ssgx::utils_t::SealHandler Class Reference
Provides SGX sealing and unsealing operations. More...
#include <ssgx_utils_t_seal_handler.h>
Public Member Functions | |
| SealHandler (uint16_t key_policy=SGX_KEYPOLICY_MRENCLAVE) | |
Constructs a SealHandler with a specified key policy. | |
| void | SetAttributeMask (sgx_attributes_t attribute_mask) |
| Sets the full SGX attribute mask for sealing or key derivation operations. | |
| void | SetMiscMask (sgx_misc_select_t misc_mask) |
| Sets the miscellaneous mask for key derivation. | |
| void | SetAdditionalMacText (const uint8_t *mac_text, uint32_t length) |
| Sets additional data that will be protected by MAC but not encrypted. | |
| std::optional< std::vector< uint8_t > > | SealData (const std::vector< uint8_t > &text_to_encrypt) |
| Seals data using AES-GCM encryption. | |
| std::optional< std::vector< uint8_t > > | SealData (const uint8_t *text_to_encrypt, uint32_t length) |
| Seals data using AES-GCM encryption (pointer-based version). | |
| std::optional< UnsealedData > | UnsealData (const std::vector< uint8_t > &sealed_data) |
| Unseals previously sealed data and retrieves the original plaintext. | |
| std::optional< UnsealedData > | UnsealData (const uint8_t *sealed_data, uint32_t length) |
| Unseals previously sealed data using pointer-based input. | |
| std::string | GetLastError () const |
| Retrieves the last error message. | |
Detailed Description
Provides SGX sealing and unsealing operations.
This class allows secure encryption and decryption of data using SGX's AES-GCM sealing mechanism. It supports both vector-based and pointer-based interfaces for flexible data handling.
Constructor & Destructor Documentation
◆ SealHandler()
|
explicit |
Constructs a SealHandler with a specified key policy.
- Parameters
-
key_policy The key policy for sealing operations (default: SGX_KEYPOLICY_MRENCLAVE).
Member Function Documentation
◆ GetLastError()
|
inlinenodiscard |
Retrieves the last error message.
- Returns
- A string describing the last encountered error.
◆ SealData() [1/2]
| std::optional< std::vector< uint8_t > > ssgx::utils_t::SealHandler::SealData | ( | const std::vector< uint8_t > & | text_to_encrypt | ) |
Seals data using AES-GCM encryption.
- Parameters
-
text_to_encrypt The plaintext data to be sealed.
- Returns
std::optionalcontaining the sealed data, orstd::nullopton failure. UseGetLastError()to retrieve the error message.
◆ SealData() [2/2]
| std::optional< std::vector< uint8_t > > ssgx::utils_t::SealHandler::SealData | ( | const uint8_t * | text_to_encrypt, |
| uint32_t | length ) |
Seals data using AES-GCM encryption (pointer-based version).
- Parameters
-
text_to_encrypt Pointer to plaintext data. length Size of the plaintext data.
- Returns
std::optionalcontaining the sealed data, orstd::nullopton failure. UseGetLastError()to retrieve the error message.
◆ SetAdditionalMacText()
|
inline |
Sets additional data that will be protected by MAC but not encrypted.
- Parameters
-
mac_text Pointer to additional data. length Length of the additional data.
◆ SetAttributeMask()
|
inline |
Sets the full SGX attribute mask for sealing or key derivation operations.
The SGX attribute mask typically includes both:
flags(e.g., SGX_FLAGS_INITTED, SGX_FLAGS_DEBUG)xfrm(e.g., extended features like AVX, SSE)
- Parameters
-
attribute_mask The combined SGX attributes to apply during key derivation.
◆ SetMiscMask()
|
inline |
Sets the miscellaneous mask for key derivation.
- Parameters
-
misc_mask The miscellaneous select mask.
◆ UnsealData() [1/2]
| std::optional< UnsealedData > ssgx::utils_t::SealHandler::UnsealData | ( | const std::vector< uint8_t > & | sealed_data | ) |
Unseals previously sealed data and retrieves the original plaintext.
- Parameters
-
sealed_data The sealed data to be unsealed.
- Returns
std::optional<UnsealedData>containing the unsealed content, orstd::nullopton failure. UseGetLastError()to retrieve the error message.
◆ UnsealData() [2/2]
| std::optional< UnsealedData > ssgx::utils_t::SealHandler::UnsealData | ( | const uint8_t * | sealed_data, |
| uint32_t | length ) |
Unseals previously sealed data using pointer-based input.
- Parameters
-
sealed_data Pointer to the sealed data. length Size of the sealed data.
- Returns
std::optional<UnsealedData>containing the unsealed content, orstd::nullopton failure. UseGetLastError()to retrieve the error message.
The documentation for this class was generated from the following file:
Generated by
1.12.0