confidentialcomputingpb

package
v1.4.2 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Mar 14, 2024 License: Apache-2.0 Imports: 11 Imported by: 1

Documentation

Index

Constants

This section is empty.

Variables

View Source 
var (
	SigningAlgorithm_name = map[int32]string{
		0: "SIGNING_ALGORITHM_UNSPECIFIED",
		1: "RSASSA_PSS_SHA256",
		2: "RSASSA_PKCS1V15_SHA256",
		3: "ECDSA_P256_SHA256",
	}
	SigningAlgorithm_value = map[string]int32{
		"SIGNING_ALGORITHM_UNSPECIFIED": 0,
		"RSASSA_PSS_SHA256":             1,
		"RSASSA_PKCS1V15_SHA256":        2,
		"ECDSA_P256_SHA256":             3,
	}
)

Enum value maps for SigningAlgorithm.

View Source 
var (
	TokenType_name = map[int32]string{
		0: "TOKEN_TYPE_UNSPECIFIED",
		1: "TOKEN_TYPE_OIDC",
	}
	TokenType_value = map[string]int32{
		"TOKEN_TYPE_UNSPECIFIED": 0,
		"TOKEN_TYPE_OIDC":        1,
	}
)

Enum value maps for TokenType.

View Source 
var File_google_cloud_confidentialcomputing_v1_service_proto protoreflect.FileDescriptor

Functions

func RegisterConfidentialComputingServer 

func RegisterConfidentialComputingServer(s *grpc.Server, srv ConfidentialComputingServer)

Types

type Challenge 

type Challenge struct {

	// Output only. The resource name for this Challenge in the format
	// `projects/*/locations/*/challenges/*`
	Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
	// Output only. The time at which this Challenge was created
	CreateTime *timestamppb.Timestamp `protobuf:"bytes,2,opt,name=create_time,json=createTime,proto3" json:"create_time,omitempty"`
	// Output only. The time at which this Challenge will no longer be usable. It
	// is also the expiration time for any tokens generated from this Challenge.
	ExpireTime *timestamppb.Timestamp `protobuf:"bytes,3,opt,name=expire_time,json=expireTime,proto3" json:"expire_time,omitempty"`
	// Output only. Indicates if this challenge has been used to generate a token.
	Used bool `protobuf:"varint,4,opt,name=used,proto3" json:"used,omitempty"`
	// Output only. Identical to nonce, but as a string.
	TpmNonce string `protobuf:"bytes,6,opt,name=tpm_nonce,json=tpmNonce,proto3" json:"tpm_nonce,omitempty"`
	// contains filtered or unexported fields
}

A Challenge from the server used to guarantee freshness of attestations

func (*Challenge) Descriptor deprecated 

func (*Challenge) Descriptor() ([]byte, []int)

Deprecated: Use Challenge.ProtoReflect.Descriptor instead.

func (*Challenge) GetCreateTime 

func (x *Challenge) GetCreateTime() *timestamppb.Timestamp

func (*Challenge) GetExpireTime 

func (x *Challenge) GetExpireTime() *timestamppb.Timestamp

func (*Challenge) GetName 

func (x *Challenge) GetName() string

func (*Challenge) GetTpmNonce 

func (x *Challenge) GetTpmNonce() string

func (*Challenge) GetUsed 

func (x *Challenge) GetUsed() bool

func (*Challenge) ProtoMessage 

func (*Challenge) ProtoMessage()

func (*Challenge) ProtoReflect 

func (x *Challenge) ProtoReflect() protoreflect.Message

func (*Challenge) Reset 

func (x *Challenge) Reset()

func (*Challenge) String 

func (x *Challenge) String() string

type ConfidentialComputingClient 

type ConfidentialComputingClient interface {
	// Creates a new Challenge in a given project and location.
	CreateChallenge(ctx context.Context, in *CreateChallengeRequest, opts ...grpc.CallOption) (*Challenge, error)
	// Verifies the provided attestation info, returning a signed OIDC token.
	VerifyAttestation(ctx context.Context, in *VerifyAttestationRequest, opts ...grpc.CallOption) (*VerifyAttestationResponse, error)
}

ConfidentialComputingClient is the client API for ConfidentialComputing service.

For semantics around ctx use and closing/ending streaming RPCs, please refer to https://godoc.org/google.golang.org/grpc#ClientConn.NewStream.

func NewConfidentialComputingClient 

func NewConfidentialComputingClient(cc grpc.ClientConnInterface) ConfidentialComputingClient

type ConfidentialComputingServer 

type ConfidentialComputingServer interface {
	// Creates a new Challenge in a given project and location.
	CreateChallenge(context.Context, *CreateChallengeRequest) (*Challenge, error)
	// Verifies the provided attestation info, returning a signed OIDC token.
	VerifyAttestation(context.Context, *VerifyAttestationRequest) (*VerifyAttestationResponse, error)
}

ConfidentialComputingServer is the server API for ConfidentialComputing service.

type ConfidentialSpaceInfo added in v1.1.0 

type ConfidentialSpaceInfo struct {

	// Optional. A list of signed entities containing container image signatures
	// that can be used for server-side signature verification.
	SignedEntities []*SignedEntity `protobuf:"bytes,1,rep,name=signed_entities,json=signedEntities,proto3" json:"signed_entities,omitempty"`
	// contains filtered or unexported fields
}

ConfidentialSpaceInfo contains information related to the Confidential Space TEE.

func (*ConfidentialSpaceInfo) Descriptor deprecated added in v1.1.0 

func (*ConfidentialSpaceInfo) Descriptor() ([]byte, []int)

Deprecated: Use ConfidentialSpaceInfo.ProtoReflect.Descriptor instead.

func (*ConfidentialSpaceInfo) GetSignedEntities added in v1.1.0 

func (x *ConfidentialSpaceInfo) GetSignedEntities() []*SignedEntity

func (*ConfidentialSpaceInfo) ProtoMessage added in v1.1.0 

func (*ConfidentialSpaceInfo) ProtoMessage()

func (*ConfidentialSpaceInfo) ProtoReflect added in v1.1.0 

func (x *ConfidentialSpaceInfo) ProtoReflect() protoreflect.Message

func (*ConfidentialSpaceInfo) Reset added in v1.1.0 

func (x *ConfidentialSpaceInfo) Reset()

func (*ConfidentialSpaceInfo) String added in v1.1.0 

func (x *ConfidentialSpaceInfo) String() string

type ContainerImageSignature added in v1.1.0 

type ContainerImageSignature struct {

	// Optional. The binary signature payload following the SimpleSigning format
	// https://github.com/sigstore/cosign/blob/main/specs/SIGNATURE_SPEC.md#simple-signing.
	// This payload includes the container image digest.
	Payload []byte `protobuf:"bytes,1,opt,name=payload,proto3" json:"payload,omitempty"`
	// Optional. A signature over the payload.
	// The container image digest is incorporated into the signature as follows:
	// 1. Generate a SimpleSigning format payload that includes the container
	// image digest.
	// 2. Generate a signature over SHA256 digest of the payload.
	// The signature generation process can be represented as follows:
	// `Sign(sha256(SimpleSigningPayload(sha256(Image Manifest))))`
	Signature []byte `protobuf:"bytes,2,opt,name=signature,proto3" json:"signature,omitempty"`
	// Optional. Reserved for future use.
	PublicKey []byte `protobuf:"bytes,3,opt,name=public_key,json=publicKey,proto3" json:"public_key,omitempty"`
	// Optional. Reserved for future use.
	SigAlg SigningAlgorithm `` /* 140-byte string literal not displayed */
	// contains filtered or unexported fields
}

ContainerImageSignature holds necessary metadata to verify a container image signature.

func (*ContainerImageSignature) Descriptor deprecated added in v1.1.0 

func (*ContainerImageSignature) Descriptor() ([]byte, []int)

Deprecated: Use ContainerImageSignature.ProtoReflect.Descriptor instead.

func (*ContainerImageSignature) GetPayload added in v1.1.0 

func (x *ContainerImageSignature) GetPayload() []byte

func (*ContainerImageSignature) GetPublicKey added in v1.1.0 

func (x *ContainerImageSignature) GetPublicKey() []byte

func (*ContainerImageSignature) GetSigAlg added in v1.1.0 

func (x *ContainerImageSignature) GetSigAlg() SigningAlgorithm

func (*ContainerImageSignature) GetSignature added in v1.1.0 

func (x *ContainerImageSignature) GetSignature() []byte

func (*ContainerImageSignature) ProtoMessage added in v1.1.0 

func (*ContainerImageSignature) ProtoMessage()

func (*ContainerImageSignature) ProtoReflect added in v1.1.0 

func (x *ContainerImageSignature) ProtoReflect() protoreflect.Message

func (*ContainerImageSignature) Reset added in v1.1.0 

func (x *ContainerImageSignature) Reset()

func (*ContainerImageSignature) String added in v1.1.0 

func (x *ContainerImageSignature) String() string

type CreateChallengeRequest 

type CreateChallengeRequest struct {

	// Required. The resource name of the location where the Challenge will be
	// used, in the format `projects/*/locations/*`.
	Parent string `protobuf:"bytes,1,opt,name=parent,proto3" json:"parent,omitempty"`
	// Required. The Challenge to be created. Currently this field can be empty as
	// all the Challenge fields are set by the server.
	Challenge *Challenge `protobuf:"bytes,2,opt,name=challenge,proto3" json:"challenge,omitempty"`
	// contains filtered or unexported fields
}

Message for creating a Challenge

func (*CreateChallengeRequest) Descriptor deprecated 

func (*CreateChallengeRequest) Descriptor() ([]byte, []int)

Deprecated: Use CreateChallengeRequest.ProtoReflect.Descriptor instead.

func (*CreateChallengeRequest) GetChallenge 

func (x *CreateChallengeRequest) GetChallenge() *Challenge

func (*CreateChallengeRequest) GetParent 

func (x *CreateChallengeRequest) GetParent() string

func (*CreateChallengeRequest) ProtoMessage 

func (*CreateChallengeRequest) ProtoMessage()

func (*CreateChallengeRequest) ProtoReflect 

func (x *CreateChallengeRequest) ProtoReflect() protoreflect.Message

func (*CreateChallengeRequest) Reset 

func (x *CreateChallengeRequest) Reset()

func (*CreateChallengeRequest) String 

func (x *CreateChallengeRequest) String() string

type GcpCredentials 

type GcpCredentials struct {

	// Same as id_tokens, but as a string.
	ServiceAccountIdTokens []string `` /* 131-byte string literal not displayed */
	// contains filtered or unexported fields
}

Credentials issued by GCP which are linked to the platform attestation. These will be verified server-side as part of attestaion verification.

func (*GcpCredentials) Descriptor deprecated 

func (*GcpCredentials) Descriptor() ([]byte, []int)

Deprecated: Use GcpCredentials.ProtoReflect.Descriptor instead.

func (*GcpCredentials) GetServiceAccountIdTokens 

func (x *GcpCredentials) GetServiceAccountIdTokens() []string

func (*GcpCredentials) ProtoMessage 

func (*GcpCredentials) ProtoMessage()

func (*GcpCredentials) ProtoReflect 

func (x *GcpCredentials) ProtoReflect() protoreflect.Message

func (*GcpCredentials) Reset 

func (x *GcpCredentials) Reset()

func (*GcpCredentials) String 

func (x *GcpCredentials) String() string

type SignedEntity added in v1.1.0 

type SignedEntity struct {

	// Optional. A list of container image signatures attached to an OCI image
	// object.
	ContainerImageSignatures []*ContainerImageSignature `` /* 135-byte string literal not displayed */
	// contains filtered or unexported fields
}

SignedEntity represents an OCI image object containing everything necessary to verify container image signatures.

func (*SignedEntity) Descriptor deprecated added in v1.1.0 

func (*SignedEntity) Descriptor() ([]byte, []int)

Deprecated: Use SignedEntity.ProtoReflect.Descriptor instead.

func (*SignedEntity) GetContainerImageSignatures added in v1.1.0 

func (x *SignedEntity) GetContainerImageSignatures() []*ContainerImageSignature

func (*SignedEntity) ProtoMessage added in v1.1.0 

func (*SignedEntity) ProtoMessage()

func (*SignedEntity) ProtoReflect added in v1.1.0 

func (x *SignedEntity) ProtoReflect() protoreflect.Message

func (*SignedEntity) Reset added in v1.1.0 

func (x *SignedEntity) Reset()

func (*SignedEntity) String added in v1.1.0 

func (x *SignedEntity) String() string

type SigningAlgorithm added in v1.1.0 

type SigningAlgorithm int32

SigningAlgorithm enumerates all the supported signing algorithms. 

const (
	// Unspecified signing algorithm.
	SigningAlgorithm_SIGNING_ALGORITHM_UNSPECIFIED SigningAlgorithm = 0
	// RSASSA-PSS with a SHA256 digest.
	SigningAlgorithm_RSASSA_PSS_SHA256 SigningAlgorithm = 1
	// RSASSA-PKCS1 v1.5 with a SHA256 digest.
	SigningAlgorithm_RSASSA_PKCS1V15_SHA256 SigningAlgorithm = 2
	// ECDSA on the P-256 Curve with a SHA256 digest.
	SigningAlgorithm_ECDSA_P256_SHA256 SigningAlgorithm = 3
)

func (SigningAlgorithm) Descriptor added in v1.1.0 

func (SigningAlgorithm) Descriptor() protoreflect.EnumDescriptor

func (SigningAlgorithm) Enum added in v1.1.0 

func (x SigningAlgorithm) Enum() *SigningAlgorithm

func (SigningAlgorithm) EnumDescriptor deprecated added in v1.1.0 

func (SigningAlgorithm) EnumDescriptor() ([]byte, []int)

Deprecated: Use SigningAlgorithm.Descriptor instead.

func (SigningAlgorithm) Number added in v1.1.0 

func (x SigningAlgorithm) Number() protoreflect.EnumNumber

func (SigningAlgorithm) String added in v1.1.0 

func (x SigningAlgorithm) String() string

func (SigningAlgorithm) Type added in v1.1.0 

func (SigningAlgorithm) Type() protoreflect.EnumType

type TokenOptions added in v1.1.0 

type TokenOptions struct {

	// Optional. Optional string to issue the token with a custom audience claim.
	// Required if one or more nonces are specified.
	Audience string `protobuf:"bytes,1,opt,name=audience,proto3" json:"audience,omitempty"`
	// Optional. Optional parameter to place one or more nonces in the eat_nonce
	// claim in the output token. The minimum size for JSON-encoded EATs is 10
	// bytes and the maximum size is 74 bytes.
	Nonce []string `protobuf:"bytes,2,rep,name=nonce,proto3" json:"nonce,omitempty"`
	// Optional. Optional token type to select what type of token to return.
	TokenType TokenType `` /* 142-byte string literal not displayed */
	// contains filtered or unexported fields
}

Options to modify claims in the token to generate custom-purpose tokens.

func (*TokenOptions) Descriptor deprecated added in v1.1.0 

func (*TokenOptions) Descriptor() ([]byte, []int)

Deprecated: Use TokenOptions.ProtoReflect.Descriptor instead.

func (*TokenOptions) GetAudience added in v1.1.0 

func (x *TokenOptions) GetAudience() string

func (*TokenOptions) GetNonce added in v1.1.0 

func (x *TokenOptions) GetNonce() []string

func (*TokenOptions) GetTokenType added in v1.4.0 

func (x *TokenOptions) GetTokenType() TokenType

func (*TokenOptions) ProtoMessage added in v1.1.0 

func (*TokenOptions) ProtoMessage()

func (*TokenOptions) ProtoReflect added in v1.1.0 

func (x *TokenOptions) ProtoReflect() protoreflect.Message

func (*TokenOptions) Reset added in v1.1.0 

func (x *TokenOptions) Reset()

func (*TokenOptions) String added in v1.1.0 

func (x *TokenOptions) String() string

type TokenType added in v1.4.0 

type TokenType int32

Token type enum contains the different types of token responses Confidential Space supports 

const (
	// Unspecified token type
	TokenType_TOKEN_TYPE_UNSPECIFIED TokenType = 0
	// OpenID Connect (OIDC) token type
	TokenType_TOKEN_TYPE_OIDC TokenType = 1
)

func (TokenType) Descriptor added in v1.4.0 

func (TokenType) Descriptor() protoreflect.EnumDescriptor

func (TokenType) Enum added in v1.4.0 

func (x TokenType) Enum() *TokenType

func (TokenType) EnumDescriptor deprecated added in v1.4.0 

func (TokenType) EnumDescriptor() ([]byte, []int)

Deprecated: Use TokenType.Descriptor instead.

func (TokenType) Number added in v1.4.0 

func (x TokenType) Number() protoreflect.EnumNumber

func (TokenType) String added in v1.4.0 

func (x TokenType) String() string

func (TokenType) Type added in v1.4.0 

func (TokenType) Type() protoreflect.EnumType

type TpmAttestation 

type TpmAttestation struct {

	// TPM2 PCR Quotes generated by calling TPM2_Quote on each PCR bank.
	Quotes []*TpmAttestation_Quote `protobuf:"bytes,1,rep,name=quotes,proto3" json:"quotes,omitempty"`
	// The binary TCG Event Log containing events measured into the TPM by the
	// platform firmware and operating system. Formatted as described in the
	// "TCG PC Client Platform Firmware Profile Specification".
	TcgEventLog []byte `protobuf:"bytes,2,opt,name=tcg_event_log,json=tcgEventLog,proto3" json:"tcg_event_log,omitempty"`
	// An Event Log containing additional events measured into the TPM that are
	// not already present in the tcg_event_log. Formatted as described in the
	// "Canonical Event Log Format" TCG Specification.
	CanonicalEventLog []byte `protobuf:"bytes,3,opt,name=canonical_event_log,json=canonicalEventLog,proto3" json:"canonical_event_log,omitempty"`
	// DER-encoded X.509 certificate of the Attestation Key (otherwise known as
	// an AK or a TPM restricted signing key) used to generate the quotes.
	AkCert []byte `protobuf:"bytes,4,opt,name=ak_cert,json=akCert,proto3" json:"ak_cert,omitempty"`
	// List of DER-encoded X.509 certificates which, together with the ak_cert,
	// chain back to a trusted Root Certificate.
	CertChain [][]byte `protobuf:"bytes,5,rep,name=cert_chain,json=certChain,proto3" json:"cert_chain,omitempty"`
	// contains filtered or unexported fields
}

TPM2 data containing everything necessary to validate any platform state measured into the TPM.

func (*TpmAttestation) Descriptor deprecated 

func (*TpmAttestation) Descriptor() ([]byte, []int)

Deprecated: Use TpmAttestation.ProtoReflect.Descriptor instead.

func (*TpmAttestation) GetAkCert 

func (x *TpmAttestation) GetAkCert() []byte

func (*TpmAttestation) GetCanonicalEventLog 

func (x *TpmAttestation) GetCanonicalEventLog() []byte

func (*TpmAttestation) GetCertChain 

func (x *TpmAttestation) GetCertChain() [][]byte

func (*TpmAttestation) GetQuotes 

func (x *TpmAttestation) GetQuotes() []*TpmAttestation_Quote

func (*TpmAttestation) GetTcgEventLog 

func (x *TpmAttestation) GetTcgEventLog() []byte

func (*TpmAttestation) ProtoMessage 

func (*TpmAttestation) ProtoMessage()

func (*TpmAttestation) ProtoReflect 

func (x *TpmAttestation) ProtoReflect() protoreflect.Message

func (*TpmAttestation) Reset 

func (x *TpmAttestation) Reset()

func (*TpmAttestation) String 

func (x *TpmAttestation) String() string

type TpmAttestation_Quote 

type TpmAttestation_Quote struct {

	// The hash algorithm of the PCR bank being quoted, encoded as a TPM_ALG_ID
	HashAlgo int32 `protobuf:"varint,1,opt,name=hash_algo,json=hashAlgo,proto3" json:"hash_algo,omitempty"`
	// Raw binary values of each PCRs being quoted.
	PcrValues map[int32][]byte `` /* 177-byte string literal not displayed */
	// TPM2 quote, encoded as a TPMS_ATTEST
	RawQuote []byte `protobuf:"bytes,3,opt,name=raw_quote,json=rawQuote,proto3" json:"raw_quote,omitempty"`
	// TPM2 signature, encoded as a TPMT_SIGNATURE
	RawSignature []byte `protobuf:"bytes,4,opt,name=raw_signature,json=rawSignature,proto3" json:"raw_signature,omitempty"`
	// contains filtered or unexported fields
}

Information about Platform Control Registers (PCRs) including a signature over their values, which can be used for remote validation.

func (*TpmAttestation_Quote) Descriptor deprecated 

func (*TpmAttestation_Quote) Descriptor() ([]byte, []int)

Deprecated: Use TpmAttestation_Quote.ProtoReflect.Descriptor instead.

func (*TpmAttestation_Quote) GetHashAlgo 

func (x *TpmAttestation_Quote) GetHashAlgo() int32

func (*TpmAttestation_Quote) GetPcrValues 

func (x *TpmAttestation_Quote) GetPcrValues() map[int32][]byte

func (*TpmAttestation_Quote) GetRawQuote 

func (x *TpmAttestation_Quote) GetRawQuote() []byte

func (*TpmAttestation_Quote) GetRawSignature 

func (x *TpmAttestation_Quote) GetRawSignature() []byte

func (*TpmAttestation_Quote) ProtoMessage 

func (*TpmAttestation_Quote) ProtoMessage()

func (*TpmAttestation_Quote) ProtoReflect 

func (x *TpmAttestation_Quote) ProtoReflect() protoreflect.Message

func (*TpmAttestation_Quote) Reset 

func (x *TpmAttestation_Quote) Reset()

func (*TpmAttestation_Quote) String 

func (x *TpmAttestation_Quote) String() string

type UnimplementedConfidentialComputingServer 

type UnimplementedConfidentialComputingServer struct {
}

UnimplementedConfidentialComputingServer can be embedded to have forward compatible implementations.

func (*UnimplementedConfidentialComputingServer) CreateChallenge 

func (*UnimplementedConfidentialComputingServer) CreateChallenge(context.Context, *CreateChallengeRequest) (*Challenge, error)

func (*UnimplementedConfidentialComputingServer) VerifyAttestation 

func (*UnimplementedConfidentialComputingServer) VerifyAttestation(context.Context, *VerifyAttestationRequest) (*VerifyAttestationResponse, error)

type VerifyAttestationRequest 

type VerifyAttestationRequest struct {

	// Required. The name of the Challenge whose nonce was used to generate the
	// attestation, in the format `projects/*/locations/*/challenges/*`. The
	// provided Challenge will be consumed, and cannot be used again.
	Challenge string `protobuf:"bytes,1,opt,name=challenge,proto3" json:"challenge,omitempty"`
	// Optional. Credentials used to populate the "emails" claim in the
	// claims_token.
	GcpCredentials *GcpCredentials `protobuf:"bytes,2,opt,name=gcp_credentials,json=gcpCredentials,proto3" json:"gcp_credentials,omitempty"`
	// Required. The TPM-specific data provided by the attesting platform, used to
	// populate any of the claims regarding platform state.
	TpmAttestation *TpmAttestation `protobuf:"bytes,3,opt,name=tpm_attestation,json=tpmAttestation,proto3" json:"tpm_attestation,omitempty"`
	// Optional. Optional information related to the Confidential Space TEE.
	ConfidentialSpaceInfo *ConfidentialSpaceInfo `` /* 126-byte string literal not displayed */
	// Optional. A collection of optional, workload-specified claims that modify
	// the token output.
	TokenOptions *TokenOptions `protobuf:"bytes,5,opt,name=token_options,json=tokenOptions,proto3" json:"token_options,omitempty"`
	// contains filtered or unexported fields
}

A request for an OIDC token, providing all the necessary information needed for this service to verify the plaform state of the requestor.

func (*VerifyAttestationRequest) Descriptor deprecated 

func (*VerifyAttestationRequest) Descriptor() ([]byte, []int)

Deprecated: Use VerifyAttestationRequest.ProtoReflect.Descriptor instead.

func (*VerifyAttestationRequest) GetChallenge 

func (x *VerifyAttestationRequest) GetChallenge() string

func (*VerifyAttestationRequest) GetConfidentialSpaceInfo added in v1.1.0 

func (x *VerifyAttestationRequest) GetConfidentialSpaceInfo() *ConfidentialSpaceInfo

func (*VerifyAttestationRequest) GetGcpCredentials 

func (x *VerifyAttestationRequest) GetGcpCredentials() *GcpCredentials

func (*VerifyAttestationRequest) GetTokenOptions added in v1.1.0 

func (x *VerifyAttestationRequest) GetTokenOptions() *TokenOptions

func (*VerifyAttestationRequest) GetTpmAttestation 

func (x *VerifyAttestationRequest) GetTpmAttestation() *TpmAttestation

func (*VerifyAttestationRequest) ProtoMessage 

func (*VerifyAttestationRequest) ProtoMessage()

func (*VerifyAttestationRequest) ProtoReflect 

func (x *VerifyAttestationRequest) ProtoReflect() protoreflect.Message

func (*VerifyAttestationRequest) Reset 

func (x *VerifyAttestationRequest) Reset()

func (*VerifyAttestationRequest) String 

func (x *VerifyAttestationRequest) String() string

type VerifyAttestationResponse 

type VerifyAttestationResponse struct {

	// Output only. Same as claims_token, but as a string.
	OidcClaimsToken string `protobuf:"bytes,2,opt,name=oidc_claims_token,json=oidcClaimsToken,proto3" json:"oidc_claims_token,omitempty"`
	// Output only. A list of messages that carry the partial error details
	// related to VerifyAttestation.
	PartialErrors []*status.Status `protobuf:"bytes,3,rep,name=partial_errors,json=partialErrors,proto3" json:"partial_errors,omitempty"`
	// contains filtered or unexported fields
}

A response once an attestation has been successfully verified, containing a signed OIDC token.

func (*VerifyAttestationResponse) Descriptor deprecated 

func (*VerifyAttestationResponse) Descriptor() ([]byte, []int)

Deprecated: Use VerifyAttestationResponse.ProtoReflect.Descriptor instead.

func (*VerifyAttestationResponse) GetOidcClaimsToken 

func (x *VerifyAttestationResponse) GetOidcClaimsToken() string

func (*VerifyAttestationResponse) GetPartialErrors added in v1.3.0 

func (x *VerifyAttestationResponse) GetPartialErrors() []*status.Status

func (*VerifyAttestationResponse) ProtoMessage 

func (*VerifyAttestationResponse) ProtoMessage()

func (*VerifyAttestationResponse) ProtoReflect 

func (x *VerifyAttestationResponse) ProtoReflect() protoreflect.Message

func (*VerifyAttestationResponse) Reset 

func (x *VerifyAttestationResponse) Reset()

func (*VerifyAttestationResponse) String 

func (x *VerifyAttestationResponse) String() string

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.