Documentation
¶
Index ¶
- Variables
- func AddOEQuoteHeader(quote []byte) []byte
- func CoordinatorCertChainFromPEM(pemChain []byte) (rootCert, intermediateCert *x509.Certificate, err error)
- func DecryptOAEP(priv *rsa.PrivateKey, ciphertext []byte) ([]byte, error)
- func DeriveKey(secret, salt []byte, length uint) ([]byte, error)
- func EncryptOAEP(pub *rsa.PublicKey, plaintext []byte) ([]byte, error)
- func ExtractIPsFromAltNames(subjAltNames []string) ([]net.IP, []string)
- func GenerateCSR(subjAltNames []string, privk *ecdsa.PrivateKey) (*x509.CertificateRequest, error)
- func GenerateCert(subjAltNames []string, ipAddrs []net.IP, isCA bool) (*x509.Certificate, *ecdsa.PrivateKey, error)
- func GenerateCertificateSerialNumber() (*big.Int, error)
- func Getenv(name string, fallback string) string
- func IsRawSGXQuote(quote []byte) bool
- func LoadGRPCTLSCredentials(cert *x509.Certificate, privk *ecdsa.PrivateKey, insecureSkipVerify bool) (credentials.TransportCredentials, error)
- func MustGenerateTestMarbleCredentials() (cert *x509.Certificate, csrRaw []byte, privk *ecdsa.PrivateKey)
- func MustGetLocalListenerAndAddr() (net.Listener, string)
- func MustGetenv(name string) string
- func MustGetwd() string
- func TLSCertFromDER(certDER []byte, privk interface{}) *tls.Certificate
- func XORBytes(a, b []byte) ([]byte, error)
Constants ¶
This section is empty.
Variables ¶
var DefaultCertificateIPAddresses = []net.IP{net.IPv4(127, 0, 0, 1), net.IPv6loopback}
DefaultCertificateIPAddresses defines a placeholder value used for automated x509 certificate generation.
Functions ¶
func AddOEQuoteHeader ¶ added in v1.5.0
AddOEQuoteHeader adds an OpenEnclave quote header to the given quote.
func CoordinatorCertChainFromPEM ¶ added in v1.5.0
func CoordinatorCertChainFromPEM(pemChain []byte) (rootCert, intermediateCert *x509.Certificate, err error)
CoordinatorCertChainFromPEM parses a Coordinator's PEM encoded certificate chain into x509.Certificate objects.
func DecryptOAEP ¶ added in v0.3.0
func DecryptOAEP(priv *rsa.PrivateKey, ciphertext []byte) ([]byte, error)
DecryptOAEP is a wrapper function for rsa.DecryptOAEP for a nicer syntax.
func EncryptOAEP ¶ added in v0.3.0
EncryptOAEP is a wrapper function for rsa.EncryptOAEP for a nicer syntax.
func ExtractIPsFromAltNames ¶ added in v1.4.0
ExtractIPsFromAltNames extracts IP addresses and DNS names from a list of subject alternative names.
func GenerateCSR ¶
func GenerateCSR(subjAltNames []string, privk *ecdsa.PrivateKey) (*x509.CertificateRequest, error)
GenerateCSR generates a new CSR for the given DNSNames and private key.
func GenerateCert ¶
func GenerateCert(subjAltNames []string, ipAddrs []net.IP, isCA bool) (*x509.Certificate, *ecdsa.PrivateKey, error)
GenerateCert generates a new self-signed certificate associated key-pair.
func GenerateCertificateSerialNumber ¶
GenerateCertificateSerialNumber generates a random serial number for an X.509 certificate.
func Getenv ¶ added in v0.3.1
Getenv returns the environment variable `name` if it exists or the handed fallback value elsewise.
func IsRawSGXQuote ¶ added in v1.5.0
IsRawSGXQuote tries to parse the SGX Quote Header of the given quote to try and check if its a valid SGX quote. Reference: https://download.01.org/intel-sgx/sgx-dcap/1.21/linux/docs/Intel_SGX_ECDSA_QuoteLibReference_DCAP_API.pdf#%5B%7B%22num%22%3A76%2C%22gen%22%3A0%7D%2C%7B%22name%22%3A%22XYZ%22%7D%2C69%2C369%2C0%5D
func LoadGRPCTLSCredentials ¶
func LoadGRPCTLSCredentials(cert *x509.Certificate, privk *ecdsa.PrivateKey, insecureSkipVerify bool) (credentials.TransportCredentials, error)
LoadGRPCTLSCredentials returns a TLS configuration based on cert and privk.
func MustGenerateTestMarbleCredentials ¶
func MustGenerateTestMarbleCredentials() (cert *x509.Certificate, csrRaw []byte, privk *ecdsa.PrivateKey)
MustGenerateTestMarbleCredentials returns dummy Marble TLS credentials for testing.
func MustGetLocalListenerAndAddr ¶
MustGetLocalListenerAndAddr returns a TCP listener on a system-chosen port on localhost and its address.
func MustGetenv ¶
MustGetenv returns the environment variable `name` if it exists or panics otherwise.
func MustGetwd ¶ added in v0.3.1
func MustGetwd() string
MustGetwd returns the current working directory and panics if it cannot be dcetermined.
func TLSCertFromDER ¶
func TLSCertFromDER(certDER []byte, privk interface{}) *tls.Certificate
TLSCertFromDER converts a DER certificate to a TLS certificate.
Types ¶
This section is empty.
Source Files
Directories