Asylo
Classes | Typedefs | Functions
asylo::experimental Namespace Reference

Classes

class  ExecTester
 Executes a subprocess. More...
 

Typedefs

using AeadCryptor = ::asylo::AeadCryptor
 

Functions

StatusOr< EnclaveAssertionAuthorityConfig > CreateSgxIntelEcdsaQeRemoteAssertionAuthorityConfig ()
 Creates configuration for the SGX Intel ECDSA QE remote assertion authority. More...
 
StatusOr< EnclaveAssertionAuthorityConfig > CreateSgxIntelEcdsaQeRemoteAssertionAuthorityConfig (CertificateChain pck_certificate_chain, SgxIdentity qe_identity)
 Creates configuration for the SGX Intel ECDSA QE remote assertion authority. More...
 

Typedef Documentation

◆ AeadCryptor

using asylo::experimental::AeadCryptor = typedef ::asylo::AeadCryptor
Deprecated:
AeadCryptor has been moved to the asylo top-level namespace.

This type alias will be removed in an up-coming release.

Function Documentation

◆ CreateSgxIntelEcdsaQeRemoteAssertionAuthorityConfig() [1/2]

StatusOr<EnclaveAssertionAuthorityConfig> asylo::experimental::CreateSgxIntelEcdsaQeRemoteAssertionAuthorityConfig ( )

Creates configuration for the SGX Intel ECDSA QE remote assertion authority.

The returned configuration contains the Intel SGX Root CA Certificate for verifying assertion root of trust. Any generated assertions will include the certification data that the Intel DCAP library locates using the Platform Quote Provider Library, as documented in https://download.01.org/intel-sgx/latest/dcap-latest/linux/docs/Intel_SGX_ECDSA_QuoteLibReference_DCAP_API.pdf

This type of EnclaveAssertionAuthorityConfig is required when using the SgxIntelEcdsaQeRemoteAssertionVerifier and/or SgxIntelEcdsaQeRemoteAssertionGenerator.

Returns
A config for the SGX Intel ECDSA QE remote assertion authority.

◆ CreateSgxIntelEcdsaQeRemoteAssertionAuthorityConfig() [2/2]

StatusOr<EnclaveAssertionAuthorityConfig> asylo::experimental::CreateSgxIntelEcdsaQeRemoteAssertionAuthorityConfig ( CertificateChain  pck_certificate_chain,
SgxIdentity  qe_identity 
)

Creates configuration for the SGX Intel ECDSA QE remote assertion authority.

The returned configuration contains the Intel SGX Root CA Certificate for verifying assertion root of trust. Any generated assertions will include the given pck_certificate_chain as certification data.

This type of EnclaveAssertionAuthorityConfig is required when using the SgxIntelEcdsaQeRemoteAssertionVerifier and/or SgxIntelEcdsaQeRemoteAssertionGenerator.

Parameters
pck_certificate_chainThe certification chain to include with any generated assertions.
qe_identityThe Intel ECDSA QE's identity.
Returns
A config for the SGX Intel ECDSA QE remote assertion authority.