Struct sgx_tdh::SgxDhResponder [−][src]
pub struct SgxDhResponder { /* fields omitted */ }
DH secure session responder
Methods
impl SgxDhResponder
[src]
impl SgxDhResponder
pub fn init_session() -> Self
[src]
pub fn init_session() -> Self
Initialize DH secure session responder.
Indicates role of responder the caller plays in the secure session establishment.
The value of role of the responder of the session establishment must be SGX_DH_SESSION_RESPONDER
.
Requirements
Library: libsgx_tservice.a or libsgx_tservice_sim.a (simulation)
pub fn gen_msg1(&mut self, msg1: &mut SgxDhMsg1) -> SgxError
[src]
pub fn gen_msg1(&mut self, msg1: &mut SgxDhMsg1) -> SgxError
Generates MSG1 for the responder of DH secure session establishment and records ECC key pair in session structure.
Requirements
Library: libsgx_tservice.a or libsgx_tservice_sim.a (simulation)
Parameters
msg1
A pointer to an SgxDhMsg1 msg1 buffer. The buffer holding the msg1 message, which is referenced by this parameter, must be within the enclave. The DH msg1 contains the responder’s public key and report based target info.
Errors
SGX_ERROR_INVALID_PARAMETER
Any of the input parameters is incorrect.
SGX_ERROR_INVALID_STATE
The API is invoked in incorrect order or state.
SGX_ERROR_OUT_OF_MEMORY
The enclave is out of memory.
SGX_ERROR_UNEXPECTED
An unexpected error occurred.
pub fn proc_msg2(
&mut self,
msg2: &SgxDhMsg2,
msg3: &mut SgxDhMsg3,
aek: &mut sgx_key_128bit_t,
initiator_identity: &mut sgx_dh_session_enclave_identity_t
) -> SgxError
[src]
pub fn proc_msg2(
&mut self,
msg2: &SgxDhMsg2,
msg3: &mut SgxDhMsg3,
aek: &mut sgx_key_128bit_t,
initiator_identity: &mut sgx_dh_session_enclave_identity_t
) -> SgxError
The responder handles msg2 sent by initiator and then derives AEK, updates session information and generates msg3.
Requirements
Library: libsgx_tservice.a or libsgx_tservice_sim.a (simulation)
Parameters
msg2
Point to dh message 2 buffer generated by session initiator, and the buffer must be in enclave address space.
msg3
Point to dh message 3 buffer generated by session responder in this function, and the buffer must be in enclave address space.
aek
A pointer that points to instance of sgx_key_128bit_t. The aek is derived as follows:
KDK := CMAC(key0, LittleEndian(gab x-coordinate)) AEK = AES-CMAC(KDK, 0x01||"AEK"||0x00||0x80||0x00)
The key0 used in the key extraction operation is 16 bytes of 0x00. The plain text used in the AES-CMAC calculation of the KDK is the Diffie-Hellman shared secret elliptic curve field element in Little Endian format.The plain text used in the AEK calculation includes:
-
a counter (0x01)
-
a label: the ASCII representation of the string 'AEK' in Little Endian format
-
a bit length (0x80)
initiator_identity
A pointer that points to instance of sgx_dh_session_enclave_identity_t. Identity information of initiator includes isv svn, isv product id, the enclave attributes, MRSIGNER, and MRENCLAVE. The buffer must be in enclave address space. The caller should check the identity of the peer and decide whether to trust the peer and use the aek.
Errors
SGX_ERROR_INVALID_PARAMETER
Any of the input parameters is incorrect.
SGX_ERROR_INVALID_STATE
The API is invoked in incorrect order or state.
SGX_ERROR_KDF_MISMATCH
Indicates the key derivation function does not match.
SGX_ERROR_OUT_OF_MEMORY
The enclave is out of memory.
SGX_ERROR_UNEXPECTED
An unexpected error occurred.
Trait Implementations
impl Copy for SgxDhResponder
[src]
impl Copy for SgxDhResponder
impl Clone for SgxDhResponder
[src]
impl Clone for SgxDhResponder
fn clone(&self) -> SgxDhResponder
[src]
fn clone(&self) -> SgxDhResponder
Returns a copy of the value. Read more
fn clone_from(&mut self, source: &Self)
1.0.0[src]
fn clone_from(&mut self, source: &Self)
Performs copy-assignment from source
. Read more
impl Default for SgxDhResponder
[src]
impl Default for SgxDhResponder
impl ContiguousMemory for SgxDhResponder
[src]
impl ContiguousMemory for SgxDhResponder
Auto Trait Implementations
impl Send for SgxDhResponder
impl Send for SgxDhResponder
impl Sync for SgxDhResponder
impl Sync for SgxDhResponder