Asylo
sgx_local_assertion_verifier.h
Go to the documentation of this file.
1 /*
2  *
3  * Copyright 2018 Asylo authors
4  *
5  * Licensed under the Apache License, Version 2.0 (the "License");
6  * you may not use this file except in compliance with the License.
7  * You may obtain a copy of the License at
8  *
9  * http://www.apache.org/licenses/LICENSE-2.0
10  *
11  * Unless required by applicable law or agreed to in writing, software
12  * distributed under the License is distributed on an "AS IS" BASIS,
13  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14  * See the License for the specific language governing permissions and
15  * limitations under the License.
16  *
17  */
18 
19 #ifndef ASYLO_IDENTITY_ATTESTATION_SGX_SGX_LOCAL_ASSERTION_VERIFIER_H_
20 #define ASYLO_IDENTITY_ATTESTATION_SGX_SGX_LOCAL_ASSERTION_VERIFIER_H_
21 
22 #include "absl/synchronization/mutex.h"
23 #include "asylo/identity/attestation/enclave_assertion_verifier.h"
24 
25 namespace asylo {
26 
27 /// An implemention of the EnclaveAssertionVerifier interface for SGX local
28 /// assertions.
29 ///
30 /// An SgxLocalAssertionVerifier is capable of verifying assertions of SGX code
31 /// identity that originate from SGX enclaves running within the same local
32 /// attestation domain.
33 class SgxLocalAssertionVerifier final : public EnclaveAssertionVerifier {
34  public:
35  /// Constructs an uninitialized SgxLocalAssertionVerifier.
36  ///
37  /// The verifier can be initialized via a call to Initialize().
39 
40  ///////////////////////////////////////////
41  // From AssertionAuthority interface. //
42  ///////////////////////////////////////////
43 
44  Status Initialize(const std::string &config) override;
45 
46  bool IsInitialized() const override;
47 
48  EnclaveIdentityType IdentityType() const override;
49 
50  std::string AuthorityType() const override;
51 
52  ///////////////////////////////////////////
53  // From AssertionVerifier interface. //
54  ///////////////////////////////////////////
55 
57 
58  StatusOr<bool> CanVerify(const AssertionOffer &offer) const override;
59 
61  EnclaveIdentity *peer_identity) const override;
62 
63  private:
64  // The identity type handled by this verifier.
65  static constexpr EnclaveIdentityType identity_type_ = CODE_IDENTITY;
66 
67  // The authority type handled by this verifier.
68  static const char *const authority_type_;
69 
70  // The attestation domain to which the enclave belongs.
71  std::string attestation_domain_;
72 
73  // Indicates whether this verifier has been initialized.
74  bool initialized_ ABSL_GUARDED_BY(initialized_mu_);
75 
76  // A mutex that guards the initialized_ member.
77  mutable absl::Mutex initialized_mu_;
78 };
79 
80 } // namespace asylo
81 
82 #endif // ASYLO_IDENTITY_ATTESTATION_SGX_SGX_LOCAL_ASSERTION_VERIFIER_H_
std::string AuthorityType() const override
Gets the type of this assertion authority.
SgxLocalAssertionVerifier()
Constructs an uninitialized SgxLocalAssertionVerifier.
Status Verify(const std::string &user_data, const Assertion &assertion, EnclaveIdentity *peer_identity) const override
Verifies an assertion that is compatible with this verifier&#39;s identity type and authority type...
Status Initialize(const std::string &config) override
Initializes this assertion authority using the provided config.
ABSL_CONST_INIT const char kStatusMoveAssignmentMsg[]
bool IsInitialized() const override
Indicates whether this assertion authority has been initialized successfully via a call to Initialize...
Status CreateAssertionRequest(AssertionRequest *request) const override
Creates an assertion request compatible with this verifier&#39;s identity type and authority type and pla...
EnclaveIdentityType IdentityType() const override
Gets the enclave identity type handled by this assertion authority.
StatusOr< bool > CanVerify(const AssertionOffer &offer) const override
Indicates whether the assertion offered in offer can be verified by this verifier.