api

func DecryptRecoveryData ¶

func DecryptRecoveryData(recoveryData []byte, recoveryPrivateKey *rsa.PrivateKey) ([]byte, error)

DecryptRecoveryData decrypts recovery data returned by a Coordinator during ManifestSet using a parties private recovery key.

func GetStatus ¶

func GetStatus(ctx context.Context, endpoint string, trustedRoot *x509.Certificate) (code int, msg string, err error)

GetStatus retrieves the status of a MarbleRun Coordinator instance.

On success, returns one of the following:

• 0: recovery: the Coordinator failed to restart from an existing state and needs to be recovered manually
• 1: uninitialized: the Coordinator is currently initializing
• 2: waiting for manifest: Waiting for user to supply a manifest
• 3: accepting marbles: The Coordinator is running, and Marbles can be added to the deployment

func ManifestGet ¶

func ManifestGet(ctx context.Context, endpoint string, trustedRoot *x509.Certificate) (manifest []byte, manifestHash string, manifestSignatureECDSA []byte, err error)

ManifestGet retrieves the manifest of a MarbleRun deployment.

func ManifestLog ¶

func ManifestLog(ctx context.Context, endpoint string, trustedRoot *x509.Certificate) ([]string, error)

ManifestLog retrieves the update log of a MarbleRun deployment.

func ManifestSet ¶

func ManifestSet(ctx context.Context, endpoint string, trustedRoot *x509.Certificate, manifest []byte) (recoveryData map[string][]byte, err error)

ManifestSet sets the manifest for a MarbleRun deployment. If recovery secrets are defined, this function will return the encrypted recovery data.

func ManifestUpdateAcknowledge ¶

func ManifestUpdateAcknowledge(ctx context.Context, endpoint string, trustedRoot *x509.Certificate, updateManifest []byte, clientKeyPair *tls.Certificate) (missingUsers []string, err error)

ManifestUpdateAcknowledge acknowledges the pending manifest update of a MarbleRun deployment. On success, it returns the number of remaining acknowledgements before the update is applied.

func ManifestUpdateApply ¶

func ManifestUpdateApply(ctx context.Context, endpoint string, trustedRoot *x509.Certificate, updateManifest []byte, clientKeyPair *tls.Certificate) error

ManifestUpdateApply sets a manifest update for a MarbleRun deployment.

func ManifestUpdateCancel ¶

func ManifestUpdateCancel(ctx context.Context, endpoint string, trustedRoot *x509.Certificate, clientKeyPair *tls.Certificate) error

ManifestUpdateCancel cancels a pending manifest update of a MarbleRun deployment.

func ManifestUpdateGet ¶

func ManifestUpdateGet(ctx context.Context, endpoint string, trustedRoot *x509.Certificate) (pendingManifest []byte, missingUsers []string, err error)

ManifestUpdateGet retrieves a pending manifest update of a MarbleRun deployment.

func Recover ¶

func Recover(ctx context.Context, endpoint string, opts VerifyOptions, recoverySecret []byte) (remaining int, sgxQuote []byte, err error)

Recover performs recovery on a Coordinator instance by setting the decrypted recoverySecret. On success, it returns the number of remaining recovery secrets to be set, as well as the verified SGX quote.

If this function is called from inside an EGo enclave, the "marblerun_ego_enclave" build tag must be set when building the binary.

func SecretGet ¶

func SecretGet(ctx context.Context, endpoint string, trustedRoot *x509.Certificate, clientKeyPair *tls.Certificate, secrets []string) (map[string]manifest.Secret, error)

SecretGet retrieves secrets from a MarbleRun deployment.

func SecretSet ¶

func SecretSet(ctx context.Context, endpoint string, trustedRoot *x509.Certificate, clientKeyPair *tls.Certificate, secrets map[string]manifest.UserSecret) error

SecretSet sets secrets for a MarbleRun deployment.

func SetLogSink ¶

func SetLogSink(w io.Writer)

SetLogSink sets the writer to which logs are written.

func SignQuote ¶

func SignQuote(ctx context.Context, endpoint string, trustedRoot *x509.Certificate, sgxQuote []byte) (signature []byte, tcbStatus tcbstatus.Status, err error)

SignQuote sends an SGX quote to a Coordinator for signing. If the quote is valid, the Coordinator will sign the quote using its root ECDSA key, and return the signature with the TCB status of the quote. The Coordinator does not verify if the quote matches any packages in the configured manifest. The signature is created over the SHA-256 hash of the base64-encoded SGX quote and the TCB status:

signature = ECDSA_sign(root_priv_key, SHA256(base64(SGX_quote) + string(TCB_status)))

Use VerifySignedQuote to verify the signature.

func VerifyCoordinator ¶

func VerifyCoordinator(ctx context.Context, endpoint string, opts VerifyOptions) (rootCert *x509.Certificate, intermediateCert *x509.Certificate, sgxQuote []byte, err error)

VerifyCoordinator performs remote attestation on a MarbleRun Coordinator. On success, it returns the Coordinator's self signed root and intermediate certificates, as well as the verified SGX quote. The root certificate should be used by the client for future connections to the Coordinator.

If this function is called from inside an EGo enclave, the "marblerun_ego_enclave" build tag must be set when building the binary.

func VerifyMarbleRunDeployment ¶

func VerifyMarbleRunDeployment(ctx context.Context, endpoint string, opts VerifyOptions, manifest []byte) (rootCert *x509.Certificate, intermediateCert *x509.Certificate, sgxQuote []byte, err error)

VerifyMarbleRunDeployment verifies a MarbleRun deployment by performing remote attestation on a Coordinator instance, and verifying that the deployment is using the expected manifest. On success, it returns the Coordinator's self signed root and intermediate certificates, as well as the verified SGX quote. The root certificate should be used by the client for future connections to the Coordinator.

If this function is called from inside an EGo enclave, the "marblerun_ego_enclave" build tag must be set when building the binary.

func VerifySignedQuote ¶

func VerifySignedQuote(trustedRoot *x509.Certificate, sgxQuote []byte, signature []byte, tcbStatus tcbstatus.Status) bool

VerifySignedQuote verifies an SGX quote against the signature created by a Coordinator.