api

package
v1.5.1 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Sep 10, 2024 License: MPL-2.0 Imports: 24 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func DecryptRecoveryData 

func DecryptRecoveryData(recoveryData []byte, recoveryPrivateKey *rsa.PrivateKey) ([]byte, error)

DecryptRecoveryData decrypts recovery data returned by a Coordinator during ManifestSet using a parties private recovery key.

func GetStatus 

func GetStatus(ctx context.Context, endpoint string, trustedRoot *x509.Certificate) (code int, msg string, err error)

GetStatus retrieves the status of a MarbleRun Coordinator instance.

On success, returns one of the following:

  • 0: recovery: the Coordinator failed to restart from an existing state and needs to be recovered manually
  • 1: uninitialized: the Coordinator is currently initializing
  • 2: waiting for manifest: Waiting for user to supply a manifest
  • 3: accepting marbles: The Coordinator is running, and Marbles can be added to the deployment

func ManifestGet 

func ManifestGet(ctx context.Context, endpoint string, trustedRoot *x509.Certificate) (manifest []byte, manifestHash string, manifestSignatureECDSA []byte, err error)

ManifestGet retrieves the manifest of a MarbleRun deployment.

func ManifestLog 

func ManifestLog(ctx context.Context, endpoint string, trustedRoot *x509.Certificate) ([]string, error)

ManifestLog retrieves the update log of a MarbleRun deployment.

func ManifestSet 

func ManifestSet(ctx context.Context, endpoint string, trustedRoot *x509.Certificate, manifest []byte) (recoveryData map[string][]byte, err error)

ManifestSet sets the manifest for a MarbleRun deployment. If recovery secrets are defined, this function will return the encrypted recovery data.

func ManifestUpdateAcknowledge 

func ManifestUpdateAcknowledge(ctx context.Context, endpoint string, trustedRoot *x509.Certificate, updateManifest []byte, clientKeyPair *tls.Certificate) (missingUsers []string, err error)

ManifestUpdateAcknowledge acknowledges the pending manifest update of a MarbleRun deployment. On success, it returns the number of remaining acknowledgements before the update is applied.

func ManifestUpdateApply 

func ManifestUpdateApply(ctx context.Context, endpoint string, trustedRoot *x509.Certificate, updateManifest []byte, clientKeyPair *tls.Certificate) error

ManifestUpdateApply sets a manifest update for a MarbleRun deployment.

func ManifestUpdateCancel 

func ManifestUpdateCancel(ctx context.Context, endpoint string, trustedRoot *x509.Certificate, clientKeyPair *tls.Certificate) error

ManifestUpdateCancel cancels a pending manifest update of a MarbleRun deployment.

func ManifestUpdateGet 

func ManifestUpdateGet(ctx context.Context, endpoint string, trustedRoot *x509.Certificate) (pendingManifest []byte, missingUsers []string, err error)

ManifestUpdateGet retrieves a pending manifest update of a MarbleRun deployment.

func Recover 

func Recover(ctx context.Context, endpoint string, opts VerifyOptions, recoverySecret []byte) (remaining int, sgxQuote []byte, err error)

Recover performs recovery on a Coordinator instance by setting the decrypted recoverySecret. On success, it returns the number of remaining recovery secrets to be set, as well as the verified SGX quote.

If this function is called from inside an EGo enclave, the "marblerun_ego_enclave" build tag must be set when building the binary.

func SecretGet 

func SecretGet(ctx context.Context, endpoint string, trustedRoot *x509.Certificate, clientKeyPair *tls.Certificate, secrets []string) (map[string]manifest.Secret, error)

SecretGet retrieves secrets from a MarbleRun deployment.

func SecretSet 

func SecretSet(ctx context.Context, endpoint string, trustedRoot *x509.Certificate, clientKeyPair *tls.Certificate, secrets map[string]manifest.UserSecret) error

SecretSet sets secrets for a MarbleRun deployment.

func SetLogSink 

func SetLogSink(w io.Writer)

SetLogSink sets the writer to which logs are written.

func SignQuote 

func SignQuote(ctx context.Context, endpoint string, trustedRoot *x509.Certificate, sgxQuote []byte) (signature []byte, tcbStatus tcbstatus.Status, err error)

SignQuote sends an SGX quote to a Coordinator for signing. If the quote is valid, the Coordinator will sign the quote using its root ECDSA key, and return the signature with the TCB status of the quote. The Coordinator does not verify if the quote matches any packages in the configured manifest. The signature is created over the SHA-256 hash of the base64-encoded SGX quote and the TCB status: 

signature = ECDSA_sign(root_priv_key, SHA256(base64(SGX_quote) + string(TCB_status)))

Use VerifySignedQuote to verify the signature.

func VerifyCoordinator 

func VerifyCoordinator(ctx context.Context, endpoint string, opts VerifyOptions) (rootCert *x509.Certificate, intermediateCert *x509.Certificate, sgxQuote []byte, err error)

VerifyCoordinator performs remote attestation on a MarbleRun Coordinator. On success, it returns the Coordinator's self signed root and intermediate certificates, as well as the verified SGX quote. The root certificate should be used by the client for future connections to the Coordinator. The SGX quote is returned to allow further verification, but this is purely optional.

If this function is called from inside an EGo enclave, the "marblerun_ego_enclave" build tag must be set when building the binary.

func VerifyMarbleRunDeployment 

func VerifyMarbleRunDeployment(ctx context.Context, endpoint string, opts VerifyOptions, manifest []byte) (rootCert *x509.Certificate, intermediateCert *x509.Certificate, sgxQuote []byte, err error)

VerifyMarbleRunDeployment verifies a MarbleRun deployment by performing remote attestation on a Coordinator instance, and verifying that the deployment is using the expected manifest. On success, it returns the Coordinator's self signed root and intermediate certificates, as well as the verified SGX quote. The root certificate should be used by the client for future connections to the Coordinator. The SGX quote is returned to allow further verification, but this is purely optional.

If this function is called from inside an EGo enclave, the "marblerun_ego_enclave" build tag must be set when building the binary.

func VerifySignedQuote 

func VerifySignedQuote(trustedRoot *x509.Certificate, sgxQuote []byte, signature []byte, tcbStatus tcbstatus.Status) bool

VerifySignedQuote verifies an SGX quote against the signature created by a Coordinator.

Types

type VerifyOptions 

type VerifyOptions struct {
	// InsecureSkipVerify disables verification of the Coordinator's attestation statement.
	// WARNING: This IS insecure and should only be used for testing purposes.
	InsecureSkipVerify bool `json:"InsecureSkipVerify"`

	// UniqueID is the unique ID (MRENCLAVE) of the Coordinator enclave.
	UniqueID string `json:"UniqueID"`
	// SignerID is the signer ID (MRSIGNER) of the Coordinator enclave.
	SignerID string `json:"SignerID"`
	// SecurityVersion is the security version (ISVSVN) of the Coordinator enclave.
	SecurityVersion uint `json:"SecurityVersion"`
	// ProductID is the product ID (ISVPRODID) of the Coordinator enclave.
	ProductID uint16 `json:"ProductID"`
	// Debug specifies whether the Coordinator enclave is allowed to run in debug mode.
	Debug bool `json:"Debug"`

	// AcceptedTCBStatuses is a list of TCB statuses that are considered valid.
	// Should be one or multiple from {"UpToDate", "OutOfDate",	"Revoked", "ConfigurationNeeded", "OutOfDateConfigurationNeeded", "SWHardeningNeeded", "ConfigurationAndSWHardeningNeeded"}.
	// If not set, defaults to ["UpToDate", "SWHardeningNeeded"].
	// If the Coordinator returns a TCB status not listed, an [attestation.TCBStatusError] is returned.
	AcceptedTCBStatuses []string `json:"AcceptedTCBStatuses"`

	// Nonce is an optional, user-defined nonce to be included in the Coordinator's attestation statement.
	// If set, the Coordinator will generate an SGX quote over sha256(Coordinator_root_cert, Nonce).
	// Set a nonce if you want to enforce freshness of the quote. The API functions will automatically verify that the returned quote includes this nonce.
	Nonce []byte `json:"Nonce"`
}

VerifyOptions specifies how to verify the remote attestation of a Coordinator instances.

func VerifyOptionsFromConfig 

func VerifyOptionsFromConfig(configPath string) (VerifyOptions, error)

VerifyOptionsFromConfig reads a configuration file from disk.

Source Files

View all Source files

Directories

Path Synopsis
Package rest provides methods and functions to communicate with the MarbleRun Coordinator using its REST API.
 Package rest provides methods and functions to communicate with the MarbleRun Coordinator using its REST API.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.