Asylo
trusted_application.h
Go to the documentation of this file.
1 /*
2  *
3  * Copyright 2017 Asylo authors
4  *
5  * Licensed under the Apache License, Version 2.0 (the "License");
6  * you may not use this file except in compliance with the License.
7  * You may obtain a copy of the License at
8  *
9  * http://www.apache.org/licenses/LICENSE-2.0
10  *
11  * Unless required by applicable law or agreed to in writing, software
12  * distributed under the License is distributed on an "AS IS" BASIS,
13  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14  * See the License for the specific language governing permissions and
15  * limitations under the License.
16  *
17  */
18 
19 #ifndef ASYLO_PLATFORM_CORE_TRUSTED_APPLICATION_H_
20 #define ASYLO_PLATFORM_CORE_TRUSTED_APPLICATION_H_
21 
22 // Defines a high-level interface for constructing enclave applications.
23 
24 #include <string>
25 
26 #include "absl/status/status.h"
27 #include "asylo/enclave.pb.h"
28 #include "asylo/platform/core/entry_points.h"
29 #include "asylo/util/status.h"
30 
31 namespace asylo {
32 
33 /// Abstract base class for trusted applications.
34 ///
35 /// To implement an enclave application, client code declares a
36 /// TrustedApplication and implements the entry points it wishes to handle. For
37 /// example:
38 ///
39 /// ```
40 /// class HelloWorld : public TrustedApplication {
41 /// public:
42 /// Status Initialize(const EnclaveConfig &config) override {
43 /// primitives::TrustedPrimitives::DebugPuts("Hello!");
44 /// return absl::OkStatus();
45 /// }
46 ///
47 /// Status Run(const EnclaveInput &input, EnclaveOutput *output) override {
48 /// primitives::TrustedPrimitives::DebugPuts("Running!");
49 /// return absl::OkStatus();
50 /// }
51 ///
52 /// Status Finalize(const EnclaveFinal &fini) override {
53 /// primitives::TrustedPrimitives::DebugPuts("Goodbye!");
54 /// return absl::OkStatus();
55 /// }
56 /// };
57 /// ```
58 ///
59 /// At startup, the runtime will call the user supplied function
60 /// BuildTrustedApplication and install the returned instance as the handler for
61 /// enclave entries events. For instance:
62 ///
63 /// ```
64 /// TrustedApplication *BuildTrustedApplication() {
65 /// return new HelloWorld;
66 /// }
67 /// ```
68 ///
69 /// Note that types derived from TrustedApplication must be trivially
70 /// destructible, and any such destructor will never be invoked by the runtime.
71 class TrustedApplication {
72  public:
73  /// \private
74  Status InitializeInternal(const EnclaveConfig &config);
75 
76  /// Implements enclave initialization entry-point.
77  ///
78  /// \param config The configuration used to initialize the enclave.
79  /// \return An OK status or an error if the enclave could not be initialized.
80  /// \anchor initialize
81  virtual Status Initialize(const EnclaveConfig &config) {
82  return absl::OkStatus();
83  }
84 
85  /// Implements enclave execution entry-point.
86  ///
87  /// \param input Message passed to determine behavior for the Run routine.
88  /// \param output Message passed back to the untrusted caller.
89  /// \return OK status or error
90  /// \anchor run
91  virtual Status Run(const EnclaveInput &input, EnclaveOutput *output) {
92  return absl::OkStatus();
93  }
94 
95  /// Implements enclave finalization behavior.
96  ///
97  /// \param final_input Message passed on enclave finalization.
98  /// \return OK status or error
99  /// \anchor finalize
100  virtual Status Finalize(const EnclaveFinal &final_input) {
101  return absl::OkStatus();
102  }
103 
104  /// Trivial destructor.
105  ///
106  /// Trivial destructor. Note that classes derived from of TrustedApplication
107  /// must not add a non-trivial destructor, as they will not be called by the
108  /// enclave runtime.
109  virtual ~TrustedApplication() = default;
110 
111 
112  private:
113  friend int __asylo_user_init(const char *name, const char *config,
114  size_t config_len, char **output,
115  size_t *output_len);
116  friend int __asylo_user_run(const char *input, size_t input_len,
117  char **output, size_t *output_len);
118  friend int __asylo_user_fini(const char *input, size_t input_len,
119  char **output, size_t *output_len);
120 };
121 
122 /// User-supplied factory function for making a trusted application instance.
123 ///
124 /// \return A new TrustedApplication instance, or nullptr on failure.
125 /// \relates TrustedApplication
126 TrustedApplication *BuildTrustedApplication();
127 
128 /// Returns the trusted application instance.
129 ///
130 /// \return The enclave application instance or nullptr on failure.
131 /// \relates TrustedApplication
132 TrustedApplication *GetApplicationInstance();
133 
134 } // namespace asylo
135 
136 #endif // ASYLO_PLATFORM_CORE_TRUSTED_APPLICATION_H_
asylo::TrustedApplication::GetApplicationInstance
TrustedApplication * GetApplicationInstance()
Returns the trusted application instance.
asylo::kStatusMoveAssignmentMsg
ABSL_CONST_INIT const char kStatusMoveAssignmentMsg[]
asylo::TrustedApplication::__asylo_user_init
friend int __asylo_user_init(const char *name, const char *config, size_t config_len, char **output, size_t *output_len)
asylo::TrustedApplication
Abstract base class for trusted applications.
Definition: trusted_application.h:71
asylo::TrustedApplication::__asylo_user_run
friend int __asylo_user_run(const char *input, size_t input_len, char **output, size_t *output_len)
asylo::TrustedApplication::Run
virtual Status Run(const EnclaveInput &input, EnclaveOutput *output)
Implements enclave execution entry-point.
Definition: trusted_application.h:91
asylo::TrustedApplication::__asylo_user_fini
friend int __asylo_user_fini(const char *input, size_t input_len, char **output, size_t *output_len)
asylo::TrustedApplication::~TrustedApplication
virtual ~TrustedApplication()=default
Trivial destructor.
asylo::TrustedApplication::Finalize
virtual Status Finalize(const EnclaveFinal &final_input)
Implements enclave finalization behavior.
Definition: trusted_application.h:100
asylo::TrustedApplication::Initialize
virtual Status Initialize(const EnclaveConfig &config)
Implements enclave initialization entry-point.
Definition: trusted_application.h:81
asylo::TrustedApplication::BuildTrustedApplication
TrustedApplication * BuildTrustedApplication()
User-supplied factory function for making a trusted application instance.