Struct oasis_core_runtime::identity::Identity

source ·
pub struct Identity { /* private fields */ }
Expand description

Runtime identity.

The identity can be used to sign remote attestations with runtime attestation key (RAK) or to decrypt ciphertexts sent to the enclave with runtime encryption key (REK). RAK avoids round trips to IAS/PCS for each verification as the verifier can instead verify the RAK signature and the signature on the provided quote which binds RAK to the enclave. REK allows enclaves to publish encrypted data on-chain to an enclave instance.

Implementations§

source§

impl Identity

source

pub fn new() -> Self

Create an uninitialized runtime identity.

source

pub fn endorsed_capability_tee(&self) -> Option<EndorsedCapabilityTEE>

Endorsed TEE capability.

source

pub fn node_identity(&self) -> Option<PublicKey>

Host node identity public key.

source

pub fn public_rak(&self) -> PublicKey

Public part of RAK.

This method will return an insecure test key in the case where the enclave is not running on SGX hardware.

source

pub fn public_rek(&self) -> PublicKey

Public part of REK.

This method will return an insecure test key in the case where the enclave is not running on SGX hardware.

source

pub fn quote(&self) -> Option<Arc<Quote>>

Quote for RAK.

This method may return None in case quote has not yet been set from the outside, or if the quote has expired.

source

pub fn quote_policy(&self) -> Option<Arc<QuotePolicy>>

Runtime quote policy.

This method may return None in the case where the enclave is not running on SGX hardware or if the quote policy has not yet been fetched from the consensus layer.

source

pub fn verify_binding(quote: &VerifiedQuote, rak: &PublicKey) -> Result<()>

Verify a provided RAK binding.

source

pub fn rak_matches(&self, rak: &PublicKey, quote: &Quote) -> bool

Checks whether the RAK matches another specified (RAK_pub, quote) pair.

Trait Implementations§

source§

impl Default for Identity

source§

fn default() -> Self

Returns the “default value” for a type. Read more
source§

impl Opener for Identity

source§

fn box_open( &self, nonce: &[u8; 15], ciphertext: Vec<u8>, additional_data: Vec<u8>, peers_public_key: &PublicKey, ) -> Result<Vec<u8>>

Unboxes (“opens”) the provided additional data and ciphertext.
source§

impl Signer for Identity

source§

fn public(&self) -> PublicKey

Returns the public key corresponding to the signer.
source§

fn sign(&self, context: &[u8], message: &[u8]) -> Result<Signature>

Generates a signature over the context and message.

Auto Trait Implementations§

Blanket Implementations§

source§

impl<T> Any for T
where T: 'static + ?Sized,

source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
§

impl<'a, T, E> AsTaggedExplicit<'a, E> for T
where T: 'a,

§

fn explicit(self, class: Class, tag: u32) -> TaggedParser<'a, Explicit, Self, E>

§

impl<'a, T, E> AsTaggedImplicit<'a, E> for T
where T: 'a,

§

fn implicit( self, class: Class, constructed: bool, tag: u32, ) -> TaggedParser<'a, Implicit, Self, E>

source§

impl<T> Borrow<T> for T
where T: ?Sized,

source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
source§

impl<T> BorrowMut<T> for T
where T: ?Sized,

source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
source§

impl<T> From<T> for T

source§

fn from(t: T) -> T

Returns the argument unchanged.

source§

impl<T, U> Into<U> for T
where U: From<T>,

source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

§

impl<T> Pointable for T

§

const ALIGN: usize = _

The alignment of pointer.
§

type Init = T

The type for initializers.
§

unsafe fn init(init: <T as Pointable>::Init) -> usize

Initializes a with the given initializer. Read more
§

unsafe fn deref<'a>(ptr: usize) -> &'a T

Dereferences the given pointer. Read more
§

unsafe fn deref_mut<'a>(ptr: usize) -> &'a mut T

Mutably dereferences the given pointer. Read more
§

unsafe fn drop(ptr: usize)

Drops the object pointed to by the given pointer. Read more
source§

impl<T> Same for T

§

type Output = T

Should always be Self
source§

impl<T, U> TryFrom<U> for T
where U: Into<T>,

§

type Error = Infallible

The type returned in the event of a conversion error.
source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
source§

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.
§

impl<V, T> VZip<V> for T
where V: MultiLane<T>,

§

fn vzip(self) -> V

§

impl<T> ErasedDestructor for T
where T: 'static,

§

impl<T> MaybeSendSync for T

§

impl<T> SendSyncUnwindSafe for T
where T: Send + Sync + UnwindSafe + ?Sized,