mc_sgx_sdk_tools

Struct SgxSign

Source 
pub struct SgxSign { /* private fields */ }
Expand description

Wrapper for the enclave signing tool (sgx_sign).

The enclave signing tool ships as part of the Intel® Software Guard Extensions SDK. Signing an enclave is a process that involves producing a signature structure that contains enclave properties such as the enclave measurement. Once an enclave is signed in such structure, the modifications to the enclave file (such as code, data, signature, and so on) can be detected. The signing tool also evaluates the enclave image for potential errors and warns you about potential security hazards.

See Enclave Signing Tool Documentation for more details.

Implementations§

Source§

impl SgxSign

Source

pub fn allow_relocations(self, allow: bool) -> Self

Relocations are generally forbidden in the enclave shared object, this tells the sgx_sign utility to ignore those errors.

Source

pub fn allow_init_sections(self, allow: bool) -> Self

Whether or not to allow .init sections in the enclave.

Source

pub fn allow_resign(self, allow: bool) -> Self

Whether to re-sign a previously signed enclave (default: false)

Source

pub fn sign( &mut self, unsigned_enclave: impl AsRef<Path>, config_file: impl AsRef<Path>, private_key: impl AsRef<Path>, output_enclave: impl AsRef<Path>, ) -> Command

Generate the command to sign the given enclave object with the given private key and write the resulting enclave to the given path. Note that online signatures are inherently insecure.

Source

pub fn gendata( &mut self, unsigned_enclave: impl AsRef<Path>, config_file: impl AsRef<Path>, output_datafile: impl AsRef<Path>, ) -> Command

Generate the command to create the data required for offline signing, and write it to the given output data path.

Source

pub fn catsig( &mut self, unsigned_enclave: impl AsRef<Path>, config_file: impl AsRef<Path>, public_key_pem: impl AsRef<Path>, enclave_signing_material: impl AsRef<Path>, signature: impl AsRef<Path>, output_enclave: impl AsRef<Path>, ) -> Command

Combine an unsigned enclave and signature into the output enclave, after checking the signature.

Source

pub fn dump( &mut self, signed_enclave: impl AsRef<Path>, css_file_path: impl AsRef<Path>, dump_file_path: impl AsRef<Path>, ) -> Command

Examine a signed enclave file and dump the data

Trait Implementations§

Source§

impl Clone for SgxSign

Source§

fn clone(&self) -> SgxSign

Returns a duplicate of the value. Read more
1.0.0 · Source§

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source. Read more
Source§

impl Debug for SgxSign

Source§

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter. Read more
Source§

impl Default for SgxSign

Source§

fn default() -> Self

Create a new SGX signing utility from the current environment.

Source§

impl From<PathBuf> for SgxSign

Construct a new SgxSign utility around the given executable path

Source§

fn from(sgx_sign_path: PathBuf) -> Self

Converts to this type from the input type.

Auto Trait Implementations§

Blanket Implementations§

Source§

impl<T> Any for T
where T: 'static + ?Sized,

Source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
Source§

impl<T> Borrow<T> for T
where T: ?Sized,

Source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
Source§

impl<T> BorrowMut<T> for T
where T: ?Sized,

Source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
Source§

impl<T> CloneToUninit for T
where T: Clone,

Source§

unsafe fn clone_to_uninit(&self, dest: *mut u8)

🔬This is a nightly-only experimental API. (clone_to_uninit)
Performs copy-assignment from self to dest. Read more
Source§

impl<T> From<T> for T

Source§

fn from(t: T) -> T

Returns the argument unchanged.

Source§

impl<T, U> Into<U> for T
where U: From<T>,

Source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

Source§

impl<T> IntoEither for T

Source§

fn into_either(self, into_left: bool) -> Either<Self, Self>

Converts self into a Left variant of Either<Self, Self> if into_left is true. Converts self into a Right variant of Either<Self, Self> otherwise. Read more
Source§

fn into_either_with<F>(self, into_left: F) -> Either<Self, Self>
where F: FnOnce(&Self) -> bool,

Converts self into a Left variant of Either<Self, Self> if into_left(&self) returns true. Converts self into a Right variant of Either<Self, Self> otherwise. Read more
Source§

impl<T> ToOwned for T
where T: Clone,

Source§

type Owned = T

The resulting type after obtaining ownership.
Source§

fn to_owned(&self) -> T

Creates owned data from borrowed data, usually by cloning. Read more
Source§

fn clone_into(&self, target: &mut T)

Uses borrowed data to replace owned data, usually by cloning. Read more
Source§

impl<T, U> TryFrom<U> for T
where U: Into<T>,

Source§

type Error = Infallible

The type returned in the event of a conversion error.
Source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
Source§

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

Source§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
Source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.