[][src]Struct graphene_sgx::AttestationVerifier

pub struct AttestationVerifier { /* fields omitted */ }

Attestation verifier enables easy checking of various attestation evidence properties.

Example

 use chrono::Duration;
 use graphene_sgx::sgx::SgxQuote;
 use graphene_sgx::AttestationResponse;

 let quote = SgxQuote::hasher()
     .data(&[0u8; 42])
     .data(&[1u8; 10])
     .build()
     .unwrap();
 let evidence = AttestationResponse::default(); // this should be obtained from IAS
 let verifier = evidence.verifier();
 let result = verifier.max_age(Duration::minutes(1))
     .data(&[0u8; 42])
     .data(&[1u8; 10])
     .mr_enclave(quote.body.report_body.mr_enclave)
     .isv_prod_id(42)
     .not_debug()
     .check();

Implementations

impl AttestationVerifier[src]

pub fn data(self, data: &[u8]) -> Self[src]

Add custom data to hash. All bytes added using this method are hashed with SHA512 and compared with enclave quote's report_data field.

pub fn nonce(self, nonce: &str) -> Self[src]

Check IAS report's nonce.

pub fn mr_enclave(self, mr: SgxMeasurement) -> Self[src]

Check enclave's hash (must match the supplied value).

pub fn mr_enclave_list(self, mrs: &[SgxMeasurement]) -> Self[src]

Check enclave's hash (must match any of the supplied values).

pub fn mr_signer(self, mr: SgxMeasurement) -> Self[src]

Check enclave's hash of signing key (must match the supplied value).

pub fn mr_signer_list(self, mrs: &[SgxMeasurement]) -> Self[src]

Check enclave's hash of signing key (must match any of the supplied values).

pub fn isv_prod_id(self, id: u16) -> Self[src]

Check enclave's ISV product ID.

pub fn isv_svn(self, svn: u16) -> Self[src]

Check enclave's security version number.

pub fn not_outdated(self) -> Self[src]

Check that enclave's IAS status is not GROUP_OUT_OF_DATE (platform missing security updates).

pub fn not_debug(self) -> Self[src]

Check that enclave is not in debug mode.

pub fn max_age(self, age: Duration) -> Self[src]

Check maximum age of the IAS report (using report's timestamp).

pub fn check(self) -> AttestationResult[src]

Finalize all checks and convert the verifier into attestation result.

Auto Trait Implementations

Blanket Implementations

impl<T> Any for T where
    T: 'static + ?Sized[src]

impl<T> Borrow<T> for T where
    T: ?Sized[src]

impl<T> BorrowMut<T> for T where
    T: ?Sized[src]

impl<T> From<T> for T[src]

impl<T, U> Into<U> for T where
    U: From<T>, [src]

impl<T, U> TryFrom<U> for T where
    U: Into<T>, [src]

type Error = Infallible

The type returned in the event of a conversion error.

impl<T, U> TryInto<U> for T where
    U: TryFrom<T>, [src]

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.