

virtual Status asylo::EnclaveAssertionGenerator::Generate ( const std::string &  user_data,
const AssertionRequest &  request,
Assertion *  assertion 
) const
pure virtual

Generates an assertion that satisfies the given request, if request is compatible with this generator's identity type and authority type.

The caller cannot make any assumptions about the contents of assertion if generation fails.

Parameters
user_dataUser-provided binding data.
requestA request to fulfill.
[out]assertionThe generated assertion.
Returns
A Status indicating whether an assertion was generated successfully. Returns a non-OK Status if the generator is not initialized or if an internal error occurs while attempting the operation.

Implemented in asylo::SgxIntelEcdsaQeRemoteAssertionGenerator, asylo::SgxAgeRemoteAssertionGenerator, asylo::SgxLocalAssertionGenerator, and asylo::NullAssertionGenerator.

The documentation for this class was generated from the following file: