Documentation
¶
Index ¶
- func BuildServerTLSConfig(certFile, keyFile, serverCAFile, clientCAFile string) (*tls.Config, tls.Certificate, bool, error)
- func NewEvidenceVerifier(policyPath string) eaattestation.EvidenceVerifier
- func NewRandomRequest(contextLen int) (*ea.AuthenticatorRequest, error)
- func NewRequest(context []byte) (*ea.AuthenticatorRequest, error)
- func VerificationPolicyFromEvidenceVerifier(v eaattestation.EvidenceVerifier) eaattestation.VerificationPolicy
- func VerifyOptionsFromTLSConfig(cfg *tls.Config) *x509.VerifyOptions
- type AuthenticatorRequest
- type CertificateProvider
- type ClientConfig
- type Conn
- func Client(tlsConn *tls.Conn, cfg *ClientConfig) (*Conn, error)
- func Dial(network, address string, cfg *ClientConfig) (*Conn, error)
- func DialContext(ctx context.Context, network, address string, cfg *ClientConfig) (*Conn, error)
- func DialWithDialer(dialer *net.Dialer, network, address string, cfg *ClientConfig) (*Conn, error)
- func Server(tlsConn *tls.Conn, cfg *ServerConfig) (*Conn, error)
- type Listener
- type ServerConfig
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func BuildServerTLSConfig ¶ added in v0.9.0
func BuildServerTLSConfig(certFile, keyFile, serverCAFile, clientCAFile string) (*tls.Config, tls.Certificate, bool, error)
BuildServerTLSConfig prepares the base TLS configuration used by the EA/aTLS transport. If no certificate/key pair is configured, it falls back to an ephemeral self-signed identity bound by the exported authenticator.
func NewEvidenceVerifier ¶ added in v0.9.0
func NewEvidenceVerifier(policyPath string) eaattestation.EvidenceVerifier
func NewRandomRequest ¶ added in v0.9.0
func NewRandomRequest(contextLen int) (*ea.AuthenticatorRequest, error)
func NewRequest ¶ added in v0.9.0
func NewRequest(context []byte) (*ea.AuthenticatorRequest, error)
func VerificationPolicyFromEvidenceVerifier ¶ added in v0.9.0
func VerificationPolicyFromEvidenceVerifier(v eaattestation.EvidenceVerifier) eaattestation.VerificationPolicy
func VerifyOptionsFromTLSConfig ¶ added in v0.9.0
func VerifyOptionsFromTLSConfig(cfg *tls.Config) *x509.VerifyOptions
Types ¶
type AuthenticatorRequest ¶ added in v0.9.0
type AuthenticatorRequest = ea.AuthenticatorRequest
type CertificateProvider ¶ added in v0.8.0
type CertificateProvider interface {
BuildLeafExtensions(st *tls.ConnectionState, req *ea.AuthenticatorRequest, leaf *x509.Certificate) ([]ea.Extension, error)
}
CertificateProvider is kept for compatibility with existing cocos call sites. In the EA-based implementation it provides the leaf certificate-entry extensions carried in the exported authenticator instead of generating TLS certificates.
func NewProvider ¶ added in v0.8.0
func NewProvider(attClient attestationclient.Client, platformType cocosattestation.PlatformType, _ string, _ string, _ sdk.SDK) (CertificateProvider, error)
type ClientConfig ¶ added in v0.9.0
type ClientConfig = internaltransport.ClientConfig
type Conn ¶ added in v0.9.0
type Conn = internaltransport.Conn
func DialContext ¶ added in v0.9.0
func DialWithDialer ¶ added in v0.9.0
type Listener ¶ added in v0.9.0
type Listener = internaltransport.Listener
type ServerConfig ¶ added in v0.9.0
type ServerConfig = internaltransport.ServerConfig
Source Files
¶
Directories
Click to show internal directories.
Click to hide internal directories.