Asylo
sgx_local_assertion_verifier.h
Go to the documentation of this file.
1 /*
2  *
3  * Copyright 2018 Asylo authors
4  *
5  * Licensed under the Apache License, Version 2.0 (the "License");
6  * you may not use this file except in compliance with the License.
7  * You may obtain a copy of the License at
8  *
9  * http://www.apache.org/licenses/LICENSE-2.0
10  *
11  * Unless required by applicable law or agreed to in writing, software
12  * distributed under the License is distributed on an "AS IS" BASIS,
13  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14  * See the License for the specific language governing permissions and
15  * limitations under the License.
16  *
17  */
18 
19 #ifndef ASYLO_IDENTITY_SGX_SGX_LOCAL_ASSERTION_VERIFIER_H_
20 #define ASYLO_IDENTITY_SGX_SGX_LOCAL_ASSERTION_VERIFIER_H_
21 
22 #include "asylo/identity/enclave_assertion_verifier.h"
23 
24 #include "absl/synchronization/mutex.h"
25 
26 namespace asylo {
27 
28 /// An implemention of the EnclaveAssertionVerifier interface for SGX local
29 /// assertions.
30 ///
31 /// An SgxLocalAssertionVerifier is capable of verifying assertions of SGX code
32 /// identity that originate from SGX enclaves running within the same local
33 /// attestation domain.
34 class SgxLocalAssertionVerifier final : public EnclaveAssertionVerifier {
35  public:
36  /// Constructs an uninitialized SgxLocalAssertionVerifier.
37  ///
38  /// The verifier can be initialized via a call to Initialize().
40 
41  ///////////////////////////////////////////
42  // From AssertionAuthority interface. //
43  ///////////////////////////////////////////
44 
45  Status Initialize(const std::string &config) override;
46 
47  bool IsInitialized() const override;
48 
49  EnclaveIdentityType IdentityType() const override;
50 
51  std::string AuthorityType() const override;
52 
53  ///////////////////////////////////////////
54  // From AssertionVerifier interface. //
55  ///////////////////////////////////////////
56 
58 
59  StatusOr<bool> CanVerify(const AssertionOffer &offer) const override;
60 
62  EnclaveIdentity *peer_identity) const override;
63 
64  private:
65  // The identity type handled by this verifier.
66  static constexpr EnclaveIdentityType identity_type_ = CODE_IDENTITY;
67 
68  // The authority type handled by this verifier.
69  static const char *const authority_type_;
70 
71  // The attestation domain to which the enclave belongs.
72  std::string attestation_domain_;
73 
74  // Indicates whether this verifier has been initialized.
75  bool initialized_ GUARDED_BY(initialized_mu_);
76 
77  // A mutex that guards the initialized_ member.
78  mutable absl::Mutex initialized_mu_;
79 };
80 
81 } // namespace asylo
82 
83 #endif // ASYLO_IDENTITY_SGX_SGX_LOCAL_ASSERTION_VERIFIER_H_
std::string AuthorityType() const override
Gets the type of this assertion authority.
SgxLocalAssertionVerifier()
Constructs an uninitialized SgxLocalAssertionVerifier.
Status Verify(const std::string &user_data, const Assertion &assertion, EnclaveIdentity *peer_identity) const override
Verifies an assertion that is compatible with this verifier&#39;s identity type and authority type...
Status Initialize(const std::string &config) override
Initializes this assertion authority using the provided config.
Definition: aes_gcm_siv.h:37
bool IsInitialized() const override
Indicates whether this assertion authority has been initialized successfully via a call to Initialize...
Status CreateAssertionRequest(AssertionRequest *request) const override
Creates an assertion request compatible with this verifier&#39;s identity type and authority type and pla...
EnclaveIdentityType IdentityType() const override
Gets the enclave identity type handled by this assertion authority.
StatusOr< bool > CanVerify(const AssertionOffer &offer) const override
Indicates whether the assertion offered in offer can be verified by this verifier.