attestor

package
v1.9.2 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Mar 25, 2024 License: Apache-2.0 Imports: 28 Imported by: 1

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func IsSVIDExpired added in v0.11.0 

func IsSVIDExpired(svid []*x509.Certificate, timeNow func() time.Time) bool

IsSVIDExpired returns true if the X.509 SVID provided is expired

Types

type AttestationResult 

type AttestationResult struct {
	SVID         []*x509.Certificate
	Key          keymanager.Key
	Bundle       *spiffebundle.Bundle
	Reattestable bool
}

type Attestor 

type Attestor interface {
	Attest(ctx context.Context) (*AttestationResult, error)
}

func New 

func New(config *Config) Attestor

type Config 

type Config struct {
	Catalog           catalog.Catalog
	Metrics           telemetry.Metrics
	JoinToken         string
	TrustDomain       spiffeid.TrustDomain
	TrustBundle       []*x509.Certificate
	InsecureBootstrap bool
	Storage           storage.Storage
	Log               logrus.FieldLogger
	ServerAddress     string
	NodeAttestor      nodeattestor.NodeAttestor
}

type ServerStream added in v1.4.2 

type ServerStream struct {
	Client       agentv1.AgentClient
	Csr          []byte
	Log          logrus.FieldLogger
	SVID         []*x509.Certificate
	Reattestable bool
	// contains filtered or unexported fields
}

func (*ServerStream) SendAttestationData added in v1.4.2 

func (ss *ServerStream) SendAttestationData(ctx context.Context, attestationData nodeattestor.AttestationData) ([]byte, error)

func (*ServerStream) SendChallengeResponse added in v1.4.2 

func (ss *ServerStream) SendChallengeResponse(ctx context.Context, response []byte) ([]byte, error)

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.