Trait mc_oblivious_traits::ORAMStorage [−][src]
pub trait ORAMStorage<BlockSize: ArrayLength<u8>, MetaSize: ArrayLength<u8>> { fn len(&self) -> u64; fn checkout(
&mut self,
index: u64,
dest: &mut [A64Bytes<BlockSize>],
dest_meta: &mut [A8Bytes<MetaSize>]
); fn checkin(
&mut self,
index: u64,
src: &mut [A64Bytes<BlockSize>],
src_meta: &mut [A8Bytes<MetaSize>]
); }
Represents trusted block storage holding aligned blocks of memory of a certain size. This is a building block for ORAM.
This object is required to encrypt / mac the memory if it pushes things out to untrusted, but it is not required to keep the indices a secret when accessed. This object is not itself an oblivious data structure.
In tests this can simply be Vec. In production it is planned to be an object that makes OCalls to untrusted, and which encrypts and macs the memory blocks that it sends to and from untrusted. This is analogous to the “Intel memory engine” in SGX.
It is anticipated that “tree-top caching” occurs at this layer, so the initial portion of the storage is in the enclave and the rest is in untrusted
TODO: Create an API that allows checking out from two branches simultaneously.
Required methods
fn len(&self) -> u64[src]
Get the number of blocks represented by this block storage This is also the bound of the largest valid index
fn checkout(
&mut self,
index: u64,
dest: &mut [A64Bytes<BlockSize>],
dest_meta: &mut [A8Bytes<MetaSize>]
)[src]
&mut self,
index: u64,
dest: &mut [A64Bytes<BlockSize>],
dest_meta: &mut [A8Bytes<MetaSize>]
)
Checkout all blocks on the branch leading to a particular index in the tree, copying them and their metadata into two scratch buffers.
Arguments:
- index: The index of the leaf, a u64 TreeIndex value.
- dest: The destination data buffer
- dest_meta: The destination metadata buffer
Requirements:
- 0 < index <= len
- index.height() + 1 == dest.len() == dest_meta.len()
- It is illegal to checkout while there is an existing checkout.
fn checkin(
&mut self,
index: u64,
src: &mut [A64Bytes<BlockSize>],
src_meta: &mut [A8Bytes<MetaSize>]
)[src]
&mut self,
index: u64,
src: &mut [A64Bytes<BlockSize>],
src_meta: &mut [A8Bytes<MetaSize>]
)
Checkin a number of blocks, copying them and their metadata from two scratch buffers.
It is illegal to checkin when there is not an existing checkout. It is illegal to checkin different blocks than what was checked out.
Arguments:
- index: The index of the leaf, a u64 TreeIndex.
- src: The source data buffer
- src_meta: The source metadata buffer
Note: src and src_meta are mutable, because it is more efficient to encrypt them in place than to copy them and then encrypt. These buffers are left in an unspecified but valid state.