sgx/signature/
mod.rs

1// SPDX-License-Identifier: Apache-2.0
2
3//! Enclave signature types
4//!
5//! This module contains types used to generate enclave signatures.
6//!
7//! Most likely, you will start with the `Hasher` to measure an enclave and
8//! product the `MRENCLAVE` measurement. Then you will want to use the
9//! `Parameters` type to create a `Body`. Finally, you will combine an
10//! `Author` with the `Body` and an `RsaPrivateKey` to create a `Signature`.
11
12mod author;
13mod body;
14mod hasher;
15
16pub use author::Author;
17pub use body::Body;
18pub use hasher::{Hasher, InvalidSize};
19
20use crate::crypto::PrivateKey;
21
22/// A signature on an enclave
23///
24/// This structure encompasses the `SIGSTRUCT` structure from the SGX
25/// documentation, renamed for ergonomics. The two portions of the
26/// data that are included in the signature are further divided into
27/// subordinate structures (`Author` and `Body`) for ease during
28/// signature generation and validation.
29#[repr(C)]
30#[derive(Clone, Debug, PartialEq, Eq)]
31pub struct Signature {
32    author: Author,
33    modulus: [u8; 384],
34    exponent: u32,
35    signature: [u8; 384],
36    body: Body,
37    reserved: [u8; 12],
38    q1: [u8; 384],
39    q2: [u8; 384],
40}
41
42impl Signature {
43    /// Signs the supplied `author` and `body` with the specified `key`.
44    pub fn new<T: PrivateKey>(key: &T, author: Author, body: Body) -> Result<Self, T::Error> {
45        use core::mem::{size_of, transmute};
46
47        let a: [u8; size_of::<Author>()] = unsafe { transmute(author) };
48        let b: [u8; size_of::<Body>()] = unsafe { transmute(body) };
49        let sd = key.sign(&a, &b)?;
50
51        Ok(Self {
52            author,
53            modulus: sd.modulus,
54            exponent: sd.exponent,
55            signature: sd.signature,
56            body,
57            reserved: [0; 12],
58            q1: sd.q1,
59            q2: sd.q2,
60        })
61    }
62
63    pub fn author(&self) -> Author {
64        self.author
65    }
66
67    pub fn body(&self) -> Body {
68        self.body
69    }
70}
71
72#[cfg(test)]
73mod test {
74    use super::Signature;
75    use testaso::testaso;
76
77    testaso! {
78        struct Signature: 4, 1808 => {
79            author: 0,
80            modulus: 128,
81            exponent: 512,
82            signature: 516,
83            body: 900,
84            reserved: 1028,
85            q1: 1040,
86            q2: 1424
87        }
88    }
89}