README
¶
Configuration
server-addr(optional): address of the VTS server in the form<host>:<port>. If not specified, this defaults to127.0.0.1:50051. Unlesslisten-addris specified (see below), VTS server will extract the port to listen on from this setting (but will listen on all local interfaces)listen-addr(optional): The address the VTS server will listen on in the form<host>:<port>. Only specify this if you want to restrict the server to listen on a particular interface; otherwise, the server will listen on all interfaces on the port specified inserver-addr.tls(optional): specifies whether TLS should be used for client connections. Defaults totrue.cert: path to the file containing the certificate that should be used by the server iftls(see above) istrue.cert-key: path to the file containing the key associated with the certificate specified byserver-cert(see above).ca-certs(optional): a list of paths to certificates that will be used in addition to system certs during mutual validation with the client whentls(see above) istrue.
Documentation
¶
Overview ¶
Copyright 2022-2023 Contributors to the Veraison project. SPDX-License-Identifier: Apache-2.0
Copyright 2022-2024 Contributors to the Veraison project. SPDX-License-Identifier: Apache-2.0
Copyright 2022-2024 Contributors to the Veraison project. SPDX-License-Identifier: Apache-2.0
Index ¶
- Constants
- Variables
- func LoadTLSCreds(certPath, keyPath string, caPaths []string) (credentials.TransportCredentials, error)
- type GRPC
- func (o *GRPC) Close() error
- func (o *GRPC) GetAttestation(ctx context.Context, token *proto.AttestationToken) (*proto.AppraisalContext, error)
- func (o *GRPC) GetEARSigningPublicKey(context.Context, *emptypb.Empty) (*proto.PublicKey, error)
- func (o *GRPC) GetServiceState(context.Context, *emptypb.Empty) (*proto.ServiceState, error)
- func (c *GRPC) GetSupportedProvisioningMediaTypes(context.Context, *emptypb.Empty) (*proto.MediaTypeList, error)
- func (c *GRPC) GetSupportedVerificationMediaTypes(context.Context, *emptypb.Empty) (*proto.MediaTypeList, error)
- func (o *GRPC) Init(v *viper.Viper, evm plugin.IManager[handler.IEvidenceHandler], ...) error
- func (o *GRPC) Run() error
- func (o *GRPC) SubmitEndorsements(ctx context.Context, req *proto.SubmitEndorsementsRequest) (*proto.SubmitEndorsementsResponse, error)
- type GRPCConfig
- type ITrustedServices
Constants ¶
View Source
const DummyTenantID = "0"
XXX should be (also) serviceID should be passed as a parameter
Variables ¶
View Source
var (
DefaultVTSAddr = "127.0.0.1:50051"
)
Functions ¶
func LoadTLSCreds ¶
func LoadTLSCreds( certPath, keyPath string, caPaths []string, ) (credentials.TransportCredentials, error)
Types ¶
type GRPC ¶
type GRPC struct {
ServerAddress string
TaStore kvstore.IKVStore
EnStore kvstore.IKVStore
EvPluginManager plugin.IManager[handler.IEvidenceHandler]
EndPluginManager plugin.IManager[handler.IEndorsementHandler]
StorePluginManager plugin.IManager[handler.IStoreHandler]
PolicyManager *policymanager.PolicyManager
EarSigner earsigner.IEarSigner
Server *grpc.Server
Socket net.Listener
proto.UnimplementedVTSServer
// contains filtered or unexported fields
}
func (*GRPC) GetAttestation ¶
func (o *GRPC) GetAttestation( ctx context.Context, token *proto.AttestationToken, ) (*proto.AppraisalContext, error)
func (*GRPC) GetEARSigningPublicKey ¶
func (*GRPC) GetServiceState ¶
func (*GRPC) GetSupportedProvisioningMediaTypes ¶
func (*GRPC) GetSupportedVerificationMediaTypes ¶
func (*GRPC) SubmitEndorsements ¶
func (o *GRPC) SubmitEndorsements(ctx context.Context, req *proto.SubmitEndorsementsRequest) (*proto.SubmitEndorsementsResponse, error)
type GRPCConfig ¶
type GRPCConfig struct {
ServerAddress string `mapstructure:"server-addr" valid:"dialstring"`
ListenAddress string `mapstructure:"listen-addr" valid:"dialstring" config:"zerodefault"`
UseTLS bool `mapstructure:"tls" config:"zerodefault"`
ServerCert string `mapstructure:"cert" config:"zerodefault"`
ServerCertKey string `mapstructure:"cert-key" config:"zerodefault"`
CACerts []string `mapstructure:"ca-certs" config:"zerodefault"`
}
Supported parameters:
vts.server-addr: string w/ syntax specified in https://github.com/grpc/grpc/blob/master/doc/naming.md
TODO(tho) load balancing config See https://github.com/grpc/grpc/blob/master/doc/load-balancing.md
func NewGRPCConfig ¶
func NewGRPCConfig() *GRPCConfig
type ITrustedServices ¶
type ITrustedServices interface {
Init(
cfg *viper.Viper,
evm plugin.IManager[handler.IEvidenceHandler],
endm plugin.IManager[handler.IEndorsementHandler],
stm plugin.IManager[handler.IStoreHandler],
) error
Close() error
Run() error
proto.VTSServer
}
func NewGRPC ¶
func NewGRPC( taStore, enStore kvstore.IKVStore, evpluginManager plugin.IManager[handler.IEvidenceHandler], endpluginManager plugin.IManager[handler.IEndorsementHandler], storepluginManager plugin.IManager[handler.IStoreHandler], policyManager *policymanager.PolicyManager, earSigner earsigner.IEarSigner, logger *zap.SugaredLogger, ) ITrustedServices
Source Files
Click to show internal directories.
Click to hide internal directories.